Edit tour

Windows Analysis Report
https://couvaticrespt.com/access?email=test@microsoft.com

Overview

General Information

Sample URL:	https://couvaticrespt.com/access?email=test@microsoft.com
Analysis ID:	1671625
Infos:

Detection

HTMLPhisher

Score:	80
Range:	0 - 100
Confidence:	100%

Signatures

AI detected phishing page

Antivirus detection for URL or domain

Yara detected HtmlPhish45

Yara detected HtmlPhish54

AI detected suspicious Javascript

HTML page contains obfuscated javascript

Detected hidden input values containing email addresses (often used in phishing pages)

Detected suspicious crossdomain redirect

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML title does not match URL

URL contains potential PII (phishing indication)

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 5012 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 4924 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,9795508406630163043,6427155809924288427,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2148 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 6624 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2068,i,9795508406630163043,6427155809924288427,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5900 /prefetch:8 MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 3308 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,9795508406630163043,6427155809924288427,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5868 /prefetch:8 MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 6616 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://couvaticrespt.com/access?email=test@microsoft.com" MD5: E81F54E6C1129887AEA47E7D092680BF)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author
4.47..script.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
4.14.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
4.17.pages.csv	JoeSecurity_HtmlPhish_45	Yara detected HtmlPhish_45	Joe Security
4.17.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security

Joe Sandbox Signatures

• AV Detection
• Phishing
• Compliance
• Software Vulnerabilities
• Networking
• System Summary

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for URL or domain

Source: https://login.microsoftonline.de

Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://zh.peoplelove.tech/#test@microsoft.com

Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL 'zh.peoplelove.tech' does not match the legitimate domain 'microsoft.com'., The domain 'peoplelove.tech' is unrelated to Microsoft and is suspicious., The presence of a Microsoft email in the input fields could be an attempt to gain trust or phish for credentials., The use of a generic domain extension '.tech' and unrelated domain name increases the likelihood of phishing. DOM: 4.15.pages.csv

Yara detected HtmlPhish45

Source: Yara match

File source: 4.17.pages.csv, type: HTML

Yara detected HtmlPhish54

Source: Yara match	File source: 4.47..script.csv, type: HTML
Source: Yara match	File source: 4.14.pages.csv, type: HTML
Source: Yara match	File source: 4.17.pages.csv, type: HTML

AI detected suspicious Javascript

Source: 2.15..script.csv

Joe Sandbox AI: Detected suspicious JavaScript with source url: blob:https://zh.peoplelove.tech/a3c6d753-43c4-4a7e... This script demonstrates high-risk behavior by using the `eval()` function to execute dynamic code received from an untrusted source. The lack of origin verification and the use of `eval()` pose a significant security risk, as it allows the execution of arbitrary code that could be malicious.

HTML page contains obfuscated javascript

Source: https://zh.peoplelove.tech/	HTTP Parser: /* @license cookie-interceptor v1.0.0 \| (c) Qingrong Ke <keqingrong1992@gmail.com> (https://keqingro
Source: https://zh.peoplelove.tech/sso/adfs/ls/?client-request-id=7c952208-4cd2-4eb3-a4a0-3fb1a7e58659&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQ4lKbWXPLZ7Ldkgf3G5U_bIlcxKhM2Qv8CI-MLRsZbTIL-RemeKeHFbqkpqUWJJZn5eY-YhUpSi0sc4LpA6i-wCLxi4TFgtuLg4BJgkGBQYPjBwriIFWi9Snj9IpsL8zxnHo6cG55fynCKVT85w6_Mp7Ci0NHQ2KnYyy3XQLuqSD-3rNDVzdnfOTAyIqQ0wzC8yMkkNMDX1tDKcAKb0AQ2plNsDB_YGDvYGWaxMxzgZDzAy_CDb3tf7_wLhx6883jFr2MWYpiTkeiZlRTha1lUbpmb7lOanpyUmWkaaBlV4O_uXZLtmFoZmpWeX2liu0GA4QEQCTIAAA2&cbcxt=&username=test%40microsoft.com&mkt=&lc=	HTTP Parser: /* @license cookie-interceptor v1.0.0 \| (c) Qingrong Ke <keqingrong1992@gmail.com> (https://keqingro

Source: https://couvaticrespt.com/access?email=test@microsoft.com

HTTP Parser: test@microsoft.com

Source: https://zh.peoplelove.tech/#test@microsoft.com

HTTP Parser: Number of links: 0

Source: https://zh.peoplelove.tech/?utm_campaign#test@microsoft.com

HTTP Parser: Base64 decoded: <svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" fill="none"><path fill="#B20F03" d="M16 3a13 13 0 1 0 13 13A13.015 13.015 0 0 0 16 3m0 24a11 11 0 1 1 11-11 11.01 11.01 0 0 1-11 11"/><path fill="#B20F03" d="M17.038 18.615H14.87L14.563 9.5h2....

Source: https://zh.peoplelove.tech/#test@microsoft.com

HTTP Parser: Title: Sign in - Microsoft OneDrive does not match URL

Source: https://couvaticrespt.com/access?email=test@microsoft.com

Sample URL: PII: test@microsoft.com

Source: https://zh.peoplelove.tech/#test@microsoft.com	HTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Source: https://zh.peoplelove.tech/#test@microsoft.com	HTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Source: https://zh.peoplelove.tech/#test@microsoft.com	HTTP Parser: Iframe src: https://fpt.dfp.microsoft.com/?session_id=7c952208-4cd2-4eb3-a4a0-3fb1a7e58659&instanceid=743bf5c2-d00c-46c3-96e1-6b2e72c5d2b7&assessment=asmtaadus&requestid=a27f5724-d03c-499e-99c3-599d576f7500

Source: https://couvaticrespt.com/access?email=test@microsoft.com	HTTP Parser: No favicon
Source: https://couvaticrespt.com/access?email=test@microsoft.com	HTTP Parser: No favicon
Source: https://couvaticrespt.com/access?email=test@microsoft.com	HTTP Parser: No favicon
Source: https://couvaticrespt.com/access?email=test@microsoft.com	HTTP Parser: No favicon
Source: https://couvaticrespt.com/access?email=test@microsoft.com	HTTP Parser: No favicon
Source: https://couvaticrespt.com/access?email=test@microsoft.com	HTTP Parser: No favicon
Source: https://couvaticrespt.com/access?email=test@microsoft.com	HTTP Parser: No favicon
Source: https://couvaticrespt.com/access?email=test@microsoft.com	HTTP Parser: No favicon
Source: https://zh.peoplelove.tech/?utm_campaign#test@microsoft.com	HTTP Parser: No favicon
Source: https://zh.peoplelove.tech/?utm_campaign#test@microsoft.com	HTTP Parser: No favicon
Source: https://zh.peoplelove.tech/?utm_campaign#test@microsoft.com	HTTP Parser: No favicon
Source: https://zh.peoplelove.tech/#test@microsoft.com	HTTP Parser: No favicon
Source: https://zh.peoplelove.tech/#test@microsoft.com	HTTP Parser: No favicon

Source: https://zh.peoplelove.tech/#test@microsoft.com	HTTP Parser: No <meta name="author".. found
Source: https://zh.peoplelove.tech/#test@microsoft.com	HTTP Parser: No <meta name="author".. found

Source: https://zh.peoplelove.tech/#test@microsoft.com	HTTP Parser: No <meta name="copyright".. found
Source: https://zh.peoplelove.tech/#test@microsoft.com	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 104.21.63.177:443 -> 192.168.2.16:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.63.177:443 -> 192.168.2.16:49704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.63.177:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.69.4:443 -> 192.168.2.16:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.31.181:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.31.181:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.16:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.59.81:443 -> 192.168.2.16:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.59.81:443 -> 192.168.2.16:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.6.156:443 -> 192.168.2.16:49806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.137.11:443 -> 192.168.2.16:49821 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.139.11:443 -> 192.168.2.16:49825 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.209.84.154:443 -> 192.168.2.16:49833 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 19MB later: 259MB

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: couvaticrespt.com to https://zh.peoplelove.tech/?utm_campaign#test@microsoft.com

Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /access?email=test@microsoft.com HTTP/1.1Host: couvaticrespt.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://couvaticrespt.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: couvaticrespt.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://couvaticrespt.com/access?email=test@microsoft.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/v1/4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e/static/hcaptcha.html HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://couvaticrespt.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/b5d09cd7e83c902f4de373bd20874a7bfb78d62542dc17cab9e39ab17493925e/hsw.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/captcha/v1/4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /checksiteconfig?v=4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e&host=couvaticrespt.com&sitekey=c48e0666-c564-4dfa-b2d2-4d46de425ef2&sc=1&swa=1&spst=1 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getcaptcha/c48e0666-c564-4dfa-b2d2-4d46de425ef2 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/v1/4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e/challenge/image_label_binary/challenge.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/captcha/v1/4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/07e37a9407f2a4657ef9b80162781e7728c98407848b8af26303c897abbf0dc2/dc2464dd72909bf286e29f63f6758de34976daae949fe096dc6d67f9613ec55b.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/1ee540724008c994b5f68319dfaecb9fdbaab03a3a51e171138ca7f0b62adc73/4ca34ea8c954a5845c28ebe83c278da7b9480c45a71936a473f947ee2368f6a1.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/2ba69f39129565ec9c2a8e7bcc311a1e2735c9ef1ad1e562ad9a8b0de4f3c676/0e55d068eb1e35c753d55209773bba986002668e6527fc891dc2bcd769a774db.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/1c903d2a8df53b68af50ac98ac46a405b2c398c17e90298cc7560cd39b95ef46/c5cb0d0dbbe3200c19a2fb872bcaabc5de7b2faaf1d7458fe087d39b47da6548.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/ef2eccdeda2150e6f4ba64c5ce408f9d481f196f6a4728fc880adef948b02854/b6688f7c35005d7708000197607b203e2a24aed502984f5ade699f0761c7d190.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/0dbca55077fcc7d33ef86fa77644542c67d24cddb39f59b3491fb24e1f330890/a719fa298922c2580770d3e2af32b9d63002d0fed8ef5c3808faf68ccfd85b6f.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/3015469d3fb386ca9cf94226b687029f4aebc2e7ee8fa561958f2b01e5d590c5/455e6aa1ca282289bf165848e7f8e6b77877484ec2efe5289dbc95edd25e26f8.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/037a27c0bfb2acecae2297f9459de6c0e5ca87bbfdb532447f0e3101f753fb08/48825f12b61b88c491bf986bbc23a589ee0847031c29ce066f7f5611e86b7a08.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/708c69976705da166a26883e5c12b65a8c9117cf19109b8d2fda028d99306264/63a7ed38d4d3e64b9232d24a9ef98e6b0709608ebcfee219cb6ba24f19e8116f.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/1c903d2a8df53b68af50ac98ac46a405b2c398c17e90298cc7560cd39b95ef46/c5cb0d0dbbe3200c19a2fb872bcaabc5de7b2faaf1d7458fe087d39b47da6548.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/0dbca55077fcc7d33ef86fa77644542c67d24cddb39f59b3491fb24e1f330890/a719fa298922c2580770d3e2af32b9d63002d0fed8ef5c3808faf68ccfd85b6f.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/1ee540724008c994b5f68319dfaecb9fdbaab03a3a51e171138ca7f0b62adc73/4ca34ea8c954a5845c28ebe83c278da7b9480c45a71936a473f947ee2368f6a1.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/2ba69f39129565ec9c2a8e7bcc311a1e2735c9ef1ad1e562ad9a8b0de4f3c676/0e55d068eb1e35c753d55209773bba986002668e6527fc891dc2bcd769a774db.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/07e37a9407f2a4657ef9b80162781e7728c98407848b8af26303c897abbf0dc2/dc2464dd72909bf286e29f63f6758de34976daae949fe096dc6d67f9613ec55b.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/ef2eccdeda2150e6f4ba64c5ce408f9d481f196f6a4728fc880adef948b02854/b6688f7c35005d7708000197607b203e2a24aed502984f5ade699f0761c7d190.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/708c69976705da166a26883e5c12b65a8c9117cf19109b8d2fda028d99306264/63a7ed38d4d3e64b9232d24a9ef98e6b0709608ebcfee219cb6ba24f19e8116f.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/037a27c0bfb2acecae2297f9459de6c0e5ca87bbfdb532447f0e3101f753fb08/48825f12b61b88c491bf986bbc23a589ee0847031c29ce066f7f5611e86b7a08.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tip/3015469d3fb386ca9cf94226b687029f4aebc2e7ee8fa561958f2b01e5d590c5/455e6aa1ca282289bf165848e7f8e6b77877484ec2efe5289dbc95edd25e26f8.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /checkcaptcha/c48e0666-c564-4dfa-b2d2-4d46de425ef2/E0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiQWhZR0JWdWNrVzVQaUZaVFdCQmJnRjliYmNLRmhldjZidVNuUG9ZbE9iQ2JXay83ZnUvWTNUTittV1Z1MEN6YnNSdFhRYU5IZGp3MTRtaS9ySEs0V0FTKzlvcC9kRWExRmdaVGdXVENYUWZPd2sxbzdiSENWUWw5RlQyc2FOZHRoNUs4enZHcyszcC9RMm92UXBaaldQVC9UdXgzeE9nUWxVQTd0UXZnSlhOS09FSnA3MldlVXJnaURYRzV6N1lIdGhlR1NiUUZEd29CWHpTWHprYSs1Y2RQMmc5M21BeU9sSUU5TEdsUzlyUFVORWV6c1ROQkYxNTl5YUZuSzUvRmQ0ektqcjMvM0J2MnRHOGNtQT09UG1lTUljdHJMckttYWZWSiIsImV4cCI6MTc0NTM3ODE0Niwia3IiOiIzMTYzYmIwYiJ9.ruIqgkGl-XuNOCU1JjbzEeYU21C4_3AnpznYoQKbTq0 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?utm_campaign HTTP/1.1Host: zh.peoplelove.techConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://couvaticrespt.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=934a30ee9e734774 HTTP/1.1Host: zh.peoplelove.techConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua-platform-version: "10.0.0"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zh.peoplelove.tech/?utm_campaign&__cf_chl_rt_tk=R8HR2_PgyusVk5v1ByK7iWHB_5qGgtXfw.7R28k3l0I-1745378070-1.0.1.1-4oyN2Tnr80XeZEd.l_KTnO9ztkxEZHKrcHkZlANLBwIAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/g/44e6f86df4dc/api.js?onload=boSsq5&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveOrigin: https://zh.peoplelove.techsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: zh.peoplelove.techConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zh.peoplelove.tech/?utm_campaignAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1585690835:1745374344:GDnwW-ZT7Ck_0Cq8oirUUYr1Y6lo-yucHistJG-rrHo/934a30ee9e734774/svODyldB0MfHm_UJmYcaLrlgVVA_5VSdcD2KP_BscLU-1745378070-1.2.1.1-QSv8tGQXC38DSi10sRWvhDgM89IbY50xK.yv4WIWzEYxxTpFJwD6pMuOPofMV237 HTTP/1.1Host: zh.peoplelove.techConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1cr68/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=934a30fefcf47cf2&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1cr68/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1cr68/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: zh.peoplelove.techConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zh.peoplelove.tech/?utm_campaignAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/472705753:1745374403:iCy1ld2ARtOTLV7kaOu_IB4yeH7IhgpW9cOuQ_gpqr8/934a30fefcf47cf2/H6Ac2WbAR_Bv_uNyuJNgTof3WK25F51nlzTnujFrjjQ-1745378073-1.1.1.1-5wh.7ZUMIxrSMd6HrFJz.Mvm8798EIlLEKLl3DykFFuSMI3wNuSQZTKWUahWnyzP HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/934a30fefcf47cf2/1745378075000/XtP_Si8qQUMrf0w HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1cr68/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/934a30fefcf47cf2/1745378075001/bcaa512410ec030555d8c8f297fc6dd9851484180759474d20ea00e6ec3ccb11/__LlaKdVt4j_1Y6 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1cr68/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/934a30fefcf47cf2/1745378075000/XtP_Si8qQUMrf0w HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/472705753:1745374403:iCy1ld2ARtOTLV7kaOu_IB4yeH7IhgpW9cOuQ_gpqr8/934a30fefcf47cf2/H6Ac2WbAR_Bv_uNyuJNgTof3WK25F51nlzTnujFrjjQ-1745378073-1.1.1.1-5wh.7ZUMIxrSMd6HrFJz.Mvm8798EIlLEKLl3DykFFuSMI3wNuSQZTKWUahWnyzP HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/472705753:1745374403:iCy1ld2ARtOTLV7kaOu_IB4yeH7IhgpW9cOuQ_gpqr8/934a30fefcf47cf2/H6Ac2WbAR_Bv_uNyuJNgTof3WK25F51nlzTnujFrjjQ-1745378073-1.1.1.1-5wh.7ZUMIxrSMd6HrFJz.Mvm8798EIlLEKLl3DykFFuSMI3wNuSQZTKWUahWnyzP HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1585690835:1745374344:GDnwW-ZT7Ck_0Cq8oirUUYr1Y6lo-yucHistJG-rrHo/934a30ee9e734774/svODyldB0MfHm_UJmYcaLrlgVVA_5VSdcD2KP_BscLU-1745378070-1.2.1.1-QSv8tGQXC38DSi10sRWvhDgM89IbY50xK.yv4WIWzEYxxTpFJwD6pMuOPofMV237 HTTP/1.1Host: zh.peoplelove.techConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: zh.peoplelove.techConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zh.peoplelove.tech/?utm_campaign&__cf_chl_tk=R8HR2_PgyusVk5v1ByK7iWHB_5qGgtXfw.7R28k3l0I-1745378070-1.0.1.1-4oyN2Tnr80XeZEd.l_KTnO9ztkxEZHKrcHkZlANLBwIAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=bnOaGxhspMFZTB52TpeMqk3m5vx.uqFJybwtpLDukPQ-1745378085-1.2.1.1-ln92_zCO3w8C4WrJZP3hpvXiAXhc5PcpTSj8hUJ51M909e9.x4elVYOnL75cederZTNJnj2YLD0ejVBiluX6kAsVwPXTRy92yqlb7_T58NbU4HsecVshNpk1IlEo9YjO3Cqhv0vsW_Ro8u8N.wA4FlRkaYwIi01Ney3wj1CPBueUA3dYO489tNhZOXf7Qk2xuMLHCzMycegftpE2aHOo_Xo5_SphSTsAQNhaeklCnG4AdeEEmTKRyEjfjOsp4E0BOGAk5lEy3GfU4e4Tmv.b5BS6NmKhPXxd9lv4EDHAxJXsU0RLAzPyFZa8ylgLHNfEZsp9Zj56ovlG866PsMk1o8cbxPUsJGHi2t.3xasdslgEg1zdpEuv0HZD.jVAiY1E
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: zh.peoplelove.techConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "134.0.6998.36"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"Referer: https://zh.peoplelove.tech/?utm_campaign&__cf_chl_tk=R8HR2_PgyusVk5v1ByK7iWHB_5qGgtXfw.7R28k3l0I-1745378070-1.0.1.1-4oyN2Tnr80XeZEd.l_KTnO9ztkxEZHKrcHkZlANLBwIAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=bnOaGxhspMFZTB52TpeMqk3m5vx.uqFJybwtpLDukPQ-1745378085-1.2.1.1-ln92_zCO3w8C4WrJZP3hpvXiAXhc5PcpTSj8hUJ51M909e9.x4elVYOnL75cederZTNJnj2YLD0ejVBiluX6kAsVwPXTRy92yqlb7_T58NbU4HsecVshNpk1IlEo9YjO3Cqhv0vsW_Ro8u8N.wA4FlRkaYwIi01Ney3wj1CPBueUA3dYO489tNhZOXf7Qk2xuMLHCzMycegftpE2aHOo_Xo5_SphSTsAQNhaeklCnG4AdeEEmTKRyEjfjOsp4E0BOGAk5lEy3GfU4e4Tmv.b5BS6NmKhPXxd9lv4EDHAxJXsU0RLAzPyFZa8ylgLHNfEZsp9Zj56ovlG866PsMk1o8cbxPUsJGHi2t.3xasdslgEg1zdpEuv0HZD.jVAiY1E; __wp_key=4671aed863a82238fd3d7f80d41b1de365b088a18dff62b6bc830ebf6342f761
Source: global traffic	HTTP traffic detected: GET /js/jquery.min.js HTTP/1.1Host: zh.peoplelove.techConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua-platform-version: "10.0.0"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zh.peoplelove.tech/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=bnOaGxhspMFZTB52TpeMqk3m5vx.uqFJybwtpLDukPQ-1745378085-1.2.1.1-ln92_zCO3w8C4WrJZP3hpvXiAXhc5PcpTSj8hUJ51M909e9.x4elVYOnL75cederZTNJnj2YLD0ejVBiluX6kAsVwPXTRy92yqlb7_T58NbU4HsecVshNpk1IlEo9YjO3Cqhv0vsW_Ro8u8N.wA4FlRkaYwIi01Ney3wj1CPBueUA3dYO489tNhZOXf7Qk2xuMLHCzMycegftpE2aHOo_Xo5_SphSTsAQNhaeklCnG4AdeEEmTKRyEjfjOsp4E0BOGAk5lEy3GfU4e4Tmv.b5BS6NmKhPXxd9lv4EDHAxJXsU0RLAzPyFZa8ylgLHNfEZsp9Zj56ovlG866PsMk1o8cbxPUsJGHi2t.3xasdslgEg1zdpEuv0HZD.jVAiY1E; __wp_key=4671aed863a82238fd3d7f80d41b1de365b088a18dff62b6bc830ebf6342f761
Source: global traffic	HTTP traffic detected: GET /itsgonnafail HTTP/1.1Host: zh.peoplelove.techConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://zh.peoplelove.techSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=bnOaGxhspMFZTB52TpeMqk3m5vx.uqFJybwtpLDukPQ-1745378085-1.2.1.1-ln92_zCO3w8C4WrJZP3hpvXiAXhc5PcpTSj8hUJ51M909e9.x4elVYOnL75cederZTNJnj2YLD0ejVBiluX6kAsVwPXTRy92yqlb7_T58NbU4HsecVshNpk1IlEo9YjO3Cqhv0vsW_Ro8u8N.wA4FlRkaYwIi01Ney3wj1CPBueUA3dYO489tNhZOXf7Qk2xuMLHCzMycegftpE2aHOo_Xo5_SphSTsAQNhaeklCnG4AdeEEmTKRyEjfjOsp4E0BOGAk5lEy3GfU4e4Tmv.b5BS6NmKhPXxd9lv4EDHAxJXsU0RLAzPyFZa8ylgLHNfEZsp9Zj56ovlG866PsMk1o8cbxPUsJGHi2t.3xasdslgEg1zdpEuv0HZD.jVAiY1E; __wp_key=4671aed863a82238fd3d7f80d41b1de365b088a18dff62b6bc830ebf6342f761Sec-WebSocket-Key: Is9ZZqmb65WINAVE9KHlKg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /json HTTP/1.1Host: ipinfo.ioConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Origin: https://zh.peoplelove.techSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://zh.peoplelove.tech/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /json HTTP/1.1Host: ipinfo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: zh.peoplelove.techConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __wp_key=4671aed863a82238fd3d7f80d41b1de365b088a18dff62b6bc830ebf6342f761; __wp_cf_defender=c9d890423bdd8f672926a6e46bf361c37afc8a1de8b01d7be910915e691d85c9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: zh.peoplelove.techConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "134.0.6998.36"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://zh.peoplelove.tech/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=bnOaGxhspMFZTB52TpeMqk3m5vx.uqFJybwtpLDukPQ-1745378085-1.2.1.1-ln92_zCO3w8C4WrJZP3hpvXiAXhc5PcpTSj8hUJ51M909e9.x4elVYOnL75cederZTNJnj2YLD0ejVBiluX6kAsVwPXTRy92yqlb7_T58NbU4HsecVshNpk1IlEo9YjO3Cqhv0vsW_Ro8u8N.wA4FlRkaYwIi01Ney3wj1CPBueUA3dYO489tNhZOXf7Qk2xuMLHCzMycegftpE2aHOo_Xo5_SphSTsAQNhaeklCnG4AdeEEmTKRyEjfjOsp4E0BOGAk5lEy3GfU4e4Tmv.b5BS6NmKhPXxd9lv4EDHAxJXsU0RLAzPyFZa8ylgLHNfEZsp9Zj56ovlG866PsMk1o8cbxPUsJGHi2t.3xasdslgEg1zdpEuv0HZD.jVAiY1E; __wp_key=4671aed863a82238fd3d7f80d41b1de365b088a18dff62b6bc830ebf6342f761; __wp_cf_defender=c9d890423bdd8f672926a6e46bf361c37afc8a1de8b01d7be910915e691d85c9
Source: global traffic	HTTP traffic detected: GET /_login_live/Me.htm?v=3 HTTP/1.1Host: zh.peoplelove.techConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua-platform-version: "10.0.0"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://zh.peoplelove.tech/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=bnOaGxhspMFZTB52TpeMqk3m5vx.uqFJybwtpLDukPQ-1745378085-1.2.1.1-ln92_zCO3w8C4WrJZP3hpvXiAXhc5PcpTSj8hUJ51M909e9.x4elVYOnL75cederZTNJnj2YLD0ejVBiluX6kAsVwPXTRy92yqlb7_T58NbU4HsecVshNpk1IlEo9YjO3Cqhv0vsW_Ro8u8N.wA4FlRkaYwIi01Ney3wj1CPBueUA3dYO489tNhZOXf7Qk2xuMLHCzMycegftpE2aHOo_Xo5_SphSTsAQNhaeklCnG4AdeEEmTKRyEjfjOsp4E0BOGAk5lEy3GfU4e4Tmv.b5BS6NmKhPXxd9lv4EDHAxJXsU0RLAzPyFZa8ylgLHNfEZsp9Zj56ovlG866PsMk1o8cbxPUsJGHi2t.3xasdslgEg1zdpEuv0HZD.jVAiY1E; __wp_key=4671aed863a82238fd3d7f80d41b1de365b088a18dff62b6bc830ebf6342f761; __wp_cf_defender=c9d890423bdd8f672926a6e46bf361c37afc8a1de8b01d7be910915e691d85c9; http@main\|moc.enilnotfosorcim.nigol@buid=1.AXEBqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABxAQ.AQABGgEAAABVrSpeuWamRam2jAF1XRQEApvzbl79L7sUfQ52NaexfyhBPZUA_Je3YRXRMTrHGapz5GGsN2rvI-Q5cVHzFBeN6fwhb15khH4DjhPTXakNDS54LIF_51DgYXKtytghTYsgAA; http@main\|moc.enilnotfosorcim.nigol.@esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE01ZcCIFZDgK95SECw3rdtzJkbYR8G4Qkkm_lHm6w4AefsXagfmEthy86kKC87YeU-O8tXq6yPjek50uT5T05HKN72308KcZPahvTzIlFfYjDBH9WFavrD_6_BId4mN2U6ROC5_m85dla6dKMi3mUoOqIV0_yH_96itvO9J5piUYgAA; http@main\|moc.enilnotfosorcim.nigol.@esctx-a5HV5MbD08=AQABCQEAAABVrSpeuWamRam2jAF1XRQENnKC7Z6TkKIfRB0xIBxwvPS-KRQ-oJzXUM83tHY5WsEpBGB0LNoE65pP2l3u0f8ssYMsR9tFhdxQiwO8tgaQqil62ZfVOqx4T81YPDgaZZNRxy8dhZWg7CY8TNG8i8e9yxy8EA-jfkxwXaLrqXmBfiAA; http@main\|moc.enilnotfosorcim.nigol@fpc=Ao48ezGSP2ZOqmCnCEjageK4vjNwAQAAACxSmt8OAAAA; http@main\|moc.enilnotfosorcim.nigol@x-ms-gateway-slice=estsfd; http@main\|moc.enilnotfosorcim.nigol@stsservicecookie=estsfd; __wp_location=main\|moc.enilnotfosorcim.nigol; __wp_session=
Source: global traffic	HTTP traffic detected: GET /Prefetch/Prefetch.aspx HTTP/1.1Host: portal.microsoftonline.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://zh.peoplelove.tech/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: zh.peoplelove.techConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __wp_key=4671aed863a82238fd3d7f80d41b1de365b088a18dff62b6bc830ebf6342f761; __wp_cf_defender=c9d890423bdd8f672926a6e46bf361c37afc8a1de8b01d7be910915e691d85c9; http@main\|moc.enilnotfosorcim.nigol@buid=1.AXEBqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABxAQ.AQABGgEAAABVrSpeuWamRam2jAF1XRQEApvzbl79L7sUfQ52NaexfyhBPZUA_Je3YRXRMTrHGapz5GGsN2rvI-Q5cVHzFBeN6fwhb15khH4DjhPTXakNDS54LIF_51DgYXKtytghTYsgAA; http@main\|moc.enilnotfosorcim.nigol.@esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE01ZcCIFZDgK95SECw3rdtzJkbYR8G4Qkkm_lHm6w4AefsXagfmEthy86kKC87YeU-O8tXq6yPjek50uT5T05HKN72308KcZPahvTzIlFfYjDBH9WFavrD_6_BId4mN2U6ROC5_m85dla6dKMi3mUoOqIV0_yH_96itvO9J5piUYgAA; http@main\|moc.enilnotfosorcim.nigol.@esctx-a5HV5MbD08=AQABCQEAAABVrSpeuWamRam2jAF1XRQENnKC7Z6TkKIfRB0xIBxwvPS-KRQ-oJzXUM83tHY5WsEpBGB0LNoE65pP2l3u0f8ssYMsR9tFhdxQiwO8tgaQqil62ZfVOqx4T81YPDgaZZNRxy8dhZWg7CY8TNG8i8e9yxy8EA-jfkxwXaLrqXmBfiAA; http@main\|moc.enilnotfosorcim.nigol@fpc=Ao48ezGSP2ZOqmCnCEjageK4vjNwAQAAACxSmt8OAAAA; http@main\|moc.enilnotfosorcim.nigol@x-ms-gateway-slice=estsfd; http@main\|moc.enilnotfosorcim.nigol@stsservicecookie=estsfd; __wp_location=main\|moc.enilnotfosorcim.nigol; http@_login_live\|moc.evil.nigol@uaid=e4a90ae4c83f4c3a965ffff5380946bf; http@_login_live\|moc.evil.nigol@MSPRequ=id%3DN%26lt%3D1745378119%26co%3D1; js@main\|moc.enilnotfosorcim.nigol@MicrosoftApplicationsTelemetryDeviceId=936009ba-528a-4f5a-a7ac-0a458ca9ba96; __wp_email=test@microsoft.com; js@main\|moc.enilnotfosorcim.nigol@brcap=0; __wp_session=w5nCpsKBR8OeYxgiLCJ5wr7Ck8O2NsKtw4_Dj0QqwozCpWJFQRDCrFJjw4lUwq81woAJw5IUXcOack1Rw5JSw5jCnMKFUWo6MyLDjkvDhMKsw6jCkcOcwqY3b3_DuSbCtsK4DsKzPC_CmMONfhpxOcOYQsKBbA4Ow4fCpD7CnMKELsOJLivCt1fCnWk
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: onedrive.live.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://zh.peoplelove.tech/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: onedrive.live.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sso/adfs/ls/?client-request-id=7c952208-4cd2-4eb3-a4a0-3fb1a7e58659&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQ4lKbWXPLZ7Ldkgf3G5U_bIlcxKhM2Qv8CI-MLRsZbTIL-RemeKeHFbqkpqUWJJZn5eY-YhUpSi0sc4LpA6i-wCLxi4TFgtuLg4BJgkGBQYPjBwriIFWi9Snj9IpsL8zxnHo6cG55fynCKVT85w6_Mp7Ci0NHQ2KnYyy3XQLuqSD-3rNDVzdnfOTAyIqQ0wzC8yMkkNMDX1tDKcAKb0AQ2plNsDB_YGDvYGWaxMxzgZDzAy_CDb3tf7_wLhx6883jFr2MWYpiTkeiZlRTha1lUbpmb7lOanpyUmWkaaBlV4O_uXZLtmFoZmpWeX2liu0GA4QEQCTIAAA2&cbcxt=&username=test%40microsoft.com&mkt=&lc= HTTP/1.1Host: zh.peoplelove.techConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "134.0.6998.36"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://zh.peoplelove.tech/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=bnOaGxhspMFZTB52TpeMqk3m5vx.uqFJybwtpLDukPQ-1745378085-1.2.1.1-ln92_zCO3w8C4WrJZP3hpvXiAXhc5PcpTSj8hUJ51M909e9.x4elVYOnL75cederZTNJnj2YLD0ejVBiluX6kAsVwPXTRy92yqlb7_T58NbU4HsecVshNpk1IlEo9YjO3Cqhv0vsW_Ro8u8N.wA4FlRkaYwIi01Ney3wj1CPBueUA3dYO489tNhZOXf7Qk2xuMLHCzMycegftpE2aHOo_Xo5_SphSTsAQNhaeklCnG4AdeEEmTKRyEjfjOsp4E0BOGAk5lEy3GfU4e4Tmv.b5BS6NmKhPXxd9lv4EDHAxJXsU0RLAzPyFZa8ylgLHNfEZsp9Zj56ovlG866PsMk1o8cbxPUsJGHi2t.3xasdslgEg1zdpEuv0HZD.jVAiY1E; __wp_key=4671aed863a82238fd3d7f80d41b1de365b088a18dff62b6bc830ebf6342f761; __wp_cf_defender=c9d890423bdd8f672926a6e46bf361c37afc8a1de8b01d7be910915e691d85c9; http@main\|moc.enilnotfosorcim.nigol@buid=1.AXEBqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABxAQ.AQABGgEAAABVrSpeuWamRam2jAF1XRQEApvzbl79L7sUfQ52NaexfyhBPZUA_Je3YRXRMTrHGapz5GGsN2rvI-Q5cVHzFBeN6fwhb15khH4DjhPTXakNDS54LIF_51DgYXKtytghTYsgAA; http@main\|moc.enilnotfosorcim.nigol.@esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE01ZcCIFZDgK95SECw3rdtzJkbYR8G4Qkkm_lHm6w4AefsXagfmEthy86kKC87YeU-O8tXq6yPjek50uT5T05HKN72308KcZPahvTzIlFfYjDBH9WFavrD_6_BId4mN2U6ROC5_m85dla6dKMi3mUoOqIV0_yH_96itvO9J5piUYgAA; http@main\|moc.enilnotfosorcim.nigol.@esctx-a5HV5MbD08=AQABCQEAAABVrSpeuWamRam2jAF1XRQENnKC7Z6TkKIfRB0xIBxwvPS-KRQ-oJzXUM83tHY5WsEpBGB0LNoE65pP2l3u0f8ssYMsR9tFhdxQiwO8tgaQqil62ZfVOqx4T81YPDgaZZNRxy8dhZWg7CY8TNG8i8e9yxy8EA-jfkxwXaLrqXmBfiAA; http@main\|moc.enilnotfosorcim.nigol@fpc=Ao

Source: global traffic	DNS traffic detected: DNS query: couvaticrespt.com
Source: global traffic	DNS traffic detected: DNS query: js.hcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: newassets.hcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: api.hcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: imgs3.hcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: zh.peoplelove.tech
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: ipinfo.io
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: portal.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: onedrive.live.com

Source: unknown

HTTP traffic detected: POST /checksiteconfig?v=4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e&host=couvaticrespt.com&sitekey=c48e0666-c564-4dfa-b2d2-4d46de425ef2&sc=1&swa=1&spst=1 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveContent-Length: 0sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/jsonsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: text/plainsec-ch-ua-mobile: ?0Origin: https://newassets.hcaptcha.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 23 Apr 2025 03:14:30 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCf-Ray: 934a30ee9e734774-DFWServer: cloudflareAccept-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACf-Mitigated: challengeCritical-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originServer-Timing: chlray;desc="934a30ee9e734774"X-Content-Options: nosniff
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 23 Apr 2025 03:14:32 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCf-Ray: 934a30fa2ea14647-DFWServer: cloudflareAccept-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACf-Mitigated: challengeCritical-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originServer-Timing: chlray;desc="934a30fa2ea14647"X-Content-Options: nosniff
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 23 Apr 2025 03:14:35 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCf-Ray: 934a31089a944672-DFWServer: cloudflareAccept-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACf-Mitigated: challengeCritical-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originServer-Timing: chlray;desc="934a31089a944672"X-Content-Options: nosniff
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 23 Apr 2025 03:14:46 GMTContent-Type: text/html;charset=UTF-8Transfer-Encoding: chunkedConnection: closeCf-Ray: 934a314dea334752-DFWServer: cloudflareReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylrtKGRT38YgWjEfzIIvNdo9WLBD6NWKRd9FZKwDr8J8yn7dOcItt03uC8M24853a4QA6fYUERSvKnM4B7qxA%2FfH01sEftfBxB4AcefaWATyEsfzbkj%2FytVhzBLDX%2FYDo098%2BKs%3D"}],"group":"cf-nel","max_age":604800}Nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=163854&min_rtt=163483&rtt_var=35065&sent=5&recv=9&lost=0&retrans=0&sent_bytes=2837&recv_bytes=2065&delivery_rate=24512&cwnd=252&unsent_bytes=0&cid=c0e6181a5c41310f&ts=367&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 23 Apr 2025 03:14:48 GMTContent-Length: 0Connection: closeCf-Ray: 934a315f4a66474f-DFWServer: cloudflareReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l2Ozybp6agA7%2FxTQD2ZQQQYDh6dRU8NwKG5wt81XUZyT%2BcVGqe1xNbGCw2vIRk52lOtU5CP2Eox%2F8H%2Fv2Tqz53T0Y4Tv5ud68o%2BXfvYTYUrIhuAL8%2B6h0LJKIwJHJY7sADFq0SQ%3D"}],"group":"cf-nel","max_age":604800}Nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=164065&min_rtt=163039&rtt_var=35439&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1640&delivery_rate=24758&cwnd=252&unsent_bytes=0&cid=57a151ad96469566&ts=407&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 23 Apr 2025 03:14:52 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCf-Ray: 934a317508a745e7-DFWServer: cloudflareAccept-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACf-Mitigated: challengeCritical-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originServer-Timing: chlray;desc="934a317508a745e7"X-Content-Options: nosniff
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-store, no-cacheContent-Length: 1245Content-Type: text/htmlSet-Cookie: s.SessID=c4b460c3-45b0-4321-9aaa-9679e0b86835; path=/; secure; HttpOnly; SameSite=NoneSet-Cookie: s.SessID=c4b460c3-45b0-4321-9aaa-9679e0b86835; path=/; secure; HttpOnly; SameSite=NoneSet-Cookie: x-portal-routekey=wus; path=/; secure; HttpOnlyx-ms-correlation-id: 5fe4c32c-3a21-4931-b155-844ce38a53ccX-Content-Type-Options: nosniffX-UA-Compatible: IE=EdgeX-Cache: CONFIG_NOCACHEX-MSEdge-Ref: Ref A: 9FAECB0AF71B4C9A9DFCC639F938F332 Ref B: LAX311000113049 Ref C: 2025-04-23T03:15:26ZDate: Wed, 23 Apr 2025 03:15:25 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 23 Apr 2025 03:15:28 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCf-Ray: 934a32581d5b2fec-DFWServer: cloudflareAccept-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACf-Mitigated: challengeCritical-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originServer-Timing: chlray;desc="934a32581d5b2fec"X-Content-Options: nosniff

Source: chromecache_119.1.dr	String found in binary or memory: https://8080--main--cf-proxy--admin.grt.my.id/_login_microsoft
Source: chromecache_119.1.dr	String found in binary or memory: https://8080--main--cf-proxy--admin.grt.my.id/index.php
Source: chromecache_119.1.dr	String found in binary or memory: https://aadcdn.msauth.net/
Source: chromecache_119.1.dr	String found in binary or memory: https://aadcdn.msftauth.net
Source: chromecache_119.1.dr	String found in binary or memory: https://aadcdn.msftauth.net/
Source: chromecache_119.1.dr	String found in binary or memory: https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Source: chromecache_119.1.dr	String found in binary or memory: https://device.8080--main--cf-proxy--admin.grt.my.id/index.php
Source: chromecache_109.1.dr	String found in binary or memory: https://device.zh.peoplelove.tech/index.php
Source: chromecache_110.1.dr, chromecache_102.1.dr, chromecache_124.1.dr	String found in binary or memory: https://hcaptcha.com/license
Source: chromecache_104.1.dr, chromecache_81.1.dr	String found in binary or memory: https://ipinfo.io/missingauth
Source: chromecache_88.1.dr	String found in binary or memory: https://js.hcaptcha.com/1/api.js
Source: chromecache_119.1.dr	String found in binary or memory: https://keqingrong.github.io/)
Source: chromecache_109.1.dr, chromecache_119.1.dr	String found in binary or memory: https://login-us.microsoftonline.com
Source: chromecache_109.1.dr, chromecache_119.1.dr	String found in binary or memory: https://login.chinacloudapi.cn
Source: chromecache_109.1.dr, chromecache_119.1.dr	String found in binary or memory: https://login.microsoftonline.de
Source: chromecache_109.1.dr, chromecache_119.1.dr	String found in binary or memory: https://login.microsoftonline.us
Source: chromecache_109.1.dr, chromecache_119.1.dr	String found in binary or memory: https://login.partner.microsoftonline.cn
Source: chromecache_119.1.dr	String found in binary or memory: https://login.windows-ppe.net
Source: chromecache_109.1.dr, chromecache_119.1.dr	String found in binary or memory: https://login.windows.net
Source: chromecache_109.1.dr, chromecache_119.1.dr	String found in binary or memory: https://logincert.microsoftonline.com
Source: chromecache_119.1.dr	String found in binary or memory: https://zh.peoplelove.tech/_login_live/Me.htm?v=3
Source: chromecache_109.1.dr	String found in binary or memory: https://zh.peoplelove.tech/_login_microsoft
Source: chromecache_109.1.dr	String found in binary or memory: https://zh.peoplelove.tech/index.php
Source: chromecache_119.1.dr	String found in binary or memory: https://zh.peoplelove.tech/jsdisabled

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49673
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747

Source: unknown	HTTPS traffic detected: 104.21.63.177:443 -> 192.168.2.16:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.63.177:443 -> 192.168.2.16:49704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.63.177:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.69.4:443 -> 192.168.2.16:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.31.181:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.31.181:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.16:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.59.81:443 -> 192.168.2.16:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.59.81:443 -> 192.168.2.16:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.6.156:443 -> 192.168.2.16:49806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.137.11:443 -> 192.168.2.16:49821 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.139.11:443 -> 192.168.2.16:49825 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.209.84.154:443 -> 192.168.2.16:49833 version: TLS 1.2

Source: classification engine

Classification label: mal80.phis.win@33/92@46/15

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,9795508406630163043,6427155809924288427,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2148 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://couvaticrespt.com/access?email=test@microsoft.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2068,i,9795508406630163043,6427155809924288427,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5900 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,9795508406630163043,6427155809924288427,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5868 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,9795508406630163043,6427155809924288427,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2148 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2068,i,9795508406630163043,6427155809924288427,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5900 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,9795508406630163043,6427155809924288427,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5868 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Extra Window Memory Injection	1 Extra Window Memory Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://couvaticrespt.com/access?email=test@microsoft.com	0%	Avira URL Cloud	safe

Source	Detection	Scanner	Label
https://zh.peoplelove.tech/index.php	0%	Avira URL Cloud	safe
https://keqingrong.github.io/)	0%	Avira URL Cloud	safe
https://zh.peoplelove.tech/common/GetCredentialType?mkt=en-US	0%	Avira URL Cloud	safe
https://zh.peoplelove.tech/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=934a30ee9e734774	0%	Avira URL Cloud	safe
https://login.microsoftonline.de	100%	Avira URL Cloud	phishing
https://zh.peoplelove.tech/js/jquery.min.js	0%	Avira URL Cloud	safe
https://zh.peoplelove.tech/_login_live/Me.htm?v=3	0%	Avira URL Cloud	safe
https://device.zh.peoplelove.tech/index.php	0%	Avira URL Cloud	safe
https://device.8080--main--cf-proxy--admin.grt.my.id/index.php	0%	Avira URL Cloud	safe
https://zh.peoplelove.tech/	0%	Avira URL Cloud	safe
https://zh.peoplelove.tech/itsgonnafail	0%	Avira URL Cloud	safe
https://8080--main--cf-proxy--admin.grt.my.id/index.php	0%	Avira URL Cloud	safe
https://couvaticrespt.com/redirect	0%	Avira URL Cloud	safe
https://zh.peoplelove.tech/?utm_campaign	0%	Avira URL Cloud	safe
https://zh.peoplelove.tech/jsdisabled	0%	Avira URL Cloud	safe
https://8080--main--cf-proxy--admin.grt.my.id/_login_microsoft	0%	Avira URL Cloud	safe
https://couvaticrespt.com/favicon.ico	0%	Avira URL Cloud	safe
https://zh.peoplelove.tech/favicon.ico	0%	Avira URL Cloud	safe
https://zh.peoplelove.tech/_login_microsoft	0%	Avira URL Cloud	safe
https://zh.peoplelove.tech/cdn-cgi/challenge-platform/h/g/flow/ov1/1585690835:1745374344:GDnwW-ZT7Ck_0Cq8oirUUYr1Y6lo-yucHistJG-rrHo/934a30ee9e734774/svODyldB0MfHm_UJmYcaLrlgVVA_5VSdcD2KP_BscLU-1745378070-1.2.1.1-QSv8tGQXC38DSi10sRWvhDgM89IbY50xK.yv4WIWzEYxxTpFJwD6pMuOPofMV237	0%	Avira URL Cloud	safe

Domains and IPs

Download Network PCAP: filtered – full

Contacted Domains

Name	IP	Active	Malicious	Reputation
couvaticrespt.com	104.21.63.177	true	false	unknown
a.nel.cloudflare.com	35.190.80.1	true	false	high
e329293.dscd.akamaiedge.net	23.209.84.154	true	false	high
api.hcaptcha.com	104.19.229.21	true	false	high
b-0004.b-msedge.net	13.107.6.156	true	false	high
imgs3.hcaptcha.com	104.19.229.21	true	false	high
zh.peoplelove.tech	104.21.31.181	true	false	high
dual-spov-0006.spov-msedge.net	13.107.137.11	true	false	high
js.hcaptcha.com	104.19.229.21	true	false	high
ipinfo.io	34.117.59.81	true	false	high
challenges.cloudflare.com	104.18.95.41	true	false	high
www.google.com	142.250.69.4	true	false	high
newassets.hcaptcha.com	104.19.230.21	true	false	high
s-part-0043.t-0009.t-msedge.net	13.107.246.71	true	false	high
aadcdn.msftauth.net	unknown	unknown	false	high
onedrive.live.com	unknown	unknown	false	high
portal.microsoftonline.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=934a30fefcf47cf2&lang=auto	false		high
https://imgs3.hcaptcha.com/tip/1c903d2a8df53b68af50ac98ac46a405b2c398c17e90298cc7560cd39b95ef46/c5cb0d0dbbe3200c19a2fb872bcaabc5de7b2faaf1d7458fe087d39b47da6548.jpeg	false		high
https://a.nel.cloudflare.com/report/v4?s=i4%2F3zTjIt%2FtC7fk73XzecjQjCctKhMMwtNf%2B510gTvEiVjk19x3ib3O8KWxYIlVQ4EEYy02siv7TXCojqdOn3TkS9vUT4rFQP9r2xsK%2BE7Iem%2F8RuK493Vplwpx8%2BSk0YrhTF98%3D	false		high
https://zh.peoplelove.tech/	true	Avira URL Cloud: safe	unknown
https://zh.peoplelove.tech/js/jquery.min.js	true	Avira URL Cloud: safe	unknown
https://newassets.hcaptcha.com/captcha/v1/4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e/static/hcaptcha.html	false		high
https://imgs3.hcaptcha.com/tip/0dbca55077fcc7d33ef86fa77644542c67d24cddb39f59b3491fb24e1f330890/a719fa298922c2580770d3e2af32b9d63002d0fed8ef5c3808faf68ccfd85b6f.jpeg	false		high
https://imgs3.hcaptcha.com/tip/037a27c0bfb2acecae2297f9459de6c0e5ca87bbfdb532447f0e3101f753fb08/48825f12b61b88c491bf986bbc23a589ee0847031c29ce066f7f5611e86b7a08.jpeg	false		high
https://imgs3.hcaptcha.com/tip/1ee540724008c994b5f68319dfaecb9fdbaab03a3a51e171138ca7f0b62adc73/4ca34ea8c954a5845c28ebe83c278da7b9480c45a71936a473f947ee2368f6a1.jpeg	false		high
https://zh.peoplelove.tech/_login_live/Me.htm?v=3	true	Avira URL Cloud: safe	unknown
https://imgs3.hcaptcha.com/tip/708c69976705da166a26883e5c12b65a8c9117cf19109b8d2fda028d99306264/63a7ed38d4d3e64b9232d24a9ef98e6b0709608ebcfee219cb6ba24f19e8116f.jpeg	false		high
https://zh.peoplelove.tech/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=934a30ee9e734774	true	Avira URL Cloud: safe	unknown
https://js.hcaptcha.com/1/api.js	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/1cr68/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	false		high
https://api.hcaptcha.com/checkcaptcha/c48e0666-c564-4dfa-b2d2-4d46de425ef2/E0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiQWhZR0JWdWNrVzVQaUZaVFdCQmJnRjliYmNLRmhldjZidVNuUG9ZbE9iQ2JXay83ZnUvWTNUTittV1Z1MEN6YnNSdFhRYU5IZGp3MTRtaS9ySEs0V0FTKzlvcC9kRWExRmdaVGdXVENYUWZPd2sxbzdiSENWUWw5RlQyc2FOZHRoNUs4enZHcyszcC9RMm92UXBaaldQVC9UdXgzeE9nUWxVQTd0UXZnSlhOS09FSnA3MldlVXJnaURYRzV6N1lIdGhlR1NiUUZEd29CWHpTWHprYSs1Y2RQMmc5M21BeU9sSUU5TEdsUzlyUFVORWV6c1ROQkYxNTl5YUZuSzUvRmQ0ektqcjMvM0J2MnRHOGNtQT09UG1lTUljdHJMckttYWZWSiIsImV4cCI6MTc0NTM3ODE0Niwia3IiOiIzMTYzYmIwYiJ9.ruIqgkGl-XuNOCU1JjbzEeYU21C4_3AnpznYoQKbTq0	false		high
https://newassets.hcaptcha.com/captcha/v1/4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e/challenge/image_label_binary/challenge.js	false		high
https://ipinfo.io/json	false		high
https://zh.peoplelove.tech/common/GetCredentialType?mkt=en-US	true	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/934a30fefcf47cf2/1745378075000/XtP_Si8qQUMrf0w	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/472705753:1745374403:iCy1ld2ARtOTLV7kaOu_IB4yeH7IhgpW9cOuQ_gpqr8/934a30fefcf47cf2/H6Ac2WbAR_Bv_uNyuJNgTof3WK25F51nlzTnujFrjjQ-1745378073-1.1.1.1-5wh.7ZUMIxrSMd6HrFJz.Mvm8798EIlLEKLl3DykFFuSMI3wNuSQZTKWUahWnyzP	false		high
https://onedrive.live.com/favicon.ico	false		high
https://zh.peoplelove.tech/cdn-cgi/challenge-platform/h/g/flow/ov1/1585690835:1745374344:GDnwW-ZT7Ck_0Cq8oirUUYr1Y6lo-yucHistJG-rrHo/934a30ee9e734774/svODyldB0MfHm_UJmYcaLrlgVVA_5VSdcD2KP_BscLU-1745378070-1.2.1.1-QSv8tGQXC38DSi10sRWvhDgM89IbY50xK.yv4WIWzEYxxTpFJwD6pMuOPofMV237	true	Avira URL Cloud: safe	unknown
https://zh.peoplelove.tech/itsgonnafail	true	Avira URL Cloud: safe	unknown
https://couvaticrespt.com/redirect	false	Avira URL Cloud: safe	unknown
https://imgs3.hcaptcha.com/tip/ef2eccdeda2150e6f4ba64c5ce408f9d481f196f6a4728fc880adef948b02854/b6688f7c35005d7708000197607b203e2a24aed502984f5ade699f0761c7d190.jpeg	false		high
https://api.hcaptcha.com/checksiteconfig?v=4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e&host=couvaticrespt.com&sitekey=c48e0666-c564-4dfa-b2d2-4d46de425ef2&sc=1&swa=1&spst=1	false		high
https://imgs3.hcaptcha.com/tip/2ba69f39129565ec9c2a8e7bcc311a1e2735c9ef1ad1e562ad9a8b0de4f3c676/0e55d068eb1e35c753d55209773bba986002668e6527fc891dc2bcd769a774db.jpeg	false		high
https://imgs3.hcaptcha.com/tip/3015469d3fb386ca9cf94226b687029f4aebc2e7ee8fa561958f2b01e5d590c5/455e6aa1ca282289bf165848e7f8e6b77877484ec2efe5289dbc95edd25e26f8.jpeg	false		high
https://portal.microsoftonline.com/Prefetch/Prefetch.aspx	false		high
https://imgs3.hcaptcha.com/tip/07e37a9407f2a4657ef9b80162781e7728c98407848b8af26303c897abbf0dc2/dc2464dd72909bf286e29f63f6758de34976daae949fe096dc6d67f9613ec55b.jpeg	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/934a30fefcf47cf2/1745378075001/bcaa512410ec030555d8c8f297fc6dd9851484180759474d20ea00e6ec3ccb11/__LlaKdVt4j_1Y6	false		high
https://zh.peoplelove.tech/?utm_campaign	true	Avira URL Cloud: safe	unknown
https://newassets.hcaptcha.com/c/b5d09cd7e83c902f4de373bd20874a7bfb78d62542dc17cab9e39ab17493925e/hsw.js	false		high
https://api.hcaptcha.com/getcaptcha/c48e0666-c564-4dfa-b2d2-4d46de425ef2	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1	false		high
https://couvaticrespt.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://zh.peoplelove.tech/favicon.ico	true	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://device.zh.peoplelove.tech/index.php	chromecache_109.1.dr	false	Avira URL Cloud: safe	unknown
https://ipinfo.io/missingauth	chromecache_104.1.dr, chromecache_81.1.dr	false		high
https://login.windows.net	chromecache_109.1.dr, chromecache_119.1.dr	false		high
https://zh.peoplelove.tech/index.php	chromecache_109.1.dr	true	Avira URL Cloud: safe	unknown
https://login.chinacloudapi.cn	chromecache_109.1.dr, chromecache_119.1.dr	false		high
https://aadcdn.msftauth.net/	chromecache_119.1.dr	false		high
https://login.windows-ppe.net	chromecache_119.1.dr	false		high
https://login.microsoftonline.us	chromecache_109.1.dr, chromecache_119.1.dr	false		high
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	chromecache_119.1.dr	false		high
https://device.8080--main--cf-proxy--admin.grt.my.id/index.php	chromecache_119.1.dr	false	Avira URL Cloud: safe	unknown
https://login.microsoftonline.de	chromecache_109.1.dr, chromecache_119.1.dr	false	Avira URL Cloud: phishing	unknown
https://login.partner.microsoftonline.cn	chromecache_109.1.dr, chromecache_119.1.dr	false		high
https://logincert.microsoftonline.com	chromecache_109.1.dr, chromecache_119.1.dr	false		high
https://hcaptcha.com/license	chromecache_110.1.dr, chromecache_102.1.dr, chromecache_124.1.dr	false		high
https://keqingrong.github.io/)	chromecache_119.1.dr	false	Avira URL Cloud: safe	unknown
https://8080--main--cf-proxy--admin.grt.my.id/_login_microsoft	chromecache_119.1.dr	false	Avira URL Cloud: safe	unknown
https://login-us.microsoftonline.com	chromecache_109.1.dr, chromecache_119.1.dr	false		high
https://aadcdn.msftauth.net	chromecache_119.1.dr	false		high
https://zh.peoplelove.tech/_login_microsoft	chromecache_109.1.dr	true	Avira URL Cloud: safe	unknown
https://zh.peoplelove.tech/jsdisabled	chromecache_119.1.dr	true	Avira URL Cloud: safe	unknown
https://8080--main--cf-proxy--admin.grt.my.id/index.php	chromecache_119.1.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.6.156	b-0004.b-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.18.94.41	unknown	United States	13335	CLOUDFLARENETUS	false
104.19.230.21	newassets.hcaptcha.com	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.21.63.177	couvaticrespt.com	United States	13335	CLOUDFLARENETUS	false
104.21.31.181	zh.peoplelove.tech	United States	13335	CLOUDFLARENETUS	false
13.107.139.11	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.69.4	www.google.com	United States	15169	GOOGLEUS	false
13.107.137.11	dual-spov-0006.spov-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
34.117.59.81	ipinfo.io	United States	139070	GOOGLE-AS-APGoogleAsiaPacificPteLtdSG	false
104.18.95.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.19.229.21	api.hcaptcha.com	United States	13335	CLOUDFLARENETUS	false
23.209.84.151	unknown	United States	16625	AKAMAI-ASUS	false
23.209.84.154	e329293.dscd.akamaiedge.net	United States	16625	AKAMAI-ASUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1671625
Start date and time:	2025-04-23 05:13:35 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 0s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://couvaticrespt.com/access?email=test@microsoft.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	17
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal80.phis.win@33/92@46/15
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.68.238, 142.250.69.3, 142.251.2.84, 142.250.69.14, 142.250.69.10, 192.178.49.202, 192.178.49.170, 142.250.68.234, 142.250.68.227, 192.178.49.195, 20.72.203.87, 104.208.16.95, 4.245.163.56, 184.29.183.29, 13.107.246.71
Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, aadcdnoriginwus2.azureedge.net, onedscolprdcus20.centralus.cloudapp.azure.com, clientservices.googleapis.com, browser.events.data.trafficmanager.net, aadcdn.msauth.net, fpt.dfp.microsoft.com, firstparty-azurefd-prod.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, browser.events.data.microsoft.com, clients2.google.com, pme-dfp-greenid-prod.trafficmanager.net, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, csp.microsoft.com, aadcdnoriginwus2.afd.azureedge.net, clients.l.google.com, dfp-greenid-prod-pme.westus2.cloudapp.azure.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtOpenFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://couvaticrespt.com/access?email=test@microsoft.com

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
Category:	dropped
Size (bytes):	621
Entropy (8bit):	7.673946009263606
Encrypted:	false
SSDEEP:	12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
MD5:	4761405717E938D7E7400BB15715DB1E
SHA1:	76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
SHA-256:	F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
SHA-512:	E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
Malicious:	false
Reputation:	low
Preview:	..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......\|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E..".......x.@..?u......../....8...

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 23, 2025 05:14:06.140804052 CEST	53	50746	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:06.218528986 CEST	53	64967	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:06.768949986 CEST	60774	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:06.769335985 CEST	58550	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:06.982446909 CEST	53	60774	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:06.984549999 CEST	53	58550	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:07.314126015 CEST	53	56646	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:07.732198954 CEST	49319	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:07.732391119 CEST	59327	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:07.751357079 CEST	60749	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:07.751466990 CEST	58087	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:07.872745037 CEST	53	59327	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:07.872766972 CEST	53	49319	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:07.891447067 CEST	53	60749	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:07.892087936 CEST	53	58087	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:07.892330885 CEST	53	55955	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:08.837625027 CEST	62798	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:08.837908030 CEST	55526	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:08.977917910 CEST	53	62798	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:08.977936029 CEST	53	55526	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:09.080485106 CEST	53	59087	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:09.582775116 CEST	61663	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:09.583105087 CEST	65298	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:09.723258018 CEST	53	61663	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:09.723655939 CEST	53	65298	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:10.114121914 CEST	51354	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:10.114274979 CEST	62347	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:10.254349947 CEST	53	62347	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:10.254379034 CEST	53	51354	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:10.807554007 CEST	58369	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:10.807828903 CEST	60035	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:10.895363092 CEST	64180	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:10.895520926 CEST	55384	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:10.948014975 CEST	53	60035	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:10.948091030 CEST	53	58369	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:11.035561085 CEST	53	64180	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:11.035684109 CEST	53	55384	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:17.717592955 CEST	64884	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:17.717767000 CEST	64261	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:17.863331079 CEST	53	64261	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:17.865706921 CEST	53	64884	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:18.518098116 CEST	49862	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:18.518266916 CEST	52086	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:18.658873081 CEST	53	49862	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:18.664571047 CEST	53	52086	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:24.869688034 CEST	53	51832	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:30.012643099 CEST	62416	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:30.012835026 CEST	56456	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:30.190517902 CEST	53	62416	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:30.193948030 CEST	53	56456	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:31.901073933 CEST	60798	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:31.901386976 CEST	55580	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:32.041302919 CEST	53	60798	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:32.041527033 CEST	53	55580	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:32.633299112 CEST	59228	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:32.633461952 CEST	52819	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:32.728498936 CEST	53239	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:32.728634119 CEST	55335	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:32.777442932 CEST	53	52819	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:32.780358076 CEST	53	59228	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:32.869081020 CEST	53	55335	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:32.869170904 CEST	53	53239	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:34.205688953 CEST	53957	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:34.207406044 CEST	63173	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:34.345839977 CEST	53	53957	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:34.347506046 CEST	53	63173	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:43.654973030 CEST	53	52217	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:48.539000034 CEST	61954	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:48.539196014 CEST	60636	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:48.679606915 CEST	53	61954	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:48.679658890 CEST	53	60636	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:49.342168093 CEST	59114	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:49.342459917 CEST	59746	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:14:49.482342958 CEST	53	59114	1.1.1.1	192.168.2.16
Apr 23, 2025 05:14:49.482589006 CEST	53	59746	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:05.508728027 CEST	54518	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:15:05.509675980 CEST	56734	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:15:05.650362015 CEST	53	56734	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:05.660871983 CEST	53	54518	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:07.155395031 CEST	53	51581	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:09.409358978 CEST	53	57612	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:13.082794905 CEST	55188	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:15:13.082855940 CEST	49696	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:15:13.223174095 CEST	53	55188	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:13.223205090 CEST	53	49696	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:22.797669888 CEST	53	52386	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:25.211118937 CEST	60193	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:15:25.211276054 CEST	52267	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:15:25.366916895 CEST	53	60193	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:25.499561071 CEST	53	52267	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:26.640790939 CEST	53	54071	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:26.992410898 CEST	138	138	192.168.2.16	192.168.2.255
Apr 23, 2025 05:15:27.859270096 CEST	58658	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:15:27.859548092 CEST	54435	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:15:27.999427080 CEST	53	58658	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:27.999792099 CEST	53	54435	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:28.843609095 CEST	52755	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:15:28.843810081 CEST	56036	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:15:28.983733892 CEST	53	52755	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:28.983901024 CEST	53	56036	1.1.1.1	192.168.2.16
Apr 23, 2025 05:15:40.383127928 CEST	53	64142	1.1.1.1	192.168.2.16
Apr 23, 2025 05:16:08.382066965 CEST	64346	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:16:08.382175922 CEST	64454	53	192.168.2.16	1.1.1.1
Apr 23, 2025 05:16:08.522433043 CEST	53	64454	1.1.1.1	192.168.2.16
Apr 23, 2025 05:16:08.544008017 CEST	53	64346	1.1.1.1	192.168.2.16

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Apr 23, 2025 05:14:07.872813940 CEST	192.168.2.16	1.1.1.1	c216	(Port unreachable)	Destination Unreachable
Apr 23, 2025 05:15:25.499641895 CEST	192.168.2.16	1.1.1.1	c28d	(Port unreachable)	Destination Unreachable

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:07 UTC	698	OUT	GET /access?email=test@microsoft.com HTTP/1.1 Host: couvaticrespt.com Connection: keep-alive sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:07 UTC	757	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:07 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Cf-Ray: 934a305d8ca9a912-DFW Server: cloudflare Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MwmgvkmeQTKE%2F%2B8jZhN1kYOMfrsbN5D7IuJeHFeeSFgJh3jVyiTx3JKwYyxj2buAmf8O3PdK7G5sgNyBI7tE27K5NFisEt38w1TmDD5YtO1pmRJR%2Bc4BrszhHt53CJVOWtddUg%3D%3D"}],"group":"cf-nel","max_age":604800} Nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=162999&min_rtt=162944&rtt_var=34458&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2842&recv_bytes=1270&delivery_rate=24750&cwnd=252&unsent_bytes=0&cid=1d5e4f228dd92f10&ts=402&x=0"
2025-04-23 03:14:07 UTC	612	IN	Data Raw: 32 64 36 0d 0a 0a 20 20 20 20 20 20 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 53 65 63 75 72 69 74 79 20 43 68 65 63 6b 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 68 63 61 70 74 63 68 61 2e 63 6f 6d 2f 31 2f 61 70 69 2e 6a 73 22 20 61 73 79 6e 63 20 64 65 66 65 72 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 70 Data Ascii: 2d6 <!DOCTYPE html> <html> <head> <title>Security Check</title> <script src="https://js.hcaptcha.com/1/api.js" async defer></script> <style> body { font-family: Arial, sans-serif; text-align: center; p
2025-04-23 03:14:07 UTC	121	IN	Data Raw: 74 65 73 74 40 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 3e 43 6f 6e 74 69 6e 75 65 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 20 20 20 20 0d 0a Data Ascii: test@microsoft.com"> <button type="submit">Continue</button> </form> </body> </html>
2025-04-23 03:14:07 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:08 UTC	565	OUT	GET /1/api.js HTTP/1.1 Host: js.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Sec-Fetch-Storage-Access: active Referer: https://couvaticrespt.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:08 UTC	507	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:08 GMT Content-Type: application/javascript Content-Length: 207067 Connection: close CF-Ray: 934a3062acb7c4c4-PHX CF-Cache-Status: HIT Access-Control-Allow-Origin: * Cache-Control: max-age=300 ETag: W/"963c1e0c8fdc86d1877be92eadfa36e2" Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Vary: Origin alt-svc: h3=":443"; ma=86400 Cross-Origin-Resource-Policy: cross-origin X-Content-Type-Options: nosniff Server: cloudflare
2025-04-23 03:14:08 UTC	862	IN	Data Raw: 2f 2a 20 7b 20 22 76 65 72 73 69 6f 6e 22 3a 20 22 31 22 2c 20 22 68 61 73 68 22 3a 20 22 4d 45 55 43 49 42 42 4c 6c 38 4f 76 4c 2f 65 38 4e 42 73 79 5a 49 68 32 4d 38 79 34 37 6c 72 65 55 35 75 54 58 47 35 41 64 34 6a 2b 6b 30 68 6d 41 69 45 41 6f 4d 5a 51 73 61 53 4e 65 59 6a 66 79 6d 34 72 43 78 33 45 46 4e 52 69 4d 76 61 69 2b 78 4d 39 44 35 55 52 76 39 49 77 6f 76 73 3d 22 20 7d 20 2a 2f 0a 2f 2a 20 68 74 74 70 73 3a 2f 2f 68 63 61 70 74 63 68 61 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 65 28 65 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 74 68 65 6e 28 28 66 75 6e 63 74 69 6f Data Ascii: /* { "version": "1", "hash": "MEUCIBBLl8OvL/e8NBsyZIh2M8y47lreU5uTXG5Ad4j+k0hmAiEAoMZQsaSNeYjfym4rCx3EFNRiMvai+xM9D5URv9Iwovs=" } // https://hcaptcha.com/license */!function(){"use strict";function e(e){var t=this.constructor;return this.then((functio
2025-04-23 03:14:08 UTC	1369	IN	Data Raw: 29 29 7d 72 5b 65 5d 3d 7b 73 74 61 74 75 73 3a 22 66 75 6c 66 69 6c 6c 65 64 22 2c 76 61 6c 75 65 3a 6e 7d 2c 30 3d 3d 2d 2d 69 26 26 74 28 72 29 7d 66 6f 72 28 76 61 72 20 61 3d 30 3b 61 3c 72 2e 6c 65 6e 67 74 68 3b 61 2b 2b 29 6f 28 61 2c 72 5b 61 5d 29 7d 29 29 7d 76 61 72 20 6e 3d 73 65 74 54 69 6d 65 6f 75 74 2c 72 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 73 65 74 49 6d 6d 65 64 69 61 74 65 3f 73 65 74 49 6d 6d 65 64 69 61 74 65 3a 6e 75 6c 6c 3b 66 75 6e 63 74 69 6f 6e 20 69 28 65 29 7b 72 65 74 75 72 6e 20 42 6f 6f 6c 65 61 6e 28 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 6c 65 6e 67 74 68 29 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 29 7b 7d 66 75 6e 63 74 69 6f 6e 20 61 28 65 29 7b 69 66 28 21 28 Data Ascii: ))}r[e]={status:"fulfilled",value:n},0==--i&&t(r)}for(var a=0;a<r.length;a++)o(a,r[a])}))}var n=setTimeout,r="undefined"!=typeof setImmediate?setImmediate:null;function i(e){return Boolean(e&&"undefined"!=typeof e.length)}function o(){}function a(e){if(!(
2025-04-23 03:14:08 UTC	1369	IN	Data Raw: 65 66 65 72 72 65 64 73 3d 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 68 28 65 2c 74 2c 6e 29 7b 74 68 69 73 2e 6f 6e 46 75 6c 66 69 6c 6c 65 64 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 3f 65 3a 6e 75 6c 6c 2c 74 68 69 73 2e 6f 6e 52 65 6a 65 63 74 65 64 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 3f 74 3a 6e 75 6c 6c 2c 74 68 69 73 2e 70 72 6f 6d 69 73 65 3d 6e 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 29 7b 76 61 72 20 6e 3d 21 31 3b 74 72 79 7b 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6e 7c 7c 28 6e 3d 21 30 2c 63 28 74 2c 65 29 29 7d 29 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6e 7c 7c 28 6e 3d 21 30 2c 6c 28 74 2c 65 29 29 7d 29 29 7d 63 61 74 63 68 28 72 29 7b 69 66 28 6e 29 72 65 74 75 72 6e 3b 6e 3d Data Ascii: eferreds=null}function h(e,t,n){this.onFulfilled="function"==typeof e?e:null,this.onRejected="function"==typeof t?t:null,this.promise=n}function p(e,t){var n=!1;try{e((function(e){n\|\|(n=!0,c(t,e))}),(function(e){n\|\|(n=!0,l(t,e))}))}catch(r){if(n)return;n=
2025-04-23 03:14:08 UTC	1369	IN	Data Raw: 72 6e 28 22 50 6f 73 73 69 62 6c 65 20 55 6e 68 61 6e 64 6c 65 64 20 50 72 6f 6d 69 73 65 20 52 65 6a 65 63 74 69 6f 6e 3a 22 2c 65 29 7d 3b 76 61 72 20 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 73 65 6c 66 29 72 65 74 75 72 6e 20 73 65 6c 66 3b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 29 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 3b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 29 72 65 74 75 72 6e 20 67 6c 6f 62 61 6c 3b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 75 6e 61 62 6c 65 20 74 6f 20 6c 6f 63 61 74 65 20 67 6c 6f 62 61 6c 20 6f 62 6a 65 63 74 22 29 7d 28 29 3b 66 75 6e 63 74 69 6f 6e 20 66 Data Ascii: rn("Possible Unhandled Promise Rejection:",e)};var d=function(){if("undefined"!=typeof self)return self;if("undefined"!=typeof window)return window;if("undefined"!=typeof global)return global;throw new Error("unable to locate global object")}();function f
2025-04-23 03:14:08 UTC	1369	IN	Data Raw: 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 6c 61 62 65 6c 73 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 45 5b 74 5d 3d 65 7d 29 29 7d 29 29 7d 29 29 3b 76 61 72 20 78 2c 6b 3d 7b 22 55 54 46 2d 38 22 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 6a 28 65 29 7d 7d 2c 53 3d 7b 22 55 54 46 2d 38 22 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 4d 28 65 29 7d 7d 2c 54 3d 22 75 74 66 2d 38 22 3b 66 75 6e 63 74 69 6f 6e 20 56 28 65 2c 74 29 7b 69 66 28 21 28 74 68 69 73 20 69 6e 73 74 61 6e 63 65 6f 66 20 56 29 29 74 68 72 6f 77 20 54 79 70 65 45 72 72 6f 72 28 22 43 61 6c 6c 65 64 20 61 73 20 61 20 66 75 6e 63 74 69 6f 6e 2e 20 44 69 64 20 79 6f 75 20 66 6f 72 67 65 74 20 27 6e 65 77 27 3f 22 Data Ascii: nction(e){e.labels.forEach((function(t){E[t]=e}))}))}));var x,k={"UTF-8":function(e){return new j(e)}},S={"UTF-8":function(e){return new M(e)}},T="utf-8";function V(e,t){if(!(this instanceof V))throw TypeError("Called as a function. Did you forget 'new'?"
2025-04-23 03:14:08 UTC	1369	IN	Data Raw: 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 7c 7c 28 74 68 69 73 2e 65 6e 63 6f 64 69 6e 67 3d 6e 2e 5f 65 6e 63 6f 64 69 6e 67 2e 6e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 2c 6e 7d 66 75 6e 63 74 69 6f 6e 20 4d 28 65 29 7b 76 61 72 20 74 3d 65 2e 66 61 74 61 6c 2c 6e 3d 30 2c 72 3d 30 2c 69 3d 30 2c 6f 3d 31 32 38 2c 61 3d 31 39 31 3b 74 68 69 73 2e 68 61 6e 64 6c 65 72 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 73 29 7b 69 66 28 73 3d 3d 3d 79 26 26 30 21 3d 3d 69 29 72 65 74 75 72 6e 20 69 3d 30 2c 62 28 74 29 3b 69 66 28 73 3d 3d 3d 79 29 72 65 74 75 72 6e 20 77 3b 69 66 28 30 3d 3d 3d 69 29 7b 69 66 28 66 28 73 2c 30 2c 31 32 37 29 29 72 65 74 75 72 6e 20 73 3b 69 66 28 66 28 73 2c 31 39 34 2c 32 32 33 29 29 69 3d 31 2c Data Ascii: Object.defineProperty\|\|(this.encoding=n._encoding.name.toLowerCase()),n}function M(e){var t=e.fatal,n=0,r=0,i=0,o=128,a=191;this.handler=function(e,s){if(s===y&&0!==i)return i=0,b(t);if(s===y)return w;if(0===i){if(f(s,0,127))return s;if(f(s,194,223))i=1,
2025-04-23 03:14:08 UTC	1369	IN	Data Raw: 73 2e 5f 64 6f 5f 6e 6f 74 5f 66 6c 75 73 68 7c 7c 28 74 68 69 73 2e 5f 64 65 63 6f 64 65 72 3d 53 5b 74 68 69 73 2e 5f 65 6e 63 6f 64 69 6e 67 2e 6e 61 6d 65 5d 28 7b 66 61 74 61 6c 3a 22 66 61 74 61 6c 22 3d 3d 3d 74 68 69 73 2e 5f 65 72 72 6f 72 5f 6d 6f 64 65 7d 29 2c 74 68 69 73 2e 5f 42 4f 4d 73 65 65 6e 3d 21 31 29 2c 74 68 69 73 2e 5f 64 6f 5f 6e 6f 74 5f 66 6c 75 73 68 3d 42 6f 6f 6c 65 61 6e 28 74 2e 73 74 72 65 61 6d 29 3b 66 6f 72 28 76 61 72 20 72 2c 69 3d 6e 65 77 20 76 28 6e 29 2c 6f 3d 5b 5d 3b 3b 29 7b 76 61 72 20 61 3d 69 2e 72 65 61 64 28 29 3b 69 66 28 61 3d 3d 3d 79 29 62 72 65 61 6b 3b 69 66 28 28 72 3d 74 68 69 73 2e 5f 64 65 63 6f 64 65 72 2e 68 61 6e 64 6c 65 72 28 69 2c 61 29 29 3d 3d 3d 77 29 62 72 65 61 6b 3b 6e 75 6c 6c 21 3d Data Ascii: s._do_not_flush\|\|(this._decoder=S[this._encoding.name]({fatal:"fatal"===this._error_mode}),this._BOMseen=!1),this._do_not_flush=Boolean(t.stream);for(var r,i=new v(n),o=[];;){var a=i.read();if(a===y)break;if((r=this._decoder.handler(i,a))===w)break;null!=
2025-04-23 03:14:08 UTC	1369	IN	Data Raw: 37 33 34 33 29 69 2e 70 75 73 68 28 36 35 35 33 33 29 3b 65 6c 73 65 20 69 66 28 6f 3e 3d 35 35 32 39 36 26 26 6f 3c 3d 35 36 33 31 39 29 69 66 28 72 3d 3d 3d 6e 2d 31 29 69 2e 70 75 73 68 28 36 35 35 33 33 29 3b 65 6c 73 65 7b 76 61 72 20 61 3d 74 2e 63 68 61 72 43 6f 64 65 41 74 28 72 2b 31 29 3b 69 66 28 61 3e 3d 35 36 33 32 30 26 26 61 3c 3d 35 37 33 34 33 29 7b 76 61 72 20 73 3d 31 30 32 33 26 6f 2c 63 3d 31 30 32 33 26 61 3b 69 2e 70 75 73 68 28 36 35 35 33 36 2b 28 73 3c 3c 31 30 29 2b 63 29 2c 72 2b 3d 31 7d 65 6c 73 65 20 69 2e 70 75 73 68 28 36 35 35 33 33 29 7d 72 2b 3d 31 7d 72 65 74 75 72 6e 20 69 7d 28 65 29 29 2c 69 3d 5b 5d 3b 3b 29 7b 76 61 72 20 6f 3d 72 2e 72 65 61 64 28 29 3b 69 66 28 6f 3d 3d 3d 79 29 62 72 65 61 6b 3b 69 66 28 28 6e Data Ascii: 7343)i.push(65533);else if(o>=55296&&o<=56319)if(r===n-1)i.push(65533);else{var a=t.charCodeAt(r+1);if(a>=56320&&a<=57343){var s=1023&o,c=1023&a;i.push(65536+(s<<10)+c),r+=1}else i.push(65533)}r+=1}return i}(e)),i=[];;){var o=r.read();if(o===y)break;if((n
2025-04-23 03:14:08 UTC	1369	IN	Data Raw: 72 65 61 6b 3b 63 61 73 65 22 75 6e 77 72 61 70 4b 65 79 22 3a 6c 3d 62 5b 34 5d 2c 75 3d 62 5b 35 5d 2c 68 3d 62 5b 36 5d 2c 62 5b 32 5d 3d 63 2e 5f 6b 65 79 7d 69 66 28 22 67 65 6e 65 72 61 74 65 4b 65 79 22 3d 3d 3d 65 26 26 22 48 4d 41 43 22 3d 3d 3d 6c 2e 6e 61 6d 65 26 26 6c 2e 68 61 73 68 29 72 65 74 75 72 6e 20 6c 2e 6c 65 6e 67 74 68 3d 6c 2e 6c 65 6e 67 74 68 7c 7c 7b 22 53 48 41 2d 31 22 3a 35 31 32 2c 22 53 48 41 2d 32 35 36 22 3a 35 31 32 2c 22 53 48 41 2d 33 38 34 22 3a 31 30 32 34 2c 22 53 48 41 2d 35 31 32 22 3a 31 30 32 34 7d 5b 6c 2e 68 61 73 68 2e 6e 61 6d 65 5d 2c 6e 2e 69 6d 70 6f 72 74 4b 65 79 28 22 72 61 77 22 2c 74 2e 67 65 74 52 61 6e 64 6f 6d 56 61 6c 75 65 73 28 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 6c 2e 6c 65 6e 67 74 Data Ascii: reak;case"unwrapKey":l=b[4],u=b[5],h=b[6],b[2]=c._key}if("generateKey"===e&&"HMAC"===l.name&&l.hash)return l.length=l.length\|\|{"SHA-1":512,"SHA-256":512,"SHA-384":1024,"SHA-512":1024}[l.hash.name],n.importKey("raw",t.getRandomValues(new Uint8Array(l.lengt
2025-04-23 03:14:08 UTC	1369	IN	Data Raw: 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 48 4d 41 43 22 3d 3d 3d 6c 2e 6e 61 6d 65 26 26 28 6c 2e 6c 65 6e 67 74 68 7c 7c 28 6c 2e 6c 65 6e 67 74 68 3d 38 2a 65 2e 61 6c 67 6f 72 69 74 68 6d 2e 6c 65 6e 67 74 68 29 29 2c 30 3d 3d 6c 2e 6e 61 6d 65 2e 73 65 61 72 63 68 28 22 52 53 41 22 29 26 26 28 6c 2e 6d 6f 64 75 6c 75 73 4c 65 6e 67 74 68 7c 7c 28 6c 2e 6d 6f 64 75 6c 75 73 4c 65 6e 67 74 68 3d 28 65 2e 70 75 62 6c 69 63 4b 65 79 7c 7c 65 29 2e 61 6c 67 6f 72 69 74 68 6d 2e 6d 6f 64 75 6c 75 73 4c 65 6e 67 74 68 29 2c 6c 2e 70 75 62 6c 69 63 45 78 70 6f 6e 65 6e 74 7c 7c 28 6c 2e 70 75 62 6c 69 63 45 78 70 6f 6e 65 6e 74 3d 28 65 2e 70 75 62 6c 69 63 4b 65 79 7c 7c 65 29 2e 61 6c 67 6f 72 69 74 68 6d 2e 70 75 62 6c 69 63 45 78 70 6f 6e 65 6e 74 Data Ascii: ction(e){return"HMAC"===l.name&&(l.length\|\|(l.length=8*e.algorithm.length)),0==l.name.search("RSA")&&(l.modulusLength\|\|(l.modulusLength=(e.publicKey\|\|e).algorithm.modulusLength),l.publicExponent\|\|(l.publicExponent=(e.publicKey\|\|e).algorithm.publicExponent

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:09 UTC	628	OUT	GET /favicon.ico HTTP/1.1 Host: couvaticrespt.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://couvaticrespt.com/access?email=test@microsoft.com Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:09 UTC	991	IN	HTTP/1.1 500 Internal Server Error Date: Wed, 23 Apr 2025 03:14:09 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 4304 Connection: close Server: cloudflare Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdcrBO%2BGZyH1x5zbEZMppexv%2Fh%2FTXvC6gUKeRps5g55hieZ3%2FY2P3NaPn%2Bf44HiTU%2B76RhRYPhLliBNyIjvPmya7ftq0MCxPteIxWmy0tfgAatrT3mSFA%2BKHESOFlIrpTMPyEQ%3D%3D"}],"group":"cf-nel","max_age":604800} Nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Frame-Options: SAMEORIGIN Referrer-Policy: same-origin Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Cf-Ray: 934a30692a574776-DFW alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=162440&min_rtt=162407&rtt_var=34276&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2842&recv_bytes=1200&delivery_rate=24855&cwnd=252&unsent_bytes=0&cid=727bfb27fd483b71&ts=407&x=0"
2025-04-23 03:14:09 UTC	378	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 67 74 20 49 45 20 Data Ascii: <!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if gt IE
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 64 66 6c 61 72 65 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 Data Ascii: dflare</title><meta charset="UTF-8" /><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><meta http-equiv="X-UA-Compatible" content="IE=Edge" /><meta name="robots" content="noindex, nofollow" /><meta name="viewport" content="width=d
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 73 73 3d 22 63 66 2d 73 75 62 68 65 61 64 6c 69 6e 65 22 20 64 61 74 61 2d 74 72 61 6e 73 6c 61 74 65 3d 22 65 72 72 6f 72 5f 64 65 73 63 22 3e 57 6f 72 6b 65 72 20 74 68 72 65 77 20 65 78 63 65 70 74 69 6f 6e 3c 2f 68 32 3e 0a 20 20 20 20 20 20 3c 2f 64 69 76 3e 3c 21 2d 2d 20 2f 2e 68 65 61 64 65 72 20 2d 2d 3e 0a 0a 20 20 20 20 20 20 3c 73 65 63 74 69 6f 6e 3e 3c 2f 73 65 63 74 69 6f 6e 3e 3c 21 2d 2d 20 73 70 61 63 65 72 20 2d 2d 3e 0a 0a 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 66 2d 73 65 63 74 69 6f 6e 20 63 66 2d 77 72 61 70 70 65 72 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 66 2d 63 6f 6c 75 6d 6e 73 20 74 77 6f 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 66 2d 63 6f Data Ascii: ss="cf-subheadline" data-translate="error_desc">Worker threw exception</h2> </div>... /.header --> <section></section>... spacer --> <div class="cf-section cf-wrapper"> <div class="cf-columns two"> <div class="cf-co
2025-04-23 03:14:09 UTC	1188	IN	Data Raw: 6f 72 20 73 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 69 64 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 2d 69 70 22 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 68 69 64 64 65 6e 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 0a 20 20 20 20 20 20 59 6f 75 72 20 49 50 3a 0a 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 69 64 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 70 2d 72 65 76 65 61 6c 22 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 70 2d 72 65 76 65 61 6c 2d 62 74 6e 22 3e 43 6c 69 63 6b 20 74 6f 20 72 65 76 65 61 6c 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 68 69 Data Ascii: or sm:hidden">•</span> <span id="cf-footer-item-ip" class="cf-footer-item hidden sm:block sm:mb-1"> Your IP: <button type="button" id="cf-footer-ip-reveal" class="cf-footer-ip-reveal-btn">Click to reveal</button> <span class="hi

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:09 UTC	799	OUT	GET /captcha/v1/4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e/static/hcaptcha.html HTTP/1.1 Host: newassets.hcaptcha.com Connection: keep-alive sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Sec-Fetch-Storage-Access: active Referer: https://couvaticrespt.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:09 UTC	616	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:09 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Cache-Control: max-age=3600 vary: accept-encoding vary: Origin alt-svc: h3=":443"; ma=86400 CF-Cache-Status: HIT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Content-Security-Policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1; cross-origin-resource-policy: cross-origin Server: cloudflare CF-RAY: 934a30697eaf6cce-PHX
2025-04-23 03:14:09 UTC	753	IN	Data Raw: 37 64 32 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 61 74 61 2d 69 64 3d 22 68 63 61 70 74 63 68 61 2d 66 72 61 6d 65 2d 34 66 36 63 62 65 32 64 61 65 37 65 36 63 62 62 39 63 38 33 61 34 36 39 36 65 36 39 62 30 37 39 66 34 38 34 64 62 31 65 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 68 43 61 70 74 63 68 61 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d Data Ascii: 7d2a<!DOCTYPE html><html lang="en" data-id="hcaptcha-frame-4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e"><head> <title>hCaptcha</title> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="Content-
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 66 69 65 6c 64 73 65 74 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 20 32 30 70 78 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 62 75 74 74 6f 6e 3a 66 6f 63 75 73 2c 69 6e 70 75 74 3a 66 6f 63 75 73 2c 73 65 6c 65 63 74 3a 66 6f 63 75 73 2c 74 65 78 74 61 72 65 61 3a 66 6f 63 75 73 7b 6f 75 74 6c 69 6e 65 3a 30 7d 3a 66 6f 63 75 73 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 6f 75 74 6c 69 6e 65 3a 30 7d 74 65 78 74 61 72 65 61 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 6f 76 65 72 66 6c 6f 77 3a 61 75 74 6f 3b 6f 75 74 6c 69 6e 65 3a 30 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a Data Ascii: ;background-color:transparent}fieldset{margin:0;padding:15px 20px;border:none}button:focus,input:focus,select:focus,textarea:focus{outline:0}:focus{border:none;outline:0}textarea{border:none;overflow:auto;outline:0;-webkit-box-shadow:none;-moz-box-shadow:
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 75 6e 63 74 69 6f 6e 20 65 28 74 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 74 68 69 73 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 69 29 7b 69 66 28 21 74 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 74 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 69 28 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 74 79 70 65 6f 66 20 74 2b 22 20 22 2b 74 2b 22 20 69 73 20 6e 6f 74 20 69 74 65 72 61 62 6c 65 28 63 61 6e 6e 6f 74 20 72 65 61 64 20 70 72 6f 70 65 72 74 79 20 53 79 6d 62 6f 6c 28 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 29 29 22 29 29 3b 76 61 72 20 6e 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 29 3b 69 66 28 30 3d 3d 3d 6e 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 65 28 5b 5d 29 3b 76 61 72 20 72 Data Ascii: unction e(t){return new this((function(e,i){if(!t\|\|"undefined"==typeof t.length)return i(new TypeError(typeof t+" "+t+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var n=Array.prototype.slice.call(t);if(0===n.length)return e([]);var r
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 20 65 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 29 29 7b 76 61 72 20 69 3d 65 2e 74 68 65 6e 3b 69 66 28 65 20 69 6e 73 74 61 6e 63 65 6f 66 20 73 29 72 65 74 75 72 6e 20 74 2e 5f 73 74 61 74 65 3d 33 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 76 6f 69 64 20 68 28 74 29 3b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 69 29 72 65 74 75 72 6e 20 76 6f 69 64 20 66 28 28 6e 3d 69 2c 72 3d 65 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 61 70 70 6c 79 28 72 2c 61 72 67 75 6d 65 6e 74 73 29 7d 29 2c 74 29 7d 74 2e 5f 73 74 61 74 65 3d 31 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 68 28 74 29 7d 63 61 74 63 68 28 6f 29 7b 63 28 74 2c 6f 29 7d 76 61 72 20 6e 2c 72 7d 66 75 6e 63 74 69 6f 6e 20 63 28 74 2c 65 29 7b 74 2e 5f 73 74 61 74 Data Ascii: e\|\|"function"==typeof e)){var i=e.then;if(e instanceof s)return t._state=3,t._value=e,void h(t);if("function"==typeof i)return void f((n=i,r=e,function(){n.apply(r,arguments)}),t)}t._state=1,t._value=e,h(t)}catch(o){c(t,o)}var n,r}function c(t,e){t._stat
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 7b 72 65 74 75 72 6e 20 74 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 73 3f 74 3a 6e 65 77 20 73 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 28 74 29 7d 29 29 7d 2c 73 2e 72 65 6a 65 63 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 73 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 69 29 7b 69 28 74 29 7d 29 29 7d 2c 73 2e 72 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 73 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 69 29 7b 69 66 28 21 72 28 74 29 29 72 65 74 75 72 6e 20 69 28 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 50 72 6f 6d 69 73 65 2e 72 61 63 65 20 61 63 63 65 70 74 73 20 61 6e 20 61 72 72 61 79 22 29 29 3b 66 6f 72 28 76 Data Ascii: {return t&&"object"==typeof t&&t.constructor===s?t:new s((function(e){e(t)}))},s.reject=function(t){return new s((function(e,i){i(t)}))},s.race=function(t){return new s((function(e,i){if(!r(t))return i(new TypeError("Promise.race accepts an array"));for(v
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 6f 6b 65 6e 73 2e 70 75 73 68 28 74 29 7d 2c 70 75 73 68 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 74 29 29 66 6f 72 28 76 61 72 20 65 3d 74 3b 65 2e 6c 65 6e 67 74 68 3b 29 74 68 69 73 2e 74 6f 6b 65 6e 73 2e 75 6e 73 68 69 66 74 28 65 2e 73 68 69 66 74 28 29 29 3b 65 6c 73 65 20 74 68 69 73 2e 74 6f 6b 65 6e 73 2e 75 6e 73 68 69 66 74 28 74 29 7d 7d 3b 76 61 72 20 76 3d 2d 31 3b 66 75 6e 63 74 69 6f 6e 20 77 28 74 2c 65 29 7b 69 66 28 74 29 74 68 72 6f 77 20 54 79 70 65 45 72 72 6f 72 28 22 44 65 63 6f 64 65 72 20 65 72 72 6f 72 22 29 3b 72 65 74 75 72 6e 20 65 7c 7c 36 35 35 33 33 7d 66 75 6e 63 74 69 6f 6e 20 78 28 74 29 7b 72 65 74 75 72 6e 20 74 3d 53 74 72 69 6e 67 28 74 29 2e 74 72 69 6d 28 29 2e 74 Data Ascii: okens.push(t)},push:function(t){if(Array.isArray(t))for(var e=t;e.length;)this.tokens.unshift(e.shift());else this.tokens.unshift(t)}};var v=-1;function w(t,e){if(t)throw TypeError("Decoder error");return e\|\|65533}function x(t){return t=String(t).trim().t
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 22 43 61 6c 6c 65 64 20 61 73 20 61 20 66 75 6e 63 74 69 6f 6e 2e 20 44 69 64 20 79 6f 75 20 66 6f 72 67 65 74 20 27 6e 65 77 27 3f 22 29 3b 65 3d 6d 28 65 29 2c 74 68 69 73 2e 5f 65 6e 63 6f 64 69 6e 67 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 65 6e 63 6f 64 65 72 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 64 6f 5f 6e 6f 74 5f 66 6c 75 73 68 3d 21 31 2c 74 68 69 73 2e 5f 66 61 74 61 6c 3d 65 2e 66 61 74 61 6c 3f 22 66 61 74 61 6c 22 3a 22 72 65 70 6c 61 63 65 6d 65 6e 74 22 3b 76 61 72 20 69 3d 74 68 69 73 3b 69 66 28 65 2e 4e 4f 4e 53 54 41 4e 44 41 52 44 5f 61 6c 6c 6f 77 4c 65 67 61 63 79 45 6e 63 6f 64 69 6e 67 29 7b 76 61 72 20 6e 3d 78 28 74 3d 74 21 3d 3d 75 6e 64 65 66 69 6e 65 64 3f 53 74 72 69 6e 67 28 74 29 3a 53 29 3b 69 66 28 6e 75 6c 6c 3d 3d 3d 6e 7c Data Ascii: "Called as a function. Did you forget 'new'?");e=m(e),this._encoding=null,this._encoder=null,this._do_not_flush=!1,this._fatal=e.fatal?"fatal":"replacement";var i=this;if(e.NONSTANDARD_allowLegacyEncoding){var n=x(t=t!==undefined?String(t):S);if(null===n\|
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 6e 20 74 68 69 73 2e 5f 65 6e 63 6f 64 69 6e 67 2e 6e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 7d 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 56 2e 70 72 6f 74 6f 74 79 70 65 2c 22 66 61 74 61 6c 22 2c 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 66 61 74 61 6c 22 3d 3d 3d 74 68 69 73 2e 5f 65 72 72 6f 72 5f 6d 6f 64 65 7d 7d 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 56 2e 70 72 6f 74 6f 74 79 70 65 2c 22 69 67 6e 6f 72 65 42 4f 4d 22 2c 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 69 67 6e 6f 72 65 42 4f 4d 7d 7d 29 29 2c 56 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 63 6f 64 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b Data Ascii: n this._encoding.name.toLowerCase()}}),Object.defineProperty(V.prototype,"fatal",{get:function(){return"fatal"===this._error_mode}}),Object.defineProperty(V.prototype,"ignoreBOM",{get:function(){return this._ignoreBOM}})),V.prototype.decode=function(t,e){
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 26 26 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 41 2e 70 72 6f 74 6f 74 79 70 65 2c 22 65 6e 63 6f 64 69 6e 67 22 2c 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 65 6e 63 6f 64 69 6e 67 2e 6e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 7d 29 2c 41 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 63 6f 64 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 74 3d 74 3d 3d 3d 75 6e 64 65 66 69 6e 65 64 3f 22 22 3a 53 74 72 69 6e 67 28 74 29 2c 65 3d 6d 28 65 29 2c 74 68 69 73 2e 5f 64 6f 5f 6e 6f 74 5f 66 6c 75 73 68 7c 7c 28 74 68 69 73 2e 5f 65 6e 63 6f 64 65 72 3d 45 5b 74 68 69 73 2e 5f 65 6e 63 6f 64 69 6e 67 2e 6e 61 6d 65 5d 28 7b 66 61 Data Ascii: ect.defineProperty&&Object.defineProperty(A.prototype,"encoding",{get:function(){return this._encoding.name.toLowerCase()}}),A.prototype.encode=function(t,e){t=t===undefined?"":String(t),e=m(e),this._do_not_flush\|\|(this._encoder=E[this._encoding.name]({fa
2025-04-23 03:14:09 UTC	1369	IN	Data Raw: 73 75 62 74 6c 65 26 26 21 21 65 2e 77 65 62 6b 69 74 53 75 62 74 6c 65 3b 69 66 28 73 7c 7c 61 29 7b 76 61 72 20 6c 3d 7b 4b 6f 5a 49 68 76 63 4e 41 51 45 42 3a 22 31 2e 32 2e 38 34 30 2e 31 31 33 35 34 39 2e 31 2e 31 2e 31 22 7d 2c 63 3d 7b 22 31 2e 32 2e 38 34 30 2e 31 31 33 35 34 39 2e 31 2e 31 2e 31 22 3a 22 4b 6f 5a 49 68 76 63 4e 41 51 45 42 22 7d 3b 69 66 28 5b 22 67 65 6e 65 72 61 74 65 4b 65 79 22 2c 22 69 6d 70 6f 72 74 4b 65 79 22 2c 22 75 6e 77 72 61 70 4b 65 79 22 5d 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 69 5b 74 5d 3b 69 5b 74 5d 3d 66 75 6e 63 74 69 6f 6e 28 72 2c 6f 2c 6c 29 7b 76 61 72 20 63 2c 68 2c 75 2c 64 2c 77 3d 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: subtle&&!!e.webkitSubtle;if(s\|\|a){var l={KoZIhvcNAQEB:"1.2.840.113549.1.1.1"},c={"1.2.840.113549.1.1.1":"KoZIhvcNAQEB"};if(["generateKey","importKey","unwrapKey"].forEach((function(t){var n=i[t];i[t]=function(r,o,l){var c,h,u,d,w=[].slice.call(arguments);

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:10 UTC	558	OUT	OPTIONS /report/v4?s=KdcrBO%2BGZyH1x5zbEZMppexv%2Fh%2FTXvC6gUKeRps5g55hieZ3%2FY2P3NaPn%2Bf44HiTU%2B76RhRYPhLliBNyIjvPmya7ftq0MCxPteIxWmy0tfgAatrT3mSFA%2BKHESOFlIrpTMPyEQ%3D%3D HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Origin: https://couvaticrespt.com Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:10 UTC	336	IN	HTTP/1.1 200 OK Content-Length: 0 access-control-max-age: 86400 access-control-allow-methods: OPTIONS, POST access-control-allow-origin: * access-control-allow-headers: content-type, content-length date: Wed, 23 Apr 2025 03:14:09 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:10 UTC	801	OUT	POST /checksiteconfig?v=4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e&host=couvaticrespt.com&sitekey=c48e0666-c564-4dfa-b2d2-4d46de425ef2&sc=1&swa=1&spst=1 HTTP/1.1 Host: api.hcaptcha.com Connection: keep-alive Content-Length: 0 sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: application/json sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" Content-Type: text/plain sec-ch-ua-mobile: ?0 Origin: https://newassets.hcaptcha.com Sec-Fetch-Site: same-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:10 UTC	587	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:10 GMT Content-Type: application/json Content-Length: 796 Connection: close Access-Control-Allow-Origin: https://newassets.hcaptcha.com Vary: Origin, Accept-Encoding Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Cache-Control, Content-Type, DNT, Referer, User-Agent Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 934a30716f52720e-PHX alt-svc: h3=":443"; ma=86400
2025-04-23 03:14:10 UTC	782	IN	Data Raw: 7b 22 66 65 61 74 75 72 65 73 22 3a 7b 22 63 75 73 74 6f 6d 5f 74 68 65 6d 65 22 3a 74 72 75 65 2c 22 65 6e 63 5f 67 65 74 5f 72 65 71 22 3a 74 72 75 65 7d 2c 22 63 22 3a 7b 22 74 79 70 65 22 3a 22 68 73 77 22 2c 22 72 65 71 22 3a 22 65 79 4a 30 65 58 41 69 4f 69 4a 4b 56 31 51 69 4c 43 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 4a 39 2e 65 79 4a 6d 49 6a 6f 77 4c 43 4a 7a 49 6a 6f 79 4c 43 4a 30 49 6a 6f 69 64 79 49 73 49 6d 51 69 4f 69 4a 33 65 47 78 34 5a 6c 52 35 59 6e 6c 76 4d 45 64 7a 61 7a 6c 57 4e 55 59 30 55 6c 5a 4d 51 6a 5a 43 4e 33 5a 70 4d 33 64 71 62 44 64 6d 54 6a 42 6e 53 57 77 76 61 6e 64 43 65 6d 64 36 52 55 68 61 62 30 5a 58 64 31 52 32 63 30 52 4b 62 30 39 58 52 32 78 57 55 7a 67 30 54 46 49 78 55 47 4a 6e 4d 58 68 46 56 30 35 77 Data Ascii: {"features":{"custom_theme":true,"enc_get_req":true},"c":{"type":"hsw","req":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmIjowLCJzIjoyLCJ0IjoidyIsImQiOiJ3eGx4ZlR5YnlvMEdzazlWNUY0UlZMQjZCN3ZpM3dqbDdmTjBnSWwvandCemd6RUhab0ZXd1R2c0RKb09XR2xWUzg0TFIxUGJnMXhFV05w
2025-04-23 03:14:10 UTC	14	IN	Data Raw: 7d 2c 22 70 61 73 73 22 3a 74 72 75 65 7d Data Ascii: },"pass":true}

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:10 UTC	533	OUT	POST /report/v4?s=KdcrBO%2BGZyH1x5zbEZMppexv%2Fh%2FTXvC6gUKeRps5g55hieZ3%2FY2P3NaPn%2Bf44HiTU%2B76RhRYPhLliBNyIjvPmya7ftq0MCxPteIxWmy0tfgAatrT3mSFA%2BKHESOFlIrpTMPyEQ%3D%3D HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Content-Length: 455 Content-Type: application/reports+json Origin: https://couvaticrespt.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:10 UTC	455	OUT	Data Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 37 33 35 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 63 6f 75 76 61 74 69 63 72 65 73 70 74 2e 63 6f 6d 2f 61 63 63 65 73 73 3f 65 6d 61 69 6c 3d 74 65 73 74 40 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 36 33 2e 31 37 37 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 35 30 30 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 Data Ascii: [{"age":0,"body":{"elapsed_time":735,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://couvaticrespt.com/access?email=test@microsoft.com","sampling_fraction":1.0,"server_ip":"104.21.63.177","status_code":500,"type":"http.error
2025-04-23 03:14:11 UTC	214	IN	HTTP/1.1 200 OK Content-Length: 0 access-control-allow-origin: * vary: Origin date: Wed, 23 Apr 2025 03:14:10 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:11 UTC	715	OUT	GET /c/b5d09cd7e83c902f4de373bd20874a7bfb78d62542dc17cab9e39ab17493925e/hsw.js HTTP/1.1 Host: newassets.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/captcha/v1/4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e/static/hcaptcha.html Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:11 UTC	462	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:11 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: close Cache-Control: max-age=3024000 etag: W/"42fa92a6e88ee146ad837fd5bc87dc4f" vary: accept-encoding vary: Origin alt-svc: h3=":443"; ma=86400 CF-Cache-Status: HIT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 934a3075ad1df7ab-LAX
2025-04-23 03:14:11 UTC	907	IN	Data Raw: 37 64 63 34 0d 0a 2f 2a 20 7b 20 22 76 65 72 73 69 6f 6e 22 3a 20 22 76 31 22 2c 20 22 68 61 73 68 22 3a 20 22 73 68 61 32 35 36 2d 4d 45 51 43 49 41 65 4c 4f 30 65 6e 48 32 68 42 47 37 64 2f 4e 7a 49 66 53 6a 57 70 51 6b 63 2b 33 79 55 77 45 4d 30 73 78 6e 72 6d 70 63 41 44 41 69 42 73 52 68 67 32 72 49 69 2b 63 73 47 78 6e 6d 69 7a 4d 38 49 65 4a 63 42 4a 63 4b 53 32 7a 74 4b 64 55 37 53 50 74 35 7a 65 59 77 3d 3d 22 20 7d 20 2a 2f 0a 76 61 72 20 68 73 77 3d 66 75 6e 63 74 69 6f 6e 20 24 4c 77 49 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 58 6d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 3d 52 73 26 26 52 73 5b 63 50 28 32 38 35 29 5d 3d 3d 3d 4f 6e 2e 4c 62 5b 63 50 28 32 38 35 29 5d 7c 7c 28 52 73 3d 66 Data Ascii: 7dc4/* { "version": "v1", "hash": "sha256-MEQCIAeLO0enH2hBG7d/NzIfSjWpQkc+3yUwEM0sxnrmpcADAiBsRhg2rIi+csGxnmizM8IeJcBJcKS2ztKdU7SPt5zeYw==" } */var hsw=function $LwI(){"use strict";var Xm=function(){return null!==Rs&&Rs[cP(285)]===On.Lb[cP(285)]\|\|(Rs=f
2025-04-23 03:14:11 UTC	1369	IN	Data Raw: 69 64 20 30 3a 6f 5b 68 69 28 73 6c 29 5d 28 30 2c 36 34 29 2c 28 6c 43 7c 7c 22 22 29 5b 68 69 28 34 30 35 29 5d 2c 61 50 2e 6c 65 6e 67 74 68 5d 29 7d 7d 72 65 74 75 72 6e 20 6a 45 7d 2c 66 75 6e 63 74 69 6f 6e 28 58 6d 29 7b 76 61 72 20 79 6a 3d 32 39 30 3b 76 61 72 20 65 70 3d 32 36 31 3b 76 61 72 20 67 41 3d 35 32 35 3b 76 61 72 20 66 5f 3d 43 73 3b 72 65 74 75 72 6e 20 65 66 5b 66 5f 28 35 31 36 29 5d 3d 30 2c 65 66 5b 66 5f 28 37 31 36 29 5d 28 58 6d 29 3f 22 5c 22 22 2b 58 6d 2e 72 65 70 6c 61 63 65 28 65 66 2c 66 75 6e 63 74 69 6f 6e 28 58 6d 29 7b 76 61 72 20 71 46 3d 66 5f 3b 76 61 72 20 73 6c 3d 45 4a 5b 58 6d 5d 3b 72 65 74 75 72 6e 20 71 46 28 34 32 38 29 3d 3d 74 79 70 65 6f 66 20 73 6c 3f 73 6c 3a 22 5c 5c 75 22 2b 28 71 46 28 79 6a 29 2b Data Ascii: id 0:o[hi(sl)](0,64),(lC\|\|"")[hi(405)],aP.length])}}return jE},function(Xm){var yj=290;var ep=261;var gA=525;var f_=Cs;return ef[f_(516)]=0,ef[f_(716)](Xm)?"\""+Xm.replace(ef,function(Xm){var qF=f_;var sl=EJ[Xm];return qF(428)==typeof sl?sl:"\\u"+(qF(yj)+
2025-04-23 03:14:11 UTC	1369	IN	Data Raw: 6d 2c 79 6a 29 7d 29 29 3b 69 66 28 58 6d 20 69 6e 73 74 61 6e 63 65 6f 66 20 45 6c 29 72 65 74 75 72 6e 20 58 6d 2e 74 68 65 6e 28 29 5b 6a 45 28 38 34 36 29 5d 28 66 75 6e 63 74 69 6f 6e 28 58 6d 29 7b 72 65 74 75 72 6e 20 68 69 28 58 6d 2c 79 6a 29 7d 29 3b 69 66 28 21 28 6a 45 28 66 5f 29 3d 3d 74 79 70 65 6f 66 28 67 41 3d 58 6d 29 7c 7c 67 41 20 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 7c 7c 67 41 20 69 6e 73 74 61 6e 63 65 6f 66 20 49 6e 74 38 41 72 72 61 79 7c 7c 67 41 20 69 6e 73 74 61 6e 63 65 6f 66 20 55 69 6e 74 38 41 72 72 61 79 7c 7c 67 41 20 69 6e 73 74 61 6e 63 65 6f 66 20 55 69 6e 74 38 43 6c 61 6d 70 65 64 41 72 72 61 79 7c 7c 67 41 20 69 6e 73 74 61 6e 63 65 6f 66 20 49 6e 74 31 36 41 72 72 61 79 7c 7c 67 41 20 69 6e 73 74 61 6e Data Ascii: m,yj)}));if(Xm instanceof El)return Xm.then()[jE(846)](function(Xm){return hi(Xm,yj)});if(!(jE(f_)==typeof(gA=Xm)\|\|gA instanceof Array\|\|gA instanceof Int8Array\|\|gA instanceof Uint8Array\|\|gA instanceof Uint8ClampedArray\|\|gA instanceof Int16Array\|\|gA instan
2025-04-23 03:14:11 UTC	1369	IN	Data Raw: 64 69 63 74 69 6f 6e 61 72 79 22 29 7d 3a 5b 5d 2c 58 3a 74 79 70 65 6f 66 20 67 41 3d 3d 22 6f 62 6a 65 63 74 22 3f 22 52 22 3a 66 75 6e 63 74 69 6f 6e 28 58 6d 2c 79 6a 29 7b 76 61 72 20 65 70 3b 76 61 72 20 67 41 3b 76 61 72 20 66 5f 3b 76 61 72 20 71 46 3b 76 61 72 20 73 6c 3b 76 61 72 20 68 69 3b 76 61 72 20 61 44 3d 34 38 37 3b 76 61 72 20 6a 45 3d 38 34 32 3b 76 61 72 20 64 75 3d 34 32 38 3b 76 61 72 20 63 58 3d 34 35 36 3b 76 61 72 20 61 50 3d 33 35 39 3b 76 61 72 20 74 72 3d 36 32 33 3b 76 61 72 20 6c 43 3d 35 36 31 3b 76 61 72 20 6f 3d 33 32 31 3b 76 61 72 20 66 42 3d 32 34 31 3b 76 61 72 20 6e 50 3d 43 73 3b 76 61 72 20 69 48 3d 79 6a 5b 58 6d 5d 3b 73 77 69 74 63 68 28 69 48 20 69 6e 73 74 61 6e 63 65 6f 66 20 44 61 74 65 26 26 28 68 69 3d 69 Data Ascii: dictionary")}:[],X:typeof gA=="object"?"R":function(Xm,yj){var ep;var gA;var f_;var qF;var sl;var hi;var aD=487;var jE=842;var du=428;var cX=456;var aP=359;var tr=623;var lC=561;var o=321;var fB=241;var nP=Cs;var iH=yj[Xm];switch(iH instanceof Date&&(hi=i
2025-04-23 03:14:11 UTC	1369	IN	Data Raw: 59 5b 63 50 28 32 39 36 29 5d 26 26 49 59 5b 63 50 28 79 6a 29 5d 28 49 59 5b 63 50 28 32 39 36 29 5d 2b 31 29 3b 76 61 72 20 65 70 3d 66 44 3b 72 65 74 75 72 6e 20 66 44 3d 49 59 5b 65 70 5d 2c 49 59 5b 65 70 5d 3d 58 6d 2c 65 70 7d 76 61 72 20 6f 3d 21 61 50 3f 38 34 3a 66 75 6e 63 74 69 6f 6e 28 58 6d 2c 79 6a 2c 65 70 29 7b 72 65 74 75 72 6e 20 6e 42 28 4f 6e 2e 77 62 28 58 6d 2c 79 6a 2c 6c 43 28 65 70 29 29 29 7d 3b 76 61 72 20 66 42 3d 66 61 6c 73 65 3b 76 61 72 20 6e 50 3d 64 75 3d 3d 31 35 3f 66 75 6e 63 74 69 6f 6e 28 58 6d 2c 79 6a 29 7b 76 61 72 20 65 70 3d 32 36 37 3b 76 61 72 20 67 41 3d 35 36 31 3b 76 61 72 20 66 5f 3d 34 38 34 3b 76 61 72 20 71 46 3d 43 73 3b 76 61 72 20 73 6c 3d 4f 62 6a 65 63 74 5b 71 46 28 37 32 33 29 5d 28 58 6d 2c 79 Data Ascii: Y[cP(296)]&&IY[cP(yj)](IY[cP(296)]+1);var ep=fD;return fD=IY[ep],IY[ep]=Xm,ep}var o=!aP?84:function(Xm,yj,ep){return nB(On.wb(Xm,yj,lC(ep)))};var fB=false;var nP=du==15?function(Xm,yj){var ep=267;var gA=561;var f_=484;var qF=Cs;var sl=Object[qF(723)](Xm,y
2025-04-23 03:14:11 UTC	1369	IN	Data Raw: 5f 3b 76 61 72 20 71 46 3b 76 61 72 20 73 6c 3b 76 61 72 20 68 69 3b 76 61 72 20 61 44 3b 73 77 69 74 63 68 28 61 44 2a 6d 24 2a 68 69 29 7b 63 61 73 65 20 37 38 39 36 38 34 3a 76 61 72 20 6a 45 3d 5b 5d 3b 61 44 2d 3d 28 6d 24 2b 3d 68 69 2b 32 2d 28 61 44 2d 31 33 31 29 29 2d 31 33 32 2b 28 68 69 2d 35 38 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 31 30 32 34 31 30 3a 76 61 72 20 64 75 3d 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 31 36 29 3b 68 69 2d 3d 28 61 44 2d 31 30 36 29 2a 28 61 44 2d 31 30 37 29 2b 28 68 69 2d 39 36 29 2c 64 75 5b 6d 24 2d 37 2b 28 61 44 2d 31 31 30 29 5d 3d 32 35 35 26 28 69 77 5b 61 50 5b 61 44 2d 31 31 30 2b 28 6d 24 2d 37 2b 28 68 69 2d 38 34 29 29 5d 3e 3e 32 34 26 32 35 35 5d 5e 28 6d 24 2b 38 30 33 35 33 32 30 30 35 29 2a Data Ascii: _;var qF;var sl;var hi;var aD;switch(aDm$hi){case 789684:var jE=[];aD-=(m$+=hi+2-(aD-131))-132+(hi-58);break;case 102410:var du=new Uint8Array(16);hi-=(aD-106)(aD-107)+(hi-96),du[m$-7+(aD-110)]=255&(iw[aP[aD-110+(m$-7+(hi-84))]>>24&255]^(m$+803532005)
2025-04-23 03:14:11 UTC	1369	IN	Data Raw: 3d 7a 69 5b 61 50 5b 61 44 2d 39 34 2d 28 6d 24 2d 34 33 29 5d 3e 3e 32 34 26 32 35 35 5d 5e 4b 44 5b 61 50 5b 68 69 2d 31 37 36 2b 28 6d 24 2d 34 32 29 2d 28 61 44 2d 39 33 29 5d 3e 3e 31 36 26 32 35 35 5d 5e 6c 69 5b 61 50 5b 68 69 2d 31 37 34 2d 28 6d 24 2d 34 32 2b 28 68 69 2d 31 37 37 29 29 5d 3e 3e 38 26 32 35 35 5d 5e 73 6b 5b 32 35 35 26 61 50 5b 6d 24 2d 33 39 2d 28 6d 24 2d 34 32 2b 28 61 44 2d 39 34 29 29 5d 5d 5e 28 6d 24 2b 31 31 39 34 32 38 32 31 29 2a 28 6d 24 2b 38 31 2d 28 6d 24 2d 32 32 29 29 2b 28 61 44 2b 31 30 39 31 31 39 30 38 29 3b 62 72 65 61 6b 3b 64 65 66 61 75 6c 74 3a 74 68 72 6f 77 20 61 44 2a 6d 24 2a 68 69 3b 63 61 73 65 20 39 35 31 30 38 3a 68 69 2b 3d 28 61 44 2d 34 30 29 2a 28 68 69 2d 32 30 2d 28 31 2b 28 6d 24 2d 3d 28 Data Ascii: =zi[aP[aD-94-(m$-43)]>>24&255]^KD[aP[hi-176+(m$-42)-(aD-93)]>>16&255]^li[aP[hi-174-(m$-42+(hi-177))]>>8&255]^sk[255&aP[m$-39-(m$-42+(aD-94))]]^(m$+11942821)(m$+81-(m$-22))+(aD+10911908);break;default:throw aDm$hi;case 95108:hi+=(aD-40)(hi-20-(1+(m$-=(
2025-04-23 03:14:11 UTC	1369	IN	Data Raw: 2d 37 39 29 29 5d 3e 3e 32 34 26 32 35 35 5d 5e 4b 44 5b 61 50 5b 6d 24 2d 31 33 31 2b 28 68 69 2d 37 38 2b 28 6d 24 2d 31 33 33 29 29 5d 3e 3e 31 36 26 32 35 35 5d 5e 6c 69 5b 61 50 5b 61 44 2d 39 38 2d 28 6d 24 2d 31 33 33 29 5d 3e 3e 38 26 32 35 35 5d 5e 73 6b 5b 32 35 35 26 61 50 5b 68 69 2d 37 37 2d 28 6d 24 2d 31 33 32 2b 28 6d 24 2d 31 33 33 29 29 5d 5d 5e 28 68 69 2d 39 38 33 30 34 35 37 31 2b 28 68 69 2d 31 30 37 32 38 38 38 38 38 29 29 2a 28 68 69 2d 37 37 2b 28 68 69 2d 37 35 29 29 2b 28 61 44 2d 31 36 39 32 33 35 35 31 37 29 2c 68 69 2d 3d 28 6d 24 2d 31 32 39 29 2a 28 6d 24 2d 31 33 31 29 2b 28 6d 24 2d 31 33 30 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 38 34 38 34 38 34 3a 68 69 2d 3d 68 69 2d 39 35 2d 28 61 44 2d 35 31 29 2c 61 50 3d 6a 45 5b Data Ascii: -79))]>>24&255]^KD[aP[m$-131+(hi-78+(m$-133))]>>16&255]^li[aP[aD-98-(m$-133)]>>8&255]^sk[255&aP[hi-77-(m$-132+(m$-133))]]^(hi-98304571+(hi-107288888))(hi-77+(hi-75))+(aD-169235517),hi-=(m$-129)(m$-131)+(m$-130);break;case 848484:hi-=hi-95-(aD-51),aP=jE[
2025-04-23 03:14:11 UTC	1369	IN	Data Raw: 32 35 35 5d 5e 4b 44 5b 61 50 5b 68 69 2d 31 32 33 2b 28 61 44 2d 32 37 29 5d 3e 3e 31 36 26 32 35 35 5d 5e 6c 69 5b 61 50 5b 6d 24 2d 31 32 38 2d 28 68 69 2d 31 32 33 2b 28 61 44 2d 32 37 29 29 5d 3e 3e 38 26 32 35 35 5d 5e 73 6b 5b 32 35 35 26 61 50 5b 68 69 2d 31 32 34 2b 28 61 44 2d 32 38 29 5d 5d 5e 28 68 69 2d 35 39 35 39 39 37 35 31 38 29 2a 28 68 69 2d 31 32 31 29 2b 28 68 69 2d 31 32 30 35 30 31 39 36 34 29 2c 68 69 2d 3d 61 44 2b 31 31 30 2d 28 68 69 2d 35 36 29 2b 28 68 69 2d 31 32 30 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 36 35 31 37 30 30 3a 61 50 3d 6a 45 5b 73 6c 28 65 70 29 5d 28 29 2c 6d 24 2d 3d 61 44 2d 39 37 2b 28 61 44 2d 39 37 29 2b 28 61 44 2d 37 38 29 2c 6a 45 5b 61 44 2d 39 38 2b 28 68 69 2d 35 30 29 5d 3d 7a 69 5b 61 50 5b 61 44 Data Ascii: 255]^KD[aP[hi-123+(aD-27)]>>16&255]^li[aP[m$-128-(hi-123+(aD-27))]>>8&255]^sk[255&aP[hi-124+(aD-28)]]^(hi-595997518)*(hi-121)+(hi-120501964),hi-=aD+110-(hi-56)+(hi-120);break;case 651700:aP=jE[sl(ep)](),m$-=aD-97+(aD-97)+(aD-78),jE[aD-98+(hi-50)]=zi[aP[aD
2025-04-23 03:14:11 UTC	1369	IN	Data Raw: 31 29 2c 6a 45 5b 6d 24 2d 31 30 38 2d 28 6d 24 2d 31 31 30 2b 28 6d 24 2d 31 31 31 29 29 5d 3d 7a 69 5b 61 50 5b 6d 24 2d 31 30 38 2d 28 61 44 2d 35 31 29 5d 3e 3e 32 34 26 32 35 35 5d 5e 4b 44 5b 61 50 5b 6d 24 2d 31 30 39 2b 28 68 69 2d 31 34 35 29 2d 28 61 44 2d 35 31 29 5d 3e 3e 31 36 26 32 35 35 5d 5e 6c 69 5b 61 50 5b 61 44 2d 35 32 2b 28 6d 24 2d 31 31 31 29 5d 3e 3e 38 26 32 35 35 5d 5e 73 6b 5b 32 35 35 26 61 50 5b 68 69 2d 31 34 36 2b 28 68 69 2d 31 34 37 2b 28 68 69 2d 31 34 37 29 29 5d 5d 5e 28 68 69 2b 32 39 35 34 31 34 38 31 31 29 2a 28 68 69 2d 31 34 33 29 2b 28 68 69 2b 32 32 36 35 31 33 35 32 35 29 2d 28 6d 24 2b 31 39 31 37 33 30 34 39 36 29 2c 6a 45 5b 68 69 2d 31 34 36 2b 28 6d 24 2d 31 31 30 29 2b 28 61 44 2d 35 31 29 5d 3d 7a 69 5b Data Ascii: 1),jE[m$-108-(m$-110+(m$-111))]=zi[aP[m$-108-(aD-51)]>>24&255]^KD[aP[m$-109+(hi-145)-(aD-51)]>>16&255]^li[aP[aD-52+(m$-111)]>>8&255]^sk[255&aP[hi-146+(hi-147+(hi-147))]]^(hi+295414811)*(hi-143)+(hi+226513525)-(m$+191730496),jE[hi-146+(m$-110)+(aD-51)]=zi[

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:11 UTC	524	OUT	GET /checksiteconfig?v=4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e&host=couvaticrespt.com&sitekey=c48e0666-c564-4dfa-b2d2-4d46de425ef2&sc=1&swa=1&spst=1 HTTP/1.1 Host: api.hcaptcha.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:11 UTC	526	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:11 GMT Content-Type: application/json Content-Length: 796 Connection: close Vary: Origin, Accept-Encoding Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Cache-Control, Content-Type, DNT, Referer, User-Agent Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 934a30768f276a2a-LAX alt-svc: h3=":443"; ma=86400
2025-04-23 03:14:11 UTC	796	IN	Data Raw: 7b 22 66 65 61 74 75 72 65 73 22 3a 7b 22 63 75 73 74 6f 6d 5f 74 68 65 6d 65 22 3a 74 72 75 65 2c 22 65 6e 63 5f 67 65 74 5f 72 65 71 22 3a 74 72 75 65 7d 2c 22 63 22 3a 7b 22 74 79 70 65 22 3a 22 68 73 77 22 2c 22 72 65 71 22 3a 22 65 79 4a 30 65 58 41 69 4f 69 4a 4b 56 31 51 69 4c 43 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 4a 39 2e 65 79 4a 6d 49 6a 6f 77 4c 43 4a 7a 49 6a 6f 79 4c 43 4a 30 49 6a 6f 69 64 79 49 73 49 6d 51 69 4f 69 49 35 4d 32 4e 53 51 55 51 77 4b 33 42 47 4f 48 42 74 62 48 56 35 64 32 5a 44 59 6b 6c 6e 54 32 6f 78 55 55 4e 32 54 56 64 46 55 45 68 6c 54 6c 68 4f 61 31 4e 72 5a 30 6c 30 5a 46 4e 78 51 6c 70 4e 62 6d 35 73 55 54 59 35 64 32 64 53 65 47 52 56 59 32 35 4a 56 6c 51 7a 52 6c 42 6e 51 58 56 79 4d 6d 35 31 64 6b 64 4c Data Ascii: {"features":{"custom_theme":true,"enc_get_req":true},"c":{"type":"hsw","req":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmIjowLCJzIjoyLCJ0IjoidyIsImQiOiI5M2NSQUQwK3BGOHBtbHV5d2ZDYklnT2oxUUN2TVdFUEhlTlhOa1NrZ0l0ZFNxQlpNbm5sUTY5d2dSeGRVY25JVlQzRlBnQXVyMm51dkdL

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:15 UTC	567	OUT	OPTIONS /getcaptcha/c48e0666-c564-4dfa-b2d2-4d46de425ef2 HTTP/1.1 Host: api.hcaptcha.com Connection: keep-alive Accept: / Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://newassets.hcaptcha.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Sec-Fetch-Dest: empty Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:16 UTC	553	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:16 GMT Content-Length: 0 Connection: close Access-Control-Allow-Origin: https://newassets.hcaptcha.com Vary: Origin, Accept-Encoding Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Cache-Control, Content-Type, DNT, Referer, User-Agent Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 934a3092a87797f4-PHX alt-svc: h3=":443"; ma=86400

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:16 UTC	748	OUT	POST /getcaptcha/c48e0666-c564-4dfa-b2d2-4d46de425ef2 HTTP/1.1 Host: api.hcaptcha.com Connection: keep-alive Content-Length: 27776 sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 accept: application/json, application/octet-stream sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" content-type: application/octet-stream sec-ch-ua-mobile: ?0 Origin: https://newassets.hcaptcha.com Sec-Fetch-Site: same-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:16 UTC	16384	OUT	Data Raw: 92 da 02 d6 7b 22 74 79 70 65 22 3a 22 68 73 77 22 2c 22 72 65 71 22 3a 22 65 79 4a 30 65 58 41 69 4f 69 4a 4b 56 31 51 69 4c 43 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 4a 39 2e 65 79 4a 6d 49 6a 6f 77 4c 43 4a 7a 49 6a 6f 79 4c 43 4a 30 49 6a 6f 69 64 79 49 73 49 6d 51 69 4f 69 4a 33 65 47 78 34 5a 6c 52 35 59 6e 6c 76 4d 45 64 7a 61 7a 6c 57 4e 55 59 30 55 6c 5a 4d 51 6a 5a 43 4e 33 5a 70 4d 33 64 71 62 44 64 6d 54 6a 42 6e 53 57 77 76 61 6e 64 43 65 6d 64 36 52 55 68 61 62 30 5a 58 64 31 52 32 63 30 52 4b 62 30 39 58 52 32 78 57 55 7a 67 30 54 46 49 78 55 47 4a 6e 4d 58 68 46 56 30 35 77 62 55 64 35 64 55 74 4b 52 54 68 35 4e 45 6c 51 52 46 46 77 61 58 70 48 52 57 70 52 54 57 56 70 4d 57 45 34 61 32 51 76 61 32 35 49 57 6b 63 32 4d 6e 4e 58 4e Data Ascii: {"type":"hsw","req":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmIjowLCJzIjoyLCJ0IjoidyIsImQiOiJ3eGx4ZlR5YnlvMEdzazlWNUY0UlZMQjZCN3ZpM3dqbDdmTjBnSWwvandCemd6RUhab0ZXd1R2c0RKb09XR2xWUzg0TFIxUGJnMXhFV05wbUd5dUtKRTh5NElQRFFwaXpHRWpRTWVpMWE4a2Qva25IWkc2MnNXN
2025-04-23 03:14:16 UTC	11392	OUT	Data Raw: 62 3a ab 2b 20 c9 d0 d1 89 51 07 d0 56 a3 3e 70 65 b7 43 97 e5 4f 07 f3 c0 56 01 79 ca 19 13 47 9d 55 75 c2 8d 32 59 1f 11 a0 06 23 c8 8f 6b a0 1a 84 1b 47 3a 33 93 8e b5 b8 a7 a5 65 74 6f 52 b3 ab 19 68 b4 13 6e 43 5e 5b ad 73 13 d5 34 8c af f1 4e a3 57 fd a8 96 fe a3 a0 be 11 83 fc cb f1 7e a1 a8 36 9d 95 64 c6 cc e3 68 4e 15 a7 19 76 2c 1a 95 5a b5 69 77 36 9d 15 38 2a a8 c6 16 8a 4a 23 37 3a 03 b6 0d dc 33 46 a1 c3 dc 9a ca 22 1f 96 05 f5 38 58 d0 b5 4c 13 1e 5b 13 4d 99 04 a9 18 54 7c 00 a1 8a cc 53 8a 62 e5 86 58 07 35 d6 73 c5 e6 5e b5 65 e3 0c bd 55 a6 b5 ca 73 f5 da 43 d8 50 59 b5 f4 05 c8 6e e0 9a bf f2 27 e3 73 31 1f 26 0e e2 6f a3 67 9d e1 bf 27 8c 5f 6a 42 c3 8f ce 2b 5e 5f a5 19 67 f9 b2 e7 33 58 67 5e bb c3 58 ab a7 d5 09 b0 53 89 76 ba a8 Data Ascii: b:+ QV>peCOVyGUu2Y#kG:3etoRhnC^[s4NW~6dhNv,Ziw68*J#7:3F"8XL[MT\|SbX5s^eUsCPYn's1&og'_jB+^_g3Xg^XSv
2025-04-23 03:14:17 UTC	597	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:16 GMT Content-Type: application/octet-stream Content-Length: 4159 Connection: close CF-Ray: 934a30956a88d984-PHX CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: https://newassets.hcaptcha.com Set-Cookie: __cflb=0H28vk2VKwPbLoawFj9ote4RZxB9Q78v53zrXRLTBnu; SameSite=Lax; path=/; expires=Wed, 23-Apr-25 03:44:16 GMT; HttpOnly Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Vary: Origin access-control-allow-credentials: true x-content-type-options: nosniff Server: cloudflare alt-svc: h3=":443"; ma=86400
2025-04-23 03:14:17 UTC	772	IN	Data Raw: 25 6d ff 45 db a5 15 26 99 ff f5 ff da fc 97 b7 cc b0 92 89 a9 54 14 3f 01 d6 3d 42 13 8b 3a 28 2a 78 d0 b1 3c 64 50 58 f5 39 27 00 ea 17 b4 78 57 57 ca 54 bc 71 fd 38 5e cb 84 8e 6e d3 7b 93 e4 04 4c 1f 37 b8 41 3a cb 09 09 b7 6e 14 98 84 0c 60 a6 63 8f f9 11 92 d7 27 52 ed b5 d1 d9 13 85 75 88 9b 29 18 bc 97 84 42 98 b3 b9 96 d0 8d 50 eb 93 1f 8e a8 45 fb 10 cd 07 cb 8f 9c 45 8d 1a a6 bf c5 8e 98 5c 8d 96 19 61 dd 4f 37 c5 e6 a9 91 4d 56 2a 0c bf 93 33 cb 39 68 14 e2 b5 bc 16 1a ae ab 6c 8e d7 d1 39 f0 7d 0d 3f ff c8 f6 1d 7f a0 1d b9 d7 dd 3c bf 20 09 93 f7 21 ec 21 67 61 67 73 bc 61 88 b6 98 30 f1 5c 4a 8e 8d 62 37 18 17 a5 a9 27 04 14 b9 d7 bc 16 dc 03 c3 2f 6b 7b c7 65 2b 2b 82 14 e2 19 14 e3 a4 1d 51 b2 21 ed 96 21 e1 bf a6 1d 4c 7d df 9f 5b d6 58 Data Ascii: %mE&T?=B:(x<dPX9'xWWTq8^n{L7A:n`c'Ru)BPEE\aO7MV39hl9}?< !!gagsa0\Jb7'/k{e++Q!!L}[X
2025-04-23 03:14:17 UTC	1369	IN	Data Raw: d9 89 53 ab 62 f7 83 19 21 ed 0e 3f 1a 2d ea e7 1e e3 ef ab 0d 5c 73 00 8c 47 2e c9 8f 40 7a 71 f3 03 0c 85 67 9c ef d2 35 c2 66 44 ad 99 9d 6e df 75 46 1c 08 65 33 7d 48 5a 71 ea 7e f3 6c 26 8b 78 f7 4f 28 ac de 9e c6 6f dc cc 62 f9 6d 72 f8 81 cc b0 24 52 df 4e b4 b7 0e d1 5f 09 9b 36 06 44 52 50 bb e0 a1 c9 dd ea 80 8a 22 df 4e 21 bd 1b 64 4b 48 d9 d6 1f a3 c5 5c 3e b0 19 0b b7 eb 3a 48 b5 38 9f e1 94 69 92 42 d5 42 2b aa 45 ec d7 f7 53 c0 3c 11 40 18 c8 73 2f 7f 4a 91 ef 9f 1f 01 8c 0e 47 d4 c5 67 4c 12 9b 36 83 2c d7 a5 3d f8 74 11 10 4d f4 00 b1 88 fa 3a ba ac cf bc 95 01 6b 10 92 2d 80 23 a2 0b 54 13 c3 80 b2 49 91 49 a7 bd 82 d0 8e 82 b7 1a fa 33 5b 61 19 a8 52 a6 02 a0 d9 7b 80 ed 32 d9 75 61 8c 0e bd 86 83 62 76 cd d4 df dd cf 94 64 8d e4 07 c7 Data Ascii: Sb!?-\sG.@zqg5fDnuFe3}HZq~l&xO(obmr$RN_6DRP"N!dKH\>:H8iBB+ES<@s/JGgL6,=tM:k-#TII3[aR{2uabvd
2025-04-23 03:14:17 UTC	1369	IN	Data Raw: da e9 71 08 8d 60 d6 f8 3f 99 d1 fc a5 4c a0 89 36 96 63 86 b4 bc 2b 1f 2b 92 20 8f a2 a2 cf 53 91 67 5a 52 67 0e 47 4d ba 5e 16 c6 4b eb df 42 86 39 3d 33 e4 a1 66 c1 db 43 68 f5 13 eb 2c d0 c7 89 f6 82 c8 96 eb a2 f9 ca ae 92 52 be 86 ea 81 7f 85 5b b0 c6 53 62 9d 6f 4f 25 da c4 b6 c8 f4 62 ae 94 14 83 e4 52 04 ad 94 a1 0f 12 87 86 7d d6 d5 44 91 b6 8c ed 09 45 3c 10 e1 bf c9 5e 2d 57 bc 50 e2 a3 d4 22 e2 76 69 e8 af 3e 1c a6 86 78 17 9c f0 74 d0 3c 2a 39 d2 c1 60 53 b5 72 0c 06 67 08 a5 1c 4a 4d bf f9 76 09 06 e6 c2 09 89 92 98 5c 34 75 5f 42 93 96 c3 69 ab 81 03 ae 64 d1 e5 70 25 a6 04 d7 0a 46 34 fc fb f4 ec 90 85 c3 59 de 38 0e 8c 36 db be 01 53 f8 8f df f7 96 b1 27 8f 63 fe 65 5e cb 99 2b 03 b2 7e db 6c bb 81 14 cd c3 64 ae 2c a8 7d 28 43 50 5c 28 Data Ascii: q`?L6c++ SgZRgGM^KB9=3fCh,R[SboO%bR}DE<^-WP"vi>xt<*9`SrgJMv\4u_Bidp%F4Y86S'ce^+~ld,}(CP\(
2025-04-23 03:14:17 UTC	649	IN	Data Raw: f6 1b a6 58 95 7e 09 f3 b9 be 7b 89 1d 2a 85 d1 3d 44 07 70 3d a2 c0 89 ed ec 55 9d 6b 9e c4 fa 51 7f 15 86 27 7c 2e ce a7 84 5b b8 82 56 9a b2 33 34 6a 6d e6 45 42 49 00 70 63 63 51 4a 03 fe 67 1e 76 dc f4 53 3e cd 44 66 ae 2d cd 1d 58 03 29 7c ea 2e 98 49 f2 1a c3 47 48 68 07 8d 36 e1 1a 9b 8b 83 dd 95 e0 32 cd ed 63 db d7 69 ed 90 64 69 35 d9 dc 6e 72 9e 4f 08 c2 c6 3c 7b 71 a8 03 2d b5 f5 18 99 2c cd 5d be 56 f7 5d 1f ce dd 34 d8 1f 5e fc 06 f9 42 54 88 3f 2b 4e b3 c3 d5 a8 59 02 53 b8 48 0f f5 03 a7 df 03 ab 00 a1 fe 95 f2 60 98 81 8f 15 e3 46 b0 e3 de 5d 5a 4b 08 99 7b 68 58 15 e9 08 36 31 d7 63 95 3f 66 8b ca 13 9e 9a 25 df 4a e8 5f 74 5e 81 ef dd 2b d5 96 1a 94 df fd 94 b7 ac 4b 69 8a 0d 3e d8 91 92 8f 9e b4 7c 45 24 a6 b5 84 03 a1 f3 62 6f 51 df Data Ascii: X~{*=Dp=UkQ'\|.[V34jmEBIpccQJgvS>Df-X)\|.IGHh62cidi5nrO<{q-,]V]4^BT?+NYSH`F]ZK{hX61c?f%J_t^+Ki>\|E$boQ

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:17 UTC	427	OUT	GET /getcaptcha/c48e0666-c564-4dfa-b2d2-4d46de425ef2 HTTP/1.1 Host: api.hcaptcha.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:17 UTC	535	IN	HTTP/1.1 405 Method Not Allowed Date: Wed, 23 Apr 2025 03:14:17 GMT Content-Type: text/plain Content-Length: 18 Connection: close Vary: Origin, Accept-Encoding Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Cache-Control, Content-Type, DNT, Referer, User-Agent Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 934a309bbc1d598b-PHX alt-svc: h3=":443"; ma=86400
2025-04-23 03:14:17 UTC	18	IN	Data Raw: 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 Data Ascii: Method Not Allowed

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:18 UTC	762	OUT	GET /tip/07e37a9407f2a4657ef9b80162781e7728c98407848b8af26303c897abbf0dc2/dc2464dd72909bf286e29f63f6758de34976daae949fe096dc6d67f9613ec55b.jpeg HTTP/1.1 Host: imgs3.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:18 UTC	500	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:18 GMT Content-Type: image/jpeg Content-Length: 4961 Connection: close Alt-Svc: h3=":443"; ma=86400 Cache-Control: public, max-age=86400 Cf-Bgj: h2pri Vary: Origin CF-Cache-Status: REVALIDATED Expires: Thu, 24 Apr 2025 03:14:18 GMT Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Access-Control-Allow-Origin: * Server: cloudflare CF-RAY: 934a30a1095d5529-PHX
2025-04-23 03:14:18 UTC	869	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 80 00 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1AQa"q2
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: 07 dc 35 52 d3 c5 17 da 54 c9 6e 34 79 19 7c bd ec 4a e3 75 75 e1 92 bf bc 8c dc 9f 44 75 10 68 56 f6 50 1b b9 26 7b 97 51 99 16 5f e8 3b 54 22 f2 7d 66 52 6d 9c c3 67 17 03 1f c4 6b 9f 9b 58 b9 b9 d4 a6 9a e6 de 5b 68 b0 a9 24 4e 4f c9 91 9c 8f 5a d1 b1 d4 b4 d0 ad a7 42 fe 52 2b 02 1d ce 3c cc f7 1f 8d 69 5e a3 8f bb 0d 0c 25 1d 36 20 bf d3 da 19 4b fd a9 bc f6 cf dd 3d 45 49 e1 3b 29 e7 bb 7b af 35 be 5f 97 69 35 2d e5 bc d3 eb 31 43 0a 0c ec 24 31 3d 6b a5 d0 34 56 d3 56 59 25 20 c9 29 c9 03 a0 ab a3 52 6d 6a 56 1d a5 ab 2e 2c 2f 9d cc cc 3d 81 ab 31 c4 71 f7 98 7e 35 38 4e 79 a6 b1 c1 c7 6a e8 e6 73 56 29 ab 4b 9d 90 b0 98 1e 18 9f c6 a3 79 5c 0c 6f 75 3f 5c d5 9c 7d 69 8e 81 81 35 a4 52 43 e7 6f 73 96 d5 6d 22 d5 56 52 24 09 24 52 31 23 d7 9a e4 ee Data Ascii: 5RTn4y\|JuuDuhVP&{Q_;T"}fRmgkX[h$NOZBR+<i^%6 K=EI;){5_i5-1C$1=k4VVY% )RmjV.,/=1q~58NyjsV)Ky\ou?\}i5RCosm"VR$$R1#
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: 24 6e 5b 18 63 82 7d c5 6b 6b d2 c5 6d a3 11 2a 16 5e 14 63 de a8 ea d0 09 64 d2 ee 99 4c 4d 19 c9 65 5e 36 81 d2 b3 35 19 66 f1 13 45 6d 66 d2 32 23 6e 76 1d bf fd 54 57 87 b3 7a 97 46 7e d1 59 16 7c 31 a7 47 71 aa 4f 71 e5 6d 85 f0 a0 96 c1 20 0a e8 ee e5 b4 d2 6c 24 b6 69 c2 86 c9 3b 48 ca fe 06 b3 57 4b 9f 4c b0 31 d9 1c cb 8c 06 7e 95 f3 f7 8d f5 4d 7d b5 90 9a a3 b4 71 bb b0 f2 e3 24 0c 03 8e bf 85 14 e3 ed 1d 91 75 23 c8 b9 9e a8 f7 0d 02 3b d1 aa 2a 45 34 37 16 79 2e 92 0f e4 6b ae 92 06 9e 40 6e 1d 48 53 95 0b da bc 83 e1 8e ad 14 ba c5 c5 bd b4 05 2c 4c 01 91 1e 42 48 6e 86 bd 2a ea f2 08 10 4a b0 39 20 f4 56 a5 56 2d 7b a4 42 4a 5a 9a 51 c7 72 26 df 1a c6 e8 78 3b ab 91 bc ba bd 9b 56 9b 75 ba 43 14 6f 8d cc f8 0d 8a e8 20 b8 81 f6 10 92 23 30 Data Ascii: $n[c}kkm^cdLMe^65fEmf2#nvTWzF~Y\|1GqOqm l$i;HWKL1~M}q$u#;E47y.k@nHS,LBHn*J9 VV-{BJZQr&x;VuCo #0
2025-04-23 03:14:18 UTC	1354	IN	Data Raw: 76 1e cb cd 60 aa 32 57 e6 38 fc 73 da bc fd 61 9e 08 59 3c 33 24 f1 23 27 f1 e4 46 bf 45 34 b6 9a 5e b7 a8 58 c4 35 1b c9 ee c2 b1 26 22 3c b8 8f 18 e7 1d 6a 15 b7 97 51 4e 3c c9 3e c6 d6 91 ac 0b 8d 52 fa ff 00 88 ec 0c 63 6b ee ca b8 5e ad fe 15 5b 58 d5 26 d7 f4 75 bb d3 16 45 b1 46 dd b9 79 79 0f 6f a0 ad 08 3c 26 f7 76 61 b5 17 06 30 9b 12 d2 35 c4 48 a7 b6 de f5 b7 f6 04 4d 18 59 45 1a 2c 5c a8 55 18 f5 ab 51 4d dd 19 39 24 b4 33 ee e7 59 3c 35 22 2b 23 7e ef 24 20 c6 38 fd 6b cf 74 33 1d 9e b5 14 e5 37 60 9e 0d 74 1a 74 a9 6d a5 5f 69 cf 31 cd bb 32 46 a7 ae df 4a e5 62 b8 8e 0b c8 b7 10 06 fa da ae e8 e7 4d de c8 f4 ed 41 2f b5 1d 2a e0 c6 42 a8 43 df 00 57 19 f0 f6 f2 58 75 db 8b 2b ae 4f 4c fe 35 d8 c3 77 66 d6 32 45 e6 b1 56 4d c3 0d 8c f1 5c Data Ascii: v`2W8saY<3$#'FE4^X5&"<jQN<>Rck^[X&uEFyyo<&va05HMYE,\UQM9$3Y<5"+#~$ 8kt37`ttm_i12FJbMA/*BCWXu+OL5wf2EVM\

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:18 UTC	762	OUT	GET /tip/1ee540724008c994b5f68319dfaecb9fdbaab03a3a51e171138ca7f0b62adc73/4ca34ea8c954a5845c28ebe83c278da7b9480c45a71936a473f947ee2368f6a1.jpeg HTTP/1.1 Host: imgs3.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:18 UTC	500	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:18 GMT Content-Type: image/jpeg Content-Length: 4559 Connection: close Alt-Svc: h3=":443"; ma=86400 Cache-Control: public, max-age=86400 Cf-Bgj: h2pri Vary: Origin CF-Cache-Status: REVALIDATED Expires: Thu, 24 Apr 2025 03:14:18 GMT Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Access-Control-Allow-Origin: * Server: cloudflare CF-RAY: 934a30a1087c5a87-PHX
2025-04-23 03:14:18 UTC	869	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 80 00 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1AQa"q2
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: 6d 71 c8 71 91 f3 0a ab 1f 8c f4 eb 34 16 ad 70 99 8f e5 c2 e4 ff 00 2a 5d 4c e4 d3 d8 de bc 09 1b 64 74 ef 59 cb a8 c6 f2 ba 20 e9 d0 d5 b1 7b 6d a8 e9 e6 5b 69 22 94 e3 38 06 b0 63 f2 e3 2e 59 82 90 7b 52 af 52 56 e5 45 d3 a9 ca b5 5a 9d 15 84 f0 cc df 3e 04 be 86 ae dd 2a 88 09 e3 a7 15 ce 69 ab e6 5d 2c 84 f3 9e 2b a1 bb cb c4 00 e7 27 a6 6b 2a 7c f3 8f bc 4b 9b 5e f7 53 26 5b 09 4e 1b ed 0c 01 e7 00 d5 7f 2e 1e 63 91 77 9f 5c 73 5b 46 3d a7 6b ba 81 8e 2a 9d c4 01 54 b4 6c 0b 7b 8a ed 83 4b 42 63 52 57 f7 cd 39 17 ce 2f b5 b6 c8 ac 71 ef 59 c2 2b 89 a6 68 a5 3e 4e 7f 89 47 5a bc db 24 32 6e 6d 8e 09 c3 54 4a e1 a2 f2 7c cf 36 4d dd 47 6a 52 8f be ae 38 7c 37 23 ba b7 cc 22 14 93 11 c3 f3 30 3d 4d 54 da ae c2 f2 39 42 a3 2e d3 91 fc ab 46 f1 18 c9 f2 Data Ascii: mqq4p]LdtY {m[i"8c.Y{RRVEZ>i],+'k\|K^S&[N.cw\s[F=kTl{KBcRW9/qY+h>NGZ$2nmTJ\|6MGjR8\|7#"0=MT9B.F
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: f4 15 94 d3 59 69 96 92 39 95 5e 2e e3 d0 54 1e 25 8a 0b ad 6e c6 04 3b 9e dc b4 ae bd 94 76 cd 31 a2 42 fb 5d 01 47 1b 4e 47 ad 5d 1b 4b 63 4a b4 f9 15 d9 5e 6d 1f 4a bd 09 3c 37 6a 88 4e f0 36 83 f9 66 bb 6f 08 db d8 5b 69 e0 c7 72 b2 cc cc 77 93 8c e7 3d 2b 82 d2 e5 6b 26 92 d6 6d 86 15 62 aa ee bc 2f d7 f4 ad 36 36 f2 29 91 6e ed a0 63 83 95 72 a0 8f 5f 4e 95 ac 96 87 32 68 d9 d5 cd a6 a5 ab 4d 2c 77 b1 84 55 f2 8f 42 18 f7 ae 7e e3 42 de 7c 91 ab 01 6c 48 26 3c 55 a8 af ac 96 28 d6 26 d3 44 5c aa b7 6c 81 eb 9f 5e 2b 8e bf f1 e6 97 1e b1 26 9f 7b 0b c5 b1 b0 1d 13 08 df 4f 6a 95 b6 a5 2e c8 eb 92 58 2d e6 16 e9 3d b3 28 18 e9 ce 29 f7 76 b1 5e da b4 13 41 04 b1 bf 04 63 a5 73 e2 eb 4c ba 58 ee 2d 6f 6d d8 0f e1 56 19 fc 6b 4f fb 7a ca de dc 05 93 ed Data Ascii: Yi9^.T%n;v1B]GNG]KcJ^mJ<7jN6fo[irw=+k&mb/66)ncr_N2hM,wUB~B\|lH&<U(&D\l^+&{Oj.X-=()v^AcsLX-omVkOz
2025-04-23 03:14:18 UTC	952	IN	Data Raw: 03 9d f2 fa 7d 05 6f 69 af 14 71 6d 24 02 3e 5c 01 d2 ab db a4 3a 6d 82 41 14 9b 98 64 93 d4 b1 f5 3e f4 cb 48 9d a7 2e e8 76 6e cf 3d 2b b2 3e ec 0e 48 54 94 e6 f9 b6 66 a5 d0 53 f3 ed 07 68 fa 8e 6a ad a2 c4 f1 ec 2b 8c 36 41 c7 7f 4a 8e fe ec b3 98 d3 00 63 07 de b0 ae 35 03 a7 df da 00 fc 17 c1 07 be 6b a2 14 db 5c e2 9b 56 e5 ea 76 07 03 e9 55 2e 6e 84 20 90 6a 55 9d 5e 16 61 d4 56 60 b7 92 f2 46 cf ca bd 89 f5 ae 08 c3 9a 6c 99 26 ec 88 e3 17 fa 93 49 f6 4b 67 95 63 fb d8 ac 8f 12 b4 df d9 6f 09 0e 93 c6 c0 84 61 82 71 db f4 ae f7 c1 d1 cb 6f 63 74 8a 50 48 25 3b c3 1c 63 d2 af df 66 ed 9a 29 e2 b5 70 30 46 ec 13 f8 57 4e ca cb 62 e2 92 d8 e0 34 59 66 96 c6 09 62 46 74 78 cb 67 1d 80 aa 9a 25 cb 3e 8e d6 f7 28 e2 37 dc 87 72 fd dc f4 cd 7a 46 97 a5 Data Ascii: }oiqm$>\:mAd>H.vn=+>HTfShj+6AJc5k\VvU.n jU^aV`Fl&IKgcoaqoctPH%;cf)p0FWNb4YfbFtxg%>(7rzF

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:18 UTC	762	OUT	GET /tip/2ba69f39129565ec9c2a8e7bcc311a1e2735c9ef1ad1e562ad9a8b0de4f3c676/0e55d068eb1e35c753d55209773bba986002668e6527fc891dc2bcd769a774db.jpeg HTTP/1.1 Host: imgs3.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:18 UTC	500	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:18 GMT Content-Type: image/jpeg Content-Length: 4982 Connection: close Alt-Svc: h3=":443"; ma=86400 Cache-Control: public, max-age=86400 Cf-Bgj: h2pri Vary: Origin CF-Cache-Status: REVALIDATED Expires: Thu, 24 Apr 2025 03:14:18 GMT Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Access-Control-Allow-Origin: * Server: cloudflare CF-RAY: 934a30a10b337244-PHX
2025-04-23 03:14:18 UTC	869	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 80 00 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1AQa"q2
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: 9a 74 db ed 4a 24 37 37 f3 44 07 2c 91 1d b9 fc 6b de 8c ad 1d 45 cb 25 3b c4 dc 31 c6 62 c2 ed 2c 41 c3 13 c0 35 1c b6 f9 0b 99 4a e0 e4 88 fb d6 6c 5a 55 ac 4a b0 b4 72 ec c6 09 59 0f 3e f8 ab 93 69 11 5c c3 b2 2b a9 a2 07 ba b7 34 27 6d 8a 6b 99 fb c5 af 29 1d 70 23 cf bb 9f e5 50 4b 23 40 c5 19 f2 a5 7a 9a a7 71 06 b1 66 31 0b db cf 02 8e b2 02 1f 1f 5e 94 96 d7 57 37 81 5a 33 1c 8a 79 db e9 5b 47 de 57 32 7b 9a ac 43 0c c7 2b 2a 80 08 55 a5 6c 09 0f a9 03 35 58 41 3b 32 a1 70 ad 11 ce 54 7d e5 f4 ab 51 c4 25 05 89 65 6c f4 35 92 d1 95 25 74 23 61 40 1c fe 5d 6a 38 4b 79 e7 8e 09 cf de a7 3c 52 a1 27 19 1f ec d4 3f 6e b6 80 7e fa 45 42 be f8 3f 95 56 96 b8 af ca 8f 3e ba d7 e3 d8 d1 48 a6 48 59 30 a5 3a 86 c9 fd 2b 9f d0 b4 9b ed 5f 59 96 e5 98 c4 91 Data Ascii: tJ$77D,kE%;1b,A5JlZUJrY>i\+4'mk)p#PK#@zqf1^W7Z3y[GW2{C+*Ul5XA;2pT}Q%el5%t#a@]j8Ky<R'?n~EB?V>HHY0:+_Y
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: ad 5f cb 84 17 41 95 76 38 3f cc 55 38 24 8e e6 ea e2 19 88 95 24 88 12 31 c1 15 74 2b ce 71 b2 d9 1d d4 29 da 0e 52 dc e9 ac 35 08 2f 0c 97 10 de 89 37 e1 d5 14 e4 8c f6 c5 5f 8e f6 27 99 90 45 26 e4 fb db c1 af 30 f0 87 86 ed f5 9d 63 50 92 00 f1 5a 5b 12 a8 11 88 2c e0 f6 3d ab 75 f5 5b df 0e db ed d6 2e 16 78 14 7c 92 ae 4c a0 7a 30 fe 2f a8 af 41 2d ae 4f 5e e7 63 ab c9 22 69 53 3a a4 60 ba ed 50 c7 a9 35 26 97 64 b6 5a 75 bd bb c2 22 60 a0 36 3a 13 5c 9a 5f a7 89 35 2b 5b a6 95 85 ac 78 f2 62 e4 6e 3e ac 2b b4 96 61 0d 82 9b 83 86 ce 14 1e a6 aa c9 91 a9 47 52 b0 b3 fb 33 cb 77 1a 00 4e 15 40 e4 9a a1 a4 78 7a c7 4c f3 6e e0 45 17 73 72 c5 87 38 f4 15 b9 79 6f f6 a8 a2 cb 2e f8 c0 62 a4 f5 ae 46 ef c6 1b 2f e5 b1 d6 34 c9 ec ed 73 88 6e c2 92 0f d7 Data Ascii: _Av8?U8$$1t+q)R5/7_'E&0cPZ[,=u[.x\|Lz0/A-O^c"iS:`P5&dZu"`6:\_5+[xbn>+aGR3wN@xzLnEsr8yo.bF/4sn
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: db de 87 3f 75 92 a9 ea 74 fa 4c 2a b6 67 50 b9 22 69 a4 e5 40 19 23 e9 59 de 2f bf b9 87 41 16 be 52 6f ba 91 50 6e e3 03 a9 35 ab 65 6b 72 c9 1a ca 05 b8 8f 1b 52 26 ea 2b 1b c4 8a 2f 7c 49 68 36 17 16 d1 16 71 e9 cd 45 35 2e 57 74 13 57 56 4c e1 5e d0 88 0a cb 75 26 f9 5f 02 2e c3 dc d5 69 34 db ab 6b d7 4b 6f de c4 0e 77 86 e7 3d c5 77 93 69 da 7d fb 94 58 5e 21 8c b3 11 de aa 9b 7b 3b 72 20 0d 2b 63 80 11 09 cd 73 ce 15 2d 64 8c e8 d0 70 7c cc ce 99 75 4d 4f 4f 8a de 07 5b 71 1a ed c0 3c 9a c3 93 c2 97 b6 b2 99 0c c1 9c f4 2e 7b fa 57 5c 31 09 06 1b 3b 92 c3 fb c3 15 34 3a 95 95 da ec bb b6 78 9b 38 e5 bb d4 42 8d 41 d6 84 e9 be 78 9a 02 e2 ee c7 0a 8c 27 2c 7b b0 18 e7 1f d2 9b 2c 97 57 3a ad 8a 34 51 88 c3 16 70 a7 a5 73 69 69 76 2e 3c bf ec 99 18 Data Ascii: ?utL*gP"i@#Y/ARoPn5ekrR&+/\|Ih6qE5.WtWVL^u&_.i4kKow=wi}X^!{;r +cs-dp\|uMOO[q<.{W\1;4:x8BAx',{,W:4Qpsiiv.<
2025-04-23 03:14:18 UTC	6	IN	Data Raw: 4a 56 ea 7f ff d9 Data Ascii: JV

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:18 UTC	762	OUT	GET /tip/1c903d2a8df53b68af50ac98ac46a405b2c398c17e90298cc7560cd39b95ef46/c5cb0d0dbbe3200c19a2fb872bcaabc5de7b2faaf1d7458fe087d39b47da6548.jpeg HTTP/1.1 Host: imgs3.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:18 UTC	500	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:18 GMT Content-Type: image/jpeg Content-Length: 4978 Connection: close Alt-Svc: h3=":443"; ma=86400 Cache-Control: public, max-age=86400 Cf-Bgj: h2pri Vary: Origin CF-Cache-Status: REVALIDATED Expires: Thu, 24 Apr 2025 03:14:18 GMT Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Access-Control-Allow-Origin: * Server: cloudflare CF-RAY: 934a30a1095f1937-PHX
2025-04-23 03:14:18 UTC	869	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 80 00 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1AQa"q2
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: 72 f9 cb 31 c0 f6 21 ea ac 77 10 5b ed df 3a 31 ed b0 1c 67 ff 00 65 35 d6 5c 69 96 b7 30 34 2f 1a 94 2c 19 87 38 27 d4 83 cd 73 fa af 87 36 cd 25 c4 0a 59 dd 82 a4 43 a2 8e e0 ff 00 31 4b 95 37 70 84 d2 f7 59 9f e7 c6 09 09 11 60 e7 92 4f de 3e 86 bb 1b 03 9b 08 fd d7 9f a7 f8 7b 57 0d 10 f2 5e 48 26 6d d3 46 db 19 87 42 31 9c fe 5c 57 71 a5 31 3a 5c 2c 7e fb 80 79 ed 91 9f d0 53 8b d6 c3 a8 95 ae 99 cb f8 8d 15 a6 8a 27 67 72 49 f9 00 27 ff 00 1d 1c 0f c6 b3 16 d6 13 b7 fd 14 0c 0c f1 10 fe 87 35 af ae a2 99 e3 dc 3e 52 c4 e0 e4 f5 ee 7d 49 f4 aa 41 12 31 93 16 dd dd cc 60 7e a3 91 50 da 4e c7 45 2f 82 fa 0d 48 b6 80 d1 36 e0 0f 42 73 8f a1 ea 3f 1a ec 34 89 95 da 23 b8 65 88 18 3d cf f4 35 ca 48 92 46 cc 19 48 93 1d 0f 53 df 07 d7 23 a1 ae 8f 47 d3 cc Data Ascii: r1!w[:1ge5\i04/,8's6%YC1K7pY`O>{W^H&mFB1\Wq1:\,~yS'grI'5>R}IA1`~PNE/H6Bs?4#e=5HFHS#G
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: db 7a bf 38 11 93 8f c4 9a b9 7f a5 ad d3 ac 91 c8 61 94 75 28 b8 2c 3d c1 ea 2b 32 29 1a 66 12 45 2c 13 92 38 25 72 c4 76 3c 90 07 b0 ad 1d 3a 79 84 d2 45 36 40 54 dc 07 d3 ae 3d 08 f4 ab 85 44 dd ac 67 52 9c 92 e6 6c e6 ef 75 a9 34 ad 51 6d 2f 80 58 82 86 49 93 90 3f fa d5 b1 63 a9 ab 4a 50 e3 69 39 57 ce 41 e3 af d0 56 7d cd 98 d6 e7 ba 79 20 f2 d9 55 93 70 5c e5 94 e0 f3 ee 0d 72 af 36 a1 e1 dc 5a c8 ff 00 ba 59 bc 9d ec b9 18 c9 3f a8 14 4d 24 ec 85 17 75 a9 e8 77 bb 2e 2c 26 76 e4 04 dc a0 8c 90 7b 7e 26 ad 59 48 d2 d9 c3 26 31 b9 01 38 23 8f ab 1f e9 5c 7c 1e 23 4b bb 29 22 08 56 79 14 2a b0 39 4c be 49 39 ed 85 15 d3 58 4e 45 bc 51 28 c0 54 5c 11 db 23 20 0c f4 e3 92 6a 5f ba 8a 71 6d d9 17 e4 00 2e 1b 0c 3b e7 0f ff 00 d7 aa 70 db c6 82 56 8d 44 Data Ascii: z8au(,=+2)fE,8%rv<:yE6@T=DgRlu4Qm/XI?cJPi9WAV}y Up\r6ZY?M$uw.,&v{~&YH&18#\\|#K)"Vy*9LI9XNEQ(T\# j_qm.;pVD
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: d2 6c 1a 6d 68 75 70 2a 81 c6 70 df 37 d3 d8 56 5f 88 24 5b 58 a1 9d 95 5f 12 80 7d 71 ea 2a 4d 2e f2 7b eb 30 67 8d a2 2d 93 91 d4 ff 00 81 aa 7e 23 76 f3 2d 62 f2 d5 8b 38 5f 99 b1 f8 7d 2a e3 b5 cc da e8 6d e9 d3 c7 35 ba bc 2f 94 3f c4 bc 7e 75 73 70 e9 e6 a9 f7 db 5c c8 75 d2 75 68 e5 91 f6 db cc bb 54 01 c0 3e be c3 de ba 1f b6 c3 b7 77 98 99 ff 00 7b 35 a2 bb 27 62 5c 02 d9 ce 7d fa fe 95 4d 89 5b f1 c7 6e 3f c7 de a5 6b eb 6c 8d d2 28 27 a1 07 fa d5 43 75 1c 97 d1 aa fc d9 04 f1 df ff 00 af 46 c0 d6 84 53 c5 1c 3a 8f 98 13 09 e6 30 2f 8e fd 49 fe 42 a5 bd bd 53 11 89 62 73 d0 60 0c 64 e3 38 fa 01 d6 aa 6a 5a 80 8e 69 20 8d 49 7f 31 f3 9e 9f eb 7f c2 aa 1d 56 e6 e4 95 74 44 c8 20 9f ac 98 3f a0 15 3c f1 5a 9a 46 9c 9a 45 0d 1c 8f 3a e3 9e bb 88 1c Data Ascii: lmhupp7V_$[X_}qM.{0g-~#v-b8_}*m5/?~usp\uuhT>w{5'b\}M[n?kl('CuFS:0/IBSbs`d8jZi I1VtD ?<ZFE:
2025-04-23 03:14:18 UTC	2	IN	Data Raw: ff d9 Data Ascii:

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:18 UTC	762	OUT	GET /tip/ef2eccdeda2150e6f4ba64c5ce408f9d481f196f6a4728fc880adef948b02854/b6688f7c35005d7708000197607b203e2a24aed502984f5ade699f0761c7d190.jpeg HTTP/1.1 Host: imgs3.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:18 UTC	500	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:18 GMT Content-Type: image/jpeg Content-Length: 4615 Connection: close Alt-Svc: h3=":443"; ma=86400 Cache-Control: public, max-age=86400 Cf-Bgj: h2pri Vary: Origin CF-Cache-Status: REVALIDATED Expires: Thu, 24 Apr 2025 03:14:18 GMT Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Access-Control-Allow-Origin: * Server: cloudflare CF-RAY: 934a30a10e956cce-PHX
2025-04-23 03:14:18 UTC	869	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 80 00 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1AQa"q2
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: aa 07 43 b3 31 14 44 f2 d8 8c ef 4e 09 3e a3 fa 8a cb 3a 35 ee 99 7e d7 56 77 2f 22 3e 47 d9 d8 f0 be e3 fc 28 dd 01 d1 b2 8d c1 b9 cf 41 ff 00 d6 aa cf fb d2 73 f7 01 c1 c7 7f 61 ed 55 62 d4 89 75 82 ec 08 25 3e fc 37 d2 ad 4a 7c c0 ca a3 e5 ce 3e be df 4a 4e 2d ee 38 ab 0e b8 fd e4 03 a6 d1 f9 7f fa aa b4 80 2c c9 93 8e 32 03 1e bf 4f 43 56 e5 25 6d c6 dc 16 fd 3e b5 9f 71 08 92 55 c1 f9 b1 ce 4f de fa fa 1a ca 73 b6 c6 b4 e3 7d c7 f9 a8 d2 0d ee a7 27 2b 8e 32 7d bd 0f b5 4d 04 eb f6 b8 50 94 e5 c6 0f 66 fa 7a 1f 6a a5 e4 47 27 56 c9 3c 1c f1 9f f0 35 35 b4 48 b7 30 ee 60 df bc 52 09 ee 41 fd 0d 3e 6b ea 87 28 ae a6 3e a9 ac 49 67 2a 2a a8 6d f1 ee fa 0f 41 ef eb 59 c3 c4 b2 ef da 62 8f 1b 41 c0 fe 21 e8 3d ab 47 57 d1 26 d4 e5 8e 7b 66 18 03 91 d3 3f Data Ascii: C1DN>:5~Vw/">G(AsaUbu%>7J\|>JN-8,2OCV%m>qUOs}'+2}MPfzjG'V<55H0`RA>k(>Ig**mAYbA!=GW&{f?
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: 3a 0c e3 1f fd 7a 71 c8 18 3c 83 d0 fa ff 00 f5 e9 29 3e a3 69 74 30 7c 2c c0 58 c9 6e 6e 3c d9 51 ce 47 a7 d2 ae 5e 2d bd ad a6 67 8d 26 24 f0 36 e7 24 f6 ae 66 59 85 9e b6 2f 74 e3 98 92 4c 5d 8c 60 7d 7d 9a ba 5d 4b 52 b5 6d 3c dc a3 2c fb 70 76 a9 00 fd 3e b5 56 b9 9b d1 8f b1 b1 95 1c 4b 20 44 c8 e1 10 74 f6 ad 75 1c 6e 27 de b3 34 fd 46 cf 54 89 56 29 d0 be 01 64 46 e9 ed f4 ad 01 80 00 1f 73 ae 4f 7f 73 ed 54 dd 95 90 6e 49 90 e3 20 e4 ff 00 3a 81 20 85 26 69 0a 00 ed d5 aa 6c 86 f9 94 e4 f4 e4 63 f3 aa ba 85 bb 5e da 98 56 66 84 b9 da 48 ea 7d a8 4f a3 15 bb 13 ef c3 15 cf 1e bd bf 1a a1 a8 df 5a da da c8 d7 4c a1 71 f7 0f 24 fe 1e b5 44 e8 41 63 0b fd a5 72 aa 7a 12 fe 9e be b5 4c a6 95 05 c0 16 c5 af ef 8a 92 bb 9f 7e df f6 8f 6c d4 8f 43 98 d1 Data Ascii: :zq<)>it0\|,Xnn<QG^-g&$6$fY/tL]`}}]KRm<,pv>VK Dtun'4FTV)dFsOsTnI : &ilc^VfH}OZLq$DAcrzL~lC
2025-04-23 03:14:18 UTC	1008	IN	Data Raw: ad 09 9c 86 64 51 d0 13 c7 7f 6a 84 47 21 ce ee 80 03 81 df ff 00 ad 55 b2 b9 09 df 43 3b 5c 58 6d b4 2b b7 3d 04 44 92 07 eb 4d d1 0a 0f 0d db 1b 7c c8 a6 31 8d df d6 9d e2 38 0c da 24 d6 e3 93 30 da 4f d6 b9 af 04 eb 89 67 a4 4d a7 df 4b fe 93 68 e5 36 1e b8 ec 2a 6e ef 76 0c 9a e2 f3 fb 2b 5b 8a e2 40 eb 0c bf 24 8c 57 38 f4 07 db de bb 18 c2 88 86 1b 20 f2 0b 75 fc 4f 7a e2 bc 41 ab 2d c5 bb ac 96 db 63 db c3 0e 48 3e 95 37 83 3c 46 9a e5 a4 ba 6c d2 06 b8 b6 e3 2b d0 8a a5 66 0f cc eb 1e 28 e4 5d 80 02 3a 96 ff 00 3d eb 81 d7 bc bd 03 c4 f6 92 c9 08 16 37 07 6b 91 d8 f5 1f 8f a9 ae fa 29 61 50 21 87 27 1d 0f bf 7f c6 b9 9f 1e 69 90 5e e8 6d 2c cb b9 60 60 e0 7f b2 3a 8f ad 4c dd b6 2a 3a 92 ea 1e 2c b1 b2 d2 e4 bd b7 9c 5c 91 c2 c7 18 e8 7d 07 a8 f5 Data Ascii: dQjG!UC;\Xm+=DM\|18$0OgMKh6nv+[@$W8 uOzA-cH>7<Fl+f(]:=7k)aP!'i^m,``:L:,\}

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:18 UTC	762	OUT	GET /tip/0dbca55077fcc7d33ef86fa77644542c67d24cddb39f59b3491fb24e1f330890/a719fa298922c2580770d3e2af32b9d63002d0fed8ef5c3808faf68ccfd85b6f.jpeg HTTP/1.1 Host: imgs3.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:18 UTC	500	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:18 GMT Content-Type: image/jpeg Content-Length: 4533 Connection: close Alt-Svc: h3=":443"; ma=86400 Cache-Control: public, max-age=86400 Cf-Bgj: h2pri Vary: Origin CF-Cache-Status: REVALIDATED Expires: Thu, 24 Apr 2025 03:14:18 GMT Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Access-Control-Allow-Origin: * Server: cloudflare CF-RAY: 934a30a13fd5f7d3-LAX
2025-04-23 03:14:18 UTC	869	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 80 00 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1AQa"q2
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: 35 9b 71 a5 6b 17 ac a5 e7 5b 61 d8 3c 83 9f c3 15 8d 6a 0e 53 f2 15 9d f4 20 6d 4c 79 bb d6 f4 81 e9 e6 c7 fe 14 a9 ad 85 70 0d f3 63 3f df 53 58 7a 9e 89 ac db dd 00 f3 79 ca c7 00 45 28 ff 00 0a bf 6f a7 40 11 62 b9 f3 63 97 af ef 00 20 fe 38 a8 95 18 c7 7f d4 9b 4f 7f d4 b3 7b 7d 77 23 86 b7 be 97 00 64 63 a1 fc ab 72 c4 dd 95 21 ae a4 1d 00 18 2d db eb 55 a3 b0 b7 b7 b6 21 15 4e 09 c1 ab bb 95 16 6c f4 ff 00 eb 57 24 a6 ae 92 ec 54 63 d5 8a f2 dd 5b 96 2d 7d 29 cf 45 d8 7f f8 aa e7 ef 35 7d 6e 2b 80 cb 75 22 c5 9e 3e 46 ff 00 1a d4 74 b6 90 6f 68 61 c8 e0 0f 28 13 d3 eb 59 1a a5 ca 18 19 05 ba 02 3a 7e eb ff 00 af 5a 52 93 be ff 00 98 9d ed b1 b5 69 ae 5d 48 aa af 72 37 9f f6 4d 5c 93 54 ba 8d 0b 7d a6 3f c4 1f f0 ae 67 47 b7 8a 6b 43 23 04 df d7 3b Data Ascii: 5qk[a<jS mLypc?SXzyE(o@bc 8O{}w#dcr!-U!NlW$Tc[-})E5}n+u">Ftoha(Y:~ZRi]Hr7M\T}?gGkC#;
2025-04-23 03:14:18 UTC	1369	IN	Data Raw: ad 93 82 6a c2 1b 98 90 67 23 0b 8f bc d5 a7 63 7b 04 52 2e f0 a0 30 19 24 9c e7 19 ad ff 00 2a 2d bb b6 03 90 7a 1c 82 31 5a 46 a3 6a f6 3a 63 55 3f f8 73 c6 8f 83 5a fb c4 51 df 1b c7 85 24 94 89 57 71 c1 e3 3d eb d8 ec a3 16 d1 2c 11 fd c4 0a a3 e9 8a a7 75 a2 da de 10 e5 30 e1 b2 31 c6 4e da cf b9 8d f4 e5 95 c4 b3 a2 2c 8a 08 07 3d ab b1 4d 58 e6 92 d4 e9 18 09 1c ae 46 40 18 14 18 a4 db 85 72 0f ae 45 71 30 6a da 71 d4 44 ed 35 d8 9a 22 bb b2 7e 53 c7 71 5d 4d 8e a2 6f a4 63 1c a8 c9 b4 15 54 23 3c fa d6 8d d8 35 6c ba 04 8a 42 92 c4 fa f1 4c b8 f3 56 26 2a db 4e 3a 91 c5 3a 59 d2 38 f2 f2 6d f4 24 8e b5 cf 5d eb 13 5d ca 6d 6d 31 24 a4 8c 91 d3 18 a6 a5 ad 84 d3 b1 7b 4e 97 cc 43 23 05 c1 70 41 1d 2b 2f 55 ba ff 00 89 8c 07 00 14 38 c9 e8 09 35 66 Data Ascii: jg#c{R.0$-z1ZFj:cU?sZQ$Wq=,u01N,=MXF@rEq0jqD5"~Sq]MocT#<5lBLV&N::Y8m$]]mm1${NC#pA+/U85f
2025-04-23 03:14:18 UTC	926	IN	Data Raw: 8b 7f 6d 91 49 1e 6a f1 c7 de 3f e1 51 a6 a5 2b 16 04 bf 00 10 54 ee 07 9c 7a 52 8f 3e 4d 43 0d 6f b2 10 4f cc 7e b5 79 5a 03 b9 61 28 64 03 91 dc 73 58 f2 ca d7 e6 35 bd 9e c6 63 a0 d4 90 44 fe 60 c1 27 38 ff 00 6a 92 d2 dd 20 b5 11 85 72 03 48 46 6b 56 cf ce 0d fb e0 80 60 f4 fa d2 99 23 44 f9 b1 fc 5c 56 d2 a4 dc ef 7d 6e 64 9e 89 15 3c 3e 77 d9 4a 30 b8 12 b8 03 d2 9b ab c3 0c d6 f2 ab db 89 00 e3 3b 07 5f c4 d4 ba 45 bc 96 c9 39 29 8f 32 56 7e 0d 41 7e ce f0 4c 30 15 89 6c 6e c7 f5 ae cd 52 4a e4 c5 26 cf 3a 83 59 b6 8b 52 7d 26 58 8f 9a ad 88 d8 a0 e8 4f 4e b5 ea 96 16 cb 6b 64 91 a8 00 aa e0 e0 63 35 c8 47 e1 bb 16 16 53 48 88 d7 51 b9 94 b2 e3 3f 8e 2b b6 56 43 1f 04 74 a5 19 37 7d 45 2d 84 9a 4f f4 9d 98 3c a3 73 5c 57 8c 75 98 ec de de cd 65 29 Data Ascii: mIj?Q+TzR>MCoO~yZa(dsX5cD`'8j rHFkV`#D\V}nd<>wJ0;_E9)2V~A~L0lnRJ&:YR}&XONkdc5GSHQ?+VCt7}E-O<s\Wue)

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://couvaticrespt.com/access?email=test@microsoft.com

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Windows Analysis Report
https://couvaticrespt.com/access?email=test@microsoft.com

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:18 UTC	762	OUT	GET /tip/3015469d3fb386ca9cf94226b687029f4aebc2e7ee8fa561958f2b01e5d590c5/455e6aa1ca282289bf165848e7f8e6b77877484ec2efe5289dbc95edd25e26f8.jpeg HTTP/1.1 Host: imgs3.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:19 UTC	500	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:19 GMT Content-Type: image/jpeg Content-Length: 4485 Connection: close Alt-Svc: h3=":443"; ma=86400 Cache-Control: public, max-age=86400 Cf-Bgj: h2pri Vary: Origin CF-Cache-Status: REVALIDATED Expires: Thu, 24 Apr 2025 03:14:19 GMT Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Access-Control-Allow-Origin: * Server: cloudflare CF-RAY: 934a30a54b63c4bf-PHX
2025-04-23 03:14:19 UTC	869	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 80 00 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1AQa"q2
2025-04-23 03:14:19 UTC	1369	IN	Data Raw: 85 54 18 ca f3 9f f7 ab 06 ee e1 45 cf 91 65 88 e3 e7 0a 81 b3 f5 e2 a2 b4 69 d2 57 90 2a 6d b3 7f 4f 36 d6 96 11 47 29 2a ca a3 20 6f ab c8 6d e4 50 c9 2b 60 ff 00 b4 7f ad 72 f1 a2 22 61 e4 62 4f 52 77 ff 00 5a 63 c8 f0 fc d0 ce e3 68 c8 2a e4 83 c8 18 ac a1 8f 8b 95 9f e4 5f b3 69 74 3a b9 55 44 2c c9 2b f0 38 e4 11 fc ab 9c f1 75 dd e5 b5 a8 4b 73 22 a1 c0 25 00 e3 8a d5 b3 d4 56 f2 ce 4c e1 5c 16 c8 ff 00 81 e2 af 49 12 4c b3 ab a8 61 92 39 fa 0a ed 4d 4e 37 5d 48 68 f2 e8 f5 3b a5 8c 6c d4 66 04 75 f9 85 4c fa d6 a6 22 cc 5a 9d c0 fa 67 ff 00 8a ad 0d 67 c1 57 73 5f cb 25 a4 88 b1 39 e1 76 8e 2b 90 d4 b4 4d 4f 48 21 2e 15 1b 79 f9 7f 76 0f f5 ae 39 61 f9 5d db fc c8 49 96 5f c4 fe 23 8e e5 54 6b 37 3b 7f da dd ff 00 c5 55 ef f8 4c f5 d8 00 0d a9 92 Data Ascii: TEeiWmO6G) omP+`r"abORwZch*_it:UD,+8uKs"%VL\ILa9MN7]Hh;lfuL"ZggWs_%9v+MOH!.yv9a]I_#Tk7;UL
2025-04-23 03:14:19 UTC	1369	IN	Data Raw: 01 06 cf fa e6 9f d2 b8 fd 77 58 d1 ec 2e 9e cd ad 51 e5 8f fd 63 04 c6 3f 5a ef 5e 74 89 96 3d aa 37 74 f9 57 8f c2 bc 93 c6 1e 11 bf d6 3c 51 e6 59 aa 85 9c a8 77 07 1b 79 ea 6b a3 0f 42 5c df bc fd 02 54 d2 3b df 03 c5 e1 ad 4d 7e d3 60 81 ee 14 7c e1 f3 91 cf a5 77 28 8a 32 40 03 2c c6 b9 cf 06 f8 62 db c3 1a 72 43 10 0d 33 ae 64 93 d4 ee ad f8 a5 2c ab c6 33 bc fe 44 57 a9 ca a2 ec 8c 57 43 03 5a f0 c5 be b5 78 c6 e2 2f 31 1b 8c ee c1 4c 7a 54 3a 37 81 34 dd 22 42 f1 ef 94 93 91 e6 4b 9c 7d 06 2b ab 42 3e 6f f7 9a 90 3e 59 fe 63 c1 3f c5 8c 53 f9 14 9b b5 88 a2 b6 10 2e d8 ce 07 fb e3 fc 2a 0b fb 79 a5 b5 95 51 c8 62 87 1d 0f 35 71 9c ec 24 31 e9 d7 76 69 49 f9 09 3e 87 f9 51 71 6d a9 c7 dc 6b da 85 8c 76 b6 6b 60 c6 e4 9d b9 3f 77 81 d6 9d 61 15 c4 Data Ascii: wX.Qc?Z^t=7tW<QYwykB\T;M~`\|w(2@,brC3d,3DWWCZx/1LzT:74"BK}+B>o>Yc?S.*yQb5q$1viI>Qqmkvk`?wa
2025-04-23 03:14:19 UTC	878	IN	Data Raw: f7 c9 38 aa 96 4d 1d c2 bc 32 c8 7c e8 4e d6 0c 46 7d 8d 5c 31 ec 8d 8a 38 e0 12 38 04 1a e3 6a 49 9d 08 65 cb cb e6 00 14 74 3f d0 52 16 76 38 56 8c 37 24 e7 93 59 ba b5 9e a5 3d d1 30 4a 13 e5 61 8c ff 00 b6 2a ad ae 8b aa 45 26 f7 b9 04 90 c7 eb f3 52 a8 b4 fe bc 8a 4f 5f b8 d9 74 b9 28 72 c0 7b 85 a2 19 1f cb 2b 9c b0 c8 3e f4 91 ad cc 20 93 99 18 f1 8c 62 a7 2a ea ac c4 0c 9d c7 f5 a4 a2 b9 d5 9f 61 b6 fa 92 bb 3a db ca 4a e7 00 ff 00 2a ae ed 11 56 f3 23 07 08 bd 7e 99 a7 5c f9 ff 00 65 b9 c0 c7 0d fd 2b 06 fb 4e bd 91 ee 52 3b c0 32 38 07 b7 ee c1 a7 d5 12 ba 17 75 02 8d 6d 69 67 12 04 f3 9d 57 a7 60 32 6b a2 45 c4 2b 1e cc ae 31 83 8a e2 2e 2c f5 4b 05 b5 bb 9e 55 92 38 24 50 40 ec 0a 8e 6b b8 85 b7 c2 a5 48 e8 0f e9 5d 34 8c 65 b0 91 8f 2b 20 e7 Data Ascii: 8M2\|NF}\188jIet?Rv8V7$Y=0JaE&RO_t(r{+> ba:J*V#~\e+NR;28umigW`2kE+1.,KU8$P@kH]4e+

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:18 UTC	762	OUT	GET /tip/037a27c0bfb2acecae2297f9459de6c0e5ca87bbfdb532447f0e3101f753fb08/48825f12b61b88c491bf986bbc23a589ee0847031c29ce066f7f5611e86b7a08.jpeg HTTP/1.1 Host: imgs3.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:19 UTC	500	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:19 GMT Content-Type: image/jpeg Content-Length: 5330 Connection: close Alt-Svc: h3=":443"; ma=86400 Cache-Control: public, max-age=86400 Cf-Bgj: h2pri Vary: Origin CF-Cache-Status: REVALIDATED Expires: Thu, 24 Apr 2025 03:14:19 GMT Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Access-Control-Allow-Origin: * Server: cloudflare CF-RAY: 934a30a57d127d3b-LAX
2025-04-23 03:14:19 UTC	869	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 80 00 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1AQa"q2
2025-04-23 03:14:19 UTC	1369	IN	Data Raw: 8c 6e bd e2 ac e5 3b 40 ac 97 cd 23 3c 86 32 63 cf 05 4f ad 3a e6 6b d8 06 e8 6d 21 89 47 21 e4 22 b2 ae 6e e4 b7 d3 61 8d d4 48 fc 1d cb c3 0e 9f 9d 49 63 a8 9b bb 98 a2 91 c4 a4 f4 12 0a d6 30 5f 1b 2a 6d b7 ca c6 4f ab 5c b3 2a cd 78 cc 4f 1b 21 1f fe a1 56 22 7b 86 42 46 21 00 1e 64 e5 8f 5f ca b4 f5 3d 1e 5b a6 88 c0 02 05 20 9d ad b7 f4 a8 35 4b 75 97 cb b7 11 7d f3 86 62 7a 0c 9a e9 8c 21 23 9d c9 ec 86 2e 93 2c ac f3 3c de 73 ef d8 bb cf 00 0f 6a 56 d1 91 63 69 5d b6 4b 1b 00 76 1c 06 14 d8 d9 b4 b7 39 63 e4 4a a3 62 93 fc 4b fe 3c 56 98 cc f1 2c 71 91 9d bb dc 03 8e 4d 73 b8 a5 23 4e 67 63 2f 4a 88 ad eb e1 99 91 78 e0 66 9b e2 19 de 28 ad f7 11 b3 24 38 71 c7 00 51 6a 5a 2b e6 59 50 86 c6 01 61 d3 fe 04 29 75 7b 31 7d 0e d8 e4 54 23 1f 7b 1c fa Data Ascii: n;@#<2cO:km!G!"naHIc0_mO\xO!V"{BF!d_=[ 5Ku}bz!#.,<sjVci]Kv9cJbK<V,qMs#Ngc/Jxf($8qQjZ+YPa)u{1}T#{
2025-04-23 03:14:19 UTC	1369	IN	Data Raw: ea 17 b6 5f 6c 9e 10 0e c6 45 6e 58 63 70 20 64 15 fe 95 7b 49 b8 9f c3 24 98 d5 8d 8b 7d e8 18 e5 d7 d4 a0 f4 f6 a9 11 94 15 21 9c 70 70 ee 72 dd 3b fa 76 a8 65 66 19 64 01 1f 69 05 89 cb 1f a1 3d 47 d2 a6 95 7a 89 db a1 a5 5a 50 94 6f d4 ea f4 8b f8 2e ae 56 e6 dd 8c 91 3a 9c 31 ed fe 15 73 54 f2 ef 4f 94 26 40 e0 71 bb 9e e7 8a f3 df 09 dc cd 0f 8e 1e c6 30 45 bd c4 45 ca 84 24 07 1d fd ab ac d5 a4 8f 4b b9 79 09 fd e3 01 82 4f f3 f6 ab a8 94 1f bb bb 39 61 05 27 67 a5 8e 79 8a 5c 3f 94 f7 a4 e1 88 c3 1e 0e 3f fd 55 5a 75 92 c2 d2 55 60 24 12 a1 00 d6 bc f6 2f 32 fd c8 82 86 27 6c 6b cf 53 de b3 2f e1 b5 82 d1 8f 95 27 9c a0 61 5c e6 ba 5f 2d 35 67 a9 cf 5a 50 ab f0 2b 33 3f c3 77 ab a8 d9 45 0c ae 55 e3 05 48 4c 0c 10 6b 4b 5a 58 6d b4 89 d9 42 ab 32 Data Ascii: _lEnXcp d{I$}!ppr;vefdi=GzZPo.V:1sTO&@q0EE$KyO9a'gy\??UZuU`$/2'lkS/'a\_-5gZP+3?wEUHLkKZXmB2
2025-04-23 03:14:19 UTC	1369	IN	Data Raw: d0 7e 95 30 d3 6f 91 40 56 52 70 7e ee 71 d0 7e 27 a5 7a 32 c4 d2 a3 1d 19 cc b0 95 aa ca e6 e4 30 2d b4 a1 a4 00 b3 2f 2a 06 4e 3b 8a cc d5 27 8a cd bc e5 20 03 c6 31 de b5 77 09 98 bb 60 02 38 e0 9f 5c 77 3d f3 5c ee b7 6f 35 c4 4d 12 63 2a 0b e3 81 c6 7e a3 d2 94 25 78 be 63 29 2e 69 2e c6 75 e5 8b c5 6a f7 a3 05 24 f9 81 53 ff 00 eb a8 fc 30 fe 76 ac 8c c4 27 ae 07 7f c7 ad 68 58 37 f6 87 87 0c 59 2c d1 b7 bf 43 de a6 f0 c4 31 59 ce ca 80 b4 81 70 4a ae 4f f9 e6 bc fa d3 50 d2 da b3 db a5 79 47 5d 91 dd 6a 5a d5 b6 85 e1 67 bc 76 8f 7a 26 11 a6 f9 43 37 e3 8c fe 15 e6 b1 5a 4b ae 0b 9d 53 55 0b f6 9b 9e 47 92 a5 4a 01 c0 0a 7a 8f ce b4 bc 5b 7d 2d fe bb a7 e8 98 db 0c 6b f6 ab 8d c4 1c 81 f7 47 7c 73 cd 68 2b a6 d0 a1 57 20 63 a6 78 fc 7a 7e 15 95 5f Data Ascii: ~0o@VRp~q~'z20-/N;' 1w`8\w=\o5Mc~%xc).i.uj$S0v'hX7Y,C1YpJOPyG]jZgvz&C7ZKSUGJz[}-kG\|sh+W cxz~_
2025-04-23 03:14:19 UTC	354	IN	Data Raw: 52 77 e4 49 81 91 50 4a f2 d8 db c2 b3 59 c8 92 3b 05 04 3f 53 9f 5a bd 67 ab 6a 77 57 1f 2c 29 e4 36 06 f3 19 03 3d 78 ce 09 fe 55 b5 35 b4 17 d1 44 27 40 e5 1f 78 2a 40 c1 19 3d b2 69 d4 97 2b b2 26 11 69 5d 9c e3 49 25 cb 04 86 09 99 ba 64 c8 78 ff 00 38 aa c3 c2 77 f3 dc 1b 87 9d 23 8e 33 f2 46 39 24 7b d7 4a f3 3a c4 c2 20 81 89 18 07 38 ef de a8 0d 76 f2 d2 7f 2e 4b 58 89 19 e3 27 9f 70 71 cd 38 a7 7f 53 4e 5b c2 eb 73 3a 5b 70 ec 22 96 e9 41 87 23 6e ce 9d ea 3b a4 8c c2 16 5b b5 db 18 e1 02 fb 64 9f ca b4 ef 27 5b d8 da f2 18 e0 12 0c ef 8e 44 20 fb f5 ac cb d9 25 5b 52 4c 36 c1 4f 72 87 d4 56 2d 72 cb 51 a4 da 21 f0 9c 10 dc 69 73 5b 5c ea 1b be c3 72 d0 a8 23 a2 93 95 fd 08 fc ab a0 7d 36 38 19 87 f6 a3 2b 0f 6f fe bd 72 1e 13 be 95 7c 57 ab e9 Data Ascii: RwIPJY;?SZgjwW,)6=xU5D'@x*@=i+&i]I%dx8w#3F9${J: 8v.KX'pq8SN[s:[p"A#n;[d'[D %[RL6OrV-rQ!is[\r#}68+or\|W

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:18 UTC	762	OUT	GET /tip/708c69976705da166a26883e5c12b65a8c9117cf19109b8d2fda028d99306264/63a7ed38d4d3e64b9232d24a9ef98e6b0709608ebcfee219cb6ba24f19e8116f.jpeg HTTP/1.1 Host: imgs3.hcaptcha.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:19 UTC	500	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:19 GMT Content-Type: image/jpeg Content-Length: 4901 Connection: close Alt-Svc: h3=":443"; ma=86400 Cache-Control: public, max-age=86400 Cf-Bgj: h2pri Vary: Origin CF-Cache-Status: REVALIDATED Expires: Thu, 24 Apr 2025 03:14:19 GMT Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Access-Control-Allow-Origin: * Server: cloudflare CF-RAY: 934a30a58e190fd8-LAX
2025-04-23 03:14:19 UTC	869	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 80 00 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"}!1AQa"q2
2025-04-23 03:14:19 UTC	1369	IN	Data Raw: 48 c2 5a 5b 5e 4f 3f 0d bc 8c 23 0c f5 ce 73 5e 1b a5 b8 b8 b5 fb 3d ee 7c b3 f7 58 f3 b6 b4 5a 1b 54 88 40 b2 ca 6d c0 39 75 1c 93 e9 d2 9f 33 dc 4a 8c 56 e7 b2 5a 7c 4e d1 a4 d5 52 3b bb 19 e3 b5 23 fd 71 01 b0 7e 95 d6 e9 fa fe 81 aa db cf 3e 9f 75 03 ce 3f e5 93 1c 15 f7 00 d7 cd 1f 62 b4 68 a4 71 79 3b 10 3e 55 63 8e 69 ad 66 90 ba 79 17 d2 28 db b9 f0 d8 3f 4a 45 3a 7a 68 7a 8f 8b 3c 3e 74 bd 66 49 54 49 8b 81 e6 99 42 f1 8e e3 35 8b 00 bd 10 24 56 a4 cd 34 cf b5 04 5c 91 ea 6b 91 d5 3c 53 77 a9 69 d1 da 5d 6a b7 06 04 50 a2 3c f3 55 74 8d 4d f4 bb b5 ba b2 d4 64 0f 0f cc 8a 0e 2b 9e 78 78 4d dc 95 4b 43 d0 a5 d0 f5 5d 46 43 15 b5 bd c8 95 46 0b c8 08 0d eb 59 56 1a 23 b5 e3 5a 5d b0 55 c1 65 23 b3 fa 57 a2 f8 77 c7 9a 3e b9 a4 06 b9 bc fb 3d f6 3f Data Ascii: HZ[^O?#s^=\|XZT@m9u3JVZ\|NR;#q~>u?bhqy;>Ucify(?JE:zhz<>tfITIB5$V4\k<Swi]jP<UtMd+xxMKC]FCFYV#Z]Ue#Ww>=?
2025-04-23 03:14:19 UTC	1369	IN	Data Raw: 64 f6 e2 b9 8b 90 d6 5e 38 82 e4 2e 16 70 76 a9 3c 6f 03 a9 fa f5 35 3d c4 f6 33 3e 2a 58 49 6d 7b a6 cd 01 8a 4c 46 63 90 1e bc 62 aa f8 77 48 31 78 53 58 d4 ef 2c de 27 96 d5 92 26 1c e1 47 39 ae cb c5 de 1e 83 c4 36 e2 62 de 57 97 1b 4c f2 21 f9 58 f1 81 fc ea a6 93 70 ba 87 87 24 b4 f3 da 34 58 b6 18 d9 79 70 78 cd 5a 7a 58 9b 6a 78 7d cc b0 0f b3 fd 8c 3b 34 8a 50 ee f7 ab 92 44 b6 96 05 a7 8f cd 93 18 38 62 2a 1b 08 8c 97 57 50 ca b8 92 16 21 32 31 8e 6b 46 e2 03 21 55 24 16 1c 85 3f a9 ad 2c 9a 16 a8 cb d3 f4 af b7 3a 4f 09 fd d8 38 65 e9 8a ed ad 6d ed ad 6d 56 04 50 59 b8 1d b7 1a e3 63 be 36 ba c0 b7 80 85 89 8e d3 8e 2b a3 4d 5a d2 dd 09 2e d3 15 3b 76 ac 79 2a 7d 73 54 b4 44 8d d4 e1 8a d6 e9 2e a3 e3 0c 04 80 1e 86 b2 3c 41 3a c5 1b 84 3f 2c Data Ascii: d^8.pv<o5=3>XIm{LFcbwH1xSX,'&G96bWL!Xp$4XypxZzXjx};4PD8bWP!21kF!U$?,:O8emmVPYc6+MZ.;vy*}sTD.<A:?,
2025-04-23 03:14:19 UTC	1294	IN	Data Raw: 0b a9 e0 2e 79 ab 51 59 2d ba 2e 46 e9 5b d7 b5 17 02 99 bf cb a1 11 46 b8 ff 00 66 bb 5f 87 ba fb d9 f8 9e d5 25 3f ba 98 f9 58 1c 63 35 cc ad b4 52 dd 0b 6b 95 0a e7 ee ba f1 5a ba 7e 8f 36 9b a8 5b 5d 89 46 c8 a5 56 ce 3b 66 a6 71 e6 8b 4c a8 bb 3b 9f 47 7d 96 39 ee 03 88 8b 48 70 3d a8 d5 b4 69 2c 74 99 ae 2c 22 8c 5c 81 d0 0c 56 b6 99 73 66 f6 90 4f 6a c2 5f 35 01 dc 39 c6 45 73 7a f4 7a f5 c5 d4 86 32 b1 41 23 05 50 0e 77 57 91 6b 3b 36 75 ca 4e da 23 23 43 8b c4 57 77 6c b7 6c b1 46 df 36 ee bf 95 77 76 91 11 6e b6 f7 2b 1b 93 c1 e3 e5 61 ef ef 58 1a 4d a5 ee 99 09 8e ef ef 12 4a b6 73 4f 5b 5d 45 af e2 71 a8 66 3f 30 1f 2f 1c 1e 7a 9a 1b d6 c3 49 f2 93 78 ba c2 f3 58 8d 22 b5 6f 2a 31 f3 6f 53 83 5c ae 93 a0 6a 1a 55 e8 9d a5 69 48 6d a7 cd 7c f1 Data Ascii: .yQY-.F[Ff_%?Xc5RkZ~6[]FV;fqL;G}9Hp=i,t,"\VsfOj_59Eszz2A#PwWk;6uN##CWwllF6wvn+aXMJsO[]Eqf?0/zIxX"o*1oS\jUiHm\|

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:25 UTC	1102	OUT	OPTIONS /checkcaptcha/c48e0666-c564-4dfa-b2d2-4d46de425ef2/E0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiQWhZR0JWdWNrVzVQaUZaVFdCQmJnRjliYmNLRmhldjZidVNuUG9ZbE9iQ2JXay83ZnUvWTNUTittV1Z1MEN6YnNSdFhRYU5IZGp3MTRtaS9ySEs0V0FTKzlvcC9kRWExRmdaVGdXVENYUWZPd2sxbzdiSENWUWw5RlQyc2FOZHRoNUs4enZHcyszcC9RMm92UXBaaldQVC9UdXgzeE9nUWxVQTd0UXZnSlhOS09FSnA3MldlVXJnaURYRzV6N1lIdGhlR1NiUUZEd29CWHpTWHprYSs1Y2RQMmc5M21BeU9sSUU5TEdsUzlyUFVORWV6c1ROQkYxNTl5YUZuSzUvRmQ0ektqcjMvM0J2MnRHOGNtQT09UG1lTUljdHJMckttYWZWSiIsImV4cCI6MTc0NTM3ODE0Niwia3IiOiIzMTYzYmIwYiJ9.ruIqgkGl-XuNOCU1JjbzEeYU21C4_3AnpznYoQKbTq0 HTTP/1.1 Host: api.hcaptcha.com Connection: keep-alive Accept: / Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://newassets.hcaptcha.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Sec-Fetch-Dest: empty Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:25 UTC	553	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:25 GMT Content-Length: 0 Connection: close Access-Control-Allow-Origin: https://newassets.hcaptcha.com Vary: Origin, Accept-Encoding Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Cache-Control, Content-Type, DNT, Referer, User-Agent Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 934a30cf6f585a87-PHX alt-svc: h3=":443"; ma=86400

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:26 UTC	1250	OUT	POST /checkcaptcha/c48e0666-c564-4dfa-b2d2-4d46de425ef2/E0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiQWhZR0JWdWNrVzVQaUZaVFdCQmJnRjliYmNLRmhldjZidVNuUG9ZbE9iQ2JXay83ZnUvWTNUTittV1Z1MEN6YnNSdFhRYU5IZGp3MTRtaS9ySEs0V0FTKzlvcC9kRWExRmdaVGdXVENYUWZPd2sxbzdiSENWUWw5RlQyc2FOZHRoNUs4enZHcyszcC9RMm92UXBaaldQVC9UdXgzeE9nUWxVQTd0UXZnSlhOS09FSnA3MldlVXJnaURYRzV6N1lIdGhlR1NiUUZEd29CWHpTWHprYSs1Y2RQMmc5M21BeU9sSUU5TEdsUzlyUFVORWV6c1ROQkYxNTl5YUZuSzUvRmQ0ektqcjMvM0J2MnRHOGNtQT09UG1lTUljdHJMckttYWZWSiIsImV4cCI6MTc0NTM3ODE0Niwia3IiOiIzMTYzYmIwYiJ9.ruIqgkGl-XuNOCU1JjbzEeYU21C4_3AnpznYoQKbTq0 HTTP/1.1 Host: api.hcaptcha.com Connection: keep-alive Content-Length: 43280 sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" Content-type: application/json;charset=UTF-8 sec-ch-ua-mobile: ?0 Accept: / Origin: https://newassets.hcaptcha.com Sec-Fetch-Site: same-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Referer: https://newassets.hcaptcha.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:26 UTC	16384	OUT	Data Raw: 7b 22 76 22 3a 22 34 66 36 63 62 65 32 64 61 65 37 65 36 63 62 62 39 63 38 33 61 34 36 39 36 65 36 39 62 30 37 39 66 34 38 34 64 62 31 65 22 2c 22 6a 6f 62 5f 6d 6f 64 65 22 3a 22 69 6d 61 67 65 5f 6c 61 62 65 6c 5f 62 69 6e 61 72 79 22 2c 22 61 6e 73 77 65 72 73 22 3a 7b 22 34 34 32 32 65 65 33 32 2d 63 32 62 34 2d 34 61 37 31 2d 38 63 38 39 2d 32 65 34 64 39 35 61 62 63 30 64 38 22 3a 22 74 72 75 65 22 2c 22 36 39 36 39 35 34 63 37 2d 62 65 64 39 2d 34 63 30 37 2d 39 33 61 34 2d 65 30 39 63 30 30 36 62 39 39 33 65 22 3a 22 66 61 6c 73 65 22 2c 22 32 32 62 61 64 37 35 62 2d 34 62 64 30 2d 34 37 64 33 2d 39 62 31 39 2d 62 36 65 33 62 65 64 37 61 35 65 36 22 3a 22 66 61 6c 73 65 22 2c 22 66 37 30 65 62 32 61 36 2d 64 30 37 30 2d 34 37 63 39 2d 39 30 36 35 Data Ascii: {"v":"4f6cbe2dae7e6cbb9c83a4696e69b079f484db1e","job_mode":"image_label_binary","answers":{"4422ee32-c2b4-4a71-8c89-2e4d95abc0d8":"true","696954c7-bed9-4c07-93a4-e09c006b993e":"false","22bad75b-4bd0-47d3-9b19-b6e3bed7a5e6":"false","f70eb2a6-d070-47c9-9065
2025-04-23 03:14:26 UTC	16384	OUT	Data Raw: 74 55 6e 75 4a 73 56 49 53 44 48 70 66 67 38 78 4c 4e 79 50 6b 32 43 68 6b 4d 71 71 43 6e 52 64 52 47 45 6a 63 56 4f 4c 71 6f 6d 48 75 52 50 74 74 6b 55 74 44 41 51 30 76 4b 62 71 39 63 49 7a 37 53 47 76 2b 4f 67 6e 41 67 73 5a 57 52 56 44 66 73 75 51 47 43 6c 6e 6d 76 31 54 63 41 44 78 57 33 51 2f 4d 52 64 4e 72 44 4f 63 6a 63 4e 42 48 38 47 6a 2f 44 41 49 58 4d 44 41 48 77 6b 76 34 33 66 78 35 45 4d 43 76 2f 77 63 41 31 30 66 74 59 55 48 39 53 33 2b 2f 6e 38 6c 6f 68 56 51 58 43 43 33 42 69 4e 5a 6b 74 51 71 6c 57 51 36 53 61 51 47 7a 44 5a 55 6d 75 30 48 57 75 5a 47 69 4e 59 58 4b 48 49 37 73 71 77 5a 79 4e 70 2f 7a 6e 33 6e 51 33 73 65 44 4f 2b 45 56 73 41 44 7a 79 71 4a 66 2f 6b 72 45 66 33 56 66 52 73 68 46 77 7a 56 2f 79 6d 70 33 6e 41 6a 4e 62 4d Data Ascii: tUnuJsVISDHpfg8xLNyPk2ChkMqqCnRdRGEjcVOLqomHuRPttkUtDAQ0vKbq9cIz7SGv+OgnAgsZWRVDfsuQGClnmv1TcADxW3Q/MRdNrDOcjcNBH8Gj/DAIXMDAHwkv43fx5EMCv/wcA10ftYUH9S3+/n8lohVQXCC3BiNZktQqlWQ6SaQGzDZUmu0HWuZGiNYXKHI7sqwZyNp/zn3nQ3seDO+EVsADzyqJf/krEf3VfRshFwzV/ymp3nAjNbM
2025-04-23 03:14:26 UTC	10512	OUT	Data Raw: 67 66 32 48 71 4d 6e 33 64 56 5a 67 76 39 6a 6c 7a 58 32 39 34 77 70 71 62 30 4a 61 32 39 4a 49 2b 2b 6f 48 7a 43 38 56 59 43 49 70 73 2f 58 50 77 68 76 34 34 2b 43 6a 6b 62 43 42 33 39 4f 70 38 36 6e 4f 76 49 45 57 44 56 4f 44 6d 51 41 45 61 66 5a 68 6d 6d 61 32 6f 63 41 6b 36 75 73 51 72 4b 4d 49 77 78 48 5a 6d 4c 52 38 47 4d 61 5a 71 31 38 45 31 72 54 2b 34 4b 39 6a 56 54 56 68 36 34 53 75 38 68 42 6b 2b 6f 66 68 79 79 6f 78 43 6b 44 68 48 4f 53 41 49 44 57 54 55 70 62 41 49 6a 79 38 39 36 4e 77 69 48 31 53 47 64 6c 36 55 6f 62 47 50 7a 46 57 66 48 70 2f 58 66 45 52 6a 53 30 51 76 4d 6e 71 50 7a 2b 77 71 59 50 77 56 64 38 53 4f 38 78 35 34 61 71 6a 46 53 6b 77 47 65 4b 58 52 65 74 31 38 46 5a 33 65 54 52 6a 42 58 74 78 58 6f 61 55 68 72 4e 53 67 51 70 Data Ascii: gf2HqMn3dVZgv9jlzX294wpqb0Ja29JI++oHzC8VYCIps/XPwhv44+CjkbCB39Op86nOvIEWDVODmQAEafZhmma2ocAk6usQrKMIwxHZmLR8GMaZq18E1rT+4K9jVTVh64Su8hBk+ofhyyoxCkDhHOSAIDWTUpbAIjy896NwiH1SGdl6UobGPzFWfHp/XfERjS0QvMnqPz+wqYPwVd8SO8x54aqjFSkwGeKXRet18FZ3eTRjBXtxXoaUhrNSgQp
2025-04-23 03:14:26 UTC	589	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:26 GMT Content-Type: application/json Content-Length: 4080 Connection: close CF-Ray: 934a30d23fc9c4bf-PHX CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: https://newassets.hcaptcha.com Set-Cookie: __cflb=0H28vk2VKwPbLoawFj9ote4RZxB9Q78v6j1afVXPGU5; SameSite=Lax; path=/; expires=Wed, 23-Apr-25 03:44:26 GMT; HttpOnly Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Vary: Origin access-control-allow-credentials: true x-content-type-options: nosniff Server: cloudflare alt-svc: h3=":443"; ma=86400
2025-04-23 03:14:26 UTC	780	IN	Data Raw: 7b 22 70 61 73 73 22 3a 74 72 75 65 2c 22 67 65 6e 65 72 61 74 65 64 5f 70 61 73 73 5f 55 55 49 44 22 3a 22 50 31 5f 65 79 4a 30 65 58 41 69 4f 69 4a 4b 56 31 51 69 4c 43 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 4a 39 2e 65 79 4a 77 59 58 4e 7a 61 32 56 35 49 6a 6f 69 65 6d 6c 74 63 53 39 30 63 57 5a 4a 4e 56 52 79 59 32 5a 49 55 47 49 72 59 6d 35 72 4d 6e 46 33 57 46 68 6f 57 45 52 59 59 56 55 34 57 6c 46 32 63 56 6b 35 4e 45 46 36 57 47 6c 4c 65 44 56 72 64 6c 67 7a 63 33 4a 74 55 57 52 68 55 55 39 7a 53 45 31 32 5a 32 39 36 59 6b 70 6e 61 55 70 45 4e 58 56 5a 64 6b 78 4b 51 54 4a 35 5a 6d 31 36 62 30 56 69 4f 57 56 30 57 55 70 43 65 55 64 74 64 57 31 51 56 6c 4a 73 61 30 39 47 57 46 4a 50 4d 6a 6c 4a 53 30 78 6d 64 54 46 70 53 58 4e 73 5a 33 4a Data Ascii: {"pass":true,"generated_pass_UUID":"P1_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwYXNza2V5IjoiemltcS90cWZJNVRyY2ZIUGIrYm5rMnF3WFhoWERYYVU4WlF2cVk5NEF6WGlLeDVrdlgzc3JtUWRhUU9zSE12Z296YkpnaUpENXVZdkxKQTJ5Zm16b0ViOWV0WUpCeUdtdW1QVlJsa09GWFJPMjlJS0xmdTFpSXNsZ3J
2025-04-23 03:14:26 UTC	1369	IN	Data Raw: 5a 48 45 35 53 31 56 56 57 46 70 71 64 48 64 51 4b 33 4a 77 64 30 4e 53 51 57 78 4e 56 6c 6c 44 51 6c 56 4d 54 6c 5a 56 61 33 41 32 4f 47 31 49 5a 55 46 4b 59 6d 6c 78 63 44 52 42 4d 6d 31 56 64 55 56 46 5a 47 55 76 57 54 59 76 55 32 31 4b 62 30 56 50 4e 48 49 30 51 30 39 73 64 32 52 6d 61 58 5a 4d 55 7a 55 35 55 55 39 74 4e 54 46 45 62 47 5a 6b 56 44 46 51 4d 47 74 57 56 57 74 61 4d 6d 39 6f 52 54 46 7a 62 33 6f 79 62 30 73 72 55 45 39 74 4e 7a 64 79 56 6b 46 70 62 32 38 30 4d 69 74 52 5a 6b 4a 46 4e 45 52 6d 62 48 4d 78 63 6b 64 61 62 47 6c 73 64 47 78 75 64 7a 42 47 55 31 4a 52 52 47 63 7a 4c 31 6c 69 61 32 39 4b 62 6a 68 6e 59 31 68 76 4e 45 39 4e 65 6b 4a 7a 51 6e 46 71 5a 6a 56 53 4e 7a 52 33 4d 6d 74 68 55 44 46 6e 51 31 59 77 55 48 52 77 4e 48 4e Data Ascii: ZHE5S1VVWFpqdHdQK3Jwd0NSQWxNVllDQlVMTlZVa3A2OG1IZUFKYmlxcDRBMm1VdUVFZGUvWTYvU21Kb0VPNHI0Q09sd2RmaXZMUzU5UU9tNTFEbGZkVDFQMGtWVWtaMm9oRTFzb3oyb0srUE9tNzdyVkFpb280MitRZkJFNERmbHMxckdabGlsdGxudzBGU1JRRGczL1lia29KbjhnY1hvNE9NekJzQnFqZjVSNzR3MmthUDFnQ1YwUHRwNHN
2025-04-23 03:14:26 UTC	1369	IN	Data Raw: 32 4a 76 61 6e 4a 70 59 32 5a 6e 54 55 70 42 63 45 4e 54 61 55 31 77 55 58 41 30 54 30 74 76 65 45 77 76 64 43 73 78 63 57 63 31 62 45 68 4e 59 57 74 42 53 47 64 54 4e 45 4d 31 63 6e 42 4f 4e 6d 67 78 4e 31 68 68 54 6e 68 32 54 30 39 6f 65 57 5a 7a 65 6b 49 79 4f 47 31 74 54 6a 4a 48 54 31 42 54 55 55 52 6a 55 6d 5a 73 5a 44 64 4b 61 31 70 31 59 6e 70 52 63 6a 52 50 61 48 4a 30 5a 30 55 77 52 6e 64 33 56 6e 68 79 5a 57 6c 6b 52 57 34 31 61 55 39 50 54 47 46 5a 63 57 55 34 5a 30 34 31 63 58 68 4c 51 6e 68 45 4b 32 46 32 56 47 34 35 63 48 6f 7a 5a 45 56 6f 63 58 55 7a 63 58 63 32 4d 43 74 35 5a 6b 74 51 59 6d 35 48 4c 7a 64 50 59 30 74 35 51 31 6c 42 63 46 6f 35 55 7a 6c 72 62 31 46 69 5a 53 74 6f 4f 45 67 33 62 32 52 61 65 58 68 70 59 6d 4d 33 52 57 70 68 Data Ascii: 2JvanJpY2ZnTUpBcENTaU1wUXA0T0tveEwvdCsxcWc1bEhNYWtBSGdTNEM1cnBONmgxN1hhTnh2T09oeWZzekIyOG1tTjJHT1BTUURjUmZsZDdKa1p1YnpRcjRPaHJ0Z0UwRnd3VnhyZWlkRW41aU9PTGFZcWU4Z041cXhLQnhEK2F2VG45cHozZEVocXUzcXc2MCt5ZktQYm5HLzdPY0t5Q1lBcFo5Uzlrb1FiZStoOEg3b2RaeXhpYmM3RWph
2025-04-23 03:14:26 UTC	562	IN	Data Raw: 77 52 44 51 79 4e 6d 74 61 59 54 67 77 61 6b 4a 51 4f 46 5a 30 4e 44 42 34 62 46 41 30 62 6c 5a 57 62 58 64 54 57 6e 6f 7a 56 30 68 34 59 56 63 79 63 6b 35 32 4d 33 4e 6d 54 57 35 57 53 45 70 4d 56 56 52 35 62 6c 68 78 52 57 70 79 54 46 6c 4d 54 6b 64 4e 61 47 4e 4c 53 57 4d 32 4f 47 34 31 4f 58 56 54 59 6b 5a 51 53 32 39 61 56 48 55 33 53 55 52 4a 62 57 67 7a 56 47 68 45 62 6d 46 50 55 55 5a 52 52 47 35 47 5a 6e 64 32 53 55 78 50 54 48 52 5a 59 6b 55 77 54 69 39 54 65 57 31 4b 55 7a 55 30 4e 55 78 4e 52 31 5a 4b 4e 54 52 30 4e 33 51 77 61 55 56 54 56 6c 4d 76 53 55 4a 73 55 56 4e 4e 63 30 73 79 55 55 4e 49 4d 32 49 30 65 56 64 4d 4b 7a 4e 57 57 55 34 79 4b 31 6f 30 54 54 5a 73 62 32 39 72 62 30 5a 78 5a 54 56 6f 54 32 52 59 64 53 73 31 61 6d 67 76 62 56 Data Ascii: wRDQyNmtaYTgwakJQOFZ0NDB4bFA0blZWbXdTWnozV0h4YVcyck52M3NmTW5WSEpMVVR5blhxRWpyTFlMTkdNaGNLSWM2OG41OXVTYkZQS29aVHU3SURJbWgzVGhEbmFPUUZRRG5GZnd2SUxPTHRZYkUwTi9TeW1KUzU0NUxNR1ZKNTR0N3QwaUVTVlMvSUJsUVNNc0syUUNIM2I0eVdMKzNWWU4yK1o0TTZsb29rb0ZxZTVoT2RYdSs1amgvbV

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:27 UTC	962	OUT	GET /checkcaptcha/c48e0666-c564-4dfa-b2d2-4d46de425ef2/E0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiQWhZR0JWdWNrVzVQaUZaVFdCQmJnRjliYmNLRmhldjZidVNuUG9ZbE9iQ2JXay83ZnUvWTNUTittV1Z1MEN6YnNSdFhRYU5IZGp3MTRtaS9ySEs0V0FTKzlvcC9kRWExRmdaVGdXVENYUWZPd2sxbzdiSENWUWw5RlQyc2FOZHRoNUs4enZHcyszcC9RMm92UXBaaldQVC9UdXgzeE9nUWxVQTd0UXZnSlhOS09FSnA3MldlVXJnaURYRzV6N1lIdGhlR1NiUUZEd29CWHpTWHprYSs1Y2RQMmc5M21BeU9sSUU5TEdsUzlyUFVORWV6c1ROQkYxNTl5YUZuSzUvRmQ0ektqcjMvM0J2MnRHOGNtQT09UG1lTUljdHJMckttYWZWSiIsImV4cCI6MTc0NTM3ODE0Niwia3IiOiIzMTYzYmIwYiJ9.ruIqgkGl-XuNOCU1JjbzEeYU21C4_3AnpznYoQKbTq0 HTTP/1.1 Host: api.hcaptcha.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:27 UTC	535	IN	HTTP/1.1 405 Method Not Allowed Date: Wed, 23 Apr 2025 03:14:27 GMT Content-Type: text/plain Content-Length: 14 Connection: close Vary: Origin, Accept-Encoding Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Cache-Control, Content-Type, DNT, Referer, User-Agent Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 934a30d91eadb829-PHX alt-svc: h3=":443"; ma=86400
2025-04-23 03:14:27 UTC	14	IN	Data Raw: 49 6e 76 61 6c 69 64 20 4d 65 74 68 6f 64 Data Ascii: Invalid Method

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:29 UTC	883	OUT	POST /redirect HTTP/1.1 Host: couvaticrespt.com Connection: keep-alive Content-Length: 6656 Cache-Control: max-age=0 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Origin: https://couvaticrespt.com Content-Type: application/x-www-form-urlencoded Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://couvaticrespt.com/access?email=test@microsoft.com Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:29 UTC	6656	OUT	Data Raw: 67 2d 72 65 63 61 70 74 63 68 61 2d 72 65 73 70 6f 6e 73 65 3d 50 31 5f 65 79 4a 30 65 58 41 69 4f 69 4a 4b 56 31 51 69 4c 43 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 4a 39 2e 65 79 4a 77 59 58 4e 7a 61 32 56 35 49 6a 6f 69 65 6d 6c 74 63 53 39 30 63 57 5a 4a 4e 56 52 79 59 32 5a 49 55 47 49 72 59 6d 35 72 4d 6e 46 33 57 46 68 6f 57 45 52 59 59 56 55 34 57 6c 46 32 63 56 6b 35 4e 45 46 36 57 47 6c 4c 65 44 56 72 64 6c 67 7a 63 33 4a 74 55 57 52 68 55 55 39 7a 53 45 31 32 5a 32 39 36 59 6b 70 6e 61 55 70 45 4e 58 56 5a 64 6b 78 4b 51 54 4a 35 5a 6d 31 36 62 30 56 69 4f 57 56 30 57 55 70 43 65 55 64 74 64 57 31 51 56 6c 4a 73 61 30 39 47 57 46 4a 50 4d 6a 6c 4a 53 30 78 6d 64 54 46 70 53 58 4e 73 5a 33 4a 34 5a 45 31 53 53 6b 38 32 5a 32 70 33 56 6b Data Ascii: g-recaptcha-response=P1_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwYXNza2V5IjoiemltcS90cWZJNVRyY2ZIUGIrYm5rMnF3WFhoWERYYVU4WlF2cVk5NEF6WGlLeDVrdlgzc3JtUWRhUU9zSE12Z296YkpnaUpENXVZdkxKQTJ5Zm16b0ViOWV0WUpCeUdtdW1QVlJsa09GWFJPMjlJS0xmdTFpSXNsZ3J4ZE1SSk82Z2p3Vk
2025-04-23 03:14:30 UTC	800	IN	HTTP/1.1 302 Found Date: Wed, 23 Apr 2025 03:14:29 GMT Content-Length: 0 Connection: close Cf-Ray: 934a30e6c9a74778-DFW Location: https://zh.peoplelove.tech/?utm_campaign#test@microsoft.com Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q6HoPyjLl4GbEz%2FyoWvtq1IPNfrN7SSsg%2BjOxLddaLvgIPwzQlaq402rwHGryWVfyx5DWq5JqrBX7IHyWmBbGZ6%2Fp0%2BBx6suL1tHsMsC2FwwmudN6tfV0q1AO42XOeM6inaYTg%3D%3D"}],"group":"cf-nel","max_age":604800} Nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=162658&min_rtt=162454&rtt_var=34577&sent=8&recv=13&lost=0&retrans=0&sent_bytes=2841&recv_bytes=8133&delivery_rate=24758&cwnd=252&unsent_bytes=0&cid=4a9f370585205d53&ts=533&x=0"

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:30 UTC	750	OUT	GET /?utm_campaign HTTP/1.1 Host: zh.peoplelove.tech Connection: keep-alive Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://couvaticrespt.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:30 UTC	1353	IN	HTTP/1.1 403 Forbidden Date: Wed, 23 Apr 2025 03:14:30 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cf-Ray: 934a30ee9e734774-DFW Server: cloudflare Accept-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Cf-Mitigated: challenge Critical-Ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Origin-Agent-Cluster: ?1 Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() Referrer-Policy: same-origin Server-Timing: chlray;desc="934a30ee9e734774" X-Content-Options: nosniff
2025-04-23 03:14:30 UTC	747	IN	Data Raw: 58 2d 46 72 61 6d 65 2d 4f 70 74 69 6f 6e 73 3a 20 53 41 4d 45 4f 52 49 47 49 4e 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 70 72 69 76 61 74 65 2c 20 6d 61 78 2d 61 67 65 3d 30 2c 20 6e 6f 2d 73 74 6f 72 65 2c 20 6e 6f 2d 63 61 63 68 65 2c 20 6d 75 73 74 2d 72 65 76 61 6c 69 64 61 74 65 2c 20 70 6f 73 74 2d 63 68 65 63 6b 3d 30 2c 20 70 72 65 2d 63 68 65 63 6b 3d 30 0d 0a 45 78 70 69 72 65 73 3a 20 54 68 75 2c 20 30 31 20 4a 61 6e 20 31 39 37 30 20 30 30 3a 30 30 3a 30 31 20 47 4d 54 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 34 3f 73 3d 43 50 64 44 49 56 74 25 32 Data Ascii: X-Frame-Options: SAMEORIGINCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CPdDIVt%2
2025-04-23 03:14:30 UTC	638	IN	Data Raw: 31 64 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d Data Ascii: 1ddf<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><meta name="robots" content="noindex,nofollow"><meta name=
2025-04-23 03:14:30 UTC	1369	IN	Data Raw: 3a 63 6f 6c 75 6d 6e 3b 68 65 69 67 68 74 3a 31 30 30 76 68 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 76 68 7d 2e 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 38 72 65 6d 20 61 75 74 6f 3b 6d 61 78 2d 77 69 64 74 68 3a 36 30 72 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 2e 35 72 65 6d 7d 40 6d 65 64 69 61 20 28 77 69 64 74 68 20 3c 3d 20 37 32 30 70 78 29 7b 2e 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 72 65 6d 7d 7d 2e 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 35 72 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 2e 32 35 72 65 6d 7d 40 6d 65 64 69 61 20 28 77 69 64 74 68 20 3c 3d 20 37 32 30 70 78 29 7b 2e 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a Data Ascii: :column;height:100vh;min-height:100vh}.main-content{margin:8rem auto;max-width:60rem;padding-left:1.5rem}@media (width <= 720px){.main-content{margin-top:4rem}}.h2{font-size:1.5rem;font-weight:500;line-height:2.25rem}@media (width <= 720px){.h2{font-size:
2025-04-23 03:14:30 UTC	1369	IN	Data Raw: 33 27 2c 63 5a 6f 6e 65 3a 20 22 7a 68 2e 70 65 6f 70 6c 65 6c 6f 76 65 2e 74 65 63 68 22 2c 63 54 79 70 65 3a 20 27 6d 61 6e 61 67 65 64 27 2c 63 52 61 79 3a 20 27 39 33 34 61 33 30 65 65 39 65 37 33 34 37 37 34 27 2c 63 48 3a 20 27 73 76 4f 44 79 6c 64 42 30 4d 66 48 6d 5f 55 4a 6d 59 63 61 4c 72 6c 67 56 56 41 5f 35 56 53 64 63 44 32 4b 50 5f 42 73 63 4c 55 2d 31 37 34 35 33 37 38 30 37 30 2d 31 2e 32 2e 31 2e 31 2d 51 53 76 38 74 47 51 58 43 33 38 44 53 69 31 30 73 52 57 76 68 44 67 4d 38 39 49 62 59 35 30 78 4b 2e 79 76 34 57 49 57 7a 45 59 78 78 54 70 46 4a 77 44 36 70 4d 75 4f 50 6f 66 4d 56 32 33 37 27 2c 63 55 50 4d 44 54 6b 3a 20 22 5c 2f 3f 75 74 6d 5f 63 61 6d 70 61 69 67 6e 26 5f 5f 63 66 5f 63 68 6c 5f 74 6b 3d 52 38 48 52 32 5f 50 67 79 75 Data Ascii: 3',cZone: "zh.peoplelove.tech",cType: 'managed',cRay: '934a30ee9e734774',cH: 'svODyldB0MfHm_UJmYcaLrlgVVA_5VSdcD2KP_BscLU-1745378070-1.2.1.1-QSv8tGQXC38DSi10sRWvhDgM89IbY50xK.yv4WIWzEYxxTpFJwD6pMuOPofMV237',cUPMDTk: "\/?utm_campaign&__cf_chl_tk=R8HR2_Pgyu
2025-04-23 03:14:30 UTC	1369	IN	Data Raw: 56 33 59 37 6c 6c 2e 4a 52 5f 50 4b 6e 32 32 4b 41 55 56 55 4e 43 41 78 36 49 52 51 78 62 6f 6e 75 73 64 35 39 56 75 79 58 5f 62 5f 32 56 39 4c 69 64 6c 66 6b 57 76 76 4a 6c 36 4f 62 78 59 7a 59 4d 6d 33 63 4a 54 66 47 42 31 58 69 61 70 46 41 44 35 4b 4a 6f 51 34 53 73 69 6b 55 65 6f 32 6d 69 64 6a 37 6c 78 4a 79 4d 59 30 4d 67 75 6c 36 4b 45 61 56 56 49 71 77 41 71 36 30 59 64 49 67 38 62 74 41 68 68 55 76 59 35 6f 6f 4d 4d 46 50 4a 66 6d 6f 45 4d 79 2e 55 33 6e 79 58 79 32 59 6e 50 43 53 4a 50 35 43 47 64 52 76 58 75 65 7a 55 4d 36 5f 78 4b 57 43 4e 66 74 50 52 66 6c 62 32 67 72 6d 47 6c 41 47 34 47 4a 6e 39 6c 5a 7a 61 4d 75 61 6e 4a 37 64 4f 33 4f 37 68 73 5a 69 31 6c 31 34 79 43 47 78 69 33 38 49 54 79 5f 76 48 68 77 75 71 68 54 6f 79 5f 76 4f 39 38 Data Ascii: V3Y7ll.JR_PKn22KAUVUNCAx6IRQxbonusd59VuyX_b_2V9LidlfkWvvJl6ObxYzYMm3cJTfGB1XiapFAD5KJoQ4SsikUeo2midj7lxJyMY0Mgul6KEaVVIqwAq60YdIg8btAhhUvY5ooMMFPJfmoEMy.U3nyXy2YnPCSJP5CGdRvXuezUM6_xKWCNftPRflb2grmGlAG4GJn9lZzaMuanJ7dO3O7hsZi1l14yCGxi38ITy_vHhwuqhToy_vO98
2025-04-23 03:14:30 UTC	1369	IN	Data Raw: 78 4c 70 41 5f 35 55 74 72 44 49 31 41 58 58 33 57 68 37 63 36 4c 52 54 57 38 34 6a 39 37 4a 33 44 67 33 33 41 45 38 7a 38 39 58 61 4b 38 71 64 76 69 50 61 59 6c 42 67 7a 6c 46 55 4c 7a 4e 36 77 4d 53 4b 48 62 65 73 74 4b 30 67 71 6c 62 4f 65 45 70 38 37 44 65 56 6d 50 31 35 51 79 56 74 6b 68 56 4b 30 38 74 68 77 59 57 7a 50 45 78 34 77 74 72 42 72 73 59 30 73 51 73 61 68 70 63 6d 45 77 62 4c 78 55 35 34 49 34 39 57 45 34 58 42 79 32 66 4e 4a 33 5a 33 30 70 6f 74 32 75 70 6c 58 50 5f 4a 4a 43 39 67 31 30 68 6f 62 32 58 4a 39 74 6d 64 39 6d 57 74 75 44 4d 5f 72 36 56 42 77 37 79 64 6f 4d 6a 5f 45 78 52 54 41 57 4c 5a 2e 79 61 76 72 32 77 62 35 72 71 4b 67 44 38 62 4c 36 35 4e 34 50 38 47 31 63 31 31 47 49 46 73 63 59 4d 46 39 50 4a 43 79 65 6b 42 50 70 57 Data Ascii: xLpA_5UtrDI1AXX3Wh7c6LRTW84j97J3Dg33AE8z89XaK8qdviPaYlBgzlFULzN6wMSKHbestK0gqlbOeEp87DeVmP15QyVtkhVK08thwYWzPEx4wtrBrsY0sQsahpcmEwbLxU54I49WE4XBy2fNJ3Z30pot2uplXP_JJC9g10hob2XJ9tmd9mWtuDM_r6VBw7ydoMj_ExRTAWLZ.yavr2wb5rqKgD8bL65N4P8G1c11GIFscYMF9PJCyekBPpW
2025-04-23 03:14:30 UTC	1369	IN	Data Raw: 4d 66 62 47 32 63 44 5f 4a 70 47 79 4c 6e 57 6b 4f 45 53 34 54 6c 70 75 65 42 5f 73 63 58 4d 47 69 74 41 30 72 4a 43 44 4f 4b 36 54 4f 37 79 54 5f 69 38 66 5f 6c 64 6b 57 79 53 45 45 31 77 6d 7a 66 76 42 7a 6e 62 41 6f 4b 71 48 79 42 79 75 2e 5f 43 64 4b 31 62 34 33 65 30 67 74 75 4c 42 62 74 61 78 64 73 6e 44 45 63 52 6a 6f 43 75 36 58 62 62 34 30 6c 5f 67 4a 69 66 38 77 4b 45 4b 72 70 53 44 55 55 62 73 56 59 65 36 34 67 42 59 62 59 65 68 52 6d 37 6c 31 42 71 4d 59 56 46 7a 67 76 77 37 4b 2e 31 31 35 33 65 76 51 35 43 5f 68 72 4b 46 65 4f 7a 33 45 64 43 4d 61 6f 31 44 6a 6e 70 77 5f 45 76 70 2e 55 41 5f 6f 45 56 70 6e 31 62 6b 53 69 33 77 4b 46 52 6c 48 47 68 50 46 39 30 36 76 56 78 6e 41 77 49 34 37 63 54 77 30 76 62 37 54 44 39 4f 4a 52 6e 75 66 31 69 Data Ascii: MfbG2cD_JpGyLnWkOES4TlpueB_scXMGitA0rJCDOK6TO7yT_i8f_ldkWySEE1wmzfvBznbAoKqHyByu._CdK1b43e0gtuLBbtaxdsnDEcRjoCu6Xbb40l_gJif8wKEKrpSDUUbsVYe64gBYbYehRm7l1BqMYVFzgvw7K.1153evQ5C_hrKFeOz3EdCMao1Djnpw_Evp.UA_oEVpn1bkSi3wKFRlHGhPF906vVxnAwI47cTw0vb7TD9OJRnuf1i
2025-04-23 03:14:30 UTC	172	IN	Data Raw: 5f 63 68 6c 5f 6f 70 74 2e 63 4f 67 55 48 61 73 68 29 3b 63 70 6f 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 68 69 73 74 6f 72 79 2e 72 65 70 6c 61 63 65 53 74 61 74 65 28 6e 75 6c 6c 2c 20 6e 75 6c 6c 2c 20 6f 67 55 29 3b 7d 7d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 27 68 65 61 64 27 29 5b 30 5d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 63 70 6f 29 3b 7d 28 29 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: _chl_opt.cOgUHash);cpo.onload = function() {history.replaceState(null, null, ogU);}}document.getElementsByTagName('head')[0].appendChild(cpo);}());</script></body></html>
2025-04-23 03:14:30 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:31 UTC	1008	OUT	GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=934a30ee9e734774 HTTP/1.1 Host: zh.peoplelove.tech Connection: keep-alive sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36" sec-ch-ua-platform: "Windows" sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-mobile: ?0 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "134.0.6998.36" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua-platform-version: "10.0.0" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://zh.peoplelove.tech/?utm_campaign&__cf_chl_rt_tk=R8HR2_PgyusVk5v1ByK7iWHB_5qGgtXfw.7R28k3l0I-1745378070-1.0.1.1-4oyN2Tnr80XeZEd.l_KTnO9ztkxEZHKrcHkZlANLBwI Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:31 UTC	881	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:31 GMT Content-Type: application/javascript; charset=UTF-8 Content-Length: 95195 Connection: close Cf-Ray: 934a30f399ea469c-DFW Server: cloudflare Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEZrkybi07bpCg02%2FlHpMY%2F9kKFPMwJEuq8oLggv%2BnbyR1zZEoFK9zYRdukdn6FQLvEZhYf18yQyAj6kv5fbY2xtcltR3%2FNBDC5%2FfNesQl7TQb6ssbbw1LNphS7xYocoJjUOvZo%3D"}],"group":"cf-nel","max_age":604800} Nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=163662&min_rtt=162666&rtt_var=35340&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1602&delivery_rate=24816&cwnd=253&unsent_bytes=0&cid=aedde7f29d31dcfe&ts=400&x=0"
2025-04-23 03:14:31 UTC	488	IN	Data Raw: 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 75 61 53 52 3d 74 72 75 65 3b 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 76 57 57 4c 38 3d 7b 22 6d 65 74 61 64 61 74 61 22 3a 7b 22 63 68 61 6c 6c 65 6e 67 65 2e 73 75 70 70 6f 72 74 65 64 5f 62 72 6f 77 73 65 72 73 22 3a 22 68 74 74 70 73 25 33 41 25 32 46 25 32 46 64 65 76 65 6c 6f 70 65 72 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 25 32 46 66 75 6e 64 61 6d 65 6e 74 61 6c 73 25 32 46 67 65 74 2d 73 74 61 72 74 65 64 25 32 46 63 6f 6e 63 65 70 74 73 25 32 46 63 6c 6f 75 64 66 6c 61 72 65 2d 63 68 61 6c 6c 65 6e 67 65 73 25 32 46 25 32 33 62 72 6f 77 73 65 72 2d 73 75 70 70 6f 72 74 22 7d 2c 22 74 72 61 6e 73 6c 61 74 69 6f 6e 73 22 3a 7b 22 74 75 72 6e 73 74 69 6c 65 5f 66 65 Data Ascii: window._cf_chl_opt.uaSR=true;window._cf_chl_opt.vWWL8={"metadata":{"challenge.supported_browsers":"https%3A%2F%2Fdevelopers.cloudflare.com%2Ffundamentals%2Fget-started%2Fconcepts%2Fcloudflare-challenges%2F%23browser-support"},"translations":{"turnstile_fe
2025-04-23 03:14:31 UTC	1369	IN	Data Raw: 25 32 30 69 73 25 32 30 6e 6f 74 25 32 30 61 63 63 65 73 73 69 62 6c 65 2e 25 32 30 54 72 79 25 32 30 61 25 32 30 64 69 66 66 65 72 65 6e 74 25 32 30 6c 69 6e 6b 25 32 30 74 6f 25 32 30 67 65 74 25 32 30 74 6f 25 32 30 74 68 65 25 32 30 64 65 73 69 72 65 64 25 32 30 70 61 67 65 25 32 30 6f 72 25 32 30 74 72 79 25 32 30 67 6f 69 6e 67 25 32 30 74 6f 25 32 30 74 68 65 25 32 30 72 6f 6f 74 25 32 30 6f 66 25 32 30 25 32 35 25 37 42 70 6c 61 63 65 68 6f 6c 64 65 72 2e 63 6f 6d 25 37 44 2e 22 2c 22 6a 73 5f 63 6f 6f 6b 69 65 73 5f 6d 69 73 73 69 6e 67 5f 61 75 78 22 3a 22 25 32 35 25 37 42 70 6c 61 63 65 68 6f 6c 64 65 72 2e 63 6f 6d 25 37 44 25 32 30 6e 65 65 64 73 25 32 30 74 6f 25 32 30 76 65 72 69 66 79 25 32 30 79 6f 75 25 32 30 61 72 65 25 32 30 68 75 6d Data Ascii: %20is%20not%20accessible.%20Try%20a%20different%20link%20to%20get%20to%20the%20desired%20page%20or%20try%20going%20to%20the%20root%20of%20%25%7Bplaceholder.com%7D.","js_cookies_missing_aux":"%25%7Bplaceholder.com%7D%20needs%20to%20verify%20you%20are%20hum
2025-04-23 03:14:31 UTC	1369	IN	Data Raw: 6f 75 25 32 37 72 65 25 32 30 6e 6f 74 25 32 30 61 25 32 30 62 6f 74 2e 22 2c 22 74 75 72 6e 73 74 69 6c 65 5f 6f 76 65 72 72 75 6e 5f 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 53 74 75 63 6b 25 32 30 68 65 72 65 25 33 46 22 2c 22 66 65 65 64 62 61 63 6b 5f 72 65 70 6f 72 74 5f 6f 75 74 70 75 74 5f 73 75 62 74 69 74 6c 65 22 3a 22 59 6f 75 72 25 32 30 66 65 65 64 62 61 63 6b 25 32 30 72 65 70 6f 72 74 25 32 30 68 61 73 25 32 30 62 65 65 6e 25 32 30 73 75 63 63 65 73 73 66 75 6c 6c 79 25 32 30 73 75 62 6d 69 74 74 65 64 22 2c 22 74 75 72 6e 73 74 69 6c 65 5f 74 69 6d 65 6f 75 74 22 3a 22 54 69 6d 65 64 25 32 30 6f 75 74 22 2c 22 74 65 73 74 69 6e 67 5f 6f 6e 6c 79 5f 61 6c 77 61 79 73 5f 70 61 73 73 22 3a 22 54 65 73 74 69 6e 67 25 32 30 6f 6e 6c 79 25 32 Data Ascii: ou%27re%20not%20a%20bot.","turnstile_overrun_description":"Stuck%20here%3F","feedback_report_output_subtitle":"Your%20feedback%20report%20has%20been%20successfully%20submitted","turnstile_timeout":"Timed%20out","testing_only_always_pass":"Testing%20only%2
2025-04-23 03:14:31 UTC	1369	IN	Data Raw: 73 75 65 25 32 30 70 65 72 73 69 73 74 73 25 32 30 61 74 74 65 6d 70 74 25 32 30 61 25 32 30 64 69 66 66 65 72 65 6e 74 25 32 30 6c 69 6e 6b 25 32 30 74 6f 25 32 30 67 65 74 25 32 30 74 6f 25 32 30 74 68 65 25 32 30 64 65 73 69 72 65 64 25 32 30 70 61 67 65 2e 25 32 30 41 6c 74 65 72 6e 61 74 69 76 65 6c 79 25 32 43 25 32 30 74 72 79 25 32 30 67 6f 69 6e 67 25 32 30 74 6f 25 32 30 74 68 65 25 32 30 72 6f 6f 74 25 32 30 6f 66 25 32 30 25 32 35 25 37 42 70 6c 61 63 65 68 6f 6c 64 65 72 2e 63 6f 6d 25 37 44 2e 22 2c 22 74 69 6d 65 5f 63 68 65 63 6b 5f 63 61 63 68 65 64 5f 77 61 72 6e 69 6e 67 22 3a 22 59 6f 75 72 25 32 30 64 65 76 69 63 65 25 32 30 63 6c 6f 63 6b 25 32 30 69 73 25 32 30 73 65 74 25 32 30 74 6f 25 32 30 61 25 32 30 77 72 6f 6e 67 25 32 30 74 Data Ascii: sue%20persists%20attempt%20a%20different%20link%20to%20get%20to%20the%20desired%20page.%20Alternatively%2C%20try%20going%20to%20the%20root%20of%20%25%7Bplaceholder.com%7D.","time_check_cached_warning":"Your%20device%20clock%20is%20set%20to%20a%20wrong%20t
2025-04-23 03:14:31 UTC	1369	IN	Data Raw: 25 32 37 25 33 45 62 72 6f 77 73 65 72 25 32 30 69 73 25 32 30 75 6e 73 75 70 70 6f 72 74 65 64 25 33 43 25 32 46 61 25 33 45 25 32 30 61 6e 64 25 32 30 75 6e 61 62 6c 65 25 32 30 74 6f 25 32 30 63 6f 6d 70 6c 65 74 65 25 32 30 76 65 72 69 66 69 63 61 74 69 6f 6e 2e 25 32 30 54 72 79 25 32 30 61 25 32 30 64 69 66 66 65 72 65 6e 74 25 32 30 62 72 6f 77 73 65 72 25 32 30 6f 72 25 32 30 6d 61 6b 65 25 32 30 73 75 72 65 25 32 30 79 6f 75 72 25 32 30 62 72 6f 77 73 65 72 25 32 30 69 73 25 32 30 75 70 64 61 74 65 64 25 32 30 74 6f 25 32 30 74 68 65 25 32 30 6e 65 77 65 73 74 25 32 30 76 65 72 73 69 6f 6e 2e 22 7d 2c 22 70 6f 6c 79 66 69 6c 6c 73 22 3a 7b 22 66 65 65 64 62 61 63 6b 5f 72 65 70 6f 72 74 5f 61 75 78 5f 73 75 62 74 69 74 6c 65 22 3a 66 61 6c 73 65 Data Ascii: %27%3Ebrowser%20is%20unsupported%3C%2Fa%3E%20and%20unable%20to%20complete%20verification.%20Try%20a%20different%20browser%20or%20make%20sure%20your%20browser%20is%20updated%20to%20the%20newest%20version."},"polyfills":{"feedback_report_aux_subtitle":false
2025-04-23 03:14:31 UTC	1369	IN	Data Raw: 65 50 5b 65 51 5d 3d 53 74 72 69 6e 67 5b 67 46 28 37 31 31 29 5d 28 65 51 29 2c 65 51 2b 2b 29 3b 65 52 3d 28 30 2c 65 76 61 6c 29 28 67 46 28 35 32 30 29 29 2c 65 53 3d 61 74 6f 62 28 67 46 28 33 34 32 29 29 2c 66 69 3d 66 75 6e 63 74 69 6f 6e 28 68 6b 2c 64 2c 65 2c 66 2c 67 29 7b 72 65 74 75 72 6e 20 68 6b 3d 67 46 2c 64 3d 7b 27 67 41 55 68 73 27 3a 68 6b 28 31 32 34 37 29 2c 27 57 44 45 4a 53 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 68 3c 69 7d 2c 27 65 64 74 59 68 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 68 2b 69 7d 2c 27 51 58 5a 59 4f 27 3a 68 6b 28 33 34 35 29 2c 27 4c 68 63 75 51 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 69 3d 3d 68 7d 2c 27 6f 4b 51 6f 70 27 3a Data Ascii: eP[eQ]=String[gF(711)](eQ),eQ++);eR=(0,eval)(gF(520)),eS=atob(gF(342)),fi=function(hk,d,e,f,g){return hk=gF,d={'gAUhs':hk(1247),'WDEJS':function(h,i){return h<i},'edtYh':function(h,i){return h+i},'QXZYO':hk(345),'LhcuQ':function(h,i){return i==h},'oKQop':
2025-04-23 03:14:31 UTC	1369	IN	Data Raw: 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 68 3d 3d 69 7d 2c 27 51 5a 76 4b 78 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 68 28 69 29 7d 2c 27 56 66 6b 62 72 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 68 28 69 29 7d 2c 27 58 45 58 66 5a 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 69 3d 3d 68 7d 2c 27 61 66 64 64 75 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 68 2b 69 7d 7d 2c 65 3d 53 74 72 69 6e 67 5b 68 6b 28 37 31 31 29 5d 2c 66 3d 7b 27 68 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 68 6c 2c 69 2c 6a 29 7b 72 65 74 75 72 6e 20 68 6c 3d 68 6b 2c 69 3d 7b 7d 2c 69 5b 68 6c 28 38 31 33 29 5d 3d 64 5b 68 6c 28 34 38 34 29 5d 2c 6a 3d 69 Data Ascii: :function(h,i){return h==i},'QZvKx':function(h,i){return h(i)},'Vfkbr':function(h,i){return h(i)},'XEXfZ':function(h,i){return i==h},'afddu':function(h,i){return h+i}},e=String[hk(711)],f={'h':function(h,hl,i,j){return hl=hk,i={},i[hl(813)]=d[hl(484)],j=i
2025-04-23 03:14:31 UTC	1369	IN	Data Raw: 2c 73 3d 30 3b 64 5b 68 6e 28 35 33 39 29 5d 28 73 2c 46 29 3b 48 3d 48 3c 3c 31 7c 64 5b 68 6e 28 39 33 33 29 5d 28 4f 2c 31 29 2c 49 3d 3d 64 5b 68 6e 28 39 30 37 29 5d 28 6a 2c 31 29 3f 28 49 3d 30 2c 47 5b 68 6e 28 31 30 33 38 29 5d 28 64 5b 68 6e 28 31 32 36 37 29 5d 28 6f 2c 48 29 29 2c 48 3d 30 29 3a 49 2b 2b 2c 4f 3e 3e 3d 31 2c 73 2b 2b 29 3b 63 6f 6e 74 69 6e 75 65 3b 63 61 73 65 27 33 27 3a 43 3d 64 5b 68 6e 28 33 39 30 29 5d 28 53 74 72 69 6e 67 2c 4b 29 3b 63 6f 6e 74 69 6e 75 65 3b 63 61 73 65 27 34 27 3a 30 3d 3d 44 26 26 28 44 3d 4d 61 74 68 5b 68 6e 28 37 32 35 29 5d 28 32 2c 46 29 2c 46 2b 2b 29 3b 63 6f 6e 74 69 6e 75 65 7d 62 72 65 61 6b 7d 69 66 28 64 5b 68 6e 28 31 30 32 37 29 5d 28 27 27 2c 43 29 29 7b 69 66 28 4f 62 6a 65 63 74 5b Data Ascii: ,s=0;d[hn(539)](s,F);H=H<<1\|d[hn(933)](O,1),I==d[hn(907)](j,1)?(I=0,G[hn(1038)](d[hn(1267)](o,H)),H=0):I++,O>>=1,s++);continue;case'3':C=d[hn(390)](String,K);continue;case'4':0==D&&(D=Math[hn(725)](2,F),F++);continue}break}if(d[hn(1027)]('',C)){if(Object[
2025-04-23 03:14:31 UTC	1369	IN	Data Raw: 36 29 5d 28 68 6f 28 36 33 34 29 2c 64 5b 68 6f 28 34 39 37 29 5d 29 29 72 65 74 75 72 6e 20 64 5b 68 6f 28 35 36 34 29 5d 28 6e 75 6c 6c 2c 68 29 3f 27 27 3a 64 5b 68 6f 28 38 30 37 29 5d 28 27 27 2c 68 29 3f 6e 75 6c 6c 3a 66 2e 69 28 68 5b 68 6f 28 38 33 31 29 5d 2c 33 32 37 36 38 2c 66 75 6e 63 74 69 6f 6e 28 6b 2c 68 70 29 7b 72 65 74 75 72 6e 20 68 70 3d 68 6f 2c 68 5b 68 70 28 34 31 31 29 5d 28 6b 29 7d 29 3b 65 6c 73 65 20 69 3d 28 6c 3d 27 6a 27 2c 67 5b 68 6f 28 35 37 32 29 5d 5b 68 6f 28 31 30 31 33 29 5d 3d 3d 3d 68 6f 28 33 34 37 29 3f 6c 3d 27 6c 27 3a 68 5b 68 6f 28 35 37 32 29 5d 5b 68 6f 28 31 30 31 33 29 5d 3d 3d 3d 68 6f 28 37 33 37 29 26 26 28 6c 3d 27 6d 27 29 2c 6a 5b 68 6f 28 39 34 30 29 5d 28 6a 5b 68 6f 28 34 34 38 29 5d 2c 6a 5b Data Ascii: 6)](ho(634),d[ho(497)]))return d[ho(564)](null,h)?'':d[ho(807)]('',h)?null:f.i(h[ho(831)],32768,function(k,hp){return hp=ho,h[hp(411)](k)});else i=(l='j',g[ho(572)][ho(1013)]===ho(347)?l='l':h[ho(572)][ho(1013)]===ho(737)&&(l='m'),j[ho(940)](j[ho(448)],j[
2025-04-23 03:14:31 UTC	1369	IN	Data Raw: 39 32 29 5d 28 48 2c 49 29 2c 49 3e 3e 3d 31 2c 49 3d 3d 30 26 26 28 49 3d 6a 2c 48 3d 64 5b 68 72 28 31 30 36 35 29 5d 28 6f 2c 4a 2b 2b 29 29 2c 4b 7c 3d 28 64 5b 68 72 28 35 34 38 29 5d 28 30 2c 4d 29 3f 31 3a 30 29 2a 47 2c 47 3c 3c 3d 31 29 3b 78 5b 43 2b 2b 5d 3d 65 28 4b 29 2c 4e 3d 64 5b 68 72 28 39 30 37 29 5d 28 43 2c 31 29 2c 42 2d 2d 3b 62 72 65 61 6b 3b 63 61 73 65 20 32 3a 72 65 74 75 72 6e 20 45 5b 68 72 28 39 33 31 29 5d 28 27 27 29 7d 69 66 28 64 5b 68 72 28 35 33 38 29 5d 28 30 2c 42 29 26 26 28 42 3d 4d 61 74 68 5b 68 72 28 37 32 35 29 5d 28 32 2c 44 29 2c 44 2b 2b 29 2c 78 5b 4e 5d 29 4e 3d 78 5b 4e 5d 3b 65 6c 73 65 20 69 66 28 4e 3d 3d 3d 43 29 4e 3d 64 5b 68 72 28 38 38 37 29 5d 28 46 2c 46 5b 68 72 28 38 39 38 29 5d 28 30 29 29 3b Data Ascii: 92)](H,I),I>>=1,I==0&&(I=j,H=d[hr(1065)](o,J++)),K\|=(d[hr(548)](0,M)?1:0)*G,G<<=1);x[C++]=e(K),N=d[hr(907)](C,1),B--;break;case 2:return E[hr(931)]('')}if(d[hr(538)](0,B)&&(B=Math[hr(725)](2,D),D++),x[N])N=x[N];else if(N===C)N=d[hr(887)](F,F[hr(898)](0));

Timestamp	Bytes transferred	Direction	Data
2025-04-23 03:14:32 UTC	1307	OUT	POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1585690835:1745374344:GDnwW-ZT7Ck_0Cq8oirUUYr1Y6lo-yucHistJG-rrHo/934a30ee9e734774/svODyldB0MfHm_UJmYcaLrlgVVA_5VSdcD2KP_BscLU-1745378070-1.2.1.1-QSv8tGQXC38DSi10sRWvhDgM89IbY50xK.yv4WIWzEYxxTpFJwD6pMuOPofMV237 HTTP/1.1 Host: zh.peoplelove.tech Connection: keep-alive Content-Length: 2121 sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36" sec-ch-ua-platform: "Windows" sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-bitness: "64" cf-chl-ra: 0 sec-ch-ua-mobile: ?0 sec-ch-ua-model: "" sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "134.0.6998.36" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Content-Type: text/plain;charset=UTF-8 cf-chl: svODyldB0MfHm_UJmYcaLrlgVVA_5VSdcD2KP_BscLU-1745378070-1.2.1.1-QSv8tGQXC38DSi10sRWvhDgM89IbY50xK.yv4WIWzEYxxTpFJwD6pMuOPofMV237 sec-ch-ua-platform-version: "10.0.0" Accept: / Origin: https://zh.peoplelove.tech Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://zh.peoplelove.tech/?utm_campaign Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-04-23 03:14:32 UTC	2121	OUT	Data Raw: 4a 42 79 5a 6c 5a 6b 5a 6d 5a 34 5a 24 39 72 68 39 72 6a 5a 46 63 47 7a 2d 30 61 64 48 72 34 79 72 4a 39 72 4e 2d 72 2b 72 70 5a 48 2d 77 75 36 79 72 67 48 36 72 35 79 39 54 72 4a 5a 74 42 73 75 36 72 73 4c 79 73 31 72 79 6e 39 72 75 5a 48 6d 38 72 7a 5a 6d 43 72 36 69 63 77 69 72 77 54 46 72 78 78 5a 77 59 62 6a 24 46 6d 37 44 4b 63 53 33 78 4a 62 79 33 72 47 75 72 43 4c 75 46 73 4e 47 6c 46 39 75 59 67 65 6a 37 35 4e 4b 72 4b 61 63 72 48 42 72 63 54 4e 30 24 54 46 72 2b 34 54 74 6d 59 31 69 77 6d 42 4e 6c 2d 66 4d 4f 5a 74 4d 4d 54 46 72 4d 52 77 43 51 56 67 79 52 72 73 36 53 4e 44 75 71 34 33 66 51 5a 74 54 72 64 42 63 54 5a 39 62 72 4b 74 74 72 6d 79 37 37 4b 67 6f 4f 77 38 4c 72 39 37 46 24 2b 67 76 45 72 72 62 72 48 6c 6f 6f 73 72 37 45 66 78 4d 56 Data Ascii: JByZlZkZmZ4Z$9rh9rjZFcGz-0adHr4yrJ9rN-r+rpZH-wu6yrgH6r5y9TrJZtBsu6rsLys1ryn9ruZHm8rzZmCr6icwirwTFrxxZwYbj$Fm7DKcS3xJby3rGurCLuFsNGlF9uYgej75NKrKacrHBrcTN0$TFr+4TtmY1iwmBNl-fMOZtMMTFrMRwCQVgyRrs6SNDuq43fQZtTrdBcTZ9brKttrmy77KgoOw8Lr97F$+gvErrbrHloosr7EfxMV
2025-04-23 03:14:32 UTC	850	IN	HTTP/1.1 200 OK Date: Wed, 23 Apr 2025 03:14:32 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 17100 Connection: close Cf-Ray: 934a30f84b8f83ab-DFW Server: cloudflare Cf-Chl-Gen: cFEcDxFmZdJU2buoKbx03H9kCz2IStnQ7fQy2BAYJzQ=$Skp9WxJsHrxFCTPz1tbtpQ== Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKWLGlJL4Uf3bq0pAGYq%2BIBE3mtl%2FUHPkCj8%2FHDix3VB6a1CIyesPftFCpAydLqMlu5MHRiKDSy3Wh9u8YyY8QTQxxKIEaxZgFB7V0wtW1tJmvAvgQgC8D1JztLGzfucgkmYJnU%3D"}],"group":"cf-nel","max_age":604800} Nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=162977&min_rtt=162891&rtt_var=34419&sent=5&recv=10&lost=0&retrans=0&sent_bytes=2837&recv_bytes=4044&delivery_rate=24781&cwnd=252&unsent_bytes=0&cid=9b7ab9dc4799f4e7&ts=356&x=0"
2025-04-23 03:14:32 UTC	519	IN	Data Raw: 76 72 33 43 68 6e 2f 41 6f 4a 53 34 77 36 65 4e 77 74 47 53 30 63 48 4c 6a 39 62 58 77 38 72 61 32 38 62 57 6b 64 72 4c 73 62 32 63 34 5a 37 59 32 74 37 71 71 2b 53 73 35 37 65 6f 70 2f 50 71 70 76 48 76 36 4e 50 57 7a 76 50 4d 74 74 6a 49 36 75 44 36 33 77 4c 59 34 4d 45 44 33 4f 62 70 79 2b 72 57 39 2b 58 6d 7a 41 76 50 42 4f 37 6a 46 41 58 6d 38 74 55 61 32 52 44 76 2b 78 55 6c 38 69 62 36 45 76 77 68 2b 41 49 4c 49 65 73 6e 4a 69 6b 73 41 7a 41 74 37 42 49 75 39 54 63 74 4d 69 63 56 51 44 2f 39 51 7a 73 36 4c 78 30 79 51 30 49 68 42 30 4d 4c 48 79 6c 45 4c 30 6f 4c 54 6c 41 32 4b 46 46 44 4d 68 59 70 50 7a 52 49 53 79 42 58 5a 46 34 69 58 31 6b 6a 4e 53 46 62 4b 45 41 38 55 54 31 54 51 7a 4d 72 4d 57 35 6a 64 46 4e 59 4f 6e 45 2b 61 45 78 7a 59 32 74 Data Ascii: vr3Chn/AoJS4w6eNwtGS0cHLj9bXw8ra28bWkdrLsb2c4Z7Y2t7qq+Ss57eop/PqpvHv6NPWzvPMttjI6uD63wLY4MED3Obpy+rW9+XmzAvPBO7jFAXm8tUa2RDv+xUl8ib6Evwh+AILIesnJiksAzAt7BIu9TctMicVQD/9Qzs6Lx0yQ0IhB0MLHylEL0oLTlA2KFFDMhYpPzRISyBXZF4iX1kjNSFbKEA8UT1TQzMrMW5jdFNYOnE+aExzY2t
2025-04-23 03:14:32 UTC	1369	IN	Data Raw: 44 49 6a 31 49 43 55 63 52 43 79 6b 53 4c 41 67 79 49 69 49 74 52 68 73 33 4a 6a 70 58 50 6a 6c 58 56 6a 4e 6e 4e 78 34 6d 56 31 5a 64 61 57 38 6c 59 6d 39 67 54 53 35 69 51 6e 52 76 55 31 51 79 65 6a 70 6d 56 32 6c 56 63 7a 6c 37 52 54 39 64 52 6d 41 38 5a 6c 5a 57 59 58 70 50 61 30 68 67 58 58 4a 75 59 34 39 73 63 6d 6d 4f 61 31 75 62 63 4a 74 31 66 61 4b 6d 57 4a 78 69 69 57 69 6c 59 6d 6d 43 66 33 79 73 62 4c 4b 45 68 59 32 45 6f 34 4b 58 63 34 57 63 6d 72 4b 71 66 70 74 38 74 70 4f 44 77 36 44 46 6e 63 79 63 7a 61 4c 50 30 59 36 2f 76 73 58 52 74 49 2f 59 74 38 6a 45 6c 72 43 58 73 35 36 31 6d 38 32 33 32 4d 48 6e 75 4e 61 6b 6e 62 2f 64 71 74 75 70 34 72 48 65 71 75 61 76 74 4d 2f 73 75 64 48 70 36 4c 71 78 32 64 76 72 77 50 47 37 2b 38 66 37 33 64 Data Ascii: DIj1ICUcRCykSLAgyIiItRhs3JjpXPjlXVjNnNx4mV1ZdaW8lYm9gTS5iQnRvU1QyejpmV2lVczl7RT9dRmA8ZlZWYXpPa0hgXXJuY49scmmOa1ubcJt1faKmWJxiiWilYmmCf3ysbLKEhY2Eo4KXc4WcmrKqfpt8tpODw6DFncyczaLP0Y6/vsXRtI/Yt8jElrCXs561m8232MHnuNaknb/dqtup4rHequavtM/sudHp6Lqx2dvrwPG7+8f73d
2025-04-23 03:14:32 UTC	1369	IN	Data Raw: 42 45 45 4c 55 6b 73 69 56 7a 56 46 4d 42 51 59 56 7a 59 36 58 31 64 44 55 56 39 53 56 53 42 62 4f 44 6b 34 54 45 51 6d 62 55 31 6e 63 6c 42 7a 54 6d 6c 31 4e 79 78 44 66 58 42 2b 64 58 4e 4f 59 49 42 66 55 6e 52 6d 57 57 5a 58 57 32 53 45 6a 6f 5a 2b 6b 57 4e 75 53 6d 6c 70 62 6e 4e 31 63 59 53 4c 6c 34 6c 71 61 59 6d 6a 66 59 32 46 59 59 69 5a 6d 33 53 4a 59 6d 79 71 69 6d 32 72 6b 4a 79 52 68 71 42 70 70 72 4f 76 64 6f 6c 37 69 72 69 32 76 6e 6d 41 70 4d 61 54 6e 38 64 37 70 5a 2b 6f 74 70 6d 4a 75 4d 2b 63 6f 36 47 4e 7a 35 2b 6d 6d 4e 76 4c 7a 61 72 49 6e 5a 79 74 74 5a 37 43 75 38 62 63 32 4f 6a 65 71 4f 57 2f 35 61 7a 47 32 75 6e 62 38 4f 33 47 36 4e 44 56 78 72 54 64 37 62 7a 70 2b 2b 32 2f 32 2f 58 5a 2b 76 44 58 76 77 51 4d 33 75 6a 46 2b 51 7a Data Ascii: BEELUksiVzVFMBQYVzY6X1dDUV9SVSBbODk4TEQmbU1nclBzTml1NyxDfXB+dXNOYIBfUnRmWWZXW2SEjoZ+kWNuSmlpbnN1cYSLl4lqaYmjfY2FYYiZm3SJYmyqim2rkJyRhqBpprOvdol7iri2vnmApMaTn8d7pZ+otpmJuM+co6GNz5+mmNvLzarInZyttZ7Cu8bc2OjeqOW/5azG2unb8O3G6NDVxrTd7bzp++2/2/XZ+vDXvwQM3ujF+Qz
2025-04-23 03:14:32 UTC	1369	IN	Data Raw: 79 55 5a 4f 31 49 39 55 6c 41 65 58 32 49 74 54 43 30 38 55 6c 42 58 4e 32 42 56 57 79 5a 77 55 56 39 4a 52 6c 56 6a 54 57 42 5a 5a 31 42 74 4e 58 70 4e 55 6e 39 64 62 56 67 38 51 48 39 65 59 6f 64 7a 5a 6e 31 4a 68 49 6d 4a 59 6f 4a 4f 69 48 4b 4b 6b 4a 42 32 62 6d 79 5a 69 57 75 63 56 31 64 35 63 49 32 5a 64 71 4e 68 5a 34 4a 6f 61 6e 74 6c 66 35 68 38 6f 6f 4a 30 71 36 61 67 6f 49 4f 37 70 72 75 75 66 4b 32 67 6d 35 6d 66 74 35 4f 68 66 72 4f 5a 6e 4a 66 42 68 70 62 42 69 4c 79 4e 68 59 2b 6a 6f 64 69 59 72 62 57 6e 7a 37 47 65 7a 62 47 32 7a 64 66 44 7a 73 4c 50 77 5a 75 70 70 39 6a 65 7a 61 48 49 79 4f 6e 64 30 75 58 79 78 73 58 69 34 76 48 7a 38 74 36 33 2b 2f 54 71 76 50 33 31 41 63 50 69 36 74 37 71 39 77 6b 50 79 4e 38 4a 32 39 49 56 39 68 45 46 Data Ascii: yUZO1I9UlAeX2ItTC08UlBXN2BVWyZwUV9JRlVjTWBZZ1BtNXpNUn9dbVg8QH9eYodzZn1JhImJYoJOiHKKkJB2bmyZiWucV1d5cI2ZdqNhZ4Joantlf5h8ooJ0q6agoIO7pruufK2gm5mft5OhfrOZnJfBhpbBiLyNhY+jodiYrbWnz7GezbG2zdfDzsLPwZupp9jezaHIyOnd0uXyxsXi4vHz8t63+/TqvP31AcPi6t7q9wkPyN8J29IV9hEF
2025-04-23 03:14:32 UTC	1369	IN	Data Raw: 39 52 57 52 73 36 51 52 64 51 4d 31 34 70 4e 53 56 74 56 32 45 36 53 6c 77 6b 50 58 55 73 63 45 35 4f 4b 31 4e 46 4e 55 70 76 63 31 47 43 65 30 43 41 62 6f 42 61 64 57 4a 2b 53 46 35 32 68 48 65 49 68 49 78 63 69 59 74 67 68 58 4a 36 64 58 65 48 66 57 2b 56 66 33 71 41 63 56 71 56 58 6e 65 6b 67 70 31 6a 6f 36 71 6d 6b 4b 69 6d 72 70 79 6f 63 71 74 31 72 4c 6d 4a 70 33 4e 30 72 70 71 79 74 70 79 31 6e 4a 57 53 78 63 4b 65 6b 35 53 69 76 4d 6a 49 79 61 54 47 74 4c 79 6b 78 72 65 75 75 62 43 57 79 35 33 51 31 72 47 68 7a 75 47 7a 6e 4a 32 7a 76 61 44 6b 79 71 58 6c 78 4c 75 39 72 65 6e 74 37 4c 50 6c 73 73 37 55 36 73 71 38 39 50 43 36 2b 4e 7a 32 34 39 62 61 39 74 48 57 78 41 63 48 35 64 37 37 37 2b 4c 61 41 75 2f 50 33 73 6a 72 32 4f 4d 47 37 52 6b 64 31 Data Ascii: 9RWRs6QRdQM14pNSVtV2E6SlwkPXUscE5OK1NFNUpvc1GCe0CAboBadWJ+SF52hHeIhIxciYtghXJ6dXeHfW+Vf3qAcVqVXnekgp1jo6qmkKimrpyocqt1rLmJp3N0rpqytpy1nJWSxcKek5SivMjIyaTGtLykxreuubCWy53Q1rGhzuGznJ2zvaDkyqXlxLu9rent7LPlss7U6sq89PC6+Nz249ba9tHWxAcH5d777+LaAu/P3sjr2OMG7Rkd1
2025-04-23 03:14:32 UTC	1369	IN	Data Raw: 46 4a 42 70 54 58 7a 35 67 56 31 31 6a 54 6d 6b 2b 61 55 68 78 54 32 70 44 62 6b 4a 70 66 57 6b 38 65 58 59 36 63 57 30 2b 50 33 6d 43 68 34 46 57 59 34 67 2f 53 58 78 75 6a 46 36 49 6b 70 42 78 54 30 70 35 5a 70 6c 34 57 6f 74 2f 6d 31 4f 4d 62 36 53 5a 6c 48 42 69 68 36 43 43 6f 6f 4b 42 61 36 35 77 6a 34 4b 50 6f 4b 4b 4a 75 58 43 30 68 61 61 75 64 59 68 39 6a 6f 43 54 6a 38 53 31 66 61 50 41 75 38 62 4c 69 5a 75 74 30 62 4b 6e 6e 71 57 6f 6c 4d 4c 59 7a 71 71 58 33 62 79 59 79 61 72 68 31 37 4c 46 35 74 53 32 6d 73 6d 37 35 71 79 71 32 72 7a 4e 77 61 54 68 76 4d 72 65 7a 66 4c 71 35 76 72 32 30 50 48 4d 77 4e 37 37 77 74 66 5a 35 2f 76 53 31 65 6a 45 31 65 62 58 2f 4d 6a 64 2f 67 48 73 37 73 7a 51 30 65 54 6c 43 2f 44 61 38 2b 34 56 45 75 73 41 2f 68 Data Ascii: FJBpTXz5gV11jTmk+aUhxT2pDbkJpfWk8eXY6cW0+P3mCh4FWY4g/SXxujF6IkpBxT0p5Zpl4Wot/m1OMb6SZlHBih6CCooKBa65wj4KPoKKJuXC0haaudYh9joCTj8S1faPAu8bLiZut0bKnnqWolMLYzqqX3byYyarh17LF5tS2msm75qyq2rzNwaThvMrezfLq5vr20PHMwN77wtfZ5/vS1ejE1ebX/Mjd/gHs7szQ0eTlC/Da8+4VEusA/h
2025-04-23 03:14:32 UTC	106	IN	Data Raw: 4b 31 5a 71 51 57 78 71 53 6a 46 49 63 6a 56 67 62 47 4e 61 54 54 5a 71 63 33 75 41 61 7a 35 41 66 6d 56 37 68 55 56 30 59 56 52 6f 68 48 43 51 54 6b 70 68 56 49 4a 31 64 4a 52 7a 64 34 68 56 6c 6e 78 57 6d 61 47 62 67 5a 4a 58 68 56 2b 52 66 61 47 72 65 71 36 59 69 34 32 77 69 59 79 71 62 48 35 2f 64 71 79 44 67 35 Data Ascii: K1ZqQWxqSjFIcjVgbGNaTTZqc3uAaz5AfmV7hUV0YVRohHCQTkphVIJ1dJRzd4hVlnxWmaGbgZJXhV+RfaGreq6Yi42wiYyqbH5/dqyDg5
2025-04-23 03:14:32 UTC	1369	IN	Data Raw: 71 35 6e 71 69 63 6c 37 53 65 6f 49 53 38 73 4a 43 4a 71 6e 32 4b 75 62 66 51 78 72 43 4c 78 70 2f 45 30 63 2f 46 73 4c 58 57 6c 4e 61 51 70 36 36 64 74 62 2f 61 6f 36 2f 6c 76 4d 53 30 77 71 4c 6b 75 75 33 6d 7a 4d 44 4c 78 4d 72 41 79 63 61 7a 39 76 62 56 7a 75 76 67 37 4e 48 74 39 75 44 4f 75 4e 76 45 34 76 58 64 44 51 33 47 42 77 6b 50 2b 76 41 4d 43 77 50 32 44 4e 62 35 31 52 41 65 32 50 30 5a 32 4f 7a 32 46 78 6f 42 47 68 73 4a 39 68 76 2b 48 53 6b 70 4b 67 55 6e 46 52 30 46 4a 78 67 50 47 68 48 32 4c 50 30 78 4e 78 49 43 4c 30 49 55 4d 30 6a 2b 47 67 46 46 4b 77 5a 48 4a 52 77 65 44 6b 77 2b 54 52 52 47 45 79 38 31 53 79 73 64 56 56 45 62 57 54 31 58 52 44 63 37 56 7a 49 33 4a 47 64 6e 52 6a 39 63 55 45 4d 37 59 6c 41 77 50 79 6c 4d 4e 56 4e 6d 54 Data Ascii: q5nqicl7SeoIS8sJCJqn2KubfQxrCLxp/E0c/FsLXWlNaQp66dtb/ao6/lvMS0wqLkuu3mzMDLxMrAycaz9vbVzuvg7NHt9uDOuNvE4vXdDQ3GBwkP+vAMCwP2DNb51RAe2P0Z2Oz2FxoBGhsJ9hv+HSkpKgUnFR0FJxgPGhH2LP0xNxICL0IUM0j+GgFFKwZHJRweDkw+TRRGEy81SysdVVEbWT1XRDc7VzI3JGdnRj9cUEM7YlAwPylMNVNmT
2025-04-23 03:14:32 UTC	1369	IN	Data Raw: 42 75 62 2b 44 66 58 2b 56 68 73 69 61 76 70 6d 2b 6f 38 71 49 30 70 2b 4e 6b 4e 53 6d 30 39 48 58 32 64 71 61 73 64 4b 70 71 39 43 37 34 64 33 69 70 71 48 68 73 39 7a 67 71 75 37 45 79 4b 2f 4d 77 2f 47 31 7a 72 62 32 74 71 33 6b 37 63 6e 37 30 4d 7a 35 75 65 44 69 77 67 54 63 33 4d 6f 4c 36 38 6a 4f 78 65 6a 79 30 68 50 7a 44 4f 41 45 45 67 72 59 46 50 44 76 36 76 66 38 2b 4e 37 73 44 77 58 6a 46 52 6f 6a 38 75 48 6c 4b 4f 6f 63 4b 75 76 37 2f 41 54 77 41 41 6f 6c 4e 41 51 71 4b 78 2f 35 2f 42 30 5a 39 44 41 5a 47 78 51 67 4d 78 64 43 46 52 39 41 41 54 77 49 4b 30 6f 73 4a 53 51 55 56 52 4d 4d 55 45 70 50 4c 78 77 64 58 79 31 62 4c 47 46 5a 4d 32 63 38 57 6d 46 72 4f 32 67 74 62 57 59 74 4c 6b 74 51 62 6b 4a 4f 63 30 6c 48 55 7a 64 38 54 55 6c 59 63 6a Data Ascii: Bub+DfX+Vhsiavpm+o8qI0p+NkNSm09HX2dqasdKpq9C74d3ipqHhs9zgqu7EyK/Mw/G1zrb2tq3k7cn70Mz5ueDiwgTc3MoL68jOxejy0hPzDOAEEgrYFPDv6vf8+N7sDwXjFRoj8uHlKOocKuv7/ATwAAolNAQqKx/5/B0Z9DAZGxQgMxdCFR9AATwIK0osJSQUVRMMUEpPLxwdXy1bLGFZM2c8WmFrO2gtbWYtLktQbkJOc0lHUzd8TUlYcj