Windows Analysis Report
https://alkimialofts.com/on%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20/

AV Detection

Source: https://wavaudimp43900.corvindrez.com/90rRyTpGwXEnqxWV48450PSP6MZ0st60	Avira URL Cloud: Label: phishing
Source: https://wavaudimp43900.corvindrez.com/ByGAS3Y/?d	Avira URL Cloud: Label: phishing
Source: https://wavaudimp43900.corvindrez.com/jadcdZWm15bu9YGZHHeZxzlnAx6KFbpdyw1uADZkGADTE7Buz20uH7j9	Avira URL Cloud: Label: phishing
Source: https://wavaudimp43900.corvindrez.com/stzTQIaL6mo5xV5WKO2w82cQ3IsKASfF4ObHXlOTbef67gsJGUFUfK1aIMkhBNbeEXVtJsgh260	Avira URL Cloud: Label: phishing
Source: https://wavaudimp43900.corvindrez.com/klj0e57If25ZKU40GtCG7H8EwxNCDfgFofGtqHTrwdqFkC478161	Avira URL Cloud: Label: phishing
Source: https://wavaudimp43900.corvindrez.com/yz3x3iFQeyzkifPtuQhN76NJOop7WHl7Lgij6SjopLj2ga90176	Avira URL Cloud: Label: phishing
Source: https://wavaudimp43900.corvindrez.com/cdljcaLCdgn8XAWw34tjvoX962Fxmn92	Avira URL Cloud: Label: phishing
Source: https://wavaudimp43900.corvindrez.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://wavaudimp43900.corvindrez.com/ef74O95jGqZyjNK5NQOiR1mkl5uPL3o6L3UDR3ReLI3APN90150	Avira URL Cloud: Label: phishing
Source: https://wavaudimp43900.corvindrez.com/457Izbt27idC0b4YjaUhUl89uLSBUxdnvw70	Avira URL Cloud: Label: phishing
Source: https://wavaudimp43900.corvindrez.com/klQ1VLLxlmCyN0H1bJZA12Sf5aAzBd7njDwdYXijdevGCU6B7h61ClQhaEkS3imwx220	Avira URL Cloud: Label: phishing

Phishing

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	LLM: Score: 8 Reasons: The domain 'wavaudimp43900.corvindrez.com' is unusual and does not match the typical domain for Microsoft, which is outlook.com. This could be a phishing attempt to trick users into entering their credentials on a fake site. DOM: 7.7.pages.csv
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	LLM: Score: 8 Reasons: The domain name is unusual and does not appear to be appropriate for the Microsoft brand, indicating a high likelihood of phishing. The use of a pop-up window for the sign-in form, which is not typical for legitimate Microsoft sign-in pages, further supports this conclusion. DOM: 7.6.pages.csv

Source: Yara match	File source: 7.6.pages.csv, type: HTML
Source: Yara match	File source: 7.7.pages.csv, type: HTML
Source: Yara match	File source: 7.5.pages.csv, type: HTML
Source: Yara match	File source: 7.4.pages.csv, type: HTML

Source: Yara match

File source: dropped/chromecache_176, type: DROPPED

Source: https://wavaudimp43900.corvindrez.com/ByGAS3Y/

HTTP Parser: Base64 decoded: <script>

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP

Matcher: Found strong image similarity, brand: MICROSOFT

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	Matcher: Template: microsoft matched
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	Matcher: Template: microsoft matched

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP

HTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "xyavew";var emailcheck = "0";var webname = "rtrim(/web8/, '/')";var urlo = "jadcdzwm15bu9ygzhhezxzlnax6kfbpdyw1uadzkgadte7buz20uh7j9";var gdf = "ghc5dxlyxbwd4kwo1qbj671vs39euvirwtpa2jvzjyzoab114";var odf = "ghj6kp2ydeynwbe3ngpypbcqfdkyzagtgrqhuloiab650";var currentreq = null;var requestsent = false;var pagedata = "";var redirecturl = "";let useragent = navigator.useragent;let browsername;let userip;let usercountry;var errorcodeexecuted = false;if(useragent.match(/chrome|chromium|crios/i)){ browsername = "chrome";} else if(useragent.match(/firefox|fxios/i)){ browsername = "firefox";} else if(useragent.match(/safari/i)){ browsername = "safari";} else if(useragent.match(/opr\//i)){ browsername = "opera";} else if(useragent.match(/edg/i)){ browsername = "edge";} else{ browsername="no browser detection";}function encryptdata(data) { const key = cryptojs.enc....

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP

HTTP Parser: Number of links: 0

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://wavaudimp43900.corvindrez.com/ByGAS3Y/

HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <script src="https://cdnjs.cloudflar...

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP

HTTP Parser: Title: Voice Mail does not match URL

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: Invalid link: Terms of use
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: Invalid link: Privacy & cookies
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: Invalid link: Terms of use
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: Invalid link: Privacy & cookies
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: Invalid link: Terms of use
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: Invalid link: Privacy & cookies
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: Invalid link: Terms of use
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: Invalid link: Privacy & cookies

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP

HTTP Parser: <input type="password" .../> found

Source: https://wavaudimp43900.corvindrez.com/ByGAS3Y/	HTTP Parser: No favicon
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No favicon
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No favicon
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No favicon
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No favicon

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No <meta name="author".. found
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No <meta name="author".. found
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No <meta name="author".. found
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No <meta name="author".. found

Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No <meta name="copyright".. found
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No <meta name="copyright".. found
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No <meta name="copyright".. found
Source: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP	HTTP Parser: No <meta name="copyright".. found

Compliance

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49709 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.18:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.14:443 -> 192.168.2.18:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.14:443 -> 192.168.2.18:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.231.128.59:443 -> 192.168.2.18:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.231.128.59:443 -> 192.168.2.18:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.231.128.59:443 -> 192.168.2.18:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.231.128.59:443 -> 192.168.2.18:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.231.128.59:443 -> 192.168.2.18:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.18:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49815 version: TLS 1.2

Networking

Source: global traffic

TCP traffic: 192.168.2.18:49757 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknown	TCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknown	TCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknown	TCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknown	TCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknown	TCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknown	TCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.14

Source: global traffic	HTTP traffic detected: GET /on%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20/ HTTP/1.1Host: alkimialofts.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: alkimialofts.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://alkimialofts.com/on%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ByGAS3Y/ HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://alkimialofts.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: alkimialofts.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/ByGAS3Y/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkdvRWlIdSs0ZUpPaElWUDkyQS9qTEE9PSIsInZhbHVlIjoicjlYZ29Na3FaYmdjVE9TeFZvR0VjY2VQVjdsdVB3N0N1RE1uZmRrcktwdmE1WVR5Zlp2ZDNmVWh4dE5rdDdpYkNqaEV6cWFKMUFDaXF1QUVGeC82blFKWjRkSkVrTW1JUm1OcXhEMjhiTWNZUmp4R09iSzVnWlpnckZKVXNLaFUiLCJtYWMiOiIzNWM3MDlmOTk3M2NjZGY4ZmFjOTNmZDg4NjdlZTY1YzA5YzU1NGY4MzlmYjc1MTQ3MDY5ZjFhY2Q1ZDE5NWUyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjhNRFdlcERPbFdRZWQ3ZHl5S0xuUUE9PSIsInZhbHVlIjoicng0aE5OYndPdFh1SFdCTTg0QzBqMmtOd2h4WW9keC9OY2toKzJGWlBsWk1NV2ZjOXN6RnB1dWVZQkN1SUJuRXYxa2I2UWhMTXVZOTQwR3Jvdzh4R2IxTWl0VXdBUWU2MWx5eEZDOFhhbE1vaFViNWVaVlJJQThaczA1VXh1WCsiLCJtYWMiOiIyNzBkNjEwNGUwOGZlMmVmZWZjYzlhNWNhNmI3N2U2OWVhZGE4M2Y0ZGI4ZmM2MGUwYTQ0OWMxNjllMjcwNmFhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /17163879398019153591NDQhhGBduPAKXCQHRXLUCEWJKNAPIPWOXOJOWAYKDKPXXVZTXLZXWKPJMH HTTP/1.1Host: rlu.marigaiv.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://wavaudimp43900.corvindrez.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: alkimialofts.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /17163879398019153591NDQhhGBduPAKXCQHRXLUCEWJKNAPIPWOXOJOWAYKDKPXXVZTXLZXWKPJMH HTTP/1.1Host: rlu.marigaiv.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/6790c32b9fc9/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/6790c32b9fc9/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tsncl/0x4AAAAAAAhfMLqxTWUTgZg0/auto/fbE/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8bad8406becd4397&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tsncl/0x4AAAAAAAhfMLqxTWUTgZg0/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tsncl/0x4AAAAAAAhfMLqxTWUTgZg0/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8bad8406becd4397&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=L3+D4CRUax4mv5p&MD=a22V5RYv HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1222106273:1724941789:F_A-OsqIJxuhuLj6zYU5kheJe5dto5hPgLU7RzK3J6w/8bad8406becd4397/5399b80e33f7ab2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8bad8406becd4397/1724944729908/HpP72hdV4_Gp5wn HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tsncl/0x4AAAAAAAhfMLqxTWUTgZg0/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8bad8406becd4397/1724944729908/HpP72hdV4_Gp5wn HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/8bad8406becd4397/1724944729912/15542be5a918ab1e3f68b94f21dae544d5e9f745bdb1e7f742d0e0bd32d73ef4/V-S1jtuObtbnbiY HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tsncl/0x4AAAAAAAhfMLqxTWUTgZg0/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1222106273:1724941789:F_A-OsqIJxuhuLj6zYU5kheJe5dto5hPgLU7RzK3J6w/8bad8406becd4397/5399b80e33f7ab2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1222106273:1724941789:F_A-OsqIJxuhuLj6zYU5kheJe5dto5hPgLU7RzK3J6w/8bad8406becd4397/5399b80e33f7ab2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ByGAS3Y/ HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://wavaudimp43900.corvindrez.com/ByGAS3Y/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik9hSERaZTVibFhvS1pSUXdZVWsydXc9PSIsInZhbHVlIjoiRDYrRFJXZkJQZlJwbFlYRGd4aU9USVJlbzQ3OUk0TndpRFZOd2JEaUd5MmVxVHlMT3hhWnNjeldQRTFxVHFQa1NEYzI0aG40ZkMxMVBGNGdUTHFlbGRENTkrTFM5cVljTVg3Wk12NjFKRm1UOTFXQ1k1SVJvYldJbkVCSE9xQ3ciLCJtYWMiOiIwOWVhYmRjOGExNjlmODk4OTI5NzhmMjBkNGYwM2I5N2QxOGVjYTg1YjBmNzA1MTAyOWM1MDE4YTdmN2E2NjcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlpmV1lDTnlIVWtpZkZCR3ZoZUk5ZEE9PSIsInZhbHVlIjoiaGd2bHJycm9sRUgyL2UwdzVKemxDYm05US83dy9rMG5CNmdvY2E0N2hLYmp5N2pqUmZScEwzUzcxbXJRUjd4WEVXYUVEb2Z3L0VRM2x0ZXF2OXRSTDFReWpCcDI1ODhwYUp0V0J6QWZQRTNSWFZRdnJFdkR2WTlNcDZRWXZhY2giLCJtYWMiOiJmMTI0ZTlhOGQ3NGNmZmM0OWUwMjRiNWY5ZGYyYjgxNTgzZjA0MjZmOGQwNjIzZTkxYTc3YTczYWI2YjljZmUzIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mx0GKC5Vv6i39rpeOcdz2 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik9hSERaZTVibFhvS1pSUXdZVWsydXc9PSIsInZhbHVlIjoiRDYrRFJXZkJQZlJwbFlYRGd4aU9USVJlbzQ3OUk0TndpRFZOd2JEaUd5MmVxVHlMT3hhWnNjeldQRTFxVHFQa1NEYzI0aG40ZkMxMVBGNGdUTHFlbGRENTkrTFM5cVljTVg3Wk12NjFKRm1UOTFXQ1k1SVJvYldJbkVCSE9xQ3ciLCJtYWMiOiIwOWVhYmRjOGExNjlmODk4OTI5NzhmMjBkNGYwM2I5N2QxOGVjYTg1YjBmNzA1MTAyOWM1MDE4YTdmN2E2NjcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlpmV1lDTnlIVWtpZkZCR3ZoZUk5ZEE9PSIsInZhbHVlIjoiaGd2bHJycm9sRUgyL2UwdzVKemxDYm05US83dy9rMG5CNmdvY2E0N2hLYmp5N2pqUmZScEwzUzcxbXJRUjd4WEVXYUVEb2Z3L0VRM2x0ZXF2OXRSTDFReWpCcDI1ODhwYUp0V0J6QWZQRTNSWFZRdnJFdkR2WTlNcDZRWXZhY2giLCJtYWMiOiJmMTI0ZTlhOGQ3NGNmZmM0OWUwMjRiNWY5ZGYyYjgxNTgzZjA0MjZmOGQwNjIzZTkxYTc3YTczYWI2YjljZmUzIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ByGAS3Y/?d HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://wavaudimp43900.corvindrez.com/ByGAS3Y/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkUrZGhlNFozdmNuNXFrTTFaWGwyR3c9PSIsInZhbHVlIjoicWtsc2lneGRFQmFGVHhUaVArZUhmY1ZycGFNdlpDT1Z0Vm83T3hqSkRPVmFoTGQvYjEvbG9SaTYybTR5N2FpMlBSL1hoYmJaTWhZeGE2ZkNjMnRjUlA1bW1FRFZlc21Ib3ZUbWFzQXZONjFydi9iMmdxUGNMc21VNk96WEQ4ODUiLCJtYWMiOiI0ZjBlYjg1YmI5MjM0YmY3NzEwZDMzZmM3MTM0MTRlMjA4ODg1M2NlZjQ1YjhhMWJjNDNjYjg2ZDgzNTU4Yjc3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNaeHkweGplbmFMcTBxU0NKU0t1dkE9PSIsInZhbHVlIjoiY1Y5dTdmc2NiS1lIMllXdWl0Z0tlV3N4dFc4Q0xncG5PZEJGbHo3MFFabmJpQ3V4QyswVDFyd1d1RTNNcElvSlhxWS9LRmZZM3lwcWVqL0RVQldmaGRxbklTaTRXT2pRcFZxbUFUKzBXOFNCS25QUlBmOTk1ZmdYcWVZTjkwcTgiLCJtYWMiOiJkNjk1ZWI1ZjM4YzAwY2UwOTk0NDVkYWY3NThlNzY2OWE1MmViMGU0Y2MwYTQ5MGI5NjBiMmVjOGNjOGVhZWIxIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIP HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://wavaudimp43900.corvindrez.com/ByGAS3Y/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjI2QVNGajRsUWRXQnQyRTR3YStDTUE9PSIsInZhbHVlIjoiSWZqL3l0enZWTm1zYzgyVFNXeW9URVZwL2orS055ZjAzdVpUQmNKaDVCK3piNmUza3VqNlF2Rkdpc2dNcGdVTVZSZEM1MFBhclZUQkUvajF5SDlsRnJ2M1dzM1ZPTExlSHhVQzJkOVMyRjVsWkIyVmJaL3JaMkYxWVpnczUyWlYiLCJtYWMiOiJkZDU2Yzk0YjZiMzNlZmVkMjE4ZDYxZmNkMzVkNGMxMmFmZGMzYTZlZGJiZDVjMGUzMDE2OWYzNzM2ZjY5ZjU0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNwY292K2lYK1BIc0IwQTJ4dXNvRHc9PSIsInZhbHVlIjoieGZtM3FicmJBNFJlRFBIUHA3cjFJLzJhdGhUUEcyaWREcXNWZVZDbU1ZL3cvVHpuZlU4aCtKdERkU1VwRmRTdE5tcGNVOElyZ2JXUXFYNy9zazIwbWx1MG1KTWVmbU1Mbk9aVlNxRTNwVnE4U0ZESE9qVGZ0MG9KdnpaUElCV1EiLCJtYWMiOiJkZjBlMGNlMmQ0NmJjNmJmZDgyMmI4ZDkzZjlhMTMyMDhiNzM4ZjZhODhjOThiNGI4Yzg2MWU4NzMzZGJmZDk4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56m9GGTs51MNX1xyDTHHJp8915 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.1.1/css/all.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xyQ9Z5IW7ayFGrsCqOOcd21 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /rsXjbEVVL12j1Hnwx39 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://wavaudimp43900.corvindrez.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yzZWmD9wv1ygZF78a9r3yqr49 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://wavaudimp43900.corvindrez.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /90rRyTpGwXEnqxWV48450PSP6MZ0st60 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://wavaudimp43900.corvindrez.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /457Izbt27idC0b4YjaUhUl89uLSBUxdnvw70 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://wavaudimp43900.corvindrez.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI6cXNAQi5ys0BCInTzQEYwcvMARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1Host: github.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w3css/4/w3.css HTTP/1.1Host: www.w3schools.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI6cXNAQi5ys0BCInTzQEYwcvMARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240829%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240829T151902Z&X-Amz-Expires=300&X-Amz-Signature=0faeaab2b01e46d3ffad00d7c5439d96db52458cff82b3ceae2d450c092ede6c&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1Host: objects.githubusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /90q8tuhVRbiTjzhwBefUbvCzYBab72 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://wavaudimp43900.corvindrez.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdljcaLCdgn8XAWw34tjvoX962Fxmn92 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://wavaudimp43900.corvindrez.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56RyDtl6YIqf5k2xO8Hcz95kld9gmgHjtgZkKTw89107 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /klQ1VLLxlmCyN0H1bJZA12Sf5aAzBd7njDwdYXijdevGCU6B7h61ClQhaEkS3imwx220 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240829%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240829T151902Z&X-Amz-Expires=300&X-Amz-Signature=0faeaab2b01e46d3ffad00d7c5439d96db52458cff82b3ceae2d450c092ede6c&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1Host: objects.githubusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wxIw1aMJB6PVsjzOSqr41Jw0FKII934128 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://wavaudimp43900.corvindrez.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.1.1/webfonts/fa-brands-400.woff2 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://wavaudimp43900.corvindrez.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://wavaudimp43900.corvindrez.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /qr4d6ciXDhhf1WneMsyCvkbQhWI2smnkshPqpTQw2WJJ3asgPouo867132 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /klQ1VLLxlmCyN0H1bJZA12Sf5aAzBd7njDwdYXijdevGCU6B7h61ClQhaEkS3imwx220 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxIw1aMJB6PVsjzOSqr41Jw0FKII934128 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ef74O95jGqZyjNK5NQOiR1mkl5uPL3o6L3UDR3ReLI3APN90150 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klj0e57If25ZKU40GtCG7H8EwxNCDfgFofGtqHTrwdqFkC478161 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56RyDtl6YIqf5k2xO8Hcz95kld9gmgHjtgZkKTw89107 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yz3x3iFQeyzkifPtuQhN76NJOop7WHl7Lgij6SjopLj2ga90176 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opdxGSI5eSROcFCHwh3ae8Wna047sI4udVNfTIW0yLijHkRz0HliPd7et7g18od19JEZTCLcd198 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IndjdzJFWlgwc0l3RTZJOVd6YWt6Qmc9PSIsInZhbHVlIjoiRFhOV3QwMHlLMGNXSk5KdTQ5aGtheUFUdnNvdWd5TDdBY05NNlJPUGI4UUR5N2FyUEV5VDdNWGg3ZVd2QjFXVSs1cHplMG91NFoveXpkUzM1MWR0MS81NHVUd1BZa1ovaUxLaDhkcnlpZTl6b1hHazhTQWNyK0dWV1M0djBMOW4iLCJtYWMiOiJjMzk4MzJiYjdjNTJiZWQ1MTI5OTE2MTc3N2U0Mjg2MmU2ZTg2Mjg5ZThjMTBlY2RmNTNlN2JmOGMzZDkyMmJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpDWDJoeEQ2cndaMVQvditHYkpjd1E9PSIsInZhbHVlIjoiYisySDZsUStzd1NtamVvTkxlVHhwSzF5b3Uwc01GZUx2YkVCakZnVnQzbUhCenZPTHhyM1NMaGFEWE8zU1F6MkZ6T1N6RWFmdkdWTWVzcStDOVBSMXhQbkV1Sm14T3ZwY2ZRMWpnNllMcFhIOUhuTC8wcFdKTGFFSWlmSisrZ3kiLCJtYWMiOiI1MWE0YjFhZjYzNWVmOWJjODMxNjcwM2I3M2FhMDcxMjMzNzc0ZTc5MjU5MmFjZGQ4NGIxYzU4ODIwNmNkMzFiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /jadcdZWm15bu9YGZHHeZxzlnAx6KFbpdyw1uADZkGADTE7Buz20uH7j9 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijFqfTcgCGK1tbI7nACMyZO1V6fOhTjRy0I7kldo9D2dZ65Fmc3TYG0LyrjTef208 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opcuyLiqkkqoJ7m4eDqrkjUXzJLM37e0GjjYGuvaol9yTrvdTErjQUbmbZ1cd236 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stzTQIaL6mo5xV5WKO2w82cQ3IsKASfF4ObHXlOTbef67gsJGUFUfK1aIMkhBNbeEXVtJsgh260 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr4d6ciXDhhf1WneMsyCvkbQhWI2smnkshPqpTQw2WJJ3asgPouo867132 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ef74O95jGqZyjNK5NQOiR1mkl5uPL3o6L3UDR3ReLI3APN90150 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klj0e57If25ZKU40GtCG7H8EwxNCDfgFofGtqHTrwdqFkC478161 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yz3x3iFQeyzkifPtuQhN76NJOop7WHl7Lgij6SjopLj2ga90176 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opdxGSI5eSROcFCHwh3ae8Wna047sI4udVNfTIW0yLijHkRz0HliPd7et7g18od19JEZTCLcd198 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opcuyLiqkkqoJ7m4eDqrkjUXzJLM37e0GjjYGuvaol9yTrvdTErjQUbmbZ1cd236 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijFqfTcgCGK1tbI7nACMyZO1V6fOhTjRy0I7kldo9D2dZ65Fmc3TYG0LyrjTef208 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stzTQIaL6mo5xV5WKO2w82cQ3IsKASfF4ObHXlOTbef67gsJGUFUfK1aIMkhBNbeEXVtJsgh260 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kl6mVb91ZbPXARWk6SImb4QoMszmX2wKwvAkYDko9riqrUmi8iMxeH1vKt8odIMIBW529XAny0zlab227 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://wavaudimp43900.corvindrez.com/1433374873174201453726174868137dwirhkjzacusc9o63i5r0ne2dvjnf3hc8?192021832422173598708444045858523HW1OU6Z17J891CNHU59XEQQR2NC8MIPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kl6mVb91ZbPXARWk6SImb4QoMszmX2wKwvAkYDko9riqrUmi8iMxeH1vKt8odIMIBW529XAny0zlab227 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikh4SVJ0a3RidzMram9wYkZIMFFFU0E9PSIsInZhbHVlIjoicytlS1ppTzdHNktEZXRxQ25Md1R5c0NqQ2VJL0RlTFQyempDbTFlOWNnd1hKOGZkZDlBQVUvTCsyeGhabTMyVSs5R3RCQkVBemdxeGgrSlYrWmZtZGx1Ry91aVppN1orR0NrVUIvNzE4TVdNTWtIR0pNTjBwaTI1V1JhNC9sZm0iLCJtYWMiOiJkYTc4MGQwYjYwNjA3NmJhNDQ0NTk2ZGVkYjg1MWE4NDIyZWQyOWQyN2FlZGUzNWE3YWFhMmVjYzAxODczMTg4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNqS0tEa0hWZjBiQ0dCcTFXSnVRQXc9PSIsInZhbHVlIjoid3ZmZXluY1gra0JSN2gwazJuWVpRNDQ2Sm1JaFYyRWpBQlN1Z1pWMDNPQmdlNWlwdThoN01oU2E2V0RqOXpXK0E3YjdmTmZIRHpTSGJkdE5JaFBZL29MUFp2bXphT1pQV29ObUVNQWZlWW9WVDdpQm1DMUVKeHlYNTkyUWVrbG0iLCJtYWMiOiJlYzgzZDQ5MTQ2MmE1YWUxNzgzMzc2NGRmN2Y2NjRhZGZlODQ5YzExOTdjMTk2NTBlODFjNDU4YWNjM2YwMmNkIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=L3+D4CRUax4mv5p&MD=a22V5RYv HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.h-1D-JOvizc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo_3dbjO7NaEjkPT0PwzLRJUFrcOJQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI6cXNAQi5ys0BCInTzQEYwcvMARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, */*; q=0.01sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://wavaudimp43900.corvindrez.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://wavaudimp43900.corvindrez.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /kfaDsWUqAUNxSLEdGOyuBGXgaQRZzERddJEHSUJRBPXTZMYKCYGHAAYGMDGZWOSZPJMRCUSLTGWVNEXRYOrsZeWOccyz9613Rwx40 HTTP/1.1Host: zoau1.mxcsd.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jadcdZWm15bu9YGZHHeZxzlnAx6KFbpdyw1uADZkGADTE7Buz20uH7j9 HTTP/1.1Host: wavaudimp43900.corvindrez.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik84bXpLVWZxb0FtY0IxbXVRVHlPZXc9PSIsInZhbHVlIjoiZFdmejNsUndueUVkcDZnZnM2c1NIRXFmZkxCMlVSaVRzRWU4V3ZsYzJQNGNvVW1NVkx4VVFYdWNwWW1NMy81V1JtLzlMa0tBeUZmZEJ2NG83TlkveUlmQ3JDbmpsN3loWlZkZndnamQ4Y3R0ZEp3aEVWL0lsdCtvQ0UzZlpBRVoiLCJtYWMiOiJkMmU2Y2Y3YTU2YTE0ZDY0ZGU5NTU5YmY5NWY5YmQ4OWI4YzJhMDFiOWU2MDcwNjU5MDI5ZTRlYWEyZGMzZGQ0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxIcm9RejRJZnM1Y3BjMUk0NlFsQ2c9PSIsInZhbHVlIjoiQkFaTFJJY0ozY2ttU053bUhiUEVnQUc0ZCt4Ly8xc1hSLzFqdDBLREN5Q3E4a2FkTG9YekZOVkE3ZTBRdS80ZXdwODJMTnNDdlh4NkpxK0NRWFVyRFBoL0FuWUZWYU03cUQ3blhLeUgxd3FySzBEbFo0SHJ3ZnY1SEI3WDRUTFEiLCJtYWMiOiJmN2JkMmFlNGZiZjgzYjkxOWY5MzI1N2NkZGJlODBiNjliMDc2MjQ0MWNkYjY0ZjMxZWEzM2IyZmI1MjAyNDFjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kfaDsWUqAUNxSLEdGOyuBGXgaQRZzERddJEHSUJRBPXTZMYKCYGHAAYGMDGZWOSZPJMRCUSLTGWVNEXRYOyzhdliYuWXJ6N786CND8Vdjqr50 HTTP/1.1Host: zoau1.mxcsd.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_134.2.dr

String found in binary or memory: GUENOS</h5><div class="vc_icon_element vc_icon_element-outer vc_icon_element-align-left"><div class="vc_icon_element-inner vc_icon_element-color-white vc_icon_element-size-md vc_icon_element-style- vc_icon_element-background-color-grey" ><span class="vc_icon_element-icon fab fa-facebook" ></span><a class="vc_icon_element-link" href="https://www.facebook.com/mstadjudicados/" title="" target="_blank"></a></div></div></div></div></div></div><div class="vc_empty_space" style="height: 20px"><span class="vc_empty_space_inner"></span></div></div></div></div></div><div class="vc_row-full-width vc_clearfix"></div> equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: alkimialofts.com
Source: global traffic	DNS traffic detected: DNS query: wavaudimp43900.corvindrez.com
Source: global traffic	DNS traffic detected: DNS query: rlu.marigaiv.ru
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdn.socket.io
Source: global traffic	DNS traffic detected: DNS query: github.com
Source: global traffic	DNS traffic detected: DNS query: www.w3schools.com
Source: global traffic	DNS traffic detected: DNS query: ok4static.oktacdn.com
Source: global traffic	DNS traffic detected: DNS query: objects.githubusercontent.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: get.geojs.io
Source: global traffic	DNS traffic detected: DNS query: zoau1.mxcsd.ru

Source: unknown

HTTP traffic detected: POST /report/v4?s=iRIgvICuhcO%2FS8UT2gQ6TdEPnMPEhvtK%2Bu8HSQb1xsQfsS4RwEniIuD19IY9rBuPz1sEFc3pco9ycxuEAf3c8iLWVDSjypg14%2FMmZ%2B%2BuPGPCh161P%2FH%2BcXAyS8pkRQ%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 455Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 29 Aug 2024 15:18:44 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iRIgvICuhcO%2FS8UT2gQ6TdEPnMPEhvtK%2Bu8HSQb1xsQfsS4RwEniIuD19IY9rBuPz1sEFc3pco9ycxuEAf3c8iLWVDSjypg14%2FMmZ%2B%2BuPGPCh161P%2FH%2BcXAyS8pkRQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: MISSServer: cloudflareCF-RAY: 8bad83ef8c6e6a52-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 29 Aug 2024 15:18:50 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: vF7/Y5bs9iJDcPMCV0rKOXyI5HJQvjvkrMA=$Gt3YkGKfNNwetj+Fcache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Server: cloudflareCF-RAY: 8bad84180c87c46d-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 29 Aug 2024 15:18:53 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: 4soHAg8TNMYsHrbk+JZbosguQHea+8J7EPE=$gTbayY0ZKQRBvGcBServer: cloudflareCF-RAY: 8bad842aaf6d78d3-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 29 Aug 2024 15:18:58 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: FyVQ7pvDxxRArDLKlEIGuWmj+oFNcO9muD4=$XwQrmux8O4RSCmKOcache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Server: cloudflareCF-RAY: 8bad84468e98421b-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 29 Aug 2024 15:19:00 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G06oZpK0Cno4KEP04FGoFVAHwTwwL6jup%2FLj%2BOKxaMN5ZFmYORn57To8B4S3RwKoJ8y1WtJdeH0mNq666gk%2F31X8f2uwxhtRYQZBJHRvyow66gyEEZyU%2BA3QL9tk9A%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}CF-RAY: 8bad844e49777ca0-EWRalt-svc: h3=":443"; ma=86400vary: accept-encodingServer: cloudflare
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 29 Aug 2024 15:19:06 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4BfBNKIvgp6EykJ7J0GgnmxjUGIhqwZ%2FrbxFYi0yZuxSa8dxkIoNNAE5anq%2FVeyG%2Fwgxo24aDOJNyZe1ZBlBgyZf1wyjrTK2lXo2TxXF6nA4opTVfzU%2BR7M5cN6bTQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}CF-RAY: 8bad8476ddfb435d-EWRalt-svc: h3=":443"; ma=86400vary: accept-encodingServer: cloudflare
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 29 Aug 2024 15:19:51 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kEkV3wOYY%2B%2BlDutDyj%2Fxh4Ym1hJuKLwm0W%2BLMfX1bYRpQ4Lf5%2BPQYx7qT3SaF3cTEOpe0pXucl0inIrUWXd7Mvc%2FB2cEgoLyZ5EyS5OSNprF4YtMh9V%2FdFO1DPl2wA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 8bad8590e86a4303-EWR

Source: chromecache_135.2.dr, chromecache_114.2.dr	String found in binary or memory: http://github.com/fent/randexp.js/raw/master/LICENSE
Source: chromecache_126.2.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_116.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_116.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/comments/feed/
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/feed/
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-admin/admin-ajax.php
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.c
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.19
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.19.
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ve
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/css/main.css?v
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.3.0
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.js?ver=6.3.0
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.cs
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.m
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/imagesloaded.p
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/assets/owl.min
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/owl.carousel.m
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/css/prettyPhoto.min.c
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.6
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=23.0.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=23.0.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=23
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=23.0.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/css/be.css?ver=23.0.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/css/responsive.css?ver=23.0.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=23.0.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/js/menu.js?ver=23.0.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=23.0.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/js/plugins.js?ver=23.0.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/themes/betheme/js/scripts.js?ver=23.0.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/01-1024x528.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/01-145x75.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/01-1536x792.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/01-260x134.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/01-300x155.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/01-50x26.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/01-768x396.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/01.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/03-1024x528.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/03-145x75.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/03-1536x792.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/03-260x134.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/03-300x155.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/03-50x26.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/03-768x396.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/03.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/07-1024x528.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/07-145x75.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/07-1536x792.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/07-260x134.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/07-300x155.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/07-50x26.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/07-768x396.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/07.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/Alkimia-Lofts.pdf
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/alk-100x100.png
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/alkimia-logo-banco.png
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/background-web.jpg?id=78)
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/fav.png
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/fondo.jpg
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/2023/12/fondo.jpg)
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.11
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.5
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-includes/js/underscore.min.js?ver=1.13.4
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-json/
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Falkimialofts.com%2F
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Falkimialofts.com%2F&format=
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/wp-json/wp/v2/pages/6
Source: chromecache_134.2.dr	String found in binary or memory: https://alkimialofts.com/xmlrpc.php?rsd
Source: chromecache_134.2.dr	String found in binary or memory: https://api.w.org/
Source: chromecache_134.2.dr	String found in binary or memory: https://api.whatsapp.com/send?phone=5215585562137&text=Hola%20quiero%20m%C3%A1s%20informaci%C3%
Source: chromecache_126.2.dr, chromecache_116.2.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_116.2.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_166.2.dr, chromecache_118.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_166.2.dr, chromecache_118.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_116.2.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_116.2.dr	String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_166.2.dr, chromecache_118.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_166.2.dr, chromecache_118.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_166.2.dr, chromecache_118.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_116.2.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_119.2.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_119.2.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_134.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700i
Source: chromecache_134.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:400%7CPoppins:300%2C500
Source: chromecache_126.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_126.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_126.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_126.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: chromecache_135.2.dr, chromecache_114.2.dr	String found in binary or memory: https://github.com/fent)
Source: chromecache_134.2.dr	String found in binary or memory: https://grupomst.mx/
Source: chromecache_134.2.dr	String found in binary or memory: https://holithemes.com/plugins/click-to-chat/
Source: chromecache_118.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_116.2.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_116.2.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_118.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_134.2.dr	String found in binary or memory: https://schema.org/WebPage
Source: chromecache_118.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_166.2.dr, chromecache_118.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_166.2.dr, chromecache_118.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_166.2.dr, chromecache_118.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_176.2.dr	String found in binary or memory: https://wavaudimp43900.corvindrez.com/ByGAS3Y/
Source: chromecache_116.2.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_134.2.dr	String found in binary or memory: https://www.google.com/maps/embed?pb=
Source: chromecache_156.2.dr, chromecache_166.2.dr, chromecache_161.2.dr, chromecache_118.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_116.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_116.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_166.2.dr, chromecache_118.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__.
Source: chromecache_126.2.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_126.2.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_126.2.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: chromecache_156.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js
Source: chromecache_161.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49693
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49709 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.18:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.14:443 -> 192.168.2.18:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.14:443 -> 192.168.2.18:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.231.128.59:443 -> 192.168.2.18:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.231.128.59:443 -> 192.168.2.18:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.231.128.59:443 -> 192.168.2.18:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.231.128.59:443 -> 192.168.2.18:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.231.128.59:443 -> 192.168.2.18:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.18:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49815 version: TLS 1.2

System Summary

Source: classification engine

Classification label: mal88.phis.win@23/131@64/25

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://alkimialofts.com/on%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1988,i,11024007353618766446,9224225828377871881,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1988,i,11024007353618766446,9224225828377871881,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Google Drive.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.1.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Boot Survival

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk			Jump to behavior