Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html#_rachel.anderson@americansignature.com |
LLM: Score: 9 Reasons: The brand 'Microsoft' is a well-known global technology company., The URL 'pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev' does not match the legitimate domain 'microsoft.com'., The URL contains a random string and uses the 'r2.dev' domain, which is not associated with Microsoft., The presence of a password input field on a non-Microsoft domain is suspicious and indicative of phishing., The URL structure suggests it might be hosted on a cloud service, but it does not align with Microsoft's typical domain usage. DOM: 1.3.pages.csv |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html# |
LLM: Score: 9 Reasons: The brand 'Microsoft' is a well-known global technology company., The URL 'pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev' does not match the legitimate domain 'microsoft.com'., The URL contains a random string and uses the 'r2.dev' domain, which is not associated with Microsoft., The presence of a 'Forgot my password' input field is a common tactic used in phishing sites to capture user credentials., The URL structure and domain extension are unusual and do not align with Microsoft's typical domain usage. DOM: 2.5.pages.csv |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html# |
LLM: Score: 9 Reasons: The brand 'Microsoft' is a well-known global technology company., The URL 'pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev' does not match the legitimate domain 'microsoft.com'., The URL contains a random string and uses the 'r2.dev' domain, which is not associated with Microsoft., The presence of a password input field on a non-Microsoft domain is suspicious and indicative of phishing., The URL structure suggests it might be hosted on a cloud service, but it does not align with Microsoft's typical domain usage. DOM: 2.4.pages.csv |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2Fp |
Matcher: Template: microsoft matched |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2Fp |
Matcher: Template: microsoft matched |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2Fp |
Matcher: Template: microsoft matched |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2Fp |
Matcher: Template: microsoft matched |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html#_rachel.anderson@americansignature.com |
HTTP Parser: Invalid link: Fruits with antioxidants help reduce inflammation. |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html#_rachel.anderson@americansignature.com |
HTTP Parser: Invalid link: Fruits with antioxidants help reduce inflammation. |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html# |
HTTP Parser: Invalid link: Fruits with antioxidants help reduce inflammation. |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html# |
HTTP Parser: Invalid link: Fruits with antioxidants help reduce inflammation. |
Source: https://bayraktarplaza.com/auth/active/y8E4XKJctWEENyvnBLR6/cmFjaGVsLmFuZGVyc29uQGFtZXJpY2Fuc2lnbmF0dXJlLmNvbQ== |
HTTP Parser: No favicon |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html#_rachel.anderson@americansignature.com |
HTTP Parser: No favicon |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html#_rachel.anderson@americansignature.com |
HTTP Parser: No favicon |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html#_rachel.anderson@americansignature.com |
HTTP Parser: No favicon |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html# |
HTTP Parser: No favicon |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html# |
HTTP Parser: No favicon |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html#_rachel.anderson@americansignature.com |
HTTP Parser: No <meta name="author".. found |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html#_rachel.anderson@americansignature.com |
HTTP Parser: No <meta name="author".. found |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html# |
HTTP Parser: No <meta name="author".. found |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html# |
HTTP Parser: No <meta name="author".. found |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html#_rachel.anderson@americansignature.com |
HTTP Parser: No <meta name="copyright".. found |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html#_rachel.anderson@americansignature.com |
HTTP Parser: No <meta name="copyright".. found |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html# |
HTTP Parser: No <meta name="copyright".. found |
Source: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html# |
HTTP Parser: No <meta name="copyright".. found |
Source: unknown |
HTTPS traffic detected: 40.126.32.138:443 -> 192.168.2.17:49701 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49708 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.126.32.138:443 -> 192.168.2.17:49707 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.126.32.138:443 -> 192.168.2.17:49713 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 23.60.203.209:443 -> 192.168.2.17:49729 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 23.60.203.209:443 -> 192.168.2.17:49731 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49746 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49748 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.86.251.27:443 -> 192.168.2.17:49749 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.138 |
Source: global traffic |
HTTP traffic detected: GET /?url=https%3A%2F%2Fwww.tiktok.com%2F%2F%2F%2F%2Flink%2Fv2%3Faid%3D1988%26lang%3Denpihd7s%26scene%3Dbio_url%26target%3Dwww.google.com%2Furl%3Fq%253DIrfT8NMLx6QPaJgv6Z3g%2526rct%253DqsUbQmXhZ93d4gNXIWaR%2526sa%253Dt%2526esrc%253DEgJeLX8CAl11DNSW7pgH%2526source%253D%2526cd%253D9X3EYbyCMUoB46Jqpszn%2526cad%253Dz64Ndl7J844jI5EH33et%2526ved%253D36LRX1krI3rPMEZVSMU2%2526uact%253D%252520%2526url%253Damp%252F%25E2%2580%258Bbay%25C2%25ADrak%25C2%25ADtar%25C2%25ADplaza%25C2%25AD%25C2%25AD.%25E2%2580%258Bco%25C2%25ADm%252Fauth%252Factive%252Fy8E4XKJctWEENyvnBLR6%252FcmFjaGVsLmFuZGVyc29uQGFtZXJpY2Fuc2lnbmF0dXJlLmNvbQ%3D%3D%26source%3Dgmail%26ust%3D1725986149001000%26usg%3DAOvVaw1kdi6SPX1NGpGYFWhG_1Z7&data=05%7C02%7Crachel.anderson%40americansignature.com%7Cea716afa6d36469e78a108dce92d41a9%7C5c02e89ab9684d4e960de62c7cd02766%7C0%7C0%7C638641627826692599%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=UMW01VeNOABdw6sIGnj5zpPinQYedujNvCzkhwwtiOg%3D&reserved=0 HTTP/1.1Host: nam04.safelinks.protection.outlook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Zm3gm9bC7FsE3Ep&MD=r81BdaDm HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /url?cad=z64Ndl7J844jI5EH33et&cd=9X3EYbyCMUoB46Jqpszn&esrc=EgJeLX8CAl11DNSW7pgH&q=IrfT8NMLx6QPaJgv6Z3g&rct=qsUbQmXhZ93d4gNXIWaR&sa=t&safe=active&source=&uact=+&url=amp%2F%E2%80%8Bbay%C2%ADrak%C2%ADtar%C2%ADplaza%C2%AD%C2%AD.%E2%80%8Bco%C2%ADm%2Fauth%2Factive%2Fy8E4XKJctWEENyvnBLR6%2FcmFjaGVsLmFuZGVyc29uQGFtZXJpY2Fuc2lnbmF0dXJlLmNvbQ%3D%3D&ved=36LRX1krI3rPMEZVSMU2 HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /amp/%E2%80%8Bbay%C2%ADrak%C2%ADtar%C2%ADplaza%C2%AD%C2%AD.%E2%80%8Bco%C2%ADm/auth/active/y8E4XKJctWEENyvnBLR6/cmFjaGVsLmFuZGVyc29uQGFtZXJpY2Fuc2lnbmF0dXJlLmNvbQ== HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=518=LUtCOXoo8Z5gPTYmt3H8LqWZTAG6hKQWe-cdREwgZ1U5skKMsQ1ebJKw-WObc8ztdOwhrvjO8jzr2h2SrcScnkV33BZhN4EFb9Qp4CfMifOTNldFYQ3YJcOZGlavXchLr7TNWhZ5RWxrbHt-PIEIgoxy1iomxi4tn-5Cszy6g2rWSvByILnv121IggBwqj9u |
Source: global traffic |
HTTP traffic detected: GET /auth/active/y8E4XKJctWEENyvnBLR6/cmFjaGVsLmFuZGVyc29uQGFtZXJpY2Fuc2lnbmF0dXJlLmNvbQ== HTTP/1.1Host: bayraktarplaza.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.html HTTP/1.1Host: pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://bayraktarplaza.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: bayraktarplaza.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bayraktarplaza.com/auth/active/y8E4XKJctWEENyvnBLR6/cmFjaGVsLmFuZGVyc29uQGFtZXJpY2Fuc2lnbmF0dXJlLmNvbQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /turnstile/v0/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /turnstile/v0/b/62ec4f065604/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /turnstile/v0/b/62ec4f065604/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /, HTTP/1.1Host: pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/DHDSDFcgcbTEX2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnD3x%40W8CobWfAhEktKPt3JDTKN2FpnDW8CobWkfAhEktKP_GSHDH6838JSHDJH239HNXXNHD%26JSDNNDNDBNIADK938DJJDJt3JDTKN2FpnDW8CobWfAhEktKPt3JDTKN2FpnDW.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-6e969b0e21134bcf850bbff9bd28a4e5.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET // HTTP/1.1Host: sparksavvy.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET ///7140.php HTTP/1.1Host: sparksavvy.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET ///7140.php HTTP/1.1Host: sparksavvy.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Zm3gm9bC7FsE3Ep&MD=r81BdaDm HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /ab HTTP/1.1Host: evoke-windowsservices-tas.msedge.netCache-Control: no-store, no-cacheX-PHOTOS-CALLERID: 9NMPJ99VJBWVX-EVOKE-RING: X-WINNEXT-RING: PublicX-WINNEXT-TELEMETRYLEVEL: BasicX-WINNEXT-OSVERSION: 10.0.19045.0X-WINNEXT-APPVERSION: 1.23082.131.0X-WINNEXT-PLATFORM: DesktopX-WINNEXT-CANTAILOR: FalseX-MSEDGE-CLIENTID: {c1afbad7-f7da-40f2-92f9-8846a91d69bd}X-WINNEXT-PUBDEVICEID: dbfen2nYS7HW6ON4OdOknKxxv2CCI5LJBTojzDztjwI=If-None-Match: 2056388360_-1434155563Accept-Encoding: gzip, deflate, br |
Source: global traffic |
HTTP traffic detected: GET /client/config?cc=CH&setlang=en-CH HTTP/1.1X-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-UserAgeClass: UnknownX-BM-Market: CHX-BM-DateFormat: dd/MM/yyyyX-Device-OSSKU: 48X-BM-DTZ: -240X-DeviceID: 01000A41090080B6X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDoAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAbQojQilLHmW0JNjiZck74cOv7Lz0PQvunyWdgssJLzjuafsIRbfv/fcfEPG23/0XQPVZ4zV8HaOzFAtLKjjk3PLo8dcBUN9yjW1pQDDJNUgKXY5rJZ9%2BZELhDxed15YkC%2BxujwWWT2EYT3H1yTI1uZRwXb%2BSBXCRQMnbK52n0zPLS/tw/57UoBNshMv1VtaQri/P%2Bb3nYk6y/tpcULjy3vLo5X4fgNkhdk/98SpWiylY9PC99pFq/C/EZBkHwbfT3sogZjUKjgxdTyqH8x0eZvoFmTO4lkc/MNUO0zoiDMJNf2HPoTNw2Qj21ELz1iks4YjK/xciQMeo%2BOHICzCbxoQZgAAEHpoJTZSgBJjJkitOD3zOtiwAV7Ry38zpqf7MlGyjp5sQsntr7bARdiR%2Bl2kXMlKqu7W7v3fS8x4XHq7lsUpH7bACESF8gfB1ALfQLTUtktUtVYsPqv38KHqQVl5zo4I5bVo/OJhcIVH2QXCSO/8OIKpRKG5KQjGeX2iMI/p4QtPulCQQmj76GoDCnZFNGw8zinUUXukZFT2KdExti8XskVpu%2BgCoqH1XC0TATN3AC%2B6xR0iMYA72tvKb5MfpdnKhETcD3wLED7IPsZSM54YwUQUzATQICLuGvBWOQTjnJgoSVfDCbbZd02ABFb56c78/1wZ8vgHBoZxw424g46LDZ1SxdhvbSzO6/XqaZiMDHmYsX9NDROOnJEP3BATrTvQjj3lU16oJLnkUoGUUC4BgALyu0mh7nlJjrk/XJiwIvvdwN7i6DitNkfc8iGQA%2BU7tInpjvxvrvnTrlwrpH0hPXLp%2BPmhSyZTUkA0qd50DV0MDqM7/WztdkoD6wRRaw/QOu8lDLG1SxO39QCS%2BzylmJQQpW1hbi8CDe/tSlz27B/YpOc51xZD7owCk9cfWwjDDP/nGPuCaENXWgFHVXII605fPtcB%26p%3DX-Agent-DeviceId: 01000A41090080B6X-BM-CBT: 1728576056User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045X-Device-isOptin: falseAccept-language: en-GB, en, en-USX-Device-Touch: falseX-Device-ClientSession: 5681479170724894829C6F9FE9D561EAX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIHost: www.bing.comConnection: Keep-AliveCookie: SRCHUID=V=2&GUID=C4EAB6C130004333A34B5668AE4E4D10&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=en; MU |