Windows Analysis Report
https://sites.google.com/view/busch-vacuum/home

Overview

General Information

Sample URL:	https://sites.google.com/view/busch-vacuum/home
Analysis ID:	1391076
Infos:

Detection

HtmlDropper, HTMLPhisher

Score:	92
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected Html Dropper

Yara detected HtmlPhish10

Yara detected HtmlPhish20

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

Phishing site or detected (based on various text indicators)

Creates files inside the system directory

HTML body contains low number of good links

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid 'sign-in options' or 'sign-up' link found

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://sites.google.com/view/busch-vacuum/home

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://allmysonscom.top/jq/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c1	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/boot/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c6	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/flow/ov1/262488950:1707764966:vaAlIai909zKvAhWSk_psiX7v9StSENbiBvKUScxVng/85474443ad6c4503/8c2b9e0eb6a0042	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/1	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/flow/ov1/318354221:1707764905:dMGQ1qf0ojXCyT3GkA92YDzydM_ywRIzHUqJOdKJBCE/854744798c5612da/bb407e331054714	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/ASSETS/img/m_.svg	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/js/8845edfee9737b347c9bba0188b1b8f065ca72cbd90ca	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/o/8845edfee9737b347c9bba0188b1b8f065ca72ce4265c	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/ASSETS/img/sig-op.svg	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=85474443ad6c4503	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=854744798c5612da	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/x/8845edfee9737b347c9bba0188b1b8f065ca72ce4262d	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/APP-8845edfee9737b347c9bba0188b1b8f065ca72ce4261b/8845edfee9737b347c9bba0188b1b8f065ca72ce4261c	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top	Avira URL Cloud: Label: phishing

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 5.13.pages.csv, type: HTML
Source: Yara match	File source: 6.14.pages.csv, type: HTML

Yara detected HtmlPhish20

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://allmysonscom.top/	Matcher: Template: cloudflare matched
Source: https://allmysonscom.top/	Matcher: Template: cloudflare matched
Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786	Matcher: Template: microsoft matched
Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786#	Matcher: Template: microsoft matched

Phishing site or detected (based on various text indicators)

Source: Chrome DOM

OCR Text: Busch Vacuum Mark Magill Has Shared a Document Home History PRESS HERE TO VIEW/DOWNLOAD DOCUMENTS Team FAO

HTML body contains low number of good links

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

HTTP Parser: Number of links: 0

HTML page contains hidden URLs or javascript code

Source: https://allmysonscom.top/

HTTP Parser: Base64 decoded: https://allmysonscom.top/

HTML title does not match URL

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

HTTP Parser: Title: 83d322445b1d02a6451c977e55b79f8a65ca72cb02757 does not match URL

Invalid 'sign-in options' or 'sign-up' link found

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

HTTP Parser: Invalid link: get a new Microsoft account

Source: https://allmysonscom.top/	HTTP Parser: No favicon
Source: https://allmysonscom.top/	HTTP Parser: No favicon
Source: https://allmysonscom.top/	HTTP Parser: No favicon
Source: https://allmysonscom.top/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786	HTTP Parser: No favicon

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

HTTP Parser: No <meta name="author".. found

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 72.246.252.126:443 -> 192.168.2.4:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 72.246.252.126:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49778 version: TLS 1.2

Source:

Binary string: _.d7=function(a,c){this.Db=a;this.B=c};_.d7.prototype.getId=function(){return this.Db};_.d7.prototype.toString=function(){return this.Db};_.iDb=new _.d7("skipCache",!0);_.jDb=new _.d7("maxRetries",3);_.kDb=new _.d7("isInitialData",!0);_.lDb=new _.d7("batchId");_.mDb=new _.d7("batchRequestId");_.nDb=new _.d7("extensionId");_.oDb=new _.d7("eesTokens");_.pDb=new _.d7("unobfuscatedRpcId"); source: chromecache_80.2.dr

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 96.7.245.89
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 96.7.245.89
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-117.0.5938.132Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /view/busch-vacuum/home HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /js/client.js?onload=gapiLoaded HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /fSqYar0jheoUPBYKca6aF_NSRtDkQuF_3zYDeKWst7rfzPohazcN9UFL3nOv9fXNuHhAU8TgyRRs-R1SWXu5b_Q=w16383 HTTP/1.1Host: lh6.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fSqYar0jheoUPBYKca6aF_NSRtDkQuF_3zYDeKWst7rfzPohazcN9UFL3nOv9fXNuHhAU8TgyRRs-R1SWXu5b_Q=w16383 HTTP/1.1Host: lh6.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /uNIla_7jRBSSF3AYmFIAe6z2LT9wgy8chO3jGUsCmMSzR9r_PaqAbY4eE5z2pvW0gcPhVNOfFaVI0EEfJ0EY6-0=w16383 HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /_/view/logImpressions?authuser=0 HTTP/1.1Host: sites.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /uNIla_7jRBSSF3AYmFIAe6z2LT9wgy8chO3jGUsCmMSzR9r_PaqAbY4eE5z2pvW0gcPhVNOfFaVI0EEfJ0EY6-0=w16383 HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /_/view/logImpressions?authuser=0 HTTP/1.1Host: sites.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /url?q=https%3A%2F%2Fnowlifestyle.com%2Fredir.php%3Fk%3D9a4e080456dabe5eebc8863cde7b1b48%26url%3Dhttps%3A%2F%2Fallmysonscom.top&sa=D&sntz=1&usg=AOvVaw1wKraueWhnGr5VlpbWx2MD HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /redir.php?k=9a4e080456dabe5eebc8863cde7b1b48&url=https://allmysonscom.top HTTP/1.1Host: nowlifestyle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=85474443ad6c4503 HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://allmysonscom.top/?__cf_chl_rt_tk=827_YhIdJNGcC0qhgrnMd71OAO.BZvCY75UWqF050PQ-1707766441-0-3813Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/a990e557/api.js?onload=uWvsrp7&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://allmysonscom.topsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/262488950:1707764966:vaAlIai909zKvAhWSk_psiX7v9StSENbiBvKUScxVng/85474443ad6c4503/8c2b9e0eb6a0042 HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=854744532923b0b1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1536897702:1707765084:WklD56mw33U7CPv27fqqC0pnnqAIy10G1Wxmdbh_jt0/854744532923b0b1/5c8cf7413cc3963 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /url?q=https%3A%2F%2Fnowlifestyle.com%2Fredir.php%3Fk%3D9a4e080456dabe5eebc8863cde7b1b48%26url%3Dhttps%3A%2F%2Fallmysonscom.top&sa=D&sntz=1&usg=AOvVaw1wKraueWhnGr5VlpbWx2MD HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/854744532923b0b1/1707766445862/TL2Z-SAoYDbR0-B HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /redir.php?k=9a4e080456dabe5eebc8863cde7b1b48&url=https://allmysonscom.top HTTP/1.1Host: nowlifestyle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Referer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=854744798c5612da HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://allmysonscom.top/?__cf_chl_rt_tk=nMKw9Q_A9UCDvFQMi7hMjkX7gJpSnsxaBrj4i5mhxh0-1707766450-0-3941Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/318354221:1707764905:dMGQ1qf0ojXCyT3GkA92YDzydM_ywRIzHUqJOdKJBCE/854744798c5612da/bb407e331054714 HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/854744532923b0b1/1707766445862/TL2Z-SAoYDbR0-B HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/854744532923b0b1/1707766445864/145450f9f29a437153a4db87001c50914e532129640eb0e34670b650d28dc54a/9uVA9OYt25Qd1Gt HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85474485de6744e2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1536897702:1707765084:WklD56mw33U7CPv27fqqC0pnnqAIy10G1Wxmdbh_jt0/854744532923b0b1/5c8cf7413cc3963 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1852742952:1707764992:pN_rDYEjXF1KZ4h6K2VLQ9UjW2aqmKZRx1oZcVFaw4o/85474485de6744e2/b8bef5262dabc89 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/85474485de6744e2/1707766453720/5819046ea238e2a8ddd561ca4d8dfc754e0e7c697e8fddbb8fc7df8ef3a52cf6/wfnc6rc2Hky3rQj HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/85474485de6744e2/1707766453724/5MPlSsszeImzAsF HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/85474485de6744e2/1707766453724/5MPlSsszeImzAsF HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1852742952:1707764992:pN_rDYEjXF1KZ4h6K2VLQ9UjW2aqmKZRx1oZcVFaw4o/85474485de6744e2/b8bef5262dabc89 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1852742952:1707764992:pN_rDYEjXF1KZ4h6K2VLQ9UjW2aqmKZRx1oZcVFaw4o/85474485de6744e2/b8bef5262dabc89 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/318354221:1707764905:dMGQ1qf0ojXCyT3GkA92YDzydM_ywRIzHUqJOdKJBCE/854744798c5612da/bb407e331054714 HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/?__cf_chl_tk=nMKw9Q_A9UCDvFQMi7hMjkX7gJpSnsxaBrj4i5mhxh0-1707766450-0-3941Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786 HTTP/1.1Host: allmysonscom.topConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Referer: https://allmysonscom.top/?__cf_chl_tk=nMKw9Q_A9UCDvFQMi7hMjkX7gJpSnsxaBrj4i5mhxh0-1707766450-0-3941Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /jq/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c1 HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /boot/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c6 HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /js/8845edfee9737b347c9bba0188b1b8f065ca72cbd90ca HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /APP-8845edfee9737b347c9bba0188b1b8f065ca72ce4261b/8845edfee9737b347c9bba0188b1b8f065ca72ce4261c HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /o/8845edfee9737b347c9bba0188b1b8f065ca72ce4265c HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/m_.svg HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/sig-op.svg HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /x/8845edfee9737b347c9bba0188b1b8f065ca72ce4262d HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/m_.svg HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/sig-op.svg HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /x/8845edfee9737b347c9bba0188b1b8f065ca72ce4262d HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /o/8845edfee9737b347c9bba0188b1b8f065ca72ce4265c HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729

Source: chromecache_114.2.dr

String found in binary or memory: disableRealtimeCallback:!1,drive_share:{skipInitCommand:!0},csi:{rate:.01},client:{cors:!1},signInDeprecation:{rate:0},include_granted_scopes:!0,llang:"en",iframes:{youtube:{params:{location:["search","hash"]},url:":socialhost:/:session_prefix:_/widget/render/youtube?usegapi=1",methods:["scroll","openwindow"]},ytsubscribe:{url:"https://www.youtube.com/subscribe_embed?usegapi=1"},plus_circle:{params:{url:""},url:":socialhost:/:session_prefix::se:_/widget/plus/circle?usegapi=1"},plus_share:{params:{url:""}, equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: accounts.google.com

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:01 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15816Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp1ImpmtQqJ%2Bje%2FJjcUwtyXyLL7Oi%2FeHWaJDd0q9S%2BfgJ18k6LAG0RbqPLdNVRh6OWrpfCm98Ff81NI8oaWjxtL1JtdInwYsrQDWBPBzxBa7Jc29tb8HO0aAV13yfbWVAuwR"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:03 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15968Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioKtvEKEWgn6arwQNxboIev65TrRpyFODtJyZTBilx7jBJZ1XMP66PYzM8kj3WvdfN%2B1tRX%2FKzSCGUmnt1ESFHDdR73Ma1pb6f07olJB82834KJNOwCr78t5%2Br14nhFVX5YC"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:05 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15947Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:10 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15944Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FWGYcgqM2F84TVwpKxsWUqK1AhuRTR6kkAmVGUQ8591kBk8KNLdAZ77KmyTQtCYD%2BjrydrcWQvTiCKqv8M38iJwXfH%2FoaL0BkRofoIksbq432ASxCBnyo9cgw%2BOutiwEcXs"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:11 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15968Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MfOxbTMVMP7vVtdPI2LC9wYnAIO4RtQ4VW9uUFOtl22ToAqivoUhighs4xPORuWgAOkPJh8lMd1y9B07hOLnLbSqUEw1U%2BT11ZezP9bOaP45SL95YX2wGLhimieAHejwLFR"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:13 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15968Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqJGwE4iQTZz%2FwvFHroKvGvBwOheork0mSQzacUcZpfPbMzvyuXHJ5QvRJxhNaf4NRC5yFOqrKFbop8TOqQ6LUQVWHiJ0FliwVl57ezKG2uwiZe2ZMB5XQtdTHf0o2xdKy2t"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:34 GMTContent-Type: text/html; charset=UTF-8Content-Length: 16053Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32LDe1DsUJJPC0GWI5Bg6xWs0K1dJ12YuCzlxp%2Fr8WpIH07Cm%2FmLffQLnwusJcFDSprZbE52EHnzjEtb6FE6HsPLBpQqCgpj7udT9QaUrmHYTPMPI5AW7a8B9YYpoPIz%2Bbtq"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 12 Feb 2024 19:34:38 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2mwxRWBUjT3MJm2KYW3eSCotmV4jn5hNd5uHcfF9dfzIENZp2D8JhIDGomETWcgN%2BJRJf8LwD9xvoDoifrW%2FOEuzeO8aOmBkyu%2FQLsA21jUOwRhm96Hu5gl5gA3QOtBeiCp"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8547452849abad71-ATLalt-svc: h3=":443"; ma=86400

Source: chromecache_112.2.dr	String found in binary or memory: http://csi.gstatic.com/csi
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/iframe
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_84.2.dr	String found in binary or memory: https://allmysonscom.top
Source: chromecache_114.2.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_114.2.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: chromecache_114.2.dr	String found in binary or memory: https://classroom.google.com/sharewidget?usegapi=1
Source: chromecache_114.2.dr	String found in binary or memory: https://clients3.google.com/cast/chromecast/home/widget/backdrop?usegapi=1
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_112.2.dr	String found in binary or memory: https://console.developers.google.com/
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_112.2.dr	String found in binary or memory: https://csi.gstatic.com/csi
Source: chromecache_112.2.dr	String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_114.2.dr	String found in binary or memory: https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/api-client-library/javascript/reference/referencedocs
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/gis-migration)
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.googleblog.com/2018/03/discontinuing-support-for-json-rpc-and.html
Source: chromecache_112.2.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_114.2.dr	String found in binary or memory: https://drive.google.com/savetodrivebutton?usegapi=1
Source: chromecache_114.2.dr	String found in binary or memory: https://families.google.com/webcreation?usegapi=1&usegapi=1
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RP
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cSZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-eCZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVcf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0-ExdGM.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0yExdGM.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OOtLQ0Z.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlM-vWjMY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMOvWjMY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMevWjMY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMuvWjMY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlOevWjMY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPuvWjMY.woff2)
Source: chromecache_92.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_92.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_92.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_84.2.dr	String found in binary or memory: https://nowlifestyle.com/redir.php?k
Source: chromecache_84.2.dr	String found in binary or memory: https://nowlifestyle.com/redir.php?k=9a4e080456dabe5eebc8863cde7b1b48&url=https://allmysonscom.t
Source: chromecache_114.2.dr	String found in binary or memory: https://pay.google.com/gp/v/widget/save
Source: chromecache_94.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_114.2.dr	String found in binary or memory: https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_94.2.dr	String found in binary or memory: https://rapid.corp.google.com/
Source: chromecache_94.2.dr	String found in binary or memory: https://scriptz.corp.google.com/
Source: chromecache_119.2.dr	String found in binary or memory: https://ssl.gstatic.com/atari/images/no_results_error.png
Source: chromecache_112.2.dr	String found in binary or memory: https://ssl.gstatic.com/gb/js/
Source: chromecache_114.2.dr	String found in binary or memory: https://ssl.gstatic.com/microscope/embed/
Source: chromecache_119.2.dr	String found in binary or memory: https://support.google.com/cloudsearch/answer/6172299
Source: chromecache_114.2.dr	String found in binary or memory: https://talkgadget.google.com/:session_prefix:talkgadget/_/widget
Source: chromecache_94.2.dr	String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_94.2.dr	String found in binary or memory: https://workspace.google.com/products/sites/
Source: chromecache_94.2.dr	String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: chromecache_114.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/badge?usegapi=1
Source: chromecache_114.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/optin?usegapi=1
Source: chromecache_112.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.login
Source: chromecache_112.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_112.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_114.2.dr	String found in binary or memory: https://www.gstatic.com/partners/badge/templates/badge.html?usegapi=1
Source: chromecache_114.2.dr	String found in binary or memory: https://www.youtube.com/subscribe_embed?usegapi=1

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 72.246.252.126:443 -> 192.168.2.4:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 72.246.252.126:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49778 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_6108_1419552930

Jump to behavior

Source: classification engine

Classification label: mal92.phis.troj.win@26/85@40/18

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1984,i,8483475906506789809,10319773719344864098,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sites.google.com/view/busch-vacuum/home
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1984,i,8483475906506789809,10319773719344864098,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:

Data Obfuscation

Yara detected Html Dropper

Source: Yara match	File source: 5.13.pages.csv, type: HTML
Source: Yara match	File source: 6.14.pages.csv, type: HTML

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.253.124.100	plus.l.google.com	United States	15169	GOOGLEUS	false
142.250.105.132	unknown	United States	15169	GOOGLEUS	false
142.250.105.139	sites.google.com	United States	15169	GOOGLEUS	false
104.17.3.184	unknown	United States	13335	CLOUDFLARENETUS	false
64.233.185.84	accounts.google.com	United States	15169	GOOGLEUS	false
74.125.136.103	www.google.com	United States	15169	GOOGLEUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
74.125.138.132	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
64.233.176.139	play.google.com	United States	15169	GOOGLEUS	false
172.217.215.132	unknown	United States	15169	GOOGLEUS	false
172.253.124.132	unknown	United States	15169	GOOGLEUS	false
142.250.9.138	clients.l.google.com	United States	15169	GOOGLEUS	false
199.116.250.99	nowlifestyle.com	United States	46549	GVOUS	false
104.21.51.145	allmysonscom.top	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
173.194.219.139	unknown	United States	15169	GOOGLEUS	false
104.17.2.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
a.nel.cloudflare.com	35.190.80.1	true
accounts.google.com	64.233.185.84	true
plus.l.google.com	172.253.124.100	true
sites.google.com	142.250.105.139	true
allmysonscom.top	104.21.51.145	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
play.google.com	64.233.176.139	true
challenges.cloudflare.com	104.17.2.184	true
www.google.com	74.125.136.103	true
clients.l.google.com	142.250.9.138	true
nowlifestyle.com	199.116.250.99	true
googlehosted.l.googleusercontent.com	74.125.138.132	true
windowsupdatebg.s.llnwi.net	69.164.42.0	true
clients2.google.com	unknown	unknown
lh6.googleusercontent.com	unknown	unknown
lh3.googleusercontent.com	unknown	unknown
apis.google.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786#	true		unknown
https://allmysonscom.top/1	false	Avira URL Cloud: phishing	unknown
https://allmysonscom.top/jq/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c1	false	Avira URL Cloud: phishing	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85474485de6744e2	false		high
https://nowlifestyle.com/redir.php?k=9a4e080456dabe5eebc8863cde7b1b48&url=https://allmysonscom.top	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/854744532923b0b1/1707766445864/145450f9f29a437153a4db87001c50914e532129640eb0e34670b650d28dc54a/9uVA9OYt25Qd1Gt	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=854744532923b0b1	false		high
https://allmysonscom.top/ASSETS/img/m_.svg	false	Avira URL Cloud: phishing	unknown
https://a.nel.cloudflare.com/report/v3?s=%2B0ieNGnK2w2m5tpN3e2ajxjqYTrHozX88GQL4I0FVab7sya4tNbTH1fbUAF0iBFI6WzejWyq4WOm5vTeD1o923%2BIIivGDNI8%2Fpf%2BBEEZoRPJDhUpiTDn%2F5ybzSCtCDmCZX80	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	false		high
https://sites.google.com/view/busch-vacuum/home	false		high
https://allmysonscom.top/boot/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c6	false	Avira URL Cloud: phishing	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/85474485de6744e2/1707766453720/5819046ea238e2a8ddd561ca4d8dfc754e0e7c697e8fddbb8fc7df8ef3a52cf6/wfnc6rc2Hky3rQj	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/85474485de6744e2/1707766453724/5MPlSsszeImzAsF	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1536897702:1707765084:WklD56mw33U7CPv27fqqC0pnnqAIy10G1Wxmdbh_jt0/854744532923b0b1/5c8cf7413cc3963	false		high
https://a.nel.cloudflare.com/report/v3?s=kp1ImpmtQqJ%2Bje%2FJjcUwtyXyLL7Oi%2FeHWaJDd0q9S%2BfgJ18k6LAG0RbqPLdNVRh6OWrpfCm98Ff81NI8oaWjxtL1JtdInwYsrQDWBPBzxBa7Jc29tb8HO0aAV13yfbWVAuwR	false		high
https://www.google.com/url?q=https%3A%2F%2Fnowlifestyle.com%2Fredir.php%3Fk%3D9a4e080456dabe5eebc8863cde7b1b48%26url%3Dhttps%3A%2F%2Fallmysonscom.top&sa=D&sntz=1&usg=AOvVaw1wKraueWhnGr5VlpbWx2MD	false		high
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs	false		high
https://sites.google.com/_/view/logImpressions?authuser=0	false		high
https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/flow/ov1/262488950:1707764966:vaAlIai909zKvAhWSk_psiX7v9StSENbiBvKUScxVng/85474443ad6c4503/8c2b9e0eb6a0042	false	Avira URL Cloud: phishing	unknown
https://allmysonscom.top/o/8845edfee9737b347c9bba0188b1b8f065ca72ce4265c	false	Avira URL Cloud: phishing	unknown
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard	false		high
https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/flow/ov1/318354221:1707764905:dMGQ1qf0ojXCyT3GkA92YDzydM_ywRIzHUqJOdKJBCE/854744798c5612da/bb407e331054714	false	Avira URL Cloud: phishing	unknown
https://allmysonscom.top/js/8845edfee9737b347c9bba0188b1b8f065ca72cbd90ca	false	Avira URL Cloud: phishing	unknown
https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=85474443ad6c4503	false	Avira URL Cloud: phishing	unknown
https://play.google.com/log?format=json&hasfast=true&authuser=0	false		high
https://allmysonscom.top/ASSETS/img/sig-op.svg	false	Avira URL Cloud: phishing	unknown
https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786	true		unknown
https://allmysonscom.top/favicon.ico	false	Avira URL Cloud: phishing	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1852742952:1707764992:pN_rDYEjXF1KZ4h6K2VLQ9UjW2aqmKZRx1oZcVFaw4o/85474485de6744e2/b8bef5262dabc89	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/854744532923b0b1/1707766445862/TL2Z-SAoYDbR0-B	false		high
https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=854744798c5612da	false	Avira URL Cloud: phishing	unknown
https://lh6.googleusercontent.com/fSqYar0jheoUPBYKca6aF_NSRtDkQuF_3zYDeKWst7rfzPohazcN9UFL3nOv9fXNuHhAU8TgyRRs-R1SWXu5b_Q=w16383	false		high
https://allmysonscom.top/APP-8845edfee9737b347c9bba0188b1b8f065ca72ce4261b/8845edfee9737b347c9bba0188b1b8f065ca72ce4261c	false	Avira URL Cloud: phishing	unknown
https://lh3.googleusercontent.com/uNIla_7jRBSSF3AYmFIAe6z2LT9wgy8chO3jGUsCmMSzR9r_PaqAbY4eE5z2pvW0gcPhVNOfFaVI0EEfJ0EY6-0=w16383	false		high
https://allmysonscom.top/x/8845edfee9737b347c9bba0188b1b8f065ca72ce4262d	false	Avira URL Cloud: phishing	unknown
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1	false		high
https://allmysonscom.top/	true		unknown
https://apis.google.com/js/client.js?onload=gapiLoaded	false		high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 101	PNG image data, 192 x 192, 8-bit gray+alpha, non-interlaced	38E5B986496CE01394F7492D27279798	BE08B0B5DA9CE31246CD5AC4C8BA4E257470221C	74D311FFEACF69A9409C517CA12E09F5C7531B015B8A34290B52D713EA5622F1
Chrome Cache Entry: 102	Web Open Font Format (Version 2), TrueType, length 47048, version 1.0	87A1556B696AE2CB1A726BD8C4584A2F	1BE0F6F39E0CF316F9827F945EEEAEF8294CC37B	141F0C53E457585D4AC7426EB3D757666D250EE6FBF0E9C0878128E4C627F0B1
Chrome Cache Entry: 103	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 104	ASCII text, with very long lines (580)	3680777364611C54B3185980B17C0DEB	4C5DEFD6F949F797280AA7209D4D6C4C1EBEEBF8	7D5B039B2F866ECD4A53E62F357216F80C31AB509ED7D88EB586F45EA7924041
Chrome Cache Entry: 105	PNG image data, 93 x 72, 8-bit/color RGB, non-interlaced	1932267306AA2080E34DDDCF6D3C960D	8A26B69E55A09960DCDB185476603BE7157C0061	FBCBB7F1F8C14FFD58125BC5D9B0B8DA97ACEAE072E74E9F7A61CCD19B44230E
Chrome Cache Entry: 106	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Mockup image of male hands using a laptop computer and holing a smart phone both with blank white screens. Focus on the index f, manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, xresolution=141, yresolution=149, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:07:25 12:37:24], baseline, precision 8, 5472x3648, components 3	583707976208CC031C19C435E89E22D5	EB68B710BF4BBBBF9CF8C471D3BC4ABA1F80CDF0	BA68015F07E9736C5AE384136E127C2088A3555D0EC1E550FEA9F255FCCA6E0A
Chrome Cache Entry: 107	ASCII text	0EBB7B6EA38FD3796236DDAFBFD00D04	63F706C63220B76FE8D8A0AB16C8F15E88D88318	C886F70FD06EE5BF0B7087F389154F625C98D079D42DC4A1964F5BB1BA3330BD
Chrome Cache Entry: 108	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 109	Web Open Font Format (Version 2), TrueType, length 34108, version 1.0	C15D33A9508923BE839D315A999AB9C7	D17F6E786A1464E13D4EC8E842F4EB121B103842	65C99D3B9F1A1B905046E30D00A97F2D4D605E565C32917E7A89A35926E04B98
Chrome Cache Entry: 110	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 111	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	FBE36EB2EECF1B90451A3A72701E49D2	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
Chrome Cache Entry: 112	ASCII text, with very long lines (1505)	EDCD6FA803ACFBDCEEE33A8828389953	9150AA67A6CAD1F7A698D0390EAA8E183F1340E7	2E00F0FECB57E16EC680E1BE603361DD8DEF05168A5BA73D361CEA4414A9A7BF
Chrome Cache Entry: 113	ASCII text, with very long lines (2265)	A92A940A40D8D98230489C563921E054	0C36E86C67B3CCC5D9ACC45075EE91B5A020374E	E46ED84DC8C09825C0DD4531F7C2B6897DB9335CD60FFA08222D86CA0AD1A06B
Chrome Cache Entry: 114	ASCII text, with very long lines (2056)	98A891E73D473A9415296CB334D0CE45	2011BE4D31C7C0C15E3972813083EE307390B2F8	D0324FFBC5C4E720B3D096865E90A1F0C8AA02FAFC84A0E7D6081080F29FBE5D
Chrome Cache Entry: 115	Web Open Font Format (Version 2), TrueType, length 15744, version 1.0	15D9F621C3BD1599F0169DCF0BD5E63E	7CA9C5967F3BB8BFFEAB24B639B49C1E7D03FA52	F6734F8177112C0839B961F96D813FCB189D81B60E96C33278C1983B6F419615
Chrome Cache Entry: 116	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 117	Web Open Font Format (Version 2), TrueType, length 20028, version 1.0	2BFDE17B9A1384CE64AF78DB1B87A82F	8EFFD23E482511E249C3F8E91CDC503729B93598	5C2D662E92BCBF1A5970B97040F901031295E79A96314DB8302F549003022087
Chrome Cache Entry: 118	ASCII text, with very long lines (383)	FEB5226C59542B24B6472CBF16DEF9BC	B95922DBD8EA917DCCA97036FEDF9F809A1CB787	D6AAF25B7F667EB49AC2329AA9B28159590D7E40941E40FE1DFB7D0E58A76AC8
Chrome Cache Entry: 119	ASCII text, with very long lines (1283)	07D2666C7EFFFA0F2AE3FCEF8FD33864	4AE35A0C78CE7916CDC8F8FFC8EF455C51F9BC1A	4D6121927EDFD85292AE71576E024F5D63B0420F534E71D8CE7B3B83CEB9B6AF
Chrome Cache Entry: 120	ASCII text, with very long lines (1851)	0ED27DC863899167B583BC173D1F3C34	D2215C6B708AFE421094EC3609AB84FE0A656B84	1F2BE5B9EB0058AF3B9D0E1695FA2F937F9B210DF12EB48BD6B55CA4E33EB2E2
Chrome Cache Entry: 121	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 74	PNG image data, 192 x 192, 8-bit gray+alpha, non-interlaced	38E5B986496CE01394F7492D27279798	BE08B0B5DA9CE31246CD5AC4C8BA4E257470221C	74D311FFEACF69A9409C517CA12E09F5C7531B015B8A34290B52D713EA5622F1
Chrome Cache Entry: 75	Web Open Font Format (Version 2), TrueType, length 45300, version 1.0	5FE660C3A23B871807B0E1D3EE973D23	62A9DD423B30B6EE3AB3DD40D573545D579AF10A	E13FFA988BE59CBF299D7FF68F019F902B60848203AC4990819EB7E4624EE52D
Chrome Cache Entry: 76	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 77	PNG image data, 93 x 72, 8-bit/color RGB, non-interlaced	1932267306AA2080E34DDDCF6D3C960D	8A26B69E55A09960DCDB185476603BE7157C0061	FBCBB7F1F8C14FFD58125BC5D9B0B8DA97ACEAE072E74E9F7A61CCD19B44230E
Chrome Cache Entry: 78	ASCII text, with very long lines (38991)	1E5A2D024954A14A3025F684AAF44595	94DDCC9DD65C22897E52BD4FD808DCE4703FB275	FB567040ABFBA5705EF438233DA6CA0DF44FC81CEACFFE1B5D8E1F3FFABC33FB
Chrome Cache Entry: 79	ASCII text, with very long lines (65536), with no line terminators	8E6B0F88563F9C33F78BCE65CF287DF7	EF7765CD2A7D64ED27DD7344702597AFF6F8C397	A7057BEBFFF43E7281CA31DA00D40BD88C8D02D1576B9C45891DD56A3853269A
Chrome Cache Entry: 80	ASCII text, with very long lines (1163)	D9B3AF8CA55557C58F17B50CD0FF71FD	50D5639143C78D447D68E5A726CB3CD6D946EA7C	46E6D7CF86266507684CA465BF70C6EAF54540C718E4B29029AA8396ECE9FDD3
Chrome Cache Entry: 81	HTML document, ASCII text	A34AC19F4AFAE63ADC5D2F7BC970C07F	A82190FC530C265AA40A045C21770D967F4767B8	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
Chrome Cache Entry: 82	SVG Scalable Vector Graphics image	4E48046CE74F4B89D45037C90576BFAC	4A41B3B51ED787F7B33294202DA72220C7CD2C32	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
Chrome Cache Entry: 83	ASCII text, with no line terminators	011B17B116126E6E0C4A9B0DE9145805	DF63A6EB731FFCE96F79802EFF6D53D00CDA42BC	3418E6E704387A99F1611EB7BB883328A438BA600971E6D692E8BEA60F10B179
Chrome Cache Entry: 84	HTML document, ASCII text, with CRLF, LF line terminators	58F9A08FED70725DF7A304AA5671F583	2B6FE69685C07CD9EDBE6DB2A9689E9CE334D762	DC7502888DC4835C2C0A33017CD715FFAEE2D810261CCF03A1F82F8862972DD4
Chrome Cache Entry: 85	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel	EA69A3F95DD5484853D128186DB7E13D	5FDB5FE05108FD6E5386BBDA06778AF4B446DC6A	8179E80BCFEF62154D1FF7371A1C60BD2C6C1E71C3DA2F4A8B1DB518A1900EC2
Chrome Cache Entry: 86	ASCII text	CB8635C0CB91A0484639EA1E1C42A923	B97D43CAF61D040BEE5F74985323B511BD0A2490	A8E34DF7B50934F4F02C63BAD5878E4B96B6603BA9BD167DBFFB69AF6404135B
Chrome Cache Entry: 87	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Mockup image of male hands using a laptop computer and holing a smart phone both with blank white screens. Focus on the index f, manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, xresolution=141, yresolution=149, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:07:25 12:37:24], baseline, precision 8, 5472x3648, components 3	583707976208CC031C19C435E89E22D5	EB68B710BF4BBBBF9CF8C471D3BC4ABA1F80CDF0	BA68015F07E9736C5AE384136E127C2088A3555D0EC1E550FEA9F255FCCA6E0A
Chrome Cache Entry: 88	PNG image data, 72 x 39, 8-bit/color RGB, non-interlaced	69B57565D068FCF977C2C57818D83183	B7B78AF7CD6FCF2C95E105810F24E8F5F2822F90	EC65F351462859D90A15C593714A478A7BC6D71380F1045FAFE604E362BE13AF
Chrome Cache Entry: 89	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 90	SVG Scalable Vector Graphics image	4E48046CE74F4B89D45037C90576BFAC	4A41B3B51ED787F7B33294202DA72220C7CD2C32	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
Chrome Cache Entry: 91	ASCII text, with no line terminators	900914BC560773CAF9E095A8F17F6E37	51E0C4C0C0902C50F0D7E7581E0EDB0DCC191D7D	08E437A7674E58F221D4EE6D5742EF2643929FB566511709F988B5EBE4FE4C1E
Chrome Cache Entry: 92	ASCII text, with very long lines (50758)	67176C242E1BDC20603C878DEE836DF3	27A71B00383D61EF3C489326B3564D698FC1227C	56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
Chrome Cache Entry: 93	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel	EA69A3F95DD5484853D128186DB7E13D	5FDB5FE05108FD6E5386BBDA06778AF4B446DC6A	8179E80BCFEF62154D1FF7371A1C60BD2C6C1E71C3DA2F4A8B1DB518A1900EC2
Chrome Cache Entry: 94	ASCII text, with very long lines (546)	542349D0282317480CBDABBA64083D87	6E055DA533285C1BB8752FFDE293DAA8FF988885	AD50596D44E37D3017DF804F0CA4B0C539D523F171B0D71B2FE033303C3F9829
Chrome Cache Entry: 95	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 96	PNG image data, 72 x 39, 8-bit/color RGB, non-interlaced	69B57565D068FCF977C2C57818D83183	B7B78AF7CD6FCF2C95E105810F24E8F5F2822F90	EC65F351462859D90A15C593714A478A7BC6D71380F1045FAFE604E362BE13AF
Chrome Cache Entry: 97	HTML document, ASCII text, with very long lines (4020)	0CA44910E241BC71448C9BECCC62FF15	49FE8EAEEE5F5780F9FE8D24DDAB8889F8D1793C	F1DF7A07B7E84A930F848044B6CFBFC44C7D4811F9AB9B3FA58AAC35098EA6E5
Chrome Cache Entry: 98	ASCII text, with very long lines (7043), with no line terminators	B6C202188699B897BB727A68EDD24665	FF3B891E06C983DCA277C1D7D874C8EB8084EB96	184A034CB9202937BF012AFF8C81E0747B7CA8F8F9E6115556FDB09D5BAEC419
Chrome Cache Entry: 99	ASCII text, with very long lines (65536), with no line terminators	B2B47E7CA591D1CF7ED95FA82F7D10E0	328218C6F7E8DEF0A85A0A0A40E8EC324BFC5D7F	BBAAC496CBF40F861B5B91750D41E359832F8C1808C93B0B5F720154BA23EE55

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://sites.google.com/view/busch-vacuum/home

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://allmysonscom.top/jq/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c1	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/boot/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c6	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/flow/ov1/262488950:1707764966:vaAlIai909zKvAhWSk_psiX7v9StSENbiBvKUScxVng/85474443ad6c4503/8c2b9e0eb6a0042	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/1	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/flow/ov1/318354221:1707764905:dMGQ1qf0ojXCyT3GkA92YDzydM_ywRIzHUqJOdKJBCE/854744798c5612da/bb407e331054714	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/ASSETS/img/m_.svg	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/js/8845edfee9737b347c9bba0188b1b8f065ca72cbd90ca	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/o/8845edfee9737b347c9bba0188b1b8f065ca72ce4265c	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/ASSETS/img/sig-op.svg	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=85474443ad6c4503	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=854744798c5612da	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/x/8845edfee9737b347c9bba0188b1b8f065ca72ce4262d	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top/APP-8845edfee9737b347c9bba0188b1b8f065ca72ce4261b/8845edfee9737b347c9bba0188b1b8f065ca72ce4261c	Avira URL Cloud: Label: phishing
Source: https://allmysonscom.top	Avira URL Cloud: Label: phishing

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 5.13.pages.csv, type: HTML
Source: Yara match	File source: 6.14.pages.csv, type: HTML

Yara detected HtmlPhish20

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://allmysonscom.top/	Matcher: Template: cloudflare matched
Source: https://allmysonscom.top/	Matcher: Template: cloudflare matched
Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786	Matcher: Template: microsoft matched
Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786#	Matcher: Template: microsoft matched

Phishing site or detected (based on various text indicators)

Source: Chrome DOM

OCR Text: Busch Vacuum Mark Magill Has Shared a Document Home History PRESS HERE TO VIEW/DOWNLOAD DOCUMENTS Team FAO

HTML body contains low number of good links

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

HTTP Parser: Number of links: 0

HTML page contains hidden URLs or javascript code

Source: https://allmysonscom.top/

HTTP Parser: Base64 decoded: https://allmysonscom.top/

HTML title does not match URL

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

HTTP Parser: Title: 83d322445b1d02a6451c977e55b79f8a65ca72cb02757 does not match URL

Invalid 'sign-in options' or 'sign-up' link found

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

HTTP Parser: Invalid link: get a new Microsoft account

Source: https://allmysonscom.top/	HTTP Parser: No favicon
Source: https://allmysonscom.top/	HTTP Parser: No favicon
Source: https://allmysonscom.top/	HTTP Parser: No favicon
Source: https://allmysonscom.top/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786	HTTP Parser: No favicon

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

HTTP Parser: No <meta name="author".. found

Source: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 72.246.252.126:443 -> 192.168.2.4:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 72.246.252.126:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49778 version: TLS 1.2

Source:

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 72.246.252.126
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 96.7.245.89
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 96.7.245.89
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-117.0.5938.132Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /view/busch-vacuum/home HTTP/1.1Host: sites.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /js/client.js?onload=gapiLoaded HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /fSqYar0jheoUPBYKca6aF_NSRtDkQuF_3zYDeKWst7rfzPohazcN9UFL3nOv9fXNuHhAU8TgyRRs-R1SWXu5b_Q=w16383 HTTP/1.1Host: lh6.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fSqYar0jheoUPBYKca6aF_NSRtDkQuF_3zYDeKWst7rfzPohazcN9UFL3nOv9fXNuHhAU8TgyRRs-R1SWXu5b_Q=w16383 HTTP/1.1Host: lh6.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: global traffic	HTTP traffic detected: GET /uNIla_7jRBSSF3AYmFIAe6z2LT9wgy8chO3jGUsCmMSzR9r_PaqAbY4eE5z2pvW0gcPhVNOfFaVI0EEfJ0EY6-0=w16383 HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /_/view/logImpressions?authuser=0 HTTP/1.1Host: sites.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /uNIla_7jRBSSF3AYmFIAe6z2LT9wgy8chO3jGUsCmMSzR9r_PaqAbY4eE5z2pvW0gcPhVNOfFaVI0EEfJ0EY6-0=w16383 HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /_/view/logImpressions?authuser=0 HTTP/1.1Host: sites.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /url?q=https%3A%2F%2Fnowlifestyle.com%2Fredir.php%3Fk%3D9a4e080456dabe5eebc8863cde7b1b48%26url%3Dhttps%3A%2F%2Fallmysonscom.top&sa=D&sntz=1&usg=AOvVaw1wKraueWhnGr5VlpbWx2MD HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /redir.php?k=9a4e080456dabe5eebc8863cde7b1b48&url=https://allmysonscom.top HTTP/1.1Host: nowlifestyle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=85474443ad6c4503 HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://allmysonscom.top/?__cf_chl_rt_tk=827_YhIdJNGcC0qhgrnMd71OAO.BZvCY75UWqF050PQ-1707766441-0-3813Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/a990e557/api.js?onload=uWvsrp7&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://allmysonscom.topsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/262488950:1707764966:vaAlIai909zKvAhWSk_psiX7v9StSENbiBvKUScxVng/85474443ad6c4503/8c2b9e0eb6a0042 HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=854744532923b0b1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1536897702:1707765084:WklD56mw33U7CPv27fqqC0pnnqAIy10G1Wxmdbh_jt0/854744532923b0b1/5c8cf7413cc3963 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /url?q=https%3A%2F%2Fnowlifestyle.com%2Fredir.php%3Fk%3D9a4e080456dabe5eebc8863cde7b1b48%26url%3Dhttps%3A%2F%2Fallmysonscom.top&sa=D&sntz=1&usg=AOvVaw1wKraueWhnGr5VlpbWx2MD HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=JaAjsLQYolHFCznFfa2bkPn0yQMO3zyNcyip2LQhQqPcxjMeipF2uSrk9NwV25lExU_3uDHEwHv21nCNZsReBqROSmX3QPswsiqTZIbjyEfKnllyjdhcDRrSZ153r5oVIAPpayJVq4t2NuLl8FeoBBGWbWDi8k8-4MglUQL8n2Kv3U-LhDx5H-qQ
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/854744532923b0b1/1707766445862/TL2Z-SAoYDbR0-B HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /redir.php?k=9a4e080456dabe5eebc8863cde7b1b48&url=https://allmysonscom.top HTTP/1.1Host: nowlifestyle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Referer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=854744798c5612da HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://allmysonscom.top/?__cf_chl_rt_tk=nMKw9Q_A9UCDvFQMi7hMjkX7gJpSnsxaBrj4i5mhxh0-1707766450-0-3941Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/318354221:1707764905:dMGQ1qf0ojXCyT3GkA92YDzydM_ywRIzHUqJOdKJBCE/854744798c5612da/bb407e331054714 HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/854744532923b0b1/1707766445862/TL2Z-SAoYDbR0-B HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/854744532923b0b1/1707766445864/145450f9f29a437153a4db87001c50914e532129640eb0e34670b650d28dc54a/9uVA9OYt25Qd1Gt HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9ye9b/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85474485de6744e2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1536897702:1707765084:WklD56mw33U7CPv27fqqC0pnnqAIy10G1Wxmdbh_jt0/854744532923b0b1/5c8cf7413cc3963 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1852742952:1707764992:pN_rDYEjXF1KZ4h6K2VLQ9UjW2aqmKZRx1oZcVFaw4o/85474485de6744e2/b8bef5262dabc89 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/85474485de6744e2/1707766453720/5819046ea238e2a8ddd561ca4d8dfc754e0e7c697e8fddbb8fc7df8ef3a52cf6/wfnc6rc2Hky3rQj HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/85474485de6744e2/1707766453724/5MPlSsszeImzAsF HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/82xpu/0x4AAAAAAADnPIDROrmt1Wwj/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/85474485de6744e2/1707766453724/5MPlSsszeImzAsF HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1852742952:1707764992:pN_rDYEjXF1KZ4h6K2VLQ9UjW2aqmKZRx1oZcVFaw4o/85474485de6744e2/b8bef5262dabc89 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1852742952:1707764992:pN_rDYEjXF1KZ4h6K2VLQ9UjW2aqmKZRx1oZcVFaw4o/85474485de6744e2/b8bef5262dabc89 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/318354221:1707764905:dMGQ1qf0ojXCyT3GkA92YDzydM_ywRIzHUqJOdKJBCE/854744798c5612da/bb407e331054714 HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/?__cf_chl_tk=nMKw9Q_A9UCDvFQMi7hMjkX7gJpSnsxaBrj4i5mhxh0-1707766450-0-3941Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786 HTTP/1.1Host: allmysonscom.topConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Referer: https://allmysonscom.top/?__cf_chl_tk=nMKw9Q_A9UCDvFQMi7hMjkX7gJpSnsxaBrj4i5mhxh0-1707766450-0-3941Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /jq/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c1 HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /boot/8845edfee9737b347c9bba0188b1b8f065ca72cbd90c6 HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /js/8845edfee9737b347c9bba0188b1b8f065ca72cbd90ca HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /APP-8845edfee9737b347c9bba0188b1b8f065ca72ce4261b/8845edfee9737b347c9bba0188b1b8f065ca72ce4261c HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /o/8845edfee9737b347c9bba0188b1b8f065ca72ce4265c HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/m_.svg HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/sig-op.svg HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /x/8845edfee9737b347c9bba0188b1b8f065ca72ce4262d HTTP/1.1Host: allmysonscom.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://allmysonscom.top/21663221c08095a4839b4833d7029a6265ca72cb02785LOG21663221c08095a4839b4833d7029a6265ca72cb02786Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/m_.svg HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/sig-op.svg HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /x/8845edfee9737b347c9bba0188b1b8f065ca72ce4262d HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729
Source: global traffic	HTTP traffic detected: GET /o/8845edfee9737b347c9bba0188b1b8f065ca72ce4265c HTTP/1.1Host: allmysonscom.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=R3CvrBTW.edNuhfehSc2sKWxy0A6MMRvfGqrwE3qaIg-1707766450-1-Aa5648zQmAQH+hx9Wj6/6iV1Y6j8Dk/kKflPIx1VyMLy+7Rfqm2IJ709YqpUPQse5NL/lFXpdfwCG+htUkULQFo=; PHPSESSID=40f8bd040367f77ff66ca26fca481729

Source: chromecache_114.2.dr

Source: unknown

DNS traffic detected: queries for: accounts.google.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:01 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15816Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp1ImpmtQqJ%2Bje%2FJjcUwtyXyLL7Oi%2FeHWaJDd0q9S%2BfgJ18k6LAG0RbqPLdNVRh6OWrpfCm98Ff81NI8oaWjxtL1JtdInwYsrQDWBPBzxBa7Jc29tb8HO0aAV13yfbWVAuwR"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:03 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15968Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioKtvEKEWgn6arwQNxboIev65TrRpyFODtJyZTBilx7jBJZ1XMP66PYzM8kj3WvdfN%2B1tRX%2FKzSCGUmnt1ESFHDdR73Ma1pb6f07olJB82834KJNOwCr78t5%2Br14nhFVX5YC"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:05 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15947Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:10 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15944Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FWGYcgqM2F84TVwpKxsWUqK1AhuRTR6kkAmVGUQ8591kBk8KNLdAZ77KmyTQtCYD%2BjrydrcWQvTiCKqv8M38iJwXfH%2FoaL0BkRofoIksbq432ASxCBnyo9cgw%2BOutiwEcXs"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:11 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15968Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MfOxbTMVMP7vVtdPI2LC9wYnAIO4RtQ4VW9uUFOtl22ToAqivoUhighs4xPORuWgAOkPJh8lMd1y9B07hOLnLbSqUEw1U%2BT11ZezP9bOaP45SL95YX2wGLhimieAHejwLFR"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:13 GMTContent-Type: text/html; charset=UTF-8Content-Length: 15968Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqJGwE4iQTZz%2FwvFHroKvGvBwOheork0mSQzacUcZpfPbMzvyuXHJ5QvRJxhNaf4NRC5yFOqrKFbop8TOqQ6LUQVWHiJ0FliwVl57ezKG2uwiZe2ZMB5XQtdTHf0o2xdKy2t"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 12 Feb 2024 19:34:34 GMTContent-Type: text/html; charset=UTF-8Content-Length: 16053Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32LDe1DsUJJPC0GWI5Bg6xWs0K1dJ12YuCzlxp%2Fr8WpIH07Cm%2FmLffQLnwusJcFDSprZbE52EHnzjEtb6FE6HsPLBpQqCgpj7udT9QaUrmHYTPMPI5AW7a8B9YYpoPIz%2Bbtq"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 12 Feb 2024 19:34:38 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2mwxRWBUjT3MJm2KYW3eSCotmV4jn5hNd5uHcfF9dfzIENZp2D8JhIDGomETWcgN%2BJRJf8LwD9xvoDoifrW%2FOEuzeO8aOmBkyu%2FQLsA21jUOwRhm96Hu5gl5gA3QOtBeiCp"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8547452849abad71-ATLalt-svc: h3=":443"; ma=86400

Source: chromecache_112.2.dr	String found in binary or memory: http://csi.gstatic.com/csi
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/iframe
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_84.2.dr	String found in binary or memory: https://allmysonscom.top
Source: chromecache_114.2.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_114.2.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: chromecache_114.2.dr	String found in binary or memory: https://classroom.google.com/sharewidget?usegapi=1
Source: chromecache_114.2.dr	String found in binary or memory: https://clients3.google.com/cast/chromecast/home/widget/backdrop?usegapi=1
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_112.2.dr	String found in binary or memory: https://console.developers.google.com/
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_112.2.dr	String found in binary or memory: https://csi.gstatic.com/csi
Source: chromecache_112.2.dr	String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_114.2.dr	String found in binary or memory: https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/api-client-library/javascript/reference/referencedocs
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/gis-migration)
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.googleblog.com/2018/03/discontinuing-support-for-json-rpc-and.html
Source: chromecache_112.2.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_114.2.dr	String found in binary or memory: https://drive.google.com/savetodrivebutton?usegapi=1
Source: chromecache_114.2.dr	String found in binary or memory: https://families.google.com/webcreation?usegapi=1&usegapi=1
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RP
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cSZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-eCZMZ-Y.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVcf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0-ExdGM.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0yExdGM.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OOtLQ0Z.woff2)
Source: chromecache_86.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlM-vWjMY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMOvWjMY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMevWjMY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMuvWjMY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlOevWjMY.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2)
Source: chromecache_107.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPuvWjMY.woff2)
Source: chromecache_92.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_92.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_92.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_84.2.dr	String found in binary or memory: https://nowlifestyle.com/redir.php?k
Source: chromecache_84.2.dr	String found in binary or memory: https://nowlifestyle.com/redir.php?k=9a4e080456dabe5eebc8863cde7b1b48&url=https://allmysonscom.t
Source: chromecache_114.2.dr	String found in binary or memory: https://pay.google.com/gp/v/widget/save
Source: chromecache_94.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_114.2.dr	String found in binary or memory: https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_94.2.dr	String found in binary or memory: https://rapid.corp.google.com/
Source: chromecache_94.2.dr	String found in binary or memory: https://scriptz.corp.google.com/
Source: chromecache_119.2.dr	String found in binary or memory: https://ssl.gstatic.com/atari/images/no_results_error.png
Source: chromecache_112.2.dr	String found in binary or memory: https://ssl.gstatic.com/gb/js/
Source: chromecache_114.2.dr	String found in binary or memory: https://ssl.gstatic.com/microscope/embed/
Source: chromecache_119.2.dr	String found in binary or memory: https://support.google.com/cloudsearch/answer/6172299
Source: chromecache_114.2.dr	String found in binary or memory: https://talkgadget.google.com/:session_prefix:talkgadget/_/widget
Source: chromecache_94.2.dr	String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: chromecache_112.2.dr, chromecache_114.2.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_94.2.dr	String found in binary or memory: https://workspace.google.com/products/sites/
Source: chromecache_94.2.dr	String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: chromecache_114.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/badge?usegapi=1
Source: chromecache_114.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/optin?usegapi=1
Source: chromecache_112.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.login
Source: chromecache_112.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_112.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_114.2.dr	String found in binary or memory: https://www.gstatic.com/partners/badge/templates/badge.html?usegapi=1
Source: chromecache_114.2.dr	String found in binary or memory: https://www.youtube.com/subscribe_embed?usegapi=1

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 72.246.252.126:443 -> 192.168.2.4:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 72.246.252.126:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49778 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_6108_1419552930

Jump to behavior

Source: classification engine

Classification label: mal92.phis.troj.win@26/85@40/18

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1984,i,8483475906506789809,10319773719344864098,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sites.google.com/view/busch-vacuum/home
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1984,i,8483475906506789809,10319773719344864098,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:

Data Obfuscation

Yara detected Html Dropper

Source: Yara match	File source: 5.13.pages.csv, type: HTML
Source: Yara match	File source: 6.14.pages.csv, type: HTML

ID:	1391076
Product:	CloudBasic
Start time:	20:32:48
Start date:	12.02.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://sites.google.com/view/busch-vacuum/home

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://sites.google.com/view/busch-vacuum/home

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://sites.google.com/view/busch-vacuum/home