Windows Analysis Report
https://samartrace.co.ke/resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com

Overview

General Information

Sample URL:	https://samartrace.co.ke/resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com
Analysis ID:	1427005
Infos:

Detection

HTMLPhisher

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid T&C link found

URL contains potential PII (phishing indication)

Classification

Signatures

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 3.4.pages.csv, type: HTML
Source: Yara match	File source: 2.3.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL	Matcher: Template: microsoft matched
Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL#	Matcher: Template: microsoft matched

HTML body contains low number of good links

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden URLs or javascript code

Source: https://qnh3b.putimp.com/yo0z/#Mtransportforum@stanstedairport.com

HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <meta http-equiv="X-UA-Compatible" c...

HTML title does not match URL

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: Title: ebqFAQwMwk does not match URL

Invalid T&C link found

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL	HTTP Parser: Invalid link: Terms of use
Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL	HTTP Parser: Invalid link: Privacy & cookies

URL contains potential PII (phishing indication)

Source: https://samartrace.co.ke/resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com

Sample URL: PII: transportforum@stanstedairport.com

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: <input type="password" .../> found

Source: https://qnh3b.putimp.com/yo0z/#Mtransportforum@stanstedairport.com	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normal	HTTP Parser: No favicon
Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL	HTTP Parser: No favicon

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: No <meta name="author".. found

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49744 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 23.40.205.73
Source: unknown	TCP traffic detected without corresponding DNS query: 23.40.205.73
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com HTTP/1.1Host: samartrace.co.keConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yo0z/ HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/bcc5fb0a8815/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8756a4b73c471383 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/yo0z/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlhvZWRnRndkamd5MXdpamxNaU9QbEE9PSIsInZhbHVlIjoiQnJqRTZTVHRMZGdrbVRydlVFYkY1d1NONmNkM0FlQlhOajg5ZGt6azlzZ2hNUERmc3Q1QkdsbVpuTE50R0dsRjB5d3lydm1mOEFzMVBKSXJTVCtYNExQREw0R3JmN01xeDN3SzhKNEsvM0FsNGdWMUwxNlM1MHo5blVSNjkrZVEiLCJtYWMiOiJkNmMwYWZmNDhkNTc0ZWQyMmIyZWFlMDAxNTVjNjgxZDU3YjI2OWEyNTI3N2VkOTVjODQzNjNjZjIyM2MzMzUxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkdFMVRWRVNxWG1PUHR4UWJNc3dqWEE9PSIsInZhbHVlIjoiMnF1V2lrMEFPem5qY0JZN1ZxaGhIc3VkRXlqQWZGT0x5R3RCNnU5b3ZMdmlNb2dXQjV1ZnQ4ZmRKcGx6bnFHVVNXdGV3b1NTdGhCaXNhMUp2V3diZHUvQ3hEWitkcGFmbDRWamFJL0VINjJlOUlCRnhTaitXMVB5b1YrY1lMcmgiLCJtYWMiOiI5ZDM1ZTI2MjJmNTg5OTU2ZmJkZDFlNTE2ODMxMDhjM2Q4YWI0ODRiZTM3NmI1ODUwMDY5ZjNmMmM5MTY0Y2U3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/582398122:1713292595:nfjc01nuBpm6sYz_S8U270P-1Zb5f_3UQCAB6XXnflo/8756a4b73c471383/998145d1b266cd0 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8756a4b73c471383/1713296389254/anpd4FQprUR7OPG HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/8756a4b73c471383/1713296389254/ac6e7e9690d324482ebd2d423ffbf48f13700e35c15d10a6c638d2dc30502dc6/qxBmrjcxmoe-ekd HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8756a4b73c471383/1713296389254/anpd4FQprUR7OPG HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/582398122:1713292595:nfjc01nuBpm6sYz_S8U270P-1Zb5f_3UQCAB6XXnflo/8756a4b73c471383/998145d1b266cd0 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/582398122:1713292595:nfjc01nuBpm6sYz_S8U270P-1Zb5f_3UQCAB6XXnflo/8756a4b73c471383/998145d1b266cd0 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yo0z/ HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://qnh3b.putimp.com/yo0z/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBRc2RJVUtTeGhFaWg4RytlQnRGNFE9PSIsInZhbHVlIjoiRmFpNjliazJ6L3Zxd01SZk9jcVd5L21WZ1Q2MGwyTTM2b0JmNkI2b0l4UkZpNklVd090UGlEOExzbUZFanJqeUY2SkJwSUxoN3pvRHpoa3BxSmM5OGxvc2hUTVdIM095VjQvQzltSk1VTm40NFpBTktxQ0M0R3BrczMzcHRtZWMiLCJtYWMiOiIxY2YwMGIxYTJiMzIwMWJmMzk2MWMyMjYxNTJmNmFmNGVmZmQ1YTRiM2VhZjdjMWI5ODcyNjE4ZWFlMDRiYjgwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkRJdE9PQitHZllickYybk9WcVhOQkE9PSIsInZhbHVlIjoiWHdVdjZFa3VkVVFFNi81UmlJaEp1d0xBZHZ4NTJWNUtRdmZHM2V5MlRZYVh3eE9EUzRMakNLTGhPVzdldjVZZHFuQUlqTjZNMFc4MmlPYS9BVXdMTEIxUTQ1L0YzVS9UZjJxSTJCU3pRaGFGNUFyd3R5RHBEVk8zVGhHMCtKS3YiLCJtYWMiOiIxMTBlZmQ4ZjZlYjU4OTQzOTIxOGFjNDZkYmY5MzVhNTBkNDEyYWMwNzhlYmI5YWIzMmFmMDgwZDlkNmI5MzhhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /vbhBwfSdFwHEANiXnMfcwIszde HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBRc2RJVUtTeGhFaWg4RytlQnRGNFE9PSIsInZhbHVlIjoiRmFpNjliazJ6L3Zxd01SZk9jcVd5L21WZ1Q2MGwyTTM2b0JmNkI2b0l4UkZpNklVd090UGlEOExzbUZFanJqeUY2SkJwSUxoN3pvRHpoa3BxSmM5OGxvc2hUTVdIM095VjQvQzltSk1VTm40NFpBTktxQ0M0R3BrczMzcHRtZWMiLCJtYWMiOiIxY2YwMGIxYTJiMzIwMWJmMzk2MWMyMjYxNTJmNmFmNGVmZmQ1YTRiM2VhZjdjMWI5ODcyNjE4ZWFlMDRiYjgwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkRJdE9PQitHZllickYybk9WcVhOQkE9PSIsInZhbHVlIjoiWHdVdjZFa3VkVVFFNi81UmlJaEp1d0xBZHZ4NTJWNUtRdmZHM2V5MlRZYVh3eE9EUzRMakNLTGhPVzdldjVZZHFuQUlqTjZNMFc4MmlPYS9BVXdMTEIxUTQ1L0YzVS9UZjJxSTJCU3pRaGFGNUFyd3R5RHBEVk8zVGhHMCtKS3YiLCJtYWMiOiIxMTBlZmQ4ZjZlYjU4OTQzOTIxOGFjNDZkYmY5MzVhNTBkNDEyYWMwNzhlYmI5YWIzMmFmMDgwZDlkNmI5MzhhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yo0z/?dMtransportforum@stanstedairport.com HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://qnh3b.putimp.com/yo0z/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZXaFQxY1BwUmdkOWtJRTJ6RVNmQWc9PSIsInZhbHVlIjoiQWhobzc1RFNQMDVzUjV0NlNGUDViZ2lXYzJ3a3Z5KzNHMTFiUzlzK2hWWThxcWpRclZPU2NWdThmcEw1Tlp3akFZL3Bjbmh6cDQyNEFhT3NIRVh0bE90b01ZbjF0bjJxek5hTTdUdHNadSsrb1pWQ1N0N0pvZTM0ZEhLbEE3VVEiLCJtYWMiOiJkNDg3MjdjZmM0MjM3YjQ2YjcwZTJiMGMyYjA0ZTQ0NDc2ZjczMDE3MmM4YjQ4Njk5NWRkZDI2NjY4OTFiZTFiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8reDhTK0h6RnVyeWpTZnNhVk5MZnc9PSIsInZhbHVlIjoiZWtsZDB6N2J6VDRwNjNhVmpjQWFaQUxrZEUxSUJETEZDT3A1VzFNVVovejZmYWs1WFN0SmMzc2JjRjRPMzRUdDdUdGRSMVlKWGxGSkpSOHpadE01dHkwUFd0UkJXMDFzZmlVczhoZytnRzBPQVFSS1lkZVc5SmMraDRvLzRlcXYiLCJtYWMiOiI2MTE2MDRiZDI2MTBjOGNmYzVhZDM2OWU5ZmU0NmM2YmE1NjVmZjllYmU5OTMwOTI3MmNiNWUyMzA0NmNlZmY1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://qnh3b.putimp.com/yo0z/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkpIL2VNMUhnVmVaNmhla01GN3p4V1E9PSIsInZhbHVlIjoiaVhXM1JUQ0hhNEc4aHVqVmx5TjhBUUd0YmxVQnh6ekQ0NElKTTI2SWVGMjhQNUJ4STcwK0VmSVlnRmpBb21KQnFOa3d3QTltU3BMMHRFK1dVa1ZaREVDTFl2Nm14c2F0Rkk1SFVQTFhKRnZUdmVDTkI2TWI2MFVZWWFRU05rYngiLCJtYWMiOiJmZjQ1ZTkyODVjMjUzN2FlN2JiNWEyNTc2Yzg3NTRhZGJkNWMzYjQyZWE4YjY4Nzc5OThkNWIzYmQzODhlODA1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImVSeEo3UXJCRG9wRSs0emdUclFnVHc9PSIsInZhbHVlIjoicVBWQ1pXWG1TbERQaWd3MkVlZENQeFN0WHg4R0tWRTdyQWQzQU4rdHlmZW9TWmJVVFArdE5zMDI4aGd4WHlNRVJtUHlRY1NYb1Y3czg0Tzdlc0lacmZDeWdoK3loa0lZTU5nYjUyVXdKOXNleWNSQmdXZWlDNmFKUFQyQ1Q2U1EiLCJtYWMiOiI4ZDgwZmI0ZTBhZTI3YWE0Y2M1YmE5MTQwN2Q3OTFmZDBkNjhkMTg1YjliNGVmYWM5NjlkOTZmZDFiYmNiNGM0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56FMAGab1x5X48912 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /absIDHZ3sTrsARG5gh30 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pqJ7f9jIH8fWXt124b9wx40 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12pQHazQfq78CXM6wYqr50 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /78znHbZYRRXfAgqb9845YeYc8Jyst60 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /23CP8hhTkYf7i1Y7Cu2889TsquUI9xy70 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /89Gdd5VtslDof12yyqgTFeyz80 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efsInCvmlWeCilStApO0mm7F34E2eYInRflSmn100 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: qnh3b.putimp.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://qnh3b.putimp.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3DSec-WebSocket-Key: RysbfYDjARKRoO+uNhdnUA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /56mJNrBuzavr2jeVPN8ZPklcjOHObwtzd89109 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnxoZafsKDuxUqjsrPcbj6GUIUShAhijNmBHuhIpjAkspqBG3juv220 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijbIVlkpv2ZZTygLSxZT6ZwNiSvLwJN9cjzfwH2xIb9389Eki8BUsphIffC6v2wjCab230 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvDtFZCv0wFVvViM8VMRNhGDQANzFbqopDBnMwonX9jq8Iz80g3o34130 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qrqUFMIq9b9JbPpLrgAmn4ulS1Tb9UGwjH3M445136 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnj6kP2yDeYnWBE3NGPYpBcQFdKiUAklGRqHuLoIStoIobLMYncM05W90142 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ujHRglEIvSgsknQvpq6iCEG0CKt3VNPydRh7sZbzs6NVsOd6905 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijbIVlkpv2ZZTygLSxZT6ZwNiSvLwJN9cjzfwH2xIb9389Eki8BUsphIffC6v2wjCab230 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ij3i4kM8BpGcgwtnXl6yRLyzLL7MDsVlBROxxy3o56170 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvDtFZCv0wFVvViM8VMRNhGDQANzFbqopDBnMwonX9jq8Iz80g3o34130 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxE3kHI4ecDaCT9gFpugKXrs1qfSqI4b5zaAgB2RKb0F8Y0eR90180 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opqRXS70VBE6D4xIXErMP9YghJL6HBfcH0bVXg3GFVCef200 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnxoZafsKDuxUqjsrPcbj6GUIUShAhijNmBHuhIpjAkspqBG3juv220 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijAHK25XxOXMFvIOtUy4tinE6RrAmRLZiVjc39gWxyjeDJrHll6oDyjjUUYj5jKyD12207 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ij3i4kM8BpGcgwtnXl6yRLyzLL7MDsVlBROxxy3o56170 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr61WfUGozdhThoMoyqT1oYX9BHQtkPGpGSwNBuvbfSZXhgYA5e6kaovOS5pXUef240 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stwgt99Sy67fohdZsxX40uDyhgxawMl0DLWKGHLTQ6P8y0JcmnSfKqVoctw10GtltrTR6rXbtBfGvtIj6mw8GmRBagh251 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnj6kP2yDeYnWBE3NGPYpBcQFdKiUAklGRqHuLoIStoIobLMYncM05W90142 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qrqUFMIq9b9JbPpLrgAmn4ulS1Tb9UGwjH3M445136 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opqRXS70VBE6D4xIXErMP9YghJL6HBfcH0bVXg3GFVCef200 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxE3kHI4ecDaCT9gFpugKXrs1qfSqI4b5zaAgB2RKb0F8Y0eR90180 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijAHK25XxOXMFvIOtUy4tinE6RrAmRLZiVjc39gWxyjeDJrHll6oDyjjUUYj5jKyD12207 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr61WfUGozdhThoMoyqT1oYX9BHQtkPGpGSwNBuvbfSZXhgYA5e6kaovOS5pXUef240 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stwgt99Sy67fohdZsxX40uDyhgxawMl0DLWKGHLTQ6P8y0JcmnSfKqVoctw10GtltrTR6rXbtBfGvtIj6mw8GmRBagh251 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: qnh3b.putimp.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://qnh3b.putimp.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3DSec-WebSocket-Key: v2iQJU5h6eFUIS5S9b8IsQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: qnh3b.putimp.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://qnh3b.putimp.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3DSec-WebSocket-Key: dK7L2mTMgcj4rEi2DCKgYw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: qnh3b.putimp.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://qnh3b.putimp.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3DSec-WebSocket-Key: WeVx9llw26f/p/k5KnmRPw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: unknown

DNS traffic detected: queries for: samartrace.co.ke

Source: unknown

HTTP traffic detected: POST /cdn-cgi/challenge-platform/h/b/flow/ov1/582398122:1713292595:nfjc01nuBpm6sYz_S8U270P-1Zb5f_3UQCAB6XXnflo/8756a4b73c471383/998145d1b266cd0 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveContent-Length: 2618sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-type: application/x-www-form-urlencodedsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36CF-Challenge: 998145d1b266cd0sec-ch-ua-platform: "Windows"Accept: */*Origin: https://challenges.cloudflare.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 16 Apr 2024 19:39:49 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCache-Control: max-age=14400Age: 13755Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Cq1fFiGHb%2B84J1CxIDjJOFeDMkXMJgZZbrS94qADkcXkdLypsmzF3rtO6CXtu5TpcXTRRJZFySBWsPtn%2BqJ1NNFptrkUNehGUVxGwiw8%2FnBMrK%2Bd1tKlP0uVwAJzA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: HITServer: cloudflareCF-RAY: 8756a4c01b78b062-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 16 Apr 2024 19:40:05 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkUIZ9bsufyLtrrimDpyWR5wOw76t4XCt61%2FNAyRCRCmrP4vuKZYyPZGzKYqVEXZZOEBAH4TFuNdca%2B%2FXOEsZh0MaqMRMU58XW4MOVDZG8k0ckVBD9BspjUjxj9TMw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 8756a524891944d6-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 16 Apr 2024 19:40:11 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAtAHP8x5Nn0CP70oA5D2EKFWRjs5%2FJLgZc7pqaiJE2wmBZ0J%2BeXL%2FqgecjqcFHBjxRyxxouoI1zHEFJ7hl0eVG9DfGbuJvfc2lT2e3rRrFg2v3s%2BWNVl2s9ucd2SQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 8756a548d9734531-ATL

Source: chromecache_100.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_100.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_100.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_100.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_100.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_100.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_100.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_100.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_100.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_100.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_100.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_100.2.dr, chromecache_105.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_100.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__.
Source: chromecache_105.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49744 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@19/73@24/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2428 --field-trial-handle=2036,i,2107721403708843479,861960733534899891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://samartrace.co.ke/resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2428 --field-trial-handle=2036,i,2107721403708843479,861960733534899891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.105.99	www.google.com	United States	15169	GOOGLEUS	false
192.185.88.194	samartrace.co.ke	United States	46606	UNIFIEDLAYER-AS-1US	false
172.67.191.147	qnh3b.putimp.com	United States	13335	CLOUDFLARENETUS	false
108.156.152.4	d2vgu95hoyrpkh.cloudfront.net	United States	16509	AMAZON-02US	false
151.101.130.137	code.jquery.com	United States	54113	FASTLYUS	false
104.17.3.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
64.233.177.105	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.21.84.116	unknown	United States	13335	CLOUDFLARENETUS	false
104.17.2.184	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.210.172	true
a.nel.cloudflare.com	35.190.80.1	true
code.jquery.com	151.101.130.137	true
d2vgu95hoyrpkh.cloudfront.net	108.156.152.4	true
challenges.cloudflare.com	104.17.3.184	true
www.google.com	142.250.105.99	true
qnh3b.putimp.com	172.67.191.147	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
samartrace.co.ke	192.185.88.194	true
cdn.socket.io	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://qnh3b.putimp.com/favicon.ico	false	unknown
https://code.jquery.com/jquery-3.6.0.min.js	false	high
https://qnh3b.putimp.com/yo0z/	false	unknown
https://qnh3b.putimp.com/stwgt99Sy67fohdZsxX40uDyhgxawMl0DLWKGHLTQ6P8y0JcmnSfKqVoctw10GtltrTR6rXbtBfGvtIj6mw8GmRBagh251	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8756a4b73c471383/1713296389254/ac6e7e9690d324482ebd2d423ffbf48f13700e35c15d10a6c638d2dc30502dc6/qxBmrjcxmoe-ekd	false	high
https://qnh3b.putimp.com/ijAHK25XxOXMFvIOtUy4tinE6RrAmRLZiVjc39gWxyjeDJrHll6oDyjjUUYj5jKyD12207	false	unknown
https://qnh3b.putimp.com/mnxoZafsKDuxUqjsrPcbj6GUIUShAhijNmBHuhIpjAkspqBG3juv220	false	unknown
https://qnh3b.putimp.com/pqJ7f9jIH8fWXt124b9wx40	false	unknown
https://qnh3b.putimp.com/opqRXS70VBE6D4xIXErMP9YghJL6HBfcH0bVXg3GFVCef200	false	unknown
https://qnh3b.putimp.com/ij3i4kM8BpGcgwtnXl6yRLyzLL7MDsVlBROxxy3o56170	false	unknown
https://www.google.com/recaptcha/api.js	false	high
https://qnh3b.putimp.com/mnj6kP2yDeYnWBE3NGPYpBcQFdKiUAklGRqHuLoIStoIobLMYncM05W90142	false	unknown
https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL	true	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false	high
https://a.nel.cloudflare.com/report/v4?s=7Cq1fFiGHb%2B84J1CxIDjJOFeDMkXMJgZZbrS94qADkcXkdLypsmzF3rtO6CXtu5TpcXTRRJZFySBWsPtn%2BqJ1NNFptrkUNehGUVxGwiw8%2FnBMrK%2Bd1tKlP0uVwAJzA%3D%3D	false	high
https://qnh3b.putimp.com/ujHRglEIvSgsknQvpq6iCEG0CKt3VNPydRh7sZbzs6NVsOd6905	false	unknown
https://qnh3b.putimp.com/78znHbZYRRXfAgqb9845YeYc8Jyst60	false	unknown
https://samartrace.co.ke/resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com	false	unknown
https://qnh3b.putimp.com/absIDHZ3sTrsARG5gh30	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8756a4b73c471383/1713296389254/anpd4FQprUR7OPG	false	high
https://qnh3b.putimp.com/89Gdd5VtslDof12yyqgTFeyz80	false	unknown
https://qnh3b.putimp.com/qrqUFMIq9b9JbPpLrgAmn4ulS1Tb9UGwjH3M445136	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8756a4b73c471383	false	high
https://qnh3b.putimp.com/56FMAGab1x5X48912	false	unknown
https://qnh3b.putimp.com/efsInCvmlWeCilStApO0mm7F34E2eYInRflSmn100	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/582398122:1713292595:nfjc01nuBpm6sYz_S8U270P-1Zb5f_3UQCAB6XXnflo/8756a4b73c471383/998145d1b266cd0	false	high
https://qnh3b.putimp.com/23CP8hhTkYf7i1Y7Cu2889TsquUI9xy70	false	unknown
https://qnh3b.putimp.com/12pQHazQfq78CXM6wYqr50	false	unknown
https://cdn.socket.io/4.6.0/socket.io.min.js	false	high
https://qnh3b.putimp.com/ijbIVlkpv2ZZTygLSxZT6ZwNiSvLwJN9cjzfwH2xIb9389Eki8BUsphIffC6v2wjCab230	false	unknown
https://a.nel.cloudflare.com/report/v4?s=9tnWU3PQJxYmm3SS2whNOILGui6GvOtkXewQiZqO9sirGA2bwYUZ2WnTxGaazrwhyBUvsC7tFix4%2B31soyW9jRzOw99CRIBEbi%2FsnRF0hHj886PtQiTWILawQl6nDQ%3D%3D	false	high
https://qnh3b.putimp.com/vbhBwfSdFwHEANiXnMfcwIszde	false	unknown
https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL#	true	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normal	false	high
https://qnh3b.putimp.com/wxE3kHI4ecDaCT9gFpugKXrs1qfSqI4b5zaAgB2RKb0F8Y0eR90180	false	unknown
https://qnh3b.putimp.com/qr61WfUGozdhThoMoyqT1oYX9BHQtkPGpGSwNBuvbfSZXhgYA5e6kaovOS5pXUef240	false	unknown
https://qnh3b.putimp.com/yo0z/#Mtransportforum@stanstedairport.com	false	unknown
https://qnh3b.putimp.com/uvDtFZCv0wFVvViM8VMRNhGDQANzFbqopDBnMwonX9jq8Iz80g3o34130	false	unknown
https://qnh3b.putimp.com/web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket	false	unknown
https://qnh3b.putimp.com/56mJNrBuzavr2jeVPN8ZPklcjOHObwtzd89109	false	unknown
https://qnh3b.putimp.com/yo0z/?dMtransportforum@stanstedairport.com	false	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with very long lines (554)	E9CCB3DBDE79BA5FFDF9CAD4B32D59FD	3A8CD67ADC7C885BDF683F1E7F491E6A4A50679F	8F2C6777C7CCC01AB67290FA8ACD5A4C4866BE64129F39DFAEB9197DFA15E137
Chrome Cache Entry: 101	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 102	SVG Scalable Vector Graphics image	59759B80E24A89C8CD029B14700E646D	651B1921C99E143D3C242DE3FAACFB9AD51DBB53	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
Chrome Cache Entry: 103	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 104	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 105	ASCII text, with very long lines (1222), with no line terminators	3F1B1790C083261F6FD3CF02FB56F2F8	BF1B289456E260CF5C5F0AF7C1B0F4E9BA7EB97B	A58FF2DE4D6A14E055A553E83A4E67AEA6AAF589A57364305EEC36105CCE9EF3
Chrome Cache Entry: 106	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 107	ASCII text, with very long lines (1437), with CRLF line terminators	FBE2FCF4596B299453C91B7231BA7427	743291EE60A551E043529AFDC9E3FBE72D70E776	2DE22B4CDEDCBEB9CD5F63EA7A0DF8F77D0EF9086D200B052BFA9EE949DEED40
Chrome Cache Entry: 65	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 66	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 67	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 68	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 69	Web Open Font Format, TrueType, length 36696, version 1.0	A69E9AB8AFDD7486EC0749C551051FF2	C34E6AA327B536FB48D1FE03577A47C7EE2231B8	FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
Chrome Cache Entry: 70	ASCII text, with very long lines (23398), with no line terminators	C1C51D30D5E7094136F2D828349E520F	10AE8971AD7A8798BC9732707FE4896B57541557	0C55057782E3B346C2B819574BFA916852BC8AC5BB4E01D56E8FBFFC22043C98
Chrome Cache Entry: 71	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 72	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 73	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 74	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 75	Web Open Font Format, TrueType, length 35970, version 1.0	496B7BBDE91C7DC7CF9BBABBB3921DA8	2BD3C406A715AB52DAD84C803C55BF4A6E66A924	AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
Chrome Cache Entry: 76	ASCII text, with very long lines (45667)	80F5B8C6A9EEAC15DE93E5A112036A06	F7174635137D37581B11937FC90E9CB325077BCE	0401DE33701F1CAD16ECF952899D23990B6437D0A5B7335524EDF6BDFB932542
Chrome Cache Entry: 77	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 78	PNG image data, 83 x 34, 8-bit/color RGB, non-interlaced	4C7103858A8323A6EB0EF885235229EE	3838B2AE297A0E246E5F197C93339A342CD91B55	48175F389B9203CE2139074E313EDDC6DE5F0ECD24025B70488884D897681735
Chrome Cache Entry: 79	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 80	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 81	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 82	HTML document, ASCII text, with very long lines (1445), with CRLF line terminators	5F909034491F120EAEB14CF27E1A9776	56541C2EA4E8529314F8B2EAF4E0A2BC95B83C62	2EB03B5B3230813BC7D5C49AC30FD37A66C5FFF89C78A01A24D732C1454E025D
Chrome Cache Entry: 83	HTML document, ASCII text, with very long lines (59581), with CRLF line terminators	D5FA230BC5778ABBB507F8327988AEF0	6AF0FF8F84E640FD78C8392AD2094F4DA794C38E	501FC4EAA06E45FA5FB3F2FAD9481F2CAD6A6131B65C6213CB87FFE721D6F83B
Chrome Cache Entry: 84	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 85	PNG image data, 83 x 34, 8-bit/color RGB, non-interlaced	4C7103858A8323A6EB0EF885235229EE	3838B2AE297A0E246E5F197C93339A342CD91B55	48175F389B9203CE2139074E313EDDC6DE5F0ECD24025B70488884D897681735
Chrome Cache Entry: 86	ASCII text, with very long lines (40613)	D1048A66FC11EA28C3CB1488FAC82C62	F055707CF91F637EC19BF5E65BF378857E798469	8F1AD19042C2F9EE60C2DE21F37F788AF7B1ECCCDA8EEC1D877F9B9C0E994370
Chrome Cache Entry: 87	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 88	Web Open Font Format (Version 2), TrueType, length 28584, version 1.66	17081510F3A6F2F619EC8C6F244523C7	87F34B2A1532C50F2A424C345D03FE028DB35635	2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
Chrome Cache Entry: 89	Web Open Font Format (Version 2), TrueType, length 28000, version 1.66	A4BCA6C95FED0D0C5CC46CF07710DCEC	73B56E33B82B42921DB8702A33EFD0F2B2EC9794	5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
Chrome Cache Entry: 90	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 91	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 92	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators	78A5500114640D663460BCBB33E694EB	C72B1B93C8BC2DDBD77BA3C042A8ED415B6B8E26	E97FE9DB7CA567DA1F9F5A3B87B669146ADDF1983392C32FDA68C4D667A3CA22
Chrome Cache Entry: 93	ASCII text, with no line terminators	55D6D0CAE462E2BC690BC8AF45985B15	0AD644096680FB01BFD9AF1CFE5F6E68911EA01F	2E5AE61757DB10E0E3770407B68ADE329068C840070A02F119C9EBE296194043
Chrome Cache Entry: 94	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 95	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 96	SVG Scalable Vector Graphics image	59759B80E24A89C8CD029B14700E646D	651B1921C99E143D3C242DE3FAACFB9AD51DBB53	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
Chrome Cache Entry: 97	Web Open Font Format (Version 2), TrueType, length 43596, version 1.0	2A05E9E5572ABC320B2B7EA38A70DCC1	D5FA2A856D5632C2469E42436159375117EF3C35	3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
Chrome Cache Entry: 98	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 99	Web Open Font Format (Version 2), TrueType, length 93276, version 1.0	BCD7983EA5AA57C55F6758B4977983CB	EF3A009E205229E07FB0EC8569E669B11C378EF1	6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 3.4.pages.csv, type: HTML
Source: Yara match	File source: 2.3.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL	Matcher: Template: microsoft matched
Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL#	Matcher: Template: microsoft matched

HTML body contains low number of good links

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden URLs or javascript code

Source: https://qnh3b.putimp.com/yo0z/#Mtransportforum@stanstedairport.com

HTML title does not match URL

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: Title: ebqFAQwMwk does not match URL

Invalid T&C link found

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL	HTTP Parser: Invalid link: Terms of use
Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL	HTTP Parser: Invalid link: Privacy & cookies

URL contains potential PII (phishing indication)

Source: https://samartrace.co.ke/resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com

Sample URL: PII: transportforum@stanstedairport.com

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: <input type="password" .../> found

Source: https://qnh3b.putimp.com/yo0z/#Mtransportforum@stanstedairport.com	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normal	HTTP Parser: No favicon
Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL	HTTP Parser: No favicon

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: No <meta name="author".. found

Source: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49744 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 23.40.205.73
Source: unknown	TCP traffic detected without corresponding DNS query: 23.40.205.73
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com HTTP/1.1Host: samartrace.co.keConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yo0z/ HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/bcc5fb0a8815/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8756a4b73c471383 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/yo0z/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlhvZWRnRndkamd5MXdpamxNaU9QbEE9PSIsInZhbHVlIjoiQnJqRTZTVHRMZGdrbVRydlVFYkY1d1NONmNkM0FlQlhOajg5ZGt6azlzZ2hNUERmc3Q1QkdsbVpuTE50R0dsRjB5d3lydm1mOEFzMVBKSXJTVCtYNExQREw0R3JmN01xeDN3SzhKNEsvM0FsNGdWMUwxNlM1MHo5blVSNjkrZVEiLCJtYWMiOiJkNmMwYWZmNDhkNTc0ZWQyMmIyZWFlMDAxNTVjNjgxZDU3YjI2OWEyNTI3N2VkOTVjODQzNjNjZjIyM2MzMzUxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkdFMVRWRVNxWG1PUHR4UWJNc3dqWEE9PSIsInZhbHVlIjoiMnF1V2lrMEFPem5qY0JZN1ZxaGhIc3VkRXlqQWZGT0x5R3RCNnU5b3ZMdmlNb2dXQjV1ZnQ4ZmRKcGx6bnFHVVNXdGV3b1NTdGhCaXNhMUp2V3diZHUvQ3hEWitkcGFmbDRWamFJL0VINjJlOUlCRnhTaitXMVB5b1YrY1lMcmgiLCJtYWMiOiI5ZDM1ZTI2MjJmNTg5OTU2ZmJkZDFlNTE2ODMxMDhjM2Q4YWI0ODRiZTM3NmI1ODUwMDY5ZjNmMmM5MTY0Y2U3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/582398122:1713292595:nfjc01nuBpm6sYz_S8U270P-1Zb5f_3UQCAB6XXnflo/8756a4b73c471383/998145d1b266cd0 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8756a4b73c471383/1713296389254/anpd4FQprUR7OPG HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/8756a4b73c471383/1713296389254/ac6e7e9690d324482ebd2d423ffbf48f13700e35c15d10a6c638d2dc30502dc6/qxBmrjcxmoe-ekd HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/funqz/0x4AAAAAAAWA-O9oM_yqdfiB/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8756a4b73c471383/1713296389254/anpd4FQprUR7OPG HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/582398122:1713292595:nfjc01nuBpm6sYz_S8U270P-1Zb5f_3UQCAB6XXnflo/8756a4b73c471383/998145d1b266cd0 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/582398122:1713292595:nfjc01nuBpm6sYz_S8U270P-1Zb5f_3UQCAB6XXnflo/8756a4b73c471383/998145d1b266cd0 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yo0z/ HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://qnh3b.putimp.com/yo0z/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBRc2RJVUtTeGhFaWg4RytlQnRGNFE9PSIsInZhbHVlIjoiRmFpNjliazJ6L3Zxd01SZk9jcVd5L21WZ1Q2MGwyTTM2b0JmNkI2b0l4UkZpNklVd090UGlEOExzbUZFanJqeUY2SkJwSUxoN3pvRHpoa3BxSmM5OGxvc2hUTVdIM095VjQvQzltSk1VTm40NFpBTktxQ0M0R3BrczMzcHRtZWMiLCJtYWMiOiIxY2YwMGIxYTJiMzIwMWJmMzk2MWMyMjYxNTJmNmFmNGVmZmQ1YTRiM2VhZjdjMWI5ODcyNjE4ZWFlMDRiYjgwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkRJdE9PQitHZllickYybk9WcVhOQkE9PSIsInZhbHVlIjoiWHdVdjZFa3VkVVFFNi81UmlJaEp1d0xBZHZ4NTJWNUtRdmZHM2V5MlRZYVh3eE9EUzRMakNLTGhPVzdldjVZZHFuQUlqTjZNMFc4MmlPYS9BVXdMTEIxUTQ1L0YzVS9UZjJxSTJCU3pRaGFGNUFyd3R5RHBEVk8zVGhHMCtKS3YiLCJtYWMiOiIxMTBlZmQ4ZjZlYjU4OTQzOTIxOGFjNDZkYmY5MzVhNTBkNDEyYWMwNzhlYmI5YWIzMmFmMDgwZDlkNmI5MzhhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /vbhBwfSdFwHEANiXnMfcwIszde HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBRc2RJVUtTeGhFaWg4RytlQnRGNFE9PSIsInZhbHVlIjoiRmFpNjliazJ6L3Zxd01SZk9jcVd5L21WZ1Q2MGwyTTM2b0JmNkI2b0l4UkZpNklVd090UGlEOExzbUZFanJqeUY2SkJwSUxoN3pvRHpoa3BxSmM5OGxvc2hUTVdIM095VjQvQzltSk1VTm40NFpBTktxQ0M0R3BrczMzcHRtZWMiLCJtYWMiOiIxY2YwMGIxYTJiMzIwMWJmMzk2MWMyMjYxNTJmNmFmNGVmZmQ1YTRiM2VhZjdjMWI5ODcyNjE4ZWFlMDRiYjgwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkRJdE9PQitHZllickYybk9WcVhOQkE9PSIsInZhbHVlIjoiWHdVdjZFa3VkVVFFNi81UmlJaEp1d0xBZHZ4NTJWNUtRdmZHM2V5MlRZYVh3eE9EUzRMakNLTGhPVzdldjVZZHFuQUlqTjZNMFc4MmlPYS9BVXdMTEIxUTQ1L0YzVS9UZjJxSTJCU3pRaGFGNUFyd3R5RHBEVk8zVGhHMCtKS3YiLCJtYWMiOiIxMTBlZmQ4ZjZlYjU4OTQzOTIxOGFjNDZkYmY5MzVhNTBkNDEyYWMwNzhlYmI5YWIzMmFmMDgwZDlkNmI5MzhhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yo0z/?dMtransportforum@stanstedairport.com HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://qnh3b.putimp.com/yo0z/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZXaFQxY1BwUmdkOWtJRTJ6RVNmQWc9PSIsInZhbHVlIjoiQWhobzc1RFNQMDVzUjV0NlNGUDViZ2lXYzJ3a3Z5KzNHMTFiUzlzK2hWWThxcWpRclZPU2NWdThmcEw1Tlp3akFZL3Bjbmh6cDQyNEFhT3NIRVh0bE90b01ZbjF0bjJxek5hTTdUdHNadSsrb1pWQ1N0N0pvZTM0ZEhLbEE3VVEiLCJtYWMiOiJkNDg3MjdjZmM0MjM3YjQ2YjcwZTJiMGMyYjA0ZTQ0NDc2ZjczMDE3MmM4YjQ4Njk5NWRkZDI2NjY4OTFiZTFiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im8reDhTK0h6RnVyeWpTZnNhVk5MZnc9PSIsInZhbHVlIjoiZWtsZDB6N2J6VDRwNjNhVmpjQWFaQUxrZEUxSUJETEZDT3A1VzFNVVovejZmYWs1WFN0SmMzc2JjRjRPMzRUdDdUdGRSMVlKWGxGSkpSOHpadE01dHkwUFd0UkJXMDFzZmlVczhoZytnRzBPQVFSS1lkZVc5SmMraDRvLzRlcXYiLCJtYWMiOiI2MTE2MDRiZDI2MTBjOGNmYzVhZDM2OWU5ZmU0NmM2YmE1NjVmZjllYmU5OTMwOTI3MmNiNWUyMzA0NmNlZmY1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGL HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://qnh3b.putimp.com/yo0z/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkpIL2VNMUhnVmVaNmhla01GN3p4V1E9PSIsInZhbHVlIjoiaVhXM1JUQ0hhNEc4aHVqVmx5TjhBUUd0YmxVQnh6ekQ0NElKTTI2SWVGMjhQNUJ4STcwK0VmSVlnRmpBb21KQnFOa3d3QTltU3BMMHRFK1dVa1ZaREVDTFl2Nm14c2F0Rkk1SFVQTFhKRnZUdmVDTkI2TWI2MFVZWWFRU05rYngiLCJtYWMiOiJmZjQ1ZTkyODVjMjUzN2FlN2JiNWEyNTc2Yzg3NTRhZGJkNWMzYjQyZWE4YjY4Nzc5OThkNWIzYmQzODhlODA1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImVSeEo3UXJCRG9wRSs0emdUclFnVHc9PSIsInZhbHVlIjoicVBWQ1pXWG1TbERQaWd3MkVlZENQeFN0WHg4R0tWRTdyQWQzQU4rdHlmZW9TWmJVVFArdE5zMDI4aGd4WHlNRVJtUHlRY1NYb1Y3czg0Tzdlc0lacmZDeWdoK3loa0lZTU5nYjUyVXdKOXNleWNSQmdXZWlDNmFKUFQyQ1Q2U1EiLCJtYWMiOiI4ZDgwZmI0ZTBhZTI3YWE0Y2M1YmE5MTQwN2Q3OTFmZDBkNjhkMTg1YjliNGVmYWM5NjlkOTZmZDFiYmNiNGM0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56FMAGab1x5X48912 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /absIDHZ3sTrsARG5gh30 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pqJ7f9jIH8fWXt124b9wx40 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12pQHazQfq78CXM6wYqr50 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /78znHbZYRRXfAgqb9845YeYc8Jyst60 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /23CP8hhTkYf7i1Y7Cu2889TsquUI9xy70 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /89Gdd5VtslDof12yyqgTFeyz80 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efsInCvmlWeCilStApO0mm7F34E2eYInRflSmn100 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://qnh3b.putimp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: qnh3b.putimp.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://qnh3b.putimp.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3DSec-WebSocket-Key: RysbfYDjARKRoO+uNhdnUA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /56mJNrBuzavr2jeVPN8ZPklcjOHObwtzd89109 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnxoZafsKDuxUqjsrPcbj6GUIUShAhijNmBHuhIpjAkspqBG3juv220 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijbIVlkpv2ZZTygLSxZT6ZwNiSvLwJN9cjzfwH2xIb9389Eki8BUsphIffC6v2wjCab230 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InMyeXltQWU2K3h3cGdQdTE1T2x0VUE9PSIsInZhbHVlIjoiQnBxd0FqUHpGT044d3pKVFJxckdNRDZueGJMOXhZeXpOcUlvLzdsSnZUZzNKTTE5N3dKQUY4MlNqMStNODBydTF6U1o2MkhnRk8zek90KzB2eEtoQktmOVNhMWhHSkhDU1lKS1pjQU0rWWp3bTU1UzBkTTZETTRmcHc4ZWtzYWQiLCJtYWMiOiJkYjIyYWJmOTQ1YmYxNWEwYjg0NDViM2FhMDM4M2ZkMGNjMGZlNjc1Zjc2MGJmZTVlMDcxMjczYWRmNjFlZTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNIeXAwSkdJeEdRUmJRNk0rTVhNdHc9PSIsInZhbHVlIjoiTTlvNGR1WFZ0cXJQNHVyTnFtUjlaL3lKV1h1Tjl2anNtdGJReTlBREtyU0RtdkwvYThhNTJBQXNSL0c3Vmc2TXV5SGYrSTZQaFNOTXF3c3pVWEpxRnd4dnRQQWZ1azl4QnBid2Q0UUtaYXlRRlZZcjlUb0d1MlBDd0RRcXJDVUQiLCJtYWMiOiJhOTVjMDkzYWU5MDI0OGY4ZGQ0ZjlkZjQ2NjQyMTdiMDQ3NzJkOGI1OGZkY2EzY2NmZGIxMDJkMTZiOTA5ODUwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvDtFZCv0wFVvViM8VMRNhGDQANzFbqopDBnMwonX9jq8Iz80g3o34130 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qrqUFMIq9b9JbPpLrgAmn4ulS1Tb9UGwjH3M445136 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnj6kP2yDeYnWBE3NGPYpBcQFdKiUAklGRqHuLoIStoIobLMYncM05W90142 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ujHRglEIvSgsknQvpq6iCEG0CKt3VNPydRh7sZbzs6NVsOd6905 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijbIVlkpv2ZZTygLSxZT6ZwNiSvLwJN9cjzfwH2xIb9389Eki8BUsphIffC6v2wjCab230 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ij3i4kM8BpGcgwtnXl6yRLyzLL7MDsVlBROxxy3o56170 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvDtFZCv0wFVvViM8VMRNhGDQANzFbqopDBnMwonX9jq8Iz80g3o34130 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxE3kHI4ecDaCT9gFpugKXrs1qfSqI4b5zaAgB2RKb0F8Y0eR90180 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opqRXS70VBE6D4xIXErMP9YghJL6HBfcH0bVXg3GFVCef200 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnxoZafsKDuxUqjsrPcbj6GUIUShAhijNmBHuhIpjAkspqBG3juv220 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijAHK25XxOXMFvIOtUy4tinE6RrAmRLZiVjc39gWxyjeDJrHll6oDyjjUUYj5jKyD12207 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ij3i4kM8BpGcgwtnXl6yRLyzLL7MDsVlBROxxy3o56170 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr61WfUGozdhThoMoyqT1oYX9BHQtkPGpGSwNBuvbfSZXhgYA5e6kaovOS5pXUef240 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stwgt99Sy67fohdZsxX40uDyhgxawMl0DLWKGHLTQ6P8y0JcmnSfKqVoctw10GtltrTR6rXbtBfGvtIj6mw8GmRBagh251 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://qnh3b.putimp.com/2069892848624549763cbauYBbHELJYIBDUBVHFAFWZMOZIYJUEWTE?jdijVGJzDOoNSltosieSKdJLBEFEHLKUUATVNMLVWPQWYAOZLVDAQSEORWINIMZNHGLAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnj6kP2yDeYnWBE3NGPYpBcQFdKiUAklGRqHuLoIStoIobLMYncM05W90142 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qrqUFMIq9b9JbPpLrgAmn4ulS1Tb9UGwjH3M445136 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opqRXS70VBE6D4xIXErMP9YghJL6HBfcH0bVXg3GFVCef200 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxE3kHI4ecDaCT9gFpugKXrs1qfSqI4b5zaAgB2RKb0F8Y0eR90180 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijAHK25XxOXMFvIOtUy4tinE6RrAmRLZiVjc39gWxyjeDJrHll6oDyjjUUYj5jKyD12207 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr61WfUGozdhThoMoyqT1oYX9BHQtkPGpGSwNBuvbfSZXhgYA5e6kaovOS5pXUef240 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stwgt99Sy67fohdZsxX40uDyhgxawMl0DLWKGHLTQ6P8y0JcmnSfKqVoctw10GtltrTR6rXbtBfGvtIj6mw8GmRBagh251 HTTP/1.1Host: qnh3b.putimp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: qnh3b.putimp.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://qnh3b.putimp.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3DSec-WebSocket-Key: v2iQJU5h6eFUIS5S9b8IsQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: qnh3b.putimp.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://qnh3b.putimp.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3DSec-WebSocket-Key: dK7L2mTMgcj4rEi2DCKgYw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: qnh3b.putimp.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://qnh3b.putimp.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InRDM2krVWJKYit1K3NmMDB0c2p1MHc9PSIsInZhbHVlIjoibEYyTFEyczQ2dGR1MUpLTkl3bUtsQUN1THlkT1VQSHhUVWZvRkZJWHpxK1R0NVpNbVptclJubHBrOWtaRkE3M3g3Qks2NWJ2bmVlMHNZdWttZFp5Q3pBcXF0aERnR0VqUi95ZGNXOXpZZldodjdPUUFOUnNXZTg1dVRWWUR2OEQiLCJtYWMiOiI5YmQ0NmNhNTkzOWZiNmU5ZjUxNDE3OTExNzA2N2RkZTZjOTM2NTE4MzViNWQ4Njg1YmQzODFiMWExNTVhZWM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNlaEpkeUQxZnh3d1ZmVUV1SUNSTWc9PSIsInZhbHVlIjoiOHhzajhqVnpJc3BoRjR6MFQ2Y3dueXd4Q3JqdXcwU0twamkwQWkrS3NmRkNXU3ZxQnpoUGNxVDNyZGVXSzBIeGFZU243cGxLNStZNWl3NjF1TWh3aHFqdEN1Q3BtK1J6L2hXTkY0c3ZFVmZ4MTlBSlRjZjFRWWFhUldHVEloM2YiLCJtYWMiOiJmNTA3MTA2YjA1YTQ4ZjgyNTNkZGJlMWNlMzE1YjhkMWFkZGU2ZWIyOTRhYWZjMDUzODFiNWRjNzRlYzNlNmVjIiwidGFnIjoiIn0%3DSec-WebSocket-Key: WeVx9llw26f/p/k5KnmRPw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: unknown

DNS traffic detected: queries for: samartrace.co.ke

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 16 Apr 2024 19:39:49 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCache-Control: max-age=14400Age: 13755Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Cq1fFiGHb%2B84J1CxIDjJOFeDMkXMJgZZbrS94qADkcXkdLypsmzF3rtO6CXtu5TpcXTRRJZFySBWsPtn%2BqJ1NNFptrkUNehGUVxGwiw8%2FnBMrK%2Bd1tKlP0uVwAJzA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: HITServer: cloudflareCF-RAY: 8756a4c01b78b062-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 16 Apr 2024 19:40:05 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkUIZ9bsufyLtrrimDpyWR5wOw76t4XCt61%2FNAyRCRCmrP4vuKZYyPZGzKYqVEXZZOEBAH4TFuNdca%2B%2FXOEsZh0MaqMRMU58XW4MOVDZG8k0ckVBD9BspjUjxj9TMw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 8756a524891944d6-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 16 Apr 2024 19:40:11 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAtAHP8x5Nn0CP70oA5D2EKFWRjs5%2FJLgZc7pqaiJE2wmBZ0J%2BeXL%2FqgecjqcFHBjxRyxxouoI1zHEFJ7hl0eVG9DfGbuJvfc2lT2e3rRrFg2v3s%2BWNVl2s9ucd2SQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 8756a548d9734531-ATL

Source: chromecache_100.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_100.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_100.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_100.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_100.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_100.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_100.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_100.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_100.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_100.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_100.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_100.2.dr, chromecache_105.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_100.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__.
Source: chromecache_105.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49744 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@19/73@24/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2428 --field-trial-handle=2036,i,2107721403708843479,861960733534899891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://samartrace.co.ke/resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2428 --field-trial-handle=2036,i,2107721403708843479,861960733534899891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1427005
Product:	CloudBasic
Start time:	21:38:52
Start date:	16.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://samartrace.co.ke/resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://samartrace.co.ke/resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://samartrace.co.ke/resu/repnu03/pDm2uA4djQME/transportforum@stanstedairport.com