Windows Analysis Report
https://download-myproposal.xyz

Overview

General Information

Sample URL:	https://download-myproposal.xyz
Analysis ID:	1428813
Infos:

Detection

HtmlDropper, HTMLPhisher

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected Html Dropper

Yara detected HtmlPhish10

Performs DNS queries to domains with low reputation

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

Phishing site or detected (based on various text indicators)

HTML body contains low number of good links

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid 'forgot password' link found

Invalid 'sign-in options' or 'sign-up' link found

Stores files to the Windows start menu directory

Classification

Signatures

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 5.12.pages.csv, type: HTML
Source: Yara match	File source: 5.11.pages.csv, type: HTML
Source: Yara match	File source: 3.7.pages.csv, type: HTML
Source: Yara match	File source: 4.9.pages.csv, type: HTML
Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: 3.8.pages.csv, type: HTML
Source: Yara match	File source: 2.4.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	Matcher: Found strong image similarity, brand: MICROSOFT
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	Matcher: Template: microsoft matched

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 1.1

OCR Text: : Verifying... CLOUDFLARE Microsoft

HTML body contains low number of good links

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: Number of links: 0
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: Number of links: 0
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: Number of links: 0
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: Number of links: 0

HTML page contains hidden URLs or javascript code

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal

HTTP Parser: Base64 decoded: http://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal

HTML title does not match URL

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: Title: 4aca80445e7b16603b124825c17998926622852b244c0 does not match URL
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: Title: 4aca80445e7b16603b124825c17998926622852b244c0 does not match URL
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: Title: 4aca80445e7b16603b124825c17998926622852b244c0 does not match URL
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: Title: b10b531144fd2750308f95e5dcfde94d6622856c311eb does not match URL

Invalid 'forgot password' link found

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: Invalid link: Fgogrgggogtg gmgyg gpgagsgsgwgogrgd
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: Invalid link: Fgogrgggogtg gmgyg gpgagsgsgwgogrgd

Invalid 'sign-in options' or 'sign-up' link found

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: Invalid link: get a new Microsoft account
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: Invalid link: get a new Microsoft account

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: <input type="password" .../> found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: <input type="password" .../> found

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No favicon

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No <meta name="author".. found

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49755 version: TLS 1.2

Networking

Performs DNS queries to domains with low reputation

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: download-myproposal.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: download-myproposal.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: download-myproposal.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: download-myproposal.xyz

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/style.css HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0
Source: global traffic	HTTP traffic detected: GET /captcha/logo.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/logo.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=876db6fa6e48b0d9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1183773793:1713536091:FSHJzQkVJDFHD0RlA0zy6yxoebMNBS1E5kSyV2Zp_4E/876db6fa6e48b0d9/74cedd7e88826ed HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/876db6fa6e48b0d9/1713538309702/84cdfddea392e79a6f9b445c25d85e274613c7650a8d5538f2b37dbb82748c60/H0DK3jJmlvX3Cnk HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/876db6fa6e48b0d9/1713538309713/IpjNlJyrfCrbFhH HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/876db6fa6e48b0d9/1713538309713/IpjNlJyrfCrbFhH HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1183773793:1713536091:FSHJzQkVJDFHD0RlA0zy6yxoebMNBS1E5kSyV2Zp_4E/876db6fa6e48b0d9/74cedd7e88826ed HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vFhlBWf3YZ3wGGE&MD=r3bRBvto HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1183773793:1713536091:FSHJzQkVJDFHD0RlA0zy6yxoebMNBS1E5kSyV2Zp_4E/876db6fa6e48b0d9/74cedd7e88826ed HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/rc/876db6fa6e48b0d9 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /CAPY0ZDa2JWWTRZR3NnVThX HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /jq/9594849f4c8cc410f167ed02945f21fe6622852b5df24 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /boot/9594849f4c8cc410f167ed02945f21fe6622852b5df27 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /js/9594849f4c8cc410f167ed02945f21fe6622852b5df28 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /APP-9594849f4c8cc410f167ed02945f21fe6622852d3271d/9594849f4c8cc410f167ed02945f21fe6622852d3271e HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/9594849f4c8cc410f167ed02945f21fe6622852d3274d HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/m_.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/sig-op.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /x/9594849f4c8cc410f167ed02945f21fe6622852d32723 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/9594849f4c8cc410f167ed02945f21fe6622852d3274d HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/m_.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /x/9594849f4c8cc410f167ed02945f21fe6622852d32723 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/sig-op.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vFhlBWf3YZ3wGGE&MD=r3bRBvto HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@joesandbox.com&_=1713538347332 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@joesandbox.com&_=1713538347332 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@joesandbox.com&_=1713538347333 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@joesandbox.com&_=1713538347333 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@microsoft.com&_=1713538347334 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@microsoft.com&_=1713538347334 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /GT9a523b6384c01f89d0fdeb94066704dd6622852d32742/9a523b6384c01f89d0fdeb94066704dd6622852d32743FR9a523b6384c01f89d0fdeb94066704dd6622852d32744 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /jq/da39f66b5a2e27a3d2620be272c1d0c06622854d0a527 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /boot/da39f66b5a2e27a3d2620be272c1d0c06622854d0a52e HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /jm/da39f66b5a2e27a3d2620be272c1d0c06622854d0a530 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /axios/dist/axios.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /axios@1.6.8/dist/axios.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /APP-349RHT/da39f66b5a2e27a3d2620be272c1d0c06622854ed4936 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /2 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /api-as1f?email=dsqdsq@microsoft.com&data=logo HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /api-as1f?email=dsqdsq@microsoft.com&data=background HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/da39f66b5a2e27a3d2620be272c1d0c06622854ed4976 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /e/da39f66b5a2e27a3d2620be272c1d0c06622854ed497d HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/da39f66b5a2e27a3d2620be272c1d0c06622854ed4976 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /e/da39f66b5a2e27a3d2620be272c1d0c06622854ed497d HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /api-as1f?email=dsqdsq@microsoft.com&data=logo HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/illustration?ts=638116536587632547 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api-as1f?email=dsqdsq@microsoft.com&data=background HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=636783560697171089 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=636783560697171089 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/illustration?ts=638116536587632547 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /GT656df62a1a0af0e4878b4670eecd98136622854ed496c/656df62a1a0af0e4878b4670eecd98136622854ed496dSC656df62a1a0af0e4878b4670eecd98136622854ed496e HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /jq/da39f66b5a2e27a3d2620be272c1d0c06622856c84503 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /boot/da39f66b5a2e27a3d2620be272c1d0c06622856c84511 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /js/da39f66b5a2e27a3d2620be272c1d0c06622856c84513 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /APP-da39f66b5a2e27a3d2620be272c1d0c06622856e8261d/da39f66b5a2e27a3d2620be272c1d0c06622856e8261e HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/da39f66b5a2e27a3d2620be272c1d0c06622856e82656 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /x/da39f66b5a2e27a3d2620be272c1d0c06622856e82623 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/da39f66b5a2e27a3d2620be272c1d0c06622856e82656 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /x/da39f66b5a2e27a3d2620be272c1d0c06622856e82623 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dssd@aftral.education&_=1713538412477 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dssd@aftral.education&_=1713538412477 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ

Source: unknown

DNS traffic detected: queries for: download-myproposal.xyz

Source: unknown

HTTP traffic detected: POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1183773793:1713536091:FSHJzQkVJDFHD0RlA0zy6yxoebMNBS1E5kSyV2Zp_4E/876db6fa6e48b0d9/74cedd7e88826ed HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveContent-Length: 2632sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-type: application/x-www-form-urlencodedsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36CF-Challenge: 74cedd7e88826edsec-ch-ua-platform: "Windows"Accept: */*Origin: https://challenges.cloudflare.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 19 Apr 2024 14:52:29 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400CF-Cache-Status: MISSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ySbsBHpIgFvV7fni3m4IDAwf223J6u5uA8JCWdgxP0DmKx%2BZo0YGjFXamUsbyUOneUQHH9e2NSwuHgBBSYarSuwxmXBHMgQZ4h8uyN6V%2B%2B3O673GpB6uFjm83x6zYAKOaXKZCx%2FCbDq%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 876db7f978206765-ATLalt-svc: h3=":443"; ma=86400

Source: chromecache_105.1.dr, chromecache_123.1.dr, chromecache_98.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_105.1.dr, chromecache_123.1.dr, chromecache_98.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_105.1.dr, chromecache_123.1.dr, chromecache_98.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49755 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.troj.win@16/87@24/11

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://download-myproposal.xyz/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1984,i,6798421476443814385,7181011332723128876,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1984,i,6798421476443814385,7181011332723128876,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Data Obfuscation

Yara detected Html Dropper

Source: Yara match	File source: 5.12.pages.csv, type: HTML
Source: Yara match	File source: 5.11.pages.csv, type: HTML
Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: 2.4.pages.csv, type: HTML

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
152.195.19.97	sni1gl.wpc.upsiloncdn.net	United States	15133	EDGECASTUS	false
104.17.3.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.251.15.99	www.google.com	United States	15169	GOOGLEUS	false
104.17.249.203	unpkg.com	United States	13335	CLOUDFLARENETUS	false
104.21.24.157	download-myproposal.xyz	United States	13335	CLOUDFLARENETUS	true
151.101.194.137	code.jquery.com	United States	54113	FASTLYUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.17.2.184	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.16
192.168.2.4

Contacted Domains

Name	IP	Active
download-myproposal.xyz	104.21.24.157	true
a.nel.cloudflare.com	35.190.80.1	true
code.jquery.com	151.101.194.137	true
sni1gl.wpc.upsiloncdn.net	152.195.19.97	true
challenges.cloudflare.com	104.17.3.184	true
www.google.com	142.251.15.99	true
unpkg.com	104.17.249.203	true
aadcdn.msauthimages.net	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://a.nel.cloudflare.com/report/v4?s=v1etqe%2FeUqzKY9JTUw0DbtCMjExie90OZZ7aGO%2FwwCRxI%2FuZ9XNrgI%2FSKiOsizqphu6af7cDjF%2BsiZSYn7ZO9RdCm%2FJgWytFBJcCNfDIdUgGxf%2FxEoBpMELC75i6%2BRN8jTAkWwMY1fakww%3D%3D	false	high
https://download-myproposal.xyz/CAPY0ZDa2JWWTRZR3NnVThX	false	unknown
https://code.jquery.com/jquery-3.6.0.min.js	false	high
https://download-myproposal.xyz/o/da39f66b5a2e27a3d2620be272c1d0c06622854ed4976	false	unknown
https://download-myproposal.xyz/cdn-cgi/challenge-platform/h/b/rc/876db6fa6e48b0d9	false	unknown
https://download-myproposal.xyz/js/da39f66b5a2e27a3d2620be272c1d0c06622856c84513	false	unknown
https://download-myproposal.xyz/GT9a523b6384c01f89d0fdeb94066704dd6622852d32742/9a523b6384c01f89d0fdeb94066704dd6622852d32743FR9a523b6384c01f89d0fdeb94066704dd6622852d32744	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal	false	high
https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	true	unknown
https://download-myproposal.xyz/js/9594849f4c8cc410f167ed02945f21fe6622852b5df28	false	unknown
https://download-myproposal.xyz/e/da39f66b5a2e27a3d2620be272c1d0c06622854ed497d	false	unknown
https://a.nel.cloudflare.com/report/v4?s=7bGvqaGTQBQQaYl8qvWU0LJJ7AMYyMvOlTlOE%2B482MCgkzIQXCyG1F0%2B9KehKo7IZdbE%2B4ukHr93mg5UW8t987mbFSNm1j1HHxAKFuTkhXRPDX2wLE%2Bq76SMgpBC3DFTRbUR2gQTdnQeEA%3D%3D	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false	high
https://download-myproposal.xyz/captcha/style.css	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/876db6fa6e48b0d9/1713538309713/IpjNlJyrfCrbFhH	false	high
https://unpkg.com/axios/dist/axios.min.js	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=876db6fa6e48b0d9	false	high
https://unpkg.com/axios@1.6.8/dist/axios.min.js	false	high
https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	true	unknown
https://download-myproposal.xyz/	false	unknown
https://aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=636783560697171089	false	unknown
https://download-myproposal.xyz/APP-da39f66b5a2e27a3d2620be272c1d0c06622856e8261d/da39f66b5a2e27a3d2620be272c1d0c06622856e8261e	false	unknown
https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	true	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1183773793:1713536091:FSHJzQkVJDFHD0RlA0zy6yxoebMNBS1E5kSyV2Zp_4E/876db6fa6e48b0d9/74cedd7e88826ed	false	high
https://download-myproposal.xyz/ASSETS/img/sig-op.svg	false	unknown
https://download-myproposal.xyz/captcha/logo.svg	false	unknown
https://download-myproposal.xyz/o/da39f66b5a2e27a3d2620be272c1d0c06622856e82656	false	unknown
https://download-myproposal.xyz/x/9594849f4c8cc410f167ed02945f21fe6622852d32723	false	unknown
https://download-myproposal.xyz/boot/da39f66b5a2e27a3d2620be272c1d0c06622854d0a52e	false	unknown
https://download-myproposal.xyz/GT656df62a1a0af0e4878b4670eecd98136622854ed496c/656df62a1a0af0e4878b4670eecd98136622854ed496dSC656df62a1a0af0e4878b4670eecd98136622854ed496e	false	unknown
https://download-myproposal.xyz/jq/da39f66b5a2e27a3d2620be272c1d0c06622856c84503	false	unknown
https://download-myproposal.xyz/jq/9594849f4c8cc410f167ed02945f21fe6622852b5df24	false	unknown
https://download-myproposal.xyz/favicon.ico	false	unknown
https://download-myproposal.xyz/jm/da39f66b5a2e27a3d2620be272c1d0c06622854d0a530	false	unknown
https://aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/illustration?ts=638116536587632547	false	unknown
https://download-myproposal.xyz/API.php?data=mail&email=dsqdsq@joesandbox.com&_=1713538347333	false	unknown
https://download-myproposal.xyz/API.php?data=mail&email=dsqdsq@joesandbox.com&_=1713538347332	false	unknown
https://download-myproposal.xyz/boot/9594849f4c8cc410f167ed02945f21fe6622852b5df27	false	unknown
https://download-myproposal.xyz/ASSETS/img/m_.svg	false	unknown
https://download-myproposal.xyz/o/9594849f4c8cc410f167ed02945f21fe6622852d3274d	false	unknown
https://download-myproposal.xyz/jq/da39f66b5a2e27a3d2620be272c1d0c06622854d0a527	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/876db6fa6e48b0d9/1713538309702/84cdfddea392e79a6f9b445c25d85e274613c7650a8d5538f2b37dbb82748c60/H0DK3jJmlvX3Cnk	false	high
https://download-myproposal.xyz/APP-349RHT/da39f66b5a2e27a3d2620be272c1d0c06622854ed4936	false	unknown
https://download-myproposal.xyz/APP-9594849f4c8cc410f167ed02945f21fe6622852d3271d/9594849f4c8cc410f167ed02945f21fe6622852d3271e	false	unknown
https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	true	unknown
https://download-myproposal.xyz/API.php?data=mail&email=dssd@aftral.education&_=1713538412477	false	unknown
https://download-myproposal.xyz/2	false	unknown
https://download-myproposal.xyz/1	false	unknown
https://download-myproposal.xyz/x/da39f66b5a2e27a3d2620be272c1d0c06622856e82623	false	unknown
https://download-myproposal.xyz/boot/da39f66b5a2e27a3d2620be272c1d0c06622856c84511	false	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 13:51:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	A21EE6FA42A5F58EFCCDDC498F761888	D24D4D5144C66B679AD1617C2D511436D89A3895	C5F876D79D46B02A8F8C8253574BD8B41BC1D9DB6611975B3130E8BF7F5A6E4F
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 13:51:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	777A5F36855817F5B24AEFB177ED1E0D	AE7D83CF07D5B4585AB639FE42F30FA7D0E75063	8CBB0551B844D544E9C5A0E5B058BF10D4E957A40A971EBE6068861CC66455D0
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	449AFB420B31AEE33D360249F37A77A9	637516FE36B53AAC959CE00CFBDED6B4B37E6985	D5A068802258E0BF2BD18A71AA8AA8B1083BD73C0452EED8C4F49F0CD04F9BF2
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 13:51:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	549FA298DFC0F8CF46731246D41F17CC	D2A0F5B7DB2797D74F0F0078AC6F11BC1A0F4482	452FCBFD36BBC0B41623648B2F37AF7BA62339CCB726A306D508069D48B6D37A
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 13:51:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	6F50B40F7A5B8C73F54379169948ACFC	50A365A6E2653F5E70217D7B80360FB42A0E9325	0EF1F2BAD44FF06757D4BC861CE2CCCC11D66DD54DB156D28746C2B1BD1BB8AE
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 13:51:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	4F47875E1C51C5D740250BD89F6AE770	1539811DDC7B80BA28673DED2E308C8D2D72B8D5	73413A6EA3771564191019373E49F9C3F470F8B28E004075F2B138C2565E2A61
Chrome Cache Entry: 100	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 101	ASCII text, with very long lines (3379)	59087D72EEDCB7650C9D5D6088440DD3	97B607FCE11F640E5764699038E50A76EB98944B	E0E3FB0FE5CA541950CF8DD213FBE9E8957A3DB0010B515AD01ADFF6CA908A3E
Chrome Cache Entry: 102	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 103	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 104	JPEG image data, JFIF standard 1.01, resolution (DPI), density 141x141, segment length 16, baseline, precision 8, 1193x671, components 3	038390E8DE0C1FBE6E10A8A33BD27E1A	EBBFA922C1D5FAB094D0FA8471FD658CEB253F04	714000B576A3A131BC25504B8668EF448D946AAD097C9DB3FEF0B1966A8D83CA
Chrome Cache Entry: 105	ASCII text, with very long lines (50758)	67176C242E1BDC20603C878DEE836DF3	27A71B00383D61EF3C489326B3564D698FC1227C	56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
Chrome Cache Entry: 106	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 107	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 108	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 109	HTML document, ASCII text, with very long lines (4020)	0879B3671DECAFF5B00D6434E325CD72	B8AF4485D34776F2E84B462A0402BDC0B1CF7A36	8A73145B6576FB0B68805D48197FA6A36AC7E106453EC7EB660756C81D431BFD
Chrome Cache Entry: 110	PNG image data, 48 x 99, 8-bit/color RGB, non-interlaced	EDA2B58B5E933DB5CD38D8DF4BDFA725	FF68EDCF79A038818D4D7A307449EE5660C7DDD5	3EFEB35D449FCC37CA3B627CA6A6FE108817442A410CEB43182F8A287FAAA270
Chrome Cache Entry: 111	ASCII text, with very long lines (65536), with no line terminators	8E6B0F88563F9C33F78BCE65CF287DF7	EF7765CD2A7D64ED27DD7344702597AFF6F8C397	A7057BEBFFF43E7281CA31DA00D40BD88C8D02D1576B9C45891DD56A3853269A
Chrome Cache Entry: 112	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 113	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 114	ASCII text, with no line terminators	011B17B116126E6E0C4A9B0DE9145805	DF63A6EB731FFCE96F79802EFF6D53D00CDA42BC	3418E6E704387A99F1611EB7BB883328A438BA600971E6D692E8BEA60F10B179
Chrome Cache Entry: 115	SVG Scalable Vector Graphics image	4E48046CE74F4B89D45037C90576BFAC	4A41B3B51ED787F7B33294202DA72220C7CD2C32	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
Chrome Cache Entry: 116	ASCII text, with no line terminators	D6B82198AF25D0139723AF9E44D3D23A	D60DEEF1847EEEF1889803E9D3ADC7EDA220F544	A5C8CC49FA6649BE393EF22C2B31F1C46B671F8D763F783ED6D7B4E33669BDA3
Chrome Cache Entry: 117	JPEG image data, JFIF standard 1.01, resolution (DPI), density 141x141, segment length 16, baseline, precision 8, 1193x671, components 3	038390E8DE0C1FBE6E10A8A33BD27E1A	EBBFA922C1D5FAB094D0FA8471FD658CEB253F04	714000B576A3A131BC25504B8668EF448D946AAD097C9DB3FEF0B1966A8D83CA
Chrome Cache Entry: 118	ASCII text, with very long lines (6357), with no line terminators	82FF6E77E3B8F004B23294185E108264	03C685B50FD4587427495348CD1231882A8C48D0	0E230A53A5D5ABD125C2A8E1CDD97B32DDD84A9F7FD07C23BFF95413886B05FA
Chrome Cache Entry: 119	ASCII text, with very long lines (65536), with no line terminators	8E6B0F88563F9C33F78BCE65CF287DF7	EF7765CD2A7D64ED27DD7344702597AFF6F8C397	A7057BEBFFF43E7281CA31DA00D40BD88C8D02D1576B9C45891DD56A3853269A
Chrome Cache Entry: 120	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 121	SVG Scalable Vector Graphics image	A9CC2824EF3517B6C4160DCF8FF7D410	8DB9AEBAD84CA6E4225BFDD2458FF3821CC4F064	34F9DB946E89F031A80DFCA7B16B2B686469C9886441261AE70A44DA1DFA2D58
Chrome Cache Entry: 122	HTML document, ASCII text	A34AC19F4AFAE63ADC5D2F7BC970C07F	A82190FC530C265AA40A045C21770D967F4767B8	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
Chrome Cache Entry: 123	ASCII text, with very long lines (50758)	67176C242E1BDC20603C878DEE836DF3	27A71B00383D61EF3C489326B3564D698FC1227C	56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
Chrome Cache Entry: 124	SVG Scalable Vector Graphics image	A9CC2824EF3517B6C4160DCF8FF7D410	8DB9AEBAD84CA6E4225BFDD2458FF3821CC4F064	34F9DB946E89F031A80DFCA7B16B2B686469C9886441261AE70A44DA1DFA2D58
Chrome Cache Entry: 125	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 126	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 127	SVG Scalable Vector Graphics image	7D2B8F25545A2894E2721E9FE528E34C	D0DAE76F4BF5C04ACD5FCDF1BCB12908099E328C	797BDA35D13E5130FE5A14E0069C31B46EC1AF6EA47F2D300309803BB4D2608C
Chrome Cache Entry: 81	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 82	ASCII text, with very long lines (41442)	3B5B3D36FDE8FFE8ED76B1EFBFC65410	D63107D0912FDB387530D5CE2D512C928D73D122	29D600462A30694EFD15B9848B4CA42D178CD067009275C35A30580121114304
Chrome Cache Entry: 83	ASCII text, with very long lines (7043), with no line terminators	B6C202188699B897BB727A68EDD24665	FF3B891E06C983DCA277C1D7D874C8EB8084EB96	184A034CB9202937BF012AFF8C81E0747B7CA8F8F9E6115556FDB09D5BAEC419
Chrome Cache Entry: 84	SVG Scalable Vector Graphics image	4E48046CE74F4B89D45037C90576BFAC	4A41B3B51ED787F7B33294202DA72220C7CD2C32	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
Chrome Cache Entry: 85	ASCII text, with very long lines (65536), with no line terminators	8E6B0F88563F9C33F78BCE65CF287DF7	EF7765CD2A7D64ED27DD7344702597AFF6F8C397	A7057BEBFFF43E7281CA31DA00D40BD88C8D02D1576B9C45891DD56A3853269A
Chrome Cache Entry: 86	PNG image data, 48 x 99, 8-bit/color RGB, non-interlaced	EDA2B58B5E933DB5CD38D8DF4BDFA725	FF68EDCF79A038818D4D7A307449EE5660C7DDD5	3EFEB35D449FCC37CA3B627CA6A6FE108817442A410CEB43182F8A287FAAA270
Chrome Cache Entry: 87	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 88	HTML document, ASCII text, with very long lines (4020)	DAAA70ED38F86BDDB89FD5AEC064D1C0	0A7C78C6C119CF1014A8290DD590655B9220C8D1	74AB6236F8ED1295B291EC278F111F39411EF04BA8E08122EFD397B145A3E5C8
Chrome Cache Entry: 89	ASCII text, with very long lines (42414)	F94A2211CE789A95A7C67E8C660D63E8	F1FC19B6BCB96D0A905BF3192AAFF0885FF9F36F	926DC3302F99EC05E4206E965DDEB7250F5910A8C38E82C7BEAFB724BBAAF37B
Chrome Cache Entry: 90	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 91	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 92	PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced	C9F31E87400C46F9F8FB580602328C72	4B538CA736FB2A88A89214AD5EB0B2B80640B5AB	DDE1ACEFE23281E3715BDEE565CF1FD7064370D4BB751AB92C4ADD7D42932BBE
Chrome Cache Entry: 93	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 94	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 95	SVG Scalable Vector Graphics image	7D2B8F25545A2894E2721E9FE528E34C	D0DAE76F4BF5C04ACD5FCDF1BCB12908099E328C	797BDA35D13E5130FE5A14E0069C31B46EC1AF6EA47F2D300309803BB4D2608C
Chrome Cache Entry: 96	PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced	C9F31E87400C46F9F8FB580602328C72	4B538CA736FB2A88A89214AD5EB0B2B80640B5AB	DDE1ACEFE23281E3715BDEE565CF1FD7064370D4BB751AB92C4ADD7D42932BBE
Chrome Cache Entry: 97	ASCII text, with very long lines (7043), with no line terminators	B6C202188699B897BB727A68EDD24665	FF3B891E06C983DCA277C1D7D874C8EB8084EB96	184A034CB9202937BF012AFF8C81E0747B7CA8F8F9E6115556FDB09D5BAEC419
Chrome Cache Entry: 98	ASCII text, with very long lines (50758)	67176C242E1BDC20603C878DEE836DF3	27A71B00383D61EF3C489326B3564D698FC1227C	56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
Chrome Cache Entry: 99	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 5.12.pages.csv, type: HTML
Source: Yara match	File source: 5.11.pages.csv, type: HTML
Source: Yara match	File source: 3.7.pages.csv, type: HTML
Source: Yara match	File source: 4.9.pages.csv, type: HTML
Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: 3.8.pages.csv, type: HTML
Source: Yara match	File source: 2.4.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	Matcher: Found strong image similarity, brand: MICROSOFT
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	Matcher: Template: microsoft matched
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	Matcher: Template: microsoft matched

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 1.1

OCR Text: : Verifying... CLOUDFLARE Microsoft

HTML body contains low number of good links

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: Number of links: 0
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: Number of links: 0
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: Number of links: 0
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: Number of links: 0

HTML page contains hidden URLs or javascript code

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal

HTTP Parser: Base64 decoded: http://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal

HTML title does not match URL

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: Title: 4aca80445e7b16603b124825c17998926622852b244c0 does not match URL
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: Title: 4aca80445e7b16603b124825c17998926622852b244c0 does not match URL
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: Title: 4aca80445e7b16603b124825c17998926622852b244c0 does not match URL
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: Title: b10b531144fd2750308f95e5dcfde94d6622856c311eb does not match URL

Invalid 'forgot password' link found

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: Invalid link: Fgogrgggogtg gmgyg gpgagsgsgwgogrgd
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: Invalid link: Fgogrgggogtg gmgyg gpgagsgsgwgogrgd

Invalid 'sign-in options' or 'sign-up' link found

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: Invalid link: get a new Microsoft account
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: Invalid link: get a new Microsoft account

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: <input type="password" .../> found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: <input type="password" .../> found

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No favicon
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No favicon

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No <meta name="author".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No <meta name="author".. found

Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc#	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No <meta name="copyright".. found
Source: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49755 version: TLS 1.2

Networking

Performs DNS queries to domains with low reputation

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: download-myproposal.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: download-myproposal.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: download-myproposal.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: download-myproposal.xyz

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/style.css HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0
Source: global traffic	HTTP traffic detected: GET /captcha/logo.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/logo.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=876db6fa6e48b0d9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1183773793:1713536091:FSHJzQkVJDFHD0RlA0zy6yxoebMNBS1E5kSyV2Zp_4E/876db6fa6e48b0d9/74cedd7e88826ed HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/876db6fa6e48b0d9/1713538309702/84cdfddea392e79a6f9b445c25d85e274613c7650a8d5538f2b37dbb82748c60/H0DK3jJmlvX3Cnk HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/876db6fa6e48b0d9/1713538309713/IpjNlJyrfCrbFhH HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/d61b0/0x4AAAAAAAXnFLj2eYtTRdVo/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/876db6fa6e48b0d9/1713538309713/IpjNlJyrfCrbFhH HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1183773793:1713536091:FSHJzQkVJDFHD0RlA0zy6yxoebMNBS1E5kSyV2Zp_4E/876db6fa6e48b0d9/74cedd7e88826ed HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vFhlBWf3YZ3wGGE&MD=r3bRBvto HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1183773793:1713536091:FSHJzQkVJDFHD0RlA0zy6yxoebMNBS1E5kSyV2Zp_4E/876db6fa6e48b0d9/74cedd7e88826ed HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/rc/876db6fa6e48b0d9 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /CAPY0ZDa2JWWTRZR3NnVThX HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244de HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /jq/9594849f4c8cc410f167ed02945f21fe6622852b5df24 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /boot/9594849f4c8cc410f167ed02945f21fe6622852b5df27 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /js/9594849f4c8cc410f167ed02945f21fe6622852b5df28 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /APP-9594849f4c8cc410f167ed02945f21fe6622852d3271d/9594849f4c8cc410f167ed02945f21fe6622852d3271e HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/9594849f4c8cc410f167ed02945f21fe6622852d3274d HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/m_.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/sig-op.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /x/9594849f4c8cc410f167ed02945f21fe6622852d32723 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/9594849f4c8cc410f167ed02945f21fe6622852d3274d HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/m_.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /x/9594849f4c8cc410f167ed02945f21fe6622852d32723 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /ASSETS/img/sig-op.svg HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vFhlBWf3YZ3wGGE&MD=r3bRBvto HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@joesandbox.com&_=1713538347332 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@joesandbox.com&_=1713538347332 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@joesandbox.com&_=1713538347333 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@joesandbox.com&_=1713538347333 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@microsoft.com&_=1713538347334 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dsqdsq@microsoft.com&_=1713538347334 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /GT9a523b6384c01f89d0fdeb94066704dd6622852d32742/9a523b6384c01f89d0fdeb94066704dd6622852d32743FR9a523b6384c01f89d0fdeb94066704dd6622852d32744 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fc HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622852b244ddLOGd740c10c7b9cf800d441f265844201e16622852b244deAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /jq/da39f66b5a2e27a3d2620be272c1d0c06622854d0a527 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /boot/da39f66b5a2e27a3d2620be272c1d0c06622854d0a52e HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /jm/da39f66b5a2e27a3d2620be272c1d0c06622854d0a530 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /axios/dist/axios.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /axios@1.6.8/dist/axios.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /APP-349RHT/da39f66b5a2e27a3d2620be272c1d0c06622854ed4936 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /2 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /api-as1f?email=dsqdsq@microsoft.com&data=logo HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /api-as1f?email=dsqdsq@microsoft.com&data=background HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/da39f66b5a2e27a3d2620be272c1d0c06622854ed4976 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /e/da39f66b5a2e27a3d2620be272c1d0c06622854ed497d HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/da39f66b5a2e27a3d2620be272c1d0c06622854ed4976 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /e/da39f66b5a2e27a3d2620be272c1d0c06622854ed497d HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /api-as1f?email=dsqdsq@microsoft.com&data=logo HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/illustration?ts=638116536587632547 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api-as1f?email=dsqdsq@microsoft.com&data=background HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=636783560697171089 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=636783560697171089 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/illustration?ts=638116536587632547 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /GT656df62a1a0af0e4878b4670eecd98136622854ed496c/656df62a1a0af0e4878b4670eecd98136622854ed496dSC656df62a1a0af0e4878b4670eecd98136622854ed496e HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120e HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622854c4a5f6PASd740c10c7b9cf800d441f265844201e16622854c4a5fcAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /jq/da39f66b5a2e27a3d2620be272c1d0c06622856c84503 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /boot/da39f66b5a2e27a3d2620be272c1d0c06622856c84511 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /js/da39f66b5a2e27a3d2620be272c1d0c06622856c84513 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /APP-da39f66b5a2e27a3d2620be272c1d0c06622856e8261d/da39f66b5a2e27a3d2620be272c1d0c06622856e8261e HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /1 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/da39f66b5a2e27a3d2620be272c1d0c06622856e82656 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /x/da39f66b5a2e27a3d2620be272c1d0c06622856e82623 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /o/da39f66b5a2e27a3d2620be272c1d0c06622856e82656 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /x/da39f66b5a2e27a3d2620be272c1d0c06622856e82623 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dssd@aftral.education&_=1713538412477 HTTP/1.1Host: download-myproposal.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://download-myproposal.xyz/d740c10c7b9cf800d441f265844201e16622856c3120dLOGd740c10c7b9cf800d441f265844201e16622856c3120eAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ
Source: global traffic	HTTP traffic detected: GET /API.php?data=mail&email=dssd@aftral.education&_=1713538412477 HTTP/1.1Host: download-myproposal.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=df7b1c5a9ae8251512f8e773c02e8ab0; cf_clearance=f9OyXsrvXA1ZRXrL4COLzLPhFveKLEl2MpuIHEUuzTs-1713538345-1.0.1.1-LP1IgcupsMPvmwyg37EzpX6Ncgx2VDNQLyQMY0.Ig3.8E7ygR8BmoXtcV2eqh0eYIcGei1Zh.i.EB9sfeTGawQ

Source: unknown

DNS traffic detected: queries for: download-myproposal.xyz

Source: unknown

Source: global traffic

Source: chromecache_105.1.dr, chromecache_123.1.dr, chromecache_98.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_105.1.dr, chromecache_123.1.dr, chromecache_98.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_105.1.dr, chromecache_123.1.dr, chromecache_98.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49755 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.troj.win@16/87@24/11

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://download-myproposal.xyz/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1984,i,6798421476443814385,7181011332723128876,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1984,i,6798421476443814385,7181011332723128876,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Data Obfuscation

Yara detected Html Dropper

Source: Yara match	File source: 5.12.pages.csv, type: HTML
Source: Yara match	File source: 5.11.pages.csv, type: HTML
Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: 2.4.pages.csv, type: HTML

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1428813
Product:	CloudBasic
Start time:	16:51:18
Start date:	19.04.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://download-myproposal.xyz

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://download-myproposal.xyz

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://download-myproposal.xyz