Windows Analysis Report
Integraconnect Play Now 484 484 6292.htm

Overview

General Information

Sample name:	Integraconnect Play Now 484 484 6292.htm
Analysis ID:	1430328
MD5:	7340ca3c4e18602b676b2a122b83837b
SHA1:	b63e55cd19c68dab54ed1463220e16c0949b1f37
SHA256:	2974def24153a91cf17dde201fa291b17e6547d1541034e221b41e21a1d00a81
Infos:

Detection

HTMLPhisher

Score:	76
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

HTML file submission requesting Cloudflare captcha challenge

Yara detected HtmlPhish10

Detected javascript redirector / loader

HTML document with suspicious name

HTML document with suspicious title

HTML page contains suspicious base64 encoded javascript

Phishing site detected (based on logo match)

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden URLs or javascript code

HTML title does not match URL

IP address seen in connection with other malware

Internet Provider seen in connection with other malware

Invalid T&C link found

JA3 SSL client fingerprint seen in connection with other malware

Classification

Signatures

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 3.4.pages.csv, type: HTML
Source: Yara match	File source: 4.5.pages.csv, type: HTML

Detected javascript redirector / loader

Source: Integraconnect Play Now 484 484 6292.htm

HTTP Parser: Low number of body elements: 1

HTML document with suspicious title

Source: file:///C:/Users/user/Desktop/Integraconnect%20Play%20Now%20484%20484%206292.htm

Tab title: Integraconnect Play Now 484 484 6292.htm

HTML page contains suspicious base64 encoded javascript

Source: https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com

HTTP Parser: Base64 decoded: <script>

Phishing site detected (based on logo match)

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS	Matcher: Template: microsoft matched
Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS#	Matcher: Template: microsoft matched

HTML body contains low number of good links

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden URLs or javascript code

Source: https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com

HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <meta http-equiv="X-UA-Compatible" c...

HTML title does not match URL

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: Title: mWexxkTcmh does not match URL

Invalid T&C link found

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS	HTTP Parser: Invalid link: Terms of use
Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS	HTTP Parser: Invalid link: Privacy & cookies

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: <input type="password" .../> found

Source: Integraconnect Play Now 484 484 6292.htm	HTTP Parser: No favicon
Source: file:///C:/Users/user/Desktop/Integraconnect%20Play%20Now%20484%20484%206292.htm	HTTP Parser: No favicon
Source: https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normal	HTTP Parser: No favicon
Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS	HTTP Parser: No favicon

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: No <meta name="author".. found

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49818 version: TLS 1.2

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 108.156.152.88 108.156.152.88
Source: Joe Sandbox View	IP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox View	IP Address: 151.101.194.137 151.101.194.137
Source: Joe Sandbox View	IP Address: 104.17.2.184 104.17.2.184

Internet Provider seen in connection with other malware

Source: Joe Sandbox View

ASN Name: CLOUDFLARENETUS CLOUDFLARENETUS

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86

Source: global traffic	HTTP traffic detected: GET /kUNZy5W/ HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=878de6e2c85d53fd HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/225845573:1713874485:F_Nkq0K6BeHcnYnKlLfkKCGW9ARvswhJrmlvFkrLy44/878de6e2c85d53fd/e22adde551fe489 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/878de6e2c85d53fd/1713875817250/e5c240b8191900b2cbaaefac1be4efa61ef98d4c9007858c1ece2e7ba2dc91bc/CJgA4Ja9szWo5NH HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/878de6e2c85d53fd/1713875817253/nRZ54r9PpQeWAjN HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/878de6e2c85d53fd/1713875817253/nRZ54r9PpQeWAjN HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/225845573:1713874485:F_Nkq0K6BeHcnYnKlLfkKCGW9ARvswhJrmlvFkrLy44/878de6e2c85d53fd/e22adde551fe489 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=fgrLVBwBeZfyRlD&MD=HVB4NlN6 HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/225845573:1713874485:F_Nkq0K6BeHcnYnKlLfkKCGW9ARvswhJrmlvFkrLy44/878de6e2c85d53fd/e22adde551fe489 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /kUNZy5W/ HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://aq38e.ishuter.com/kUNZy5W/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVZTmZNaHIxaTkrbWo3SUJMNE1SUnc9PSIsInZhbHVlIjoiblQxeURtTU5jWTVmVVI3TU5LOHIzYVdjdmlIeEFYVFNncG1JTm9DcXV2RzMrYlJQN3FOdWJadzV6dkljeVVkUzREdGJIWkRoR1Riblp3YkpGYUczcDNhUk91a0EvZ2IrQklraHNvNUZjc3h3ME5yU3FLNTFjeU1qZDljVUJ1ak8iLCJtYWMiOiJiM2UzZGY2YjhiOGNjYmYyYzczYTc2ZmM0YjQyOWQyYjFjOWEzZTBiODkxZjc0Mjg2NjY0OGJmZmJjZjc5ZTg5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InNSNWVxc3UwNTBFZFovZTgwTzdBUUE9PSIsInZhbHVlIjoia1JyWnZ1RUZYSTJ1a0haWkVQeUtkRkxRVFg0R1kyQ0NaSXNFQ1VWUHYrWXNPNkJNR3pvOVZ2Q0FtQ0swV0diRWdWLzFIL2gxeXp6Y1pkUjhkNnc1bDcvcWVZdEtQQllGSS9FV2lVbFJGWTFiYThqaTNiUks1TzVwTFNibDlrQXAiLCJtYWMiOiI1N2M2MjJiZmI0OGE3ZGY3ZjRjYjNkMjc0ZGQ1Njc0YWJkMGQ0MTBiYjhiOWM2OWZjOGYwYzhiZTg1NmNhZTJhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fqHhVLOh6q8XmxqdbOrt7KC699a HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVZTmZNaHIxaTkrbWo3SUJMNE1SUnc9PSIsInZhbHVlIjoiblQxeURtTU5jWTVmVVI3TU5LOHIzYVdjdmlIeEFYVFNncG1JTm9DcXV2RzMrYlJQN3FOdWJadzV6dkljeVVkUzREdGJIWkRoR1Riblp3YkpGYUczcDNhUk91a0EvZ2IrQklraHNvNUZjc3h3ME5yU3FLNTFjeU1qZDljVUJ1ak8iLCJtYWMiOiJiM2UzZGY2YjhiOGNjYmYyYzczYTc2ZmM0YjQyOWQyYjFjOWEzZTBiODkxZjc0Mjg2NjY0OGJmZmJjZjc5ZTg5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InNSNWVxc3UwNTBFZFovZTgwTzdBUUE9PSIsInZhbHVlIjoia1JyWnZ1RUZYSTJ1a0haWkVQeUtkRkxRVFg0R1kyQ0NaSXNFQ1VWUHYrWXNPNkJNR3pvOVZ2Q0FtQ0swV0diRWdWLzFIL2gxeXp6Y1pkUjhkNnc1bDcvcWVZdEtQQllGSS9FV2lVbFJGWTFiYThqaTNiUks1TzVwTFNibDlrQXAiLCJtYWMiOiI1N2M2MjJiZmI0OGE3ZGY3ZjRjYjNkMjc0ZGQ1Njc0YWJkMGQ0MTBiYjhiOWM2OWZjOGYwYzhiZTg1NmNhZTJhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kUNZy5W/?RHmelanie.mcclannan@integraconnect.com HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://aq38e.ishuter.com/kUNZy5W/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZGdHRSZnF2MFF5djNyWEJ6S3RMYmc9PSIsInZhbHVlIjoiQWdHdEJWMS9CTWp6eWNaUGcyTndMOFVCU2sxTGlXOVdSLzlNSjdPU1FrekVuN2w1ZVpteEhmajIwWGZabFN0ODFjMGNBdWdOaDJrT1hJem13V1ZQc1B5d3ZQZXAxcEUweUJHZmVOWmNIWnpPeUV3c210V3hEbVF2V1U1cXFsMk8iLCJtYWMiOiI5YTI1NDFiNDNiOWYzYjc4ZGNjMTEzNDlhZDRmYTdjOGIyYzJlNjI4NzZlMDM1MjBlM2QwZGE5NmVkNzNmZTNkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhLaGFHbHQrRndOcWh3ZTQvMit6aXc9PSIsInZhbHVlIjoiYlVTcTVhd095eG5Kdm9wcmdFNFE1RStSYXlSWHpteXRXSEJUQjNBK2w0RGxYOHI3c284VTZZaUo5Y1VGc2U0SE5ReGNva3pHajV4bGZaSy9pWHVyci9jK29LSjJwVTJTVllFaHBtS01FSWJhb2xjYmFrU1RkZ09sb3c0SlViYWEiLCJtYWMiOiI4NWI3OGNjOTE1MDgwZGU4Y2ZkMmZlODc3MDI5YzIyNDlmMmE4M2I1YzkzY2U1ZWNjZDE1NThhNzFmYzhlYzhjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://aq38e.ishuter.com/kUNZy5W/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IktrblJNRisxN2t4S0hVVk1aak5Cb3c9PSIsInZhbHVlIjoidDFFdHRTZ0xaNzJtdzlTOEdBYllVMXJuY24rQjVwSTkydVREQW1lN1FoUWNGd3NwZTZ4S29BQnNER0FRQmxZaVBEbkI2cWEzK0F0UDRQZHV6V2NNNnVVYm1rb2hiM1lDZkdFc3BjeXJRcVhDcXp6NHc2V3NtOWVvNjZEUmYxT1oiLCJtYWMiOiJmNTIyNDMyZGY1OWM5MzQ1YjQzMzUwZWJjMjU2NDEyMWY2Y2NkZmFkYTM1YzRjNjc3ZWQ3YzAyZGY4NmU2MTY3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpzR2VRaGdhVWpnamxObG9WSG1XWWc9PSIsInZhbHVlIjoiSEROcFZTakJETDJlakpwcXJ4NFJhL0J1dDk3akJVRmIvSUpnbnFjSUpYZjRvYy9Jdzd6c1diQ3VML3o3TzVMelhYL2hFbVEycVk2UEE5QlU4bUxmUDJwZ0Q1eVBFSS9Da0Q1UmFZQlFWZmVsTHNtK1RvQTdCNjVKOTJlUWl1UDgiLCJtYWMiOiJmM2U2ZGEyOTM3YTQwNmYzMTdkNjljMzM3ODlmZTliMzYxMDY0OGRkNGFiZjE0YzFkZjk3MzYzOWQxMjRmMDU5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56sesJTzfcmAxabyrLWvP6714 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /xyAK1toOKhpqHsIagh28 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pqqina5J9anrX4T34Ynnre0Muv34 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12vnCRlKsTzZjVT56pR4oFqr50 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /90sTUkiyH4245xrUlst59 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /45OnLaTWZs2qgYabuINgL4dvw64 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /90j1eG3tSaytCwjrXzICsMuefyQpW4g8SFab80 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efj0QgJZW9JHw4OAoXd1z56cqQUjXMUU7UYjkl98 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /34xSwtQgKAp3oNRo2XIhbcuyRLwijd5xR6ILW2Mj67102 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnvbpQOE60x1oduwW74f9kgGveqT1ssLtsdOI8pK2fRRfijnjLtgfSwfseVvon0PCZ4xLaFgKTGwx215 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: zdx79qcONMs+OpOiFefbiw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /ij2sblMB9uqRjaOCX3GLDMFudJ9UX7uSjqrfiXIVkWLVfU15bvUBz0mm7jEqSMMnyz223 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wx6hFLBxsRd99C5DxuUMgquYKDqrJqNXasAmjDrY34q34130 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnvbpQOE60x1oduwW74f9kgGveqT1ssLtsdOI8pK2fRRfijnjLtgfSwfseVvon0PCZ4xLaFgKTGwx215 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /op3AxGuP48aCiTtE2SxuqObmnVSkPtX479dK4Hy345140 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ij2sblMB9uqRjaOCX3GLDMFudJ9UX7uSjqrfiXIVkWLVfU15bvUBz0mm7jEqSMMnyz223 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efTE8AlmmIvzAV3K8o5AQVlqPzZXuvN1itvkp3chH0f3H2ddHeF6Q78150 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijl0PP777HVrHScMXgR7gTyo5xyJytwxts14f1CtGh1mtT9V78170 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxQoa3PcacIN8l8eONdRTNb66TopfTiEuESXYXn0nGBjbi90179 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uj6UsCyNIXCVmrr31WJxQqiQZWdn6ed34u1ckScrYpe6rK0x8Jdn7cq HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opXVk7AzekvB1YjzS6f4vb7LaJyrg7QL7V3pAuvDuTp365ElnuOfEIxkiTuef200 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wx6hFLBxsRd99C5DxuUMgquYKDqrJqNXasAmjDrY34q34130 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efTE8AlmmIvzAV3K8o5AQVlqPzZXuvN1itvkp3chH0f3H2ddHeF6Q78150 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghvgAmR5Qv9HxnvpSMeJiR9aips0krQYtT0TR2Q7vJzrmn0rwwTpSoAeQyYK83VKxzfef210 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opv9cDxdvE9KLbZgJXc9zuRkMs5LLj0LyAUVLuisuvLGVVluCJfp1hAwWWTAAq09EWXsw1hMtNJ7UWrHef240 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stCaYd6VnU0XYxLpqaoDbZJYHmD3Wcmj35vGNvAEby25KwkIS454ZqSSQ7vRTC4xt8UDSyugh254 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /op3AxGuP48aCiTtE2SxuqObmnVSkPtX479dK4Hy345140 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxQoa3PcacIN8l8eONdRTNb66TopfTiEuESXYXn0nGBjbi90179 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijl0PP777HVrHScMXgR7gTyo5xyJytwxts14f1CtGh1mtT9V78170 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opXVk7AzekvB1YjzS6f4vb7LaJyrg7QL7V3pAuvDuTp365ElnuOfEIxkiTuef200 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opv9cDxdvE9KLbZgJXc9zuRkMs5LLj0LyAUVLuisuvLGVVluCJfp1hAwWWTAAq09EWXsw1hMtNJ7UWrHef240 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stCaYd6VnU0XYxLpqaoDbZJYHmD3Wcmj35vGNvAEby25KwkIS454ZqSSQ7vRTC4xt8UDSyugh254 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghvgAmR5Qv9HxnvpSMeJiR9aips0krQYtT0TR2Q7vJzrmn0rwwTpSoAeQyYK83VKxzfef210 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: WYMdRpXOYa0mdNWBrmB/kg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: d4BV09knXdyp9glolR9gwA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=fgrLVBwBeZfyRlD&MD=HVB4NlN6 HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: IsFzEtO8JFSwkhHG+JGOdQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: /IY0hoGByTAjw+3c1sxyMg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: bjEV6u/6hf81oDDnYBOzHQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: unknown

DNS traffic detected: queries for: aq38e.ishuter.com

Source: unknown

HTTP traffic detected: POST /cdn-cgi/challenge-platform/h/b/flow/ov1/225845573:1713874485:F_Nkq0K6BeHcnYnKlLfkKCGW9ARvswhJrmlvFkrLy44/878de6e2c85d53fd/e22adde551fe489 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveContent-Length: 2686sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-type: application/x-www-form-urlencodedsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36CF-Challenge: e22adde551fe489sec-ch-ua-platform: "Windows"Accept: */*Origin: https://challenges.cloudflare.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 12:37:15 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhgcyRQvtTDTas%2FIXP%2BDu0zkqu4vuu2HKQgJVCGfp51Z8QLQhoMU9plHlih1YmPPGBnOMreWCBCrED1E%2FkQ4hi5wYs3F5jCqPjCpf2aAxIj2hEA7MKWTp%2BgQ1%2FuZHA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 878de7620b247bc9-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 12:37:21 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ptoAUzbkHeclMcH5gklIBw2tYWxnAAh1pZTWYKP2OFuB9EaRvkp8Y1qkCvyZQMd689KTKR0UrAz%2FVt9Rp6Wl9ACW5J9dIH7Gb6TT2A3Btt62Q6tXaaS4NYCXRbCiVQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 878de7810f02673a-ATL

Source: chromecache_112.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_112.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_112.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_112.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_112.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_112.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_112.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_112.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_112.2.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_102.2.dr, chromecache_112.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_112.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__.
Source: chromecache_102.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49818 version: TLS 1.2

System Summary

HTML document with suspicious name

Source: Name includes: Integraconnect Play Now 484 484 6292.htm

Initial sample: play

Source: classification engine

Classification label: mal76.phis.evad.winHTM@30/71@20/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\Integraconnect Play Now 484 484 6292.htm"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2000,i,829850008273557891,11942607362507623547,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2000,i,829850008273557891,11942607362507623547,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Data Obfuscation

HTML file submission requesting Cloudflare captcha challenge

Source: https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com

HTTP Parser: https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
108.156.152.88	d2vgu95hoyrpkh.cloudfront.net	United States	16509	AMAZON-02US	false
172.67.197.95	aq38e.ishuter.com	United States	13335	CLOUDFLARENETUS	true
74.125.136.99	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.251.15.106	www.google.com	United States	15169	GOOGLEUS	false
151.101.194.137	code.jquery.com	United States	54113	FASTLYUS	false
104.21.84.216	unknown	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.17.2.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
a.nel.cloudflare.com	35.190.80.1	true
code.jquery.com	151.101.194.137	true
d2vgu95hoyrpkh.cloudfront.net	108.156.152.88	true
challenges.cloudflare.com	104.17.2.184	true
www.google.com	142.251.15.106	true
aq38e.ishuter.com	172.67.197.95	true
cdn.socket.io	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://aq38e.ishuter.com/op3AxGuP48aCiTtE2SxuqObmnVSkPtX479dK4Hy345140	false	Avira URL Cloud: safe	unknown
https://code.jquery.com/jquery-3.6.0.min.js	false		high
https://aq38e.ishuter.com/kUNZy5W/	true	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com	true		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=878de6e2c85d53fd	false		high
https://aq38e.ishuter.com/56sesJTzfcmAxabyrLWvP6714	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/efTE8AlmmIvzAV3K8o5AQVlqPzZXuvN1itvkp3chH0f3H2ddHeF6Q78150	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS#	true		unknown
https://aq38e.ishuter.com/12vnCRlKsTzZjVT56pR4oFqr50	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normal	false		high
https://aq38e.ishuter.com/ijl0PP777HVrHScMXgR7gTyo5xyJytwxts14f1CtGh1mtT9V78170	false	Avira URL Cloud: safe	unknown
https://www.google.com/recaptcha/api.js	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false		high
https://aq38e.ishuter.com/90j1eG3tSaytCwjrXzICsMuefyQpW4g8SFab80	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/34xSwtQgKAp3oNRo2XIhbcuyRLwijd5xR6ILW2Mj67102	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/fqHhVLOh6q8XmxqdbOrt7KC699a	false	Avira URL Cloud: safe	unknown
file:///C:/Users/user/Desktop/Integraconnect%20Play%20Now%20484%20484%206292.htm	true	Avira URL Cloud: safe	low
https://aq38e.ishuter.com/opv9cDxdvE9KLbZgJXc9zuRkMs5LLj0LyAUVLuisuvLGVVluCJfp1hAwWWTAAq09EWXsw1hMtNJ7UWrHef240	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/878de6e2c85d53fd/1713875817250/e5c240b8191900b2cbaaefac1be4efa61ef98d4c9007858c1ece2e7ba2dc91bc/CJgA4Ja9szWo5NH	false		high
https://aq38e.ishuter.com/efj0QgJZW9JHw4OAoXd1z56cqQUjXMUU7UYjkl98	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/ghvgAmR5Qv9HxnvpSMeJiR9aips0krQYtT0TR2Q7vJzrmn0rwwTpSoAeQyYK83VKxzfef210	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/xyAK1toOKhpqHsIagh28	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/wx6hFLBxsRd99C5DxuUMgquYKDqrJqNXasAmjDrY34q34130	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/opXVk7AzekvB1YjzS6f4vb7LaJyrg7QL7V3pAuvDuTp365ElnuOfEIxkiTuef200	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/225845573:1713874485:F_Nkq0K6BeHcnYnKlLfkKCGW9ARvswhJrmlvFkrLy44/878de6e2c85d53fd/e22adde551fe489	false		high
https://aq38e.ishuter.com/stCaYd6VnU0XYxLpqaoDbZJYHmD3Wcmj35vGNvAEby25KwkIS454ZqSSQ7vRTC4xt8UDSyugh254	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS	true		unknown
https://aq38e.ishuter.com/kUNZy5W/?RHmelanie.mcclannan@integraconnect.com	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/ij2sblMB9uqRjaOCX3GLDMFudJ9UX7uSjqrfiXIVkWLVfU15bvUBz0mm7jEqSMMnyz223	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/pqqina5J9anrX4T34Ynnre0Muv34	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/wxQoa3PcacIN8l8eONdRTNb66TopfTiEuESXYXn0nGBjbi90179	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/uj6UsCyNIXCVmrr31WJxQqiQZWdn6ed34u1ckScrYpe6rK0x8Jdn7cq	false	Avira URL Cloud: safe	unknown
https://cdn.socket.io/4.6.0/socket.io.min.js	false		high
https://aq38e.ishuter.com/mnvbpQOE60x1oduwW74f9kgGveqT1ssLtsdOI8pK2fRRfijnjLtgfSwfseVvon0PCZ4xLaFgKTGwx215	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket	false	Avira URL Cloud: safe	unknown
https://aq38e.ishuter.com/90sTUkiyH4245xrUlst59	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/878de6e2c85d53fd/1713875817253/nRZ54r9PpQeWAjN	false		high
https://aq38e.ishuter.com/45OnLaTWZs2qgYabuINgL4dvw64	false	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v4?s=EQj1iT8gNoKt600dftUU5CFs8U%2FyRe4rYdALqcH2LBjz4fF2fPNqDbN6qZ%2FejwcRJ1Uoqj5qeAonpCosQHGwZiQYeRExCZ5xGFdLNyYUtr%2FEXJH%2FDQov%2FFEM0E8vVQ%3D%3D	false		high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with very long lines (45667)	80F5B8C6A9EEAC15DE93E5A112036A06	F7174635137D37581B11937FC90E9CB325077BCE	0401DE33701F1CAD16ECF952899D23990B6437D0A5B7335524EDF6BDFB932542
Chrome Cache Entry: 101	Web Open Font Format (Version 2), TrueType, length 28000, version 1.66	A4BCA6C95FED0D0C5CC46CF07710DCEC	73B56E33B82B42921DB8702A33EFD0F2B2EC9794	5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
Chrome Cache Entry: 102	ASCII text, with very long lines (1222), with no line terminators	E9AD011280352C75C6F9CF212C42AACD	05A41AC3A9E296E1D9E6251E6908EABFE9697D04	B5E1FFD95251B13685BD867DFB1759CEB8DE9E5FB874E052C856022B29DDA862
Chrome Cache Entry: 103	HTML document, ASCII text, with very long lines (1445), with CRLF line terminators	C4C7DE3D1D967AC61B19436CA0DECF9B	197210800DA7229FBDA1FB11E795EC98D8136F6C	71F1B88E66C10785C166032A58BEF145E7ED9BA191EAAA192CC3DD05A964F39B
Chrome Cache Entry: 104	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 105	SVG Scalable Vector Graphics image	59759B80E24A89C8CD029B14700E646D	651B1921C99E143D3C242DE3FAACFB9AD51DBB53	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
Chrome Cache Entry: 106	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 107	SVG Scalable Vector Graphics image	59759B80E24A89C8CD029B14700E646D	651B1921C99E143D3C242DE3FAACFB9AD51DBB53	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
Chrome Cache Entry: 108	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 109	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 110	ASCII text, with very long lines (23398), with no line terminators	C1C51D30D5E7094136F2D828349E520F	10AE8971AD7A8798BC9732707FE4896B57541557	0C55057782E3B346C2B819574BFA916852BC8AC5BB4E01D56E8FBFFC22043C98
Chrome Cache Entry: 111	PNG image data, 40 x 91, 8-bit/color RGB, non-interlaced	A1A5485AC2C8F214B752E76E5B036E44	F69DEF27E67EF008A6A7578B9EE155FB04AB5F79	14585AEEBB3946EE48CD46BE3617FB02C79274D28A0030FEC1DFCDA27C420D8E
Chrome Cache Entry: 112	ASCII text, with very long lines (597)	8326C23D6B3EED35BC3E62F3294587FD	EDDA17E74E53E85073E5EAC9CB6BE2163DBFA23C	57F03D3BA66117EDC152646341120DD3A1D7D71B9A98A3723AF5A8AE61BCB3AB
Chrome Cache Entry: 113	PNG image data, 40 x 91, 8-bit/color RGB, non-interlaced	A1A5485AC2C8F214B752E76E5B036E44	F69DEF27E67EF008A6A7578B9EE155FB04AB5F79	14585AEEBB3946EE48CD46BE3617FB02C79274D28A0030FEC1DFCDA27C420D8E
Chrome Cache Entry: 114	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 115	ASCII text, with very long lines (42414)	F94A2211CE789A95A7C67E8C660D63E8	F1FC19B6BCB96D0A905BF3192AAFF0885FF9F36F	926DC3302F99EC05E4206E965DDEB7250F5910A8C38E82C7BEAFB724BBAAF37B
Chrome Cache Entry: 116	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 117	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 118	HTML document, ASCII text, with very long lines (59541), with CRLF line terminators	3D933F90FD45FC45CB7106A894C31A4C	BDB59673C58598636815B24998364870EBE22CB8	840C54B348A0C2931F4D589BE10FD878C1CFF7372372B22429C718E229409FC3
Chrome Cache Entry: 119	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 120	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 121	Web Open Font Format, TrueType, length 35970, version 1.0	496B7BBDE91C7DC7CF9BBABBB3921DA8	2BD3C406A715AB52DAD84C803C55BF4A6E66A924	AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
Chrome Cache Entry: 122	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators	78A5500114640D663460BCBB33E694EB	C72B1B93C8BC2DDBD77BA3C042A8ED415B6B8E26	E97FE9DB7CA567DA1F9F5A3B87B669146ADDF1983392C32FDA68C4D667A3CA22
Chrome Cache Entry: 123	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 124	Web Open Font Format (Version 2), TrueType, length 28584, version 1.66	17081510F3A6F2F619EC8C6F244523C7	87F34B2A1532C50F2A424C345D03FE028DB35635	2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
Chrome Cache Entry: 125	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 126	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 127	Web Open Font Format, TrueType, length 36696, version 1.0	A69E9AB8AFDD7486EC0749C551051FF2	C34E6AA327B536FB48D1FE03577A47C7EE2231B8	FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
Chrome Cache Entry: 128	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 129	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 130	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 131	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 90	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 91	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 92	ASCII text, with very long lines (1437), with CRLF line terminators	FBE2FCF4596B299453C91B7231BA7427	743291EE60A551E043529AFDC9E3FBE72D70E776	2DE22B4CDEDCBEB9CD5F63EA7A0DF8F77D0EF9086D200B052BFA9EE949DEED40
Chrome Cache Entry: 93	Web Open Font Format (Version 2), TrueType, length 93276, version 1.0	BCD7983EA5AA57C55F6758B4977983CB	EF3A009E205229E07FB0EC8569E669B11C378EF1	6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
Chrome Cache Entry: 94	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 95	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 96	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 97	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 98	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 99	Web Open Font Format (Version 2), TrueType, length 43596, version 1.0	2A05E9E5572ABC320B2B7EA38A70DCC1	D5FA2A856D5632C2469E42436159375117EF3C35	3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 3.4.pages.csv, type: HTML
Source: Yara match	File source: 4.5.pages.csv, type: HTML

Detected javascript redirector / loader

Source: Integraconnect Play Now 484 484 6292.htm

HTTP Parser: Low number of body elements: 1

HTML document with suspicious title

Source: file:///C:/Users/user/Desktop/Integraconnect%20Play%20Now%20484%20484%206292.htm

Tab title: Integraconnect Play Now 484 484 6292.htm

HTML page contains suspicious base64 encoded javascript

Source: https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com

HTTP Parser: Base64 decoded: <script>

Phishing site detected (based on logo match)

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS	Matcher: Template: microsoft matched
Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS#	Matcher: Template: microsoft matched

HTML body contains low number of good links

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden URLs or javascript code

Source: https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com

HTML title does not match URL

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: Title: mWexxkTcmh does not match URL

Invalid T&C link found

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS	HTTP Parser: Invalid link: Terms of use
Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS	HTTP Parser: Invalid link: Privacy & cookies

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: <input type="password" .../> found

Source: Integraconnect Play Now 484 484 6292.htm	HTTP Parser: No favicon
Source: file:///C:/Users/user/Desktop/Integraconnect%20Play%20Now%20484%20484%206292.htm	HTTP Parser: No favicon
Source: https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normal	HTTP Parser: No favicon
Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS	HTTP Parser: No favicon

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: No <meta name="author".. found

Source: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49818 version: TLS 1.2

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 108.156.152.88 108.156.152.88
Source: Joe Sandbox View	IP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox View	IP Address: 151.101.194.137 151.101.194.137
Source: Joe Sandbox View	IP Address: 104.17.2.184 104.17.2.184

Internet Provider seen in connection with other malware

Source: Joe Sandbox View

ASN Name: CLOUDFLARENETUS CLOUDFLARENETUS

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86

Source: global traffic	HTTP traffic detected: GET /kUNZy5W/ HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=878de6e2c85d53fd HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/225845573:1713874485:F_Nkq0K6BeHcnYnKlLfkKCGW9ARvswhJrmlvFkrLy44/878de6e2c85d53fd/e22adde551fe489 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/878de6e2c85d53fd/1713875817250/e5c240b8191900b2cbaaefac1be4efa61ef98d4c9007858c1ece2e7ba2dc91bc/CJgA4Ja9szWo5NH HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/878de6e2c85d53fd/1713875817253/nRZ54r9PpQeWAjN HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/q8pou/0x4AAAAAAAWqRpkP_ZLY4a7j/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/878de6e2c85d53fd/1713875817253/nRZ54r9PpQeWAjN HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/225845573:1713874485:F_Nkq0K6BeHcnYnKlLfkKCGW9ARvswhJrmlvFkrLy44/878de6e2c85d53fd/e22adde551fe489 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=fgrLVBwBeZfyRlD&MD=HVB4NlN6 HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/225845573:1713874485:F_Nkq0K6BeHcnYnKlLfkKCGW9ARvswhJrmlvFkrLy44/878de6e2c85d53fd/e22adde551fe489 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /kUNZy5W/ HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://aq38e.ishuter.com/kUNZy5W/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVZTmZNaHIxaTkrbWo3SUJMNE1SUnc9PSIsInZhbHVlIjoiblQxeURtTU5jWTVmVVI3TU5LOHIzYVdjdmlIeEFYVFNncG1JTm9DcXV2RzMrYlJQN3FOdWJadzV6dkljeVVkUzREdGJIWkRoR1Riblp3YkpGYUczcDNhUk91a0EvZ2IrQklraHNvNUZjc3h3ME5yU3FLNTFjeU1qZDljVUJ1ak8iLCJtYWMiOiJiM2UzZGY2YjhiOGNjYmYyYzczYTc2ZmM0YjQyOWQyYjFjOWEzZTBiODkxZjc0Mjg2NjY0OGJmZmJjZjc5ZTg5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InNSNWVxc3UwNTBFZFovZTgwTzdBUUE9PSIsInZhbHVlIjoia1JyWnZ1RUZYSTJ1a0haWkVQeUtkRkxRVFg0R1kyQ0NaSXNFQ1VWUHYrWXNPNkJNR3pvOVZ2Q0FtQ0swV0diRWdWLzFIL2gxeXp6Y1pkUjhkNnc1bDcvcWVZdEtQQllGSS9FV2lVbFJGWTFiYThqaTNiUks1TzVwTFNibDlrQXAiLCJtYWMiOiI1N2M2MjJiZmI0OGE3ZGY3ZjRjYjNkMjc0ZGQ1Njc0YWJkMGQ0MTBiYjhiOWM2OWZjOGYwYzhiZTg1NmNhZTJhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fqHhVLOh6q8XmxqdbOrt7KC699a HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVZTmZNaHIxaTkrbWo3SUJMNE1SUnc9PSIsInZhbHVlIjoiblQxeURtTU5jWTVmVVI3TU5LOHIzYVdjdmlIeEFYVFNncG1JTm9DcXV2RzMrYlJQN3FOdWJadzV6dkljeVVkUzREdGJIWkRoR1Riblp3YkpGYUczcDNhUk91a0EvZ2IrQklraHNvNUZjc3h3ME5yU3FLNTFjeU1qZDljVUJ1ak8iLCJtYWMiOiJiM2UzZGY2YjhiOGNjYmYyYzczYTc2ZmM0YjQyOWQyYjFjOWEzZTBiODkxZjc0Mjg2NjY0OGJmZmJjZjc5ZTg5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InNSNWVxc3UwNTBFZFovZTgwTzdBUUE9PSIsInZhbHVlIjoia1JyWnZ1RUZYSTJ1a0haWkVQeUtkRkxRVFg0R1kyQ0NaSXNFQ1VWUHYrWXNPNkJNR3pvOVZ2Q0FtQ0swV0diRWdWLzFIL2gxeXp6Y1pkUjhkNnc1bDcvcWVZdEtQQllGSS9FV2lVbFJGWTFiYThqaTNiUks1TzVwTFNibDlrQXAiLCJtYWMiOiI1N2M2MjJiZmI0OGE3ZGY3ZjRjYjNkMjc0ZGQ1Njc0YWJkMGQ0MTBiYjhiOWM2OWZjOGYwYzhiZTg1NmNhZTJhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kUNZy5W/?RHmelanie.mcclannan@integraconnect.com HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://aq38e.ishuter.com/kUNZy5W/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZGdHRSZnF2MFF5djNyWEJ6S3RMYmc9PSIsInZhbHVlIjoiQWdHdEJWMS9CTWp6eWNaUGcyTndMOFVCU2sxTGlXOVdSLzlNSjdPU1FrekVuN2w1ZVpteEhmajIwWGZabFN0ODFjMGNBdWdOaDJrT1hJem13V1ZQc1B5d3ZQZXAxcEUweUJHZmVOWmNIWnpPeUV3c210V3hEbVF2V1U1cXFsMk8iLCJtYWMiOiI5YTI1NDFiNDNiOWYzYjc4ZGNjMTEzNDlhZDRmYTdjOGIyYzJlNjI4NzZlMDM1MjBlM2QwZGE5NmVkNzNmZTNkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhLaGFHbHQrRndOcWh3ZTQvMit6aXc9PSIsInZhbHVlIjoiYlVTcTVhd095eG5Kdm9wcmdFNFE1RStSYXlSWHpteXRXSEJUQjNBK2w0RGxYOHI3c284VTZZaUo5Y1VGc2U0SE5ReGNva3pHajV4bGZaSy9pWHVyci9jK29LSjJwVTJTVllFaHBtS01FSWJhb2xjYmFrU1RkZ09sb3c0SlViYWEiLCJtYWMiOiI4NWI3OGNjOTE1MDgwZGU4Y2ZkMmZlODc3MDI5YzIyNDlmMmE4M2I1YzkzY2U1ZWNjZDE1NThhNzFmYzhlYzhjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBS HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://aq38e.ishuter.com/kUNZy5W/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IktrblJNRisxN2t4S0hVVk1aak5Cb3c9PSIsInZhbHVlIjoidDFFdHRTZ0xaNzJtdzlTOEdBYllVMXJuY24rQjVwSTkydVREQW1lN1FoUWNGd3NwZTZ4S29BQnNER0FRQmxZaVBEbkI2cWEzK0F0UDRQZHV6V2NNNnVVYm1rb2hiM1lDZkdFc3BjeXJRcVhDcXp6NHc2V3NtOWVvNjZEUmYxT1oiLCJtYWMiOiJmNTIyNDMyZGY1OWM5MzQ1YjQzMzUwZWJjMjU2NDEyMWY2Y2NkZmFkYTM1YzRjNjc3ZWQ3YzAyZGY4NmU2MTY3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpzR2VRaGdhVWpnamxObG9WSG1XWWc9PSIsInZhbHVlIjoiSEROcFZTakJETDJlakpwcXJ4NFJhL0J1dDk3akJVRmIvSUpnbnFjSUpYZjRvYy9Jdzd6c1diQ3VML3o3TzVMelhYL2hFbVEycVk2UEE5QlU4bUxmUDJwZ0Q1eVBFSS9Da0Q1UmFZQlFWZmVsTHNtK1RvQTdCNjVKOTJlUWl1UDgiLCJtYWMiOiJmM2U2ZGEyOTM3YTQwNmYzMTdkNjljMzM3ODlmZTliMzYxMDY0OGRkNGFiZjE0YzFkZjk3MzYzOWQxMjRmMDU5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56sesJTzfcmAxabyrLWvP6714 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /xyAK1toOKhpqHsIagh28 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pqqina5J9anrX4T34Ynnre0Muv34 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12vnCRlKsTzZjVT56pR4oFqr50 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /90sTUkiyH4245xrUlst59 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /45OnLaTWZs2qgYabuINgL4dvw64 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /90j1eG3tSaytCwjrXzICsMuefyQpW4g8SFab80 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efj0QgJZW9JHw4OAoXd1z56cqQUjXMUU7UYjkl98 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://aq38e.ishuter.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /34xSwtQgKAp3oNRo2XIhbcuyRLwijd5xR6ILW2Mj67102 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnvbpQOE60x1oduwW74f9kgGveqT1ssLtsdOI8pK2fRRfijnjLtgfSwfseVvon0PCZ4xLaFgKTGwx215 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: zdx79qcONMs+OpOiFefbiw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /ij2sblMB9uqRjaOCX3GLDMFudJ9UX7uSjqrfiXIVkWLVfU15bvUBz0mm7jEqSMMnyz223 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wx6hFLBxsRd99C5DxuUMgquYKDqrJqNXasAmjDrY34q34130 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnvbpQOE60x1oduwW74f9kgGveqT1ssLtsdOI8pK2fRRfijnjLtgfSwfseVvon0PCZ4xLaFgKTGwx215 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /op3AxGuP48aCiTtE2SxuqObmnVSkPtX479dK4Hy345140 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ij2sblMB9uqRjaOCX3GLDMFudJ9UX7uSjqrfiXIVkWLVfU15bvUBz0mm7jEqSMMnyz223 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efTE8AlmmIvzAV3K8o5AQVlqPzZXuvN1itvkp3chH0f3H2ddHeF6Q78150 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijl0PP777HVrHScMXgR7gTyo5xyJytwxts14f1CtGh1mtT9V78170 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InUrK25nNzV3S0RBMzJxa3I5L1FXSEE9PSIsInZhbHVlIjoiTVQ4a0VEdVpmaVlxaElEQjNPcnp6Q2N1aFJleG5uTXFnV2xRa1o4MnVGVEZuTHpEZVlCdG4ycHY0ZmZ4ZWp2ZWxtOVFjNnVYQk5yb1RFcVVndXlKRFA1RGRJYkxkVCtBbzcyQjBIczBpVUxxcTdpcktpWTFyZzNmb21TYU9tS0MiLCJtYWMiOiIwZGJkNzBlNWE4MTIzZTQ4NzA5YTlmM2EwYjIyZjQ5ZGY2YTBmYTE3NWI5OGQ3NWRjNWQ2OGU4ZDliMzc1ODdiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImorQWNVNGhCT0ZhNlJmeTRhSnlHUVE9PSIsInZhbHVlIjoiRVAveTFIOHZaMzBQcnkyMzVEclFvMERYNGlxdkRUdm9EcU9IaHc4R3dsSk51aGsvcm5QWVJrTVdYMCtVNGtEV3JNVUNYL0VpWVVReDB2NERjMGhQMzlvSHF6R1doVWpyKzBvZ0JFbjRGb2YzVmtiQUZ0ZUFnOXlyV25ReVR0YTEiLCJtYWMiOiI3ODAyMWY3ZmY2OGFiM2ZkY2NlN2YzNTkyODc3ZGNkNzQzZDJiZjNhZDkwYjk4YWFmZTQ4YjVkYmEzNTZkYjAyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxQoa3PcacIN8l8eONdRTNb66TopfTiEuESXYXn0nGBjbi90179 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uj6UsCyNIXCVmrr31WJxQqiQZWdn6ed34u1ckScrYpe6rK0x8Jdn7cq HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opXVk7AzekvB1YjzS6f4vb7LaJyrg7QL7V3pAuvDuTp365ElnuOfEIxkiTuef200 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wx6hFLBxsRd99C5DxuUMgquYKDqrJqNXasAmjDrY34q34130 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efTE8AlmmIvzAV3K8o5AQVlqPzZXuvN1itvkp3chH0f3H2ddHeF6Q78150 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghvgAmR5Qv9HxnvpSMeJiR9aips0krQYtT0TR2Q7vJzrmn0rwwTpSoAeQyYK83VKxzfef210 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opv9cDxdvE9KLbZgJXc9zuRkMs5LLj0LyAUVLuisuvLGVVluCJfp1hAwWWTAAq09EWXsw1hMtNJ7UWrHef240 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stCaYd6VnU0XYxLpqaoDbZJYHmD3Wcmj35vGNvAEby25KwkIS454ZqSSQ7vRTC4xt8UDSyugh254 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://aq38e.ishuter.com/1303648218011338311063032pBluSckRQXEXDSNBUDUNLOUZOTQHFOVHNNHKOJUMLKQUUZGOIXUHMMPNY?smVDNiDmOLwWGqFeokfSHkCXSabKXVGHMFTUYATNRBOJEOJAOPJUGUBSAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /op3AxGuP48aCiTtE2SxuqObmnVSkPtX479dK4Hy345140 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxQoa3PcacIN8l8eONdRTNb66TopfTiEuESXYXn0nGBjbi90179 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijl0PP777HVrHScMXgR7gTyo5xyJytwxts14f1CtGh1mtT9V78170 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opXVk7AzekvB1YjzS6f4vb7LaJyrg7QL7V3pAuvDuTp365ElnuOfEIxkiTuef200 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opv9cDxdvE9KLbZgJXc9zuRkMs5LLj0LyAUVLuisuvLGVVluCJfp1hAwWWTAAq09EWXsw1hMtNJ7UWrHef240 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stCaYd6VnU0XYxLpqaoDbZJYHmD3Wcmj35vGNvAEby25KwkIS454ZqSSQ7vRTC4xt8UDSyugh254 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghvgAmR5Qv9HxnvpSMeJiR9aips0krQYtT0TR2Q7vJzrmn0rwwTpSoAeQyYK83VKxzfef210 HTTP/1.1Host: aq38e.ishuter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: WYMdRpXOYa0mdNWBrmB/kg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: d4BV09knXdyp9glolR9gwA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=fgrLVBwBeZfyRlD&MD=HVB4NlN6 HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: IsFzEtO8JFSwkhHG+JGOdQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: /IY0hoGByTAjw+3c1sxyMg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: aq38e.ishuter.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://aq38e.ishuter.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikd0NlMwcjU3OVFKMmZWYjBkQm9wemc9PSIsInZhbHVlIjoieG4zd3dEMitLbHlwYmxtcHVCNjNKSEh1L002c0JYUEkvbjk0Q1NwRXFwTmhvdTJxcVkwZGVPWVZVQk5TVlRFTFBpY1g0U1R0OUJ5UHVjTkxxZWJrc29nditBMTAzUWRlLy9QSUJEWTUrNndwR3JZTXcyWVYwdG8zSU5SMm9TQ3ciLCJtYWMiOiJkYzRjYmY1MDllMmU3ODJlYzMxOWRjMTE4OWE2ZmRhMDFlNGUxYThiMzc0YzEwZDM3ZTAyOTc2NTEyZmM5NWE5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkFoNmRrS0FHdXBKMyt1YU9KSHhqTmc9PSIsInZhbHVlIjoiend2Z0Zjb3JVMXR6Qm5HOGFJczIzLytIamdvQTdFYVExditUNDBwbEIrUWdNZDYwSHRNbEdxN0xCZUxoQVphRWxWK1RLV2lXeGlBdjBnQzJJQ0phN2xkdjRxUzJMT0t0dmVydmw1aDlTY3M0Tk81MnZHeTM5SGNqaVNJd0lMcHoiLCJtYWMiOiI4ZmE5MjRhMjczMzg1OTE5YzJlYTJmMTY4MjE5OTM4NTRhZWE2ZDFjZDFmODMxODYxNzcwMmIwNGM0MTEzY2EyIiwidGFnIjoiIn0%3DSec-WebSocket-Key: bjEV6u/6hf81oDDnYBOzHQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: unknown

DNS traffic detected: queries for: aq38e.ishuter.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 12:37:15 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhgcyRQvtTDTas%2FIXP%2BDu0zkqu4vuu2HKQgJVCGfp51Z8QLQhoMU9plHlih1YmPPGBnOMreWCBCrED1E%2FkQ4hi5wYs3F5jCqPjCpf2aAxIj2hEA7MKWTp%2BgQ1%2FuZHA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 878de7620b247bc9-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 12:37:21 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ptoAUzbkHeclMcH5gklIBw2tYWxnAAh1pZTWYKP2OFuB9EaRvkp8Y1qkCvyZQMd689KTKR0UrAz%2FVt9Rp6Wl9ACW5J9dIH7Gb6TT2A3Btt62Q6tXaaS4NYCXRbCiVQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 878de7810f02673a-ATL

Source: chromecache_112.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_112.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_112.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_112.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_112.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_112.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_112.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_112.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_112.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_112.2.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_102.2.dr, chromecache_112.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_112.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__.
Source: chromecache_102.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49818 version: TLS 1.2

System Summary

HTML document with suspicious name

Source: Name includes: Integraconnect Play Now 484 484 6292.htm

Initial sample: play

Source: classification engine

Classification label: mal76.phis.evad.winHTM@30/71@20/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\Integraconnect Play Now 484 484 6292.htm"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2000,i,829850008273557891,11942607362507623547,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2000,i,829850008273557891,11942607362507623547,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Data Obfuscation

HTML file submission requesting Cloudflare captcha challenge

Source: https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com

HTTP Parser: https://aq38e.ishuter.com/kUNZy5W/#Hmelanie.mcclannan@integraconnect.com

ID:	1430328
Product:	CloudBasic
Start time:	14:36:02
Start date:	23.04.2024
Sample:	Integraconnect Play Now 484 484 6292.htm
Cookbook:	defaultwindowshtmlcookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	7340ca3c4e18602b676b2a122b83837b
SHA1:	b63e55cd19c68dab54ed1463220e16c0949b1f37
SHA256:	2974def24153a91cf17dde201fa291b17e6547d1541034e221b41e21a1d00a81
Filetype:	HyperText Markup Language (15015/1) 100.00%

Windows Analysis Report
Integraconnect Play Now 484 484 6292.htm

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report Integraconnect Play Now 484 484 6292.htm

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
Integraconnect Play Now 484 484 6292.htm