Windows Analysis Report
https://u44056869.ct.sendgrid.net/ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmtiLhfYkhEkgve628OiJsccHyeYc3lkmkn6epsOmmj4-2Fi-2BWjxfm73m7vUzCOGnDWnQJBmmd6DmkDcfIw-3D-3DlLb9_7VBE-2B

Overview

General Information

Sample URL:	https://u44056869.ct.sendgrid.net/ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmt
Analysis ID:	1430564
Infos:

Detection

HTMLPhisher

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

HTML page contains suspicious base64 encoded javascript

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid T&C link found

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 3.5.pages.csv, type: HTML
Source: Yara match	File source: 4.6.pages.csv, type: HTML

HTML page contains suspicious base64 encoded javascript

Source: https://o5u7g.zleu9.com/O5u7Gw/

HTTP Parser: Base64 decoded: <script>

Phishing site detected (based on image similarity)

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM	Matcher: Template: microsoft matched
Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM#	Matcher: Template: microsoft matched

HTML body contains low number of good links

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden URLs or javascript code

Source: https://o5u7g.zleu9.com/O5u7Gw/

HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <meta http-equiv="X-UA-Compatible" c...

HTML title does not match URL

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: Title: BgGaKKKcrg does not match URL

Invalid T&C link found

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM	HTTP Parser: Invalid link: Terms of use
Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM	HTTP Parser: Invalid link: Privacy & cookies

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: <input type="password" .../> found

Source: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288	HTTP Parser: No favicon
Source: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288	HTTP Parser: No favicon
Source: https://o5u7g.zleu9.com/O5u7Gw/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normal	HTTP Parser: No favicon
Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM	HTTP Parser: No favicon

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: No <meta name="author".. found

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49733 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49720 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49733 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmtiLhfYkhEkgve628OiJsccHyeYc3lkmkn6epsOmmj4-2Fi-2BWjxfm73m7vUzCOGnDWnQJBmmd6DmkDcfIw-3D-3DlLb9_7VBE-2BPKrWdDFE8TeQU0FNoYmRNt3BbsAfHCQfpyMVcUv91cWM1GbR6tMnpfVZqwoeCii1Z-2FHB6Wp4CGi-2FJ4Nq2flvhbRyRKwbWUqyssDslf87wBQZbBQ0EZsTXlvzjuj1ZnarL4QCJJlvUup-2FiM-2F9GPG6X3nhhKKp6sQ0v-2BBs5Jrrpzc3e5B2aUKKEJUx1Hjrx3xc16wmpK1HmM2sLiNIweMaJlJ9frDis7-2BK565mLw-3D HTTP/1.1Host: u44056869.ct.sendgrid.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usa/FormLoader/FormLoader.bundle.js HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://assets-usa.mkt.dynamics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/plainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usa/FormLoader/public/locales/en-us/translation.json HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://assets-usa.mkt.dynamics.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://assets-usa.mkt.dynamics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /usa/FormLoader/public/locales/en-us/translation.json HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/images/1cf4ecdd-c500-ef11-a1fd-7c1e521c0288?ts=638494003333783206 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/images/1cf4ecdd-c500-ef11-a1fd-7c1e521c0288?ts=638494003333783206 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpageforms/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288/visits HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /O5u7Gw/ HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpageforms/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288 HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879066af2d254527 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/O5u7Gw/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkJwS0o3dW9oY040VFdqODZlRjhYcHc9PSIsInZhbHVlIjoiMmFUMkVlZGRsdk9kQnFQTW1vQ3VMcnc1WHUxU1RrZ3JBMUFpS1BWdXUwYlZ6K3oxZ1dIUTNTZFNJZWc3ODJ0THJ5OGJIS1E4Z2tGNmRLNS93NmFuWkFLSElKTk40Q1BmaWNRQjVQdHdhZ21PcndJOVVodTM2STlNMDIremJFK3UiLCJtYWMiOiIxNTk1YTExOTc0MGE2ZTcxZDc1Y2IxNTc3OWJjNzMxN2U4N2IyMzI5MWVkYmExMGRmMzBlMzg2NTkyYmYzYzc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlVbDN3REQyYW9zNmczQ0pqRFlIcUE9PSIsInZhbHVlIjoiUnY2eXBxNU9LUVU5OUM0T1lWSllMYlBYT1R5WnhrOEU3c2FCZHNzQjdCeENNN3RiWThjblhSUXFZOHZmSWVwWjZuQ0VPZ0ZQQzd2T3BBamVyTXZLa0h2STlhRHVTelVSMWdwcFBDbTVkY09BUXlIend3T2swNmFtKzU4MWtnOW4iLCJtYWMiOiJkMmYwMGM5MjYzM2ViMDkyMDU0MmZhOTJlMmE0ZTY1YTRlZDQzYzBhZDIxY2M2Mjc2MDhmMGIyMzY5OGQ3MmJmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/693555097:1713899458:awaYsz5cS08XnYE1eWdisJAHNg9uYwgpGaBpyil3TXY/879066af2d254527/783a92b798bfbc6 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879066af2d254527/1713902022571/cfsO0aDF5k_W65H HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879066af2d254527/1713902022571/cfsO0aDF5k_W65H HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879066af2d254527/1713902022573/2c54c2e92cd6a1adf7ce103072c3ed1a2e53daac1a2c103e1868b6da0e2a356b/KqKxEDIwFgWsKX_ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/693555097:1713899458:awaYsz5cS08XnYE1eWdisJAHNg9uYwgpGaBpyil3TXY/879066af2d254527/783a92b798bfbc6 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/693555097:1713899458:awaYsz5cS08XnYE1eWdisJAHNg9uYwgpGaBpyil3TXY/879066af2d254527/783a92b798bfbc6 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /O5u7Gw/ HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://o5u7g.zleu9.com/O5u7Gw/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjlQRlVUNHN6YnhFT3JocldlRXE4bGc9PSIsInZhbHVlIjoiKzlDc3U3V2pkL0pvTTc3QXNPVk1Fd25NdkhSUFQvaFdDU3JNVHppdFhEd3MvM25YbEd6K1pkclRLcGhQODQrVXRWbWwyQ21HanQxVTF0SEc1b3dsVHZtQkpwVlBtNVdOeURmcDhMaXNlanVpNWttaTV6R2lHdHFjbk1Rd0w3MXQiLCJtYWMiOiIzZjQwOGQ3MThiZDMyMGEyOWE5NjhkNTk2OGZmOGFhMjgzYTVhMTQyZTcwNzgzMDc4YWY4NmU3MDI5YTE0YjIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IisrSXY5Nkx6TTVreW1qQm1sTER6Z2c9PSIsInZhbHVlIjoieFphRkdyOU9kZS90cHhTZEV3YVRBc0pFeGtKUHNPekFyM05DaTI0Q3piQzZSTk40U01vMkNRRGxGODczYU1VZWVtNmlhamhSSncvcTdCcVo5TU5nSVZ5OGVPSVFuMTBxc0ZHN0k1V0hNMHNmcngydm1Nb21RcjNYaHdkcE1sWTEiLCJtYWMiOiIzOTY1ZTM2YzJjZjRjYWRjMzcxOTc1NmUzYjYxMWVlZTNmNDY5NzAyMGRhNGMxOTAyNWExY2RiMWRiZmMxOTRiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /hwQyLxyNOyWBlYH9r31Ztr HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjlQRlVUNHN6YnhFT3JocldlRXE4bGc9PSIsInZhbHVlIjoiKzlDc3U3V2pkL0pvTTc3QXNPVk1Fd25NdkhSUFQvaFdDU3JNVHppdFhEd3MvM25YbEd6K1pkclRLcGhQODQrVXRWbWwyQ21HanQxVTF0SEc1b3dsVHZtQkpwVlBtNVdOeURmcDhMaXNlanVpNWttaTV6R2lHdHFjbk1Rd0w3MXQiLCJtYWMiOiIzZjQwOGQ3MThiZDMyMGEyOWE5NjhkNTk2OGZmOGFhMjgzYTVhMTQyZTcwNzgzMDc4YWY4NmU3MDI5YTE0YjIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IisrSXY5Nkx6TTVreW1qQm1sTER6Z2c9PSIsInZhbHVlIjoieFphRkdyOU9kZS90cHhTZEV3YVRBc0pFeGtKUHNPekFyM05DaTI0Q3piQzZSTk40U01vMkNRRGxGODczYU1VZWVtNmlhamhSSncvcTdCcVo5TU5nSVZ5OGVPSVFuMTBxc0ZHN0k1V0hNMHNmcngydm1Nb21RcjNYaHdkcE1sWTEiLCJtYWMiOiIzOTY1ZTM2YzJjZjRjYWRjMzcxOTc1NmUzYjYxMWVlZTNmNDY5NzAyMGRhNGMxOTAyNWExY2RiMWRiZmMxOTRiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /O5u7Gw/?Z HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://o5u7g.zleu9.com/O5u7Gw/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkNhZUNlOU01cC9wUFk1Z0ExK1pyMVE9PSIsInZhbHVlIjoiVUIwZ1Y5bkJ3QWZLWmpHa1hhK29UZmFCQ2pEazd0cmpQUGFaTlN6ZzV5Q2pCU3B4WkErZGw4bUkrdHZJU1hOdzBzUmI4eUg2ZkxKVFljTzliTDJkKzJvMWQvak9pQ2VTN21KK3BGZ21leGMvMHEzZ09tY1NvZ2RpV0JVc0pUTmoiLCJtYWMiOiJjZjRjZDAzNGViNTZiMjIwZDk4OTBhOGU2MzljNGQ5YWZiYjkzMWRkOWQ4ZTE4NmU5MjBjOTkwYTY4ZmJjOGY2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkhEdmt1ZDJGbDhyeEs2bWdNK0FNcHc9PSIsInZhbHVlIjoid3JTVnQ0RFBTeWk1SG1veUVuais4amFCc1ZHWjZydTJNS3ZpWFNLZWUzakpQd2gxUEczTlBUMERkbThmMzZrVzRHK2crVjEzWjdLSTRYN2pleFdZZ3pqQjhGR1E1Q05LSDhrQmwvUlF6RTNSMHNTMUdiR2xxTGlqOGlqUElFbHgiLCJtYWMiOiJmMjI1NWRlNmY2OWM0NGYzNjc0YTlhZjBhOGRkZWZlODI0NTRmZjEzYjFjMjZlNDJlNzIyMTQwYzNlM2VkYmI1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://o5u7g.zleu9.com/O5u7Gw/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkNwc2pyOTFSNCtVU0QwemNubFV0U1E9PSIsInZhbHVlIjoiUE1CQmNLeUZlVkgxeGFiV2QvNXVDT3hkMlY2YVF3QThnZ0lvRkM1MHpXU3B0ZFVseWh0RTJYWUVtekFXTFZDTGJyeTZJTUltS2JCd0FZcWIxcFk1WWJza280ZnMrTkZmVmtHRVBRUWtDb1NuSlBsUHI5RDlYT3p0RVRlU2huMkMiLCJtYWMiOiIzZDc4NDMxMjZiMTZkNDhlY2Q4M2Y0YTFmMDQ3ODEzNmZjNDljOTdiMWNhZjNhYzk5MjMxYTFhNDFjOWM3OWRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlpRcFh1OE9tQjVvZDdTMDFxQ3lzb2c9PSIsInZhbHVlIjoiM2JjRSt0dDlXOERYVmlzRG5Zb0F6a0Z2dGg2c0NNK3RvbEpYRk9BUEY5bFR6ZE1nTm9UYUtKNVc2d1czamVXT1lOODArb05TaGlaQlFIL2hMZjRNNUxPMnRrSFRJVG1uakY2bHhKSkYwRFZTMFdjS2JQR0hHY1VCR3ZXWTJyT0oiLCJtYWMiOiJkNjYwNzZlZTRlODQzNWU2MDJkOWU4OWEwOWU3ODk2NWY3MTk1Yzc0YTQ3MTMxMGFkMTQyYzc0MjAwMzdkNGE1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56AdOYKMMLgoJxyRlCwu18915 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /xyt4uiudpq34gh30 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pqEwuigvKgPpV6LFzQ34GsmKuv38 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12K3yC85Zl4Gjr78g8Ljxqr50 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /90LHee5UjNMUuFaF7C23ZIhMnMnuv58 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /45lqabaypR8xixiJ6pi09abYdPVRJTWCXvw70 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /90HTVtl1EQGeUVQ777gjOfGgcdMHIfEQyz73 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efhiWlN0k9o3QYTD34NIiKf6YeHKyzkl100 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3DSec-WebSocket-Key: rHvup9pBUQdAXXImR6dzBw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /3409ErMmbVIWH6V2dQUQwijgLL2yQXIIAO89104 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ij787GshcitfnBJkhf2ihQV2StNO4oyDfl89XPW2QQSs69EwDwN3LQe5cHhw1YAvJ7Xmab223 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnl2tHQ07yj2qZbGoQPLc2rws7XKCbM9CrmJtCNM7qbSB856rqfsEpXq5H383Fjyek8KV2n6SNuv220 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvReLdUstUtCbWsqopShVHLQdjK9um4BlP12130 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opPltSeSUXK9DHBf9DPq9LBD1mnqke1dpQ2aQUfvH45131 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ij787GshcitfnBJkhf2ihQV2StNO4oyDfl89XPW2QQSs69EwDwN3LQe5cHhw1YAvJ7Xmab223 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ioA9WkaHpGHbSxWyGOmyjZ4CeUqai9zYvvo9IvKLdFjDvXel HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnl2tHQ07yj2qZbGoQPLc2rws7XKCbM9CrmJtCNM7qbSB856rqfsEpXq5H383Fjyek8KV2n6SNuv220 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mndHSfQb7XvbrLZM9aX9ijbdgEYSAxo5cJl78150 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klOBAXKkM7zxA0PBXtuGSU6IpHSSzXjjkyJZcdNfRjNwpgHUKsNeFPOpTVPLe578167 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxU2EPAQmKCucHi94Nct3opto7kIWmKk6EPt8vWRE90180 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /rsPK886pjR4MWSVO0Uifxwl7OmK6HMvCpponbOALuvbCTlXpqF0r1n0CK0ef200 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvReLdUstUtCbWsqopShVHLQdjK9um4BlP12130 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghKeukEOXpk08d7sqAz7M1lBesvLMPeWkhZORrTevmnvovqEHrlQNU4MGnNhzR0tmqV912202 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opPltSeSUXK9DHBf9DPq9LBD1mnqke1dpQ2aQUfvH45131 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /oprLHzrLMng80jZ02qEKLjc5gebwyGRZI3hfJd0cfOTOSMcWKHstAxOa6DJMyy9rR893W0bISCPqBNcd237 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uv6N4AFPttA1rsB4OrhISLW7u68mn9vUiv3nGs2KGxWywnndfrLnMDhNBKWNovufref260 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mndHSfQb7XvbrLZM9aX9ijbdgEYSAxo5cJl78150 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klOBAXKkM7zxA0PBXtuGSU6IpHSSzXjjkyJZcdNfRjNwpgHUKsNeFPOpTVPLe578167 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxU2EPAQmKCucHi94Nct3opto7kIWmKk6EPt8vWRE90180 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /rsPK886pjR4MWSVO0Uifxwl7OmK6HMvCpponbOALuvbCTlXpqF0r1n0CK0ef200 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghKeukEOXpk08d7sqAz7M1lBesvLMPeWkhZORrTevmnvovqEHrlQNU4MGnNhzR0tmqV912202 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /oprLHzrLMng80jZ02qEKLjc5gebwyGRZI3hfJd0cfOTOSMcWKHstAxOa6DJMyy9rR893W0bISCPqBNcd237 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uv6N4AFPttA1rsB4OrhISLW7u68mn9vUiv3nGs2KGxWywnndfrLnMDhNBKWNovufref260 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: a7QOHEJpPh5pHVWluHZ54A==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: sIEii/csLMqpx0gA7z7n3A==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: TVVeDAGLEyldFZxAWAziaw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: mMst3Bzbq9lleYoOa3ocBg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: eZi7OBO+iyttvSE0/F0zDg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: unknown

DNS traffic detected: queries for: u44056869.ct.sendgrid.net

Source: unknown

HTTP traffic detected: POST /api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpageforms/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288/visits HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveContent-Length: 153sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonContent-Type: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://assets-usa.mkt.dynamics.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 19:53:22 GMTContent-Type: text/htmlContent-Length: 548Connection: closeStrict-Transport-Security: max-age=2592000; preloadx-azure-ref: 20240423T195322Z-16f56cb894ff7nzt0vygeuawx8000000018g00000000gvvqx-fd-int-roxy-purgeid: 69077000X-Cache: TCP_MISS
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Tue, 23 Apr 2024 19:53:24 GMTContent-Length: 0Connection: closex-ms-trace-id: 16a973ba10837465f1b2d0a16aa27262Strict-Transport-Security: max-age=2592000; preload
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 19:53:42 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HuGAIXqQUHUwoTYEVZ%2FLXVAHfKcrKLZho2oWL0hdPyB1xFXQKec8fDnsXSoBen%2FANSad0as%2Be%2FJL41ZAJLMLZek3%2FbwBkF45GMNcZomG6tN9WvynUFWaQKraFvhQ3A%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: HITAge: 284Server: cloudflareCF-RAY: 879066b659d5138b-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 19:54:05 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aAQBgCXr2ciYWWLO%2BKMYF%2FzADHFbp%2FPmWWOO%2F5FoyHQZTpxR3tugX7jNwxxVqC61Inhpmx%2FBoCwR1IZFHc64BJjMfEcFxQp9z3lWEWvvLN3s9fuieNNVA8qbx9RQYA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 879067491afa6745-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 19:54:09 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bncf2I3IsdN2ZPcdTXyH%2FPuL0lXg3sDyyVoz5dsfdtlq8ucXsQYBcZ8nWgbesNgeJBV28bstElE%2BlFtlfI9kBm62mb4dofYyCF6QVb6HuaLj%2F6xUpCrej8%2Fd6%2FvtWA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 8790675fcadc7bd5-ATL

Source: chromecache_126.2.dr, chromecache_122.2.dr, chromecache_101.2.dr	String found in binary or memory: https://O5u7G.zleu9.com/O5u7Gw/
Source: chromecache_120.2.dr	String found in binary or memory: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/forms/845fbd3
Source: chromecache_126.2.dr, chromecache_122.2.dr, chromecache_101.2.dr	String found in binary or memory: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/images/1cf4ec
Source: chromecache_119.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_119.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_120.2.dr	String found in binary or memory: https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/usa/FormLoader/FormLoader.bundle.js
Source: chromecache_119.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_119.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_119.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_119.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_120.2.dr	String found in binary or memory: https://public-usa.mkt.dynamics.com/api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpagefo
Source: chromecache_119.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_119.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_119.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_119.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_119.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_119.2.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_115.2.dr, chromecache_119.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_119.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__.
Source: chromecache_115.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49720 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@21/95@32/14

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1900,i,322101976962123545,3161144122731674671,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u44056869.ct.sendgrid.net/ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmtiLhfYkhEkgve628OiJsccHyeYc3lkmkn6epsOmmj4-2Fi-2BWjxfm73m7vUzCOGnDWnQJBmmd6DmkDcfIw-3D-3DlLb9_7VBE-2BPKrWdDFE8TeQU0FNoYmRNt3BbsAfHCQfpyMVcUv91cWM1GbR6tMnpfVZqwoeCii1Z-2FHB6Wp4CGi-2FJ4Nq2flvhbRyRKwbWUqyssDslf87wBQZbBQ0EZsTXlvzjuj1ZnarL4QCJJlvUup-2FiM-2F9GPG6X3nhhKKp6sQ0v-2BBs5Jrrpzc3e5B2aUKKEJUx1Hjrx3xc16wmpK1HmM2sLiNIweMaJlJ9frDis7-2BK565mLw-3D"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1900,i,322101976962123545,3161144122731674671,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.246.41	part-0013.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
167.89.123.16	u44056869.ct.sendgrid.net	United States	11377	SENDGRIDUS	false
172.253.124.99	unknown	United States	15169	GOOGLEUS	false
99.84.108.67	d2vgu95hoyrpkh.cloudfront.net	United States	16509	AMAZON-02US	false
52.146.76.30	prdia888eus0aks.mkt.dynamics.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.17.3.184	unknown	United States	13335	CLOUDFLARENETUS	false
172.67.143.205	o5u7g.zleu9.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
13.107.213.41	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
74.125.136.103	www.google.com	United States	15169	GOOGLEUS	false
151.101.194.137	code.jquery.com	United States	54113	FASTLYUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.17.2.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.5

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.214.172	true
part-0013.t-0009.t-msedge.net	13.107.246.41	true
a.nel.cloudflare.com	35.190.80.1	true
code.jquery.com	151.101.194.137	true
d2vgu95hoyrpkh.cloudfront.net	99.84.108.67	true
challenges.cloudflare.com	104.17.2.184	true
www.google.com	74.125.136.103	true
prdia888eus0aks.mkt.dynamics.com	52.146.76.30	true
o5u7g.zleu9.com	172.67.143.205	true
u44056869.ct.sendgrid.net	167.89.123.16	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
public-usa.mkt.dynamics.com	unknown	unknown
assets-usa.mkt.dynamics.com	unknown	unknown
cdn.socket.io	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normal	false		high
https://code.jquery.com/jquery-3.6.0.min.js	false		high
https://o5u7g.zleu9.com/wxU2EPAQmKCucHi94Nct3opto7kIWmKk6EPt8vWRE90180	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879066af2d254527/1713902022573/2c54c2e92cd6a1adf7ce103072c3ed1a2e53daac1a2c103e1868b6da0e2a356b/KqKxEDIwFgWsKX_	false		high
https://o5u7g.zleu9.com/ioA9WkaHpGHbSxWyGOmyjZ4CeUqai9zYvvo9IvKLdFjDvXel	false	Avira URL Cloud: safe	unknown
https://assets-usa.mkt.dynamics.com/favicon.ico	false		high
https://o5u7g.zleu9.com/efhiWlN0k9o3QYTD34NIiKf6YeHKyzkl100	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM#	true		unknown
https://o5u7g.zleu9.com/mndHSfQb7XvbrLZM9aX9ijbdgEYSAxo5cJl78150	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/45lqabaypR8xixiJ6pi09abYdPVRJTWCXvw70	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/O5u7Gw/	true		unknown
https://a.nel.cloudflare.com/report/v4?s=Y7V3%2Fn6U%2F5sNHmUZQd93nQsa0GOvwG2%2FnqGaIIa3ZNHQALwgfFQn6mtTnUbnh%2FBXtTQtKsu87S%2BaRDTq9bT4tnQtuKBX8wJwnMeo9eLg6qB%2BCQn5lwebysOUTfRuAA%3D%3D	false		high
https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/images/1cf4ecdd-c500-ef11-a1fd-7c1e521c0288?ts=638494003333783206	false		high
https://a.nel.cloudflare.com/report/v4?s=HuGAIXqQUHUwoTYEVZ%2FLXVAHfKcrKLZho2oWL0hdPyB1xFXQKec8fDnsXSoBen%2FANSad0as%2Be%2FJL41ZAJLMLZek3%2FbwBkF45GMNcZomG6tN9WvynUFWaQKraFvhQ3A%3D%3D	false		high
https://www.google.com/recaptcha/api.js	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false		high
https://o5u7g.zleu9.com/klOBAXKkM7zxA0PBXtuGSU6IpHSSzXjjkyJZcdNfRjNwpgHUKsNeFPOpTVPLe578167	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/56AdOYKMMLgoJxyRlCwu18915	false	Avira URL Cloud: safe	unknown
https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288	false		high
https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/693555097:1713899458:awaYsz5cS08XnYE1eWdisJAHNg9uYwgpGaBpyil3TXY/879066af2d254527/783a92b798bfbc6	false		high
https://o5u7g.zleu9.com/uv6N4AFPttA1rsB4OrhISLW7u68mn9vUiv3nGs2KGxWywnndfrLnMDhNBKWNovufref260	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879066af2d254527/1713902022571/cfsO0aDF5k_W65H	false		high
https://o5u7g.zleu9.com/opPltSeSUXK9DHBf9DPq9LBD1mnqke1dpQ2aQUfvH45131	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://u44056869.ct.sendgrid.net/ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmtiLhfYkhEkgve628OiJsccHyeYc3lkmkn6epsOmmj4-2Fi-2BWjxfm73m7vUzCOGnDWnQJBmmd6DmkDcfIw-3D-3DlLb9_7VBE-2BPKrWdDFE8TeQU0FNoYmRNt3BbsAfHCQfpyMVcUv91cWM1GbR6tMnpfVZqwoeCii1Z-2FHB6Wp4CGi-2FJ4Nq2flvhbRyRKwbWUqyssDslf87wBQZbBQ0EZsTXlvzjuj1ZnarL4QCJJlvUup-2FiM-2F9GPG6X3nhhKKp6sQ0v-2BBs5Jrrpzc3e5B2aUKKEJUx1Hjrx3xc16wmpK1HmM2sLiNIweMaJlJ9frDis7-2BK565mLw-3D	false		high
https://o5u7g.zleu9.com/oprLHzrLMng80jZ02qEKLjc5gebwyGRZI3hfJd0cfOTOSMcWKHstAxOa6DJMyy9rR893W0bISCPqBNcd237	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879066af2d254527	false		high
https://o5u7g.zleu9.com/90LHee5UjNMUuFaF7C23ZIhMnMnuv58	false	Avira URL Cloud: safe	unknown
https://cdn.socket.io/4.6.0/socket.io.min.js	false		high
https://o5u7g.zleu9.com/uvReLdUstUtCbWsqopShVHLQdjK9um4BlP12130	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM	true		unknown
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpageforms/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288	false		high
https://o5u7g.zleu9.com/pqEwuigvKgPpV6LFzQ34GsmKuv38	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/12K3yC85Zl4Gjr78g8Ljxqr50	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/hwQyLxyNOyWBlYH9r31Ztr	false	Avira URL Cloud: safe	unknown
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpageforms/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288/visits	false		high
https://o5u7g.zleu9.com/90HTVtl1EQGeUVQ777gjOfGgcdMHIfEQyz73	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/O5u7Gw/?Z	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/mnl2tHQ07yj2qZbGoQPLc2rws7XKCbM9CrmJtCNM7qbSB856rqfsEpXq5H383Fjyek8KV2n6SNuv220	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/3409ErMmbVIWH6V2dQUQwijgLL2yQXIIAO89104	false	Avira URL Cloud: safe	unknown
https://o5u7g.zleu9.com/xyt4uiudpq34gh30	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:53:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	4568074A3C1D275F33B9626FA2018E04	2B458E4DE23B17F47F6C818582B4850BA7517C1C	210B14793B2BFA33C2C5CD3DF3159AFE4B568EBD3006541965E63C01D39E0A39
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:53:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	285DB19934D188643B744FD8CE9448D9	323F63CF98EDFA3D72C4254E2B1B2434B6B44A76	503E139A7A89ECD0B12B4651B7F314FF1F58D34DED72A8B30A51B6DE31FF212A
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	5B0FDB129B3D2508A077C85C76F59A7A	7BE640514D106ED4DB0F560DF3002E3D10AA1C00	59405F5D6775C772930B5A613FDD560F244961C3B6DFCB7032A960DAD888320E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:53:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	E679696A3C62F7DF13455CCBB02FA5C9	1757C214CF37B89F55879374B046F9519E967DBD	8D4ECC816BD9FF0BC8607E6EEC01700E267BC269364AB9BC88F46FE8807AF3CC
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:53:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	B003FDB8083DC6C740277AE67D405BA9	2679AA50D636DBD736B45511DDC5E303C9FCCC1B	6059635BDBEE7BEA7F0F40C06CE7FE2D268A5CA50C2E89628CE7F8C7906C7EF4
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:53:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	D8F8F8CD566F4CBFB562306330D95E02	39D7D43CF221D42B2D2433E45317EE1DDA1B0CB9	F269F1D01CE4A5F381B281AFEB95ACCE782323180710BB48107906478717E8B1
Chrome Cache Entry: 100	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 101	HTML document, ASCII text, with very long lines (1048)	AFE596D22E03E70224D688182A7BAD30	17182642B506F044830CA2D757C0D65F9487B99D	B974B1D98F710416C1561362ADA61FF80672B9CF6BCBF0BB4F35D0C34D037284
Chrome Cache Entry: 102	ASCII text, with very long lines (1437), with CRLF line terminators	FBE2FCF4596B299453C91B7231BA7427	743291EE60A551E043529AFDC9E3FBE72D70E776	2DE22B4CDEDCBEB9CD5F63EA7A0DF8F77D0EF9086D200B052BFA9EE949DEED40
Chrome Cache Entry: 103	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 104	ASCII text, with very long lines (42414)	F94A2211CE789A95A7C67E8C660D63E8	F1FC19B6BCB96D0A905BF3192AAFF0885FF9F36F	926DC3302F99EC05E4206E965DDEB7250F5910A8C38E82C7BEAFB724BBAAF37B
Chrome Cache Entry: 105	ASCII text, with very long lines (23398), with no line terminators	C1C51D30D5E7094136F2D828349E520F	10AE8971AD7A8798BC9732707FE4896B57541557	0C55057782E3B346C2B819574BFA916852BC8AC5BB4E01D56E8FBFFC22043C98
Chrome Cache Entry: 106	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 107	Web Open Font Format, TrueType, length 36696, version 1.0	A69E9AB8AFDD7486EC0749C551051FF2	C34E6AA327B536FB48D1FE03577A47C7EE2231B8	FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
Chrome Cache Entry: 108	HTML document, ASCII text, with CRLF line terminators	370E16C3B7DBA286CFF055F93B9A94D8	65F3537C3C798F7DA146C55AEF536F7B5D0CB943	D465172175D35D493FB1633E237700022BD849FA123164790B168B8318ACB090
Chrome Cache Entry: 109	JSON data	DBAC2EBFBE18E8C7CF3830AF4C420E77	78ADD1C663DD8B4AD6BBF89E48376015EA08A85A	491377DB69C365D489C88BD4AC641D341B52E6A70B034390A5FC3D161268BCA5
Chrome Cache Entry: 110	PNG image data, 1174 x 1108, 8-bit/color RGBA, non-interlaced	FECB0411A485ED218C2BF65240C02CD0	B872806B3ADDB4D237A2C9CE7E45B7945255FE68	E5EA17671E0209051C3AF5F62EE1C72867909650FA85563FD663F2BF90E36422
Chrome Cache Entry: 111	Web Open Font Format (Version 2), TrueType, length 28000, version 1.66	A4BCA6C95FED0D0C5CC46CF07710DCEC	73B56E33B82B42921DB8702A33EFD0F2B2EC9794	5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
Chrome Cache Entry: 112	Web Open Font Format (Version 2), TrueType, length 43596, version 1.0	2A05E9E5572ABC320B2B7EA38A70DCC1	D5FA2A856D5632C2469E42436159375117EF3C35	3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
Chrome Cache Entry: 113	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 114	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 115	ASCII text, with very long lines (1222), with no line terminators	E9AD011280352C75C6F9CF212C42AACD	05A41AC3A9E296E1D9E6251E6908EABFE9697D04	B5E1FFD95251B13685BD867DFB1759CEB8DE9E5FB874E052C856022B29DDA862
Chrome Cache Entry: 116	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 117	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 118	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 119	ASCII text, with very long lines (597)	8326C23D6B3EED35BC3E62F3294587FD	EDDA17E74E53E85073E5EAC9CB6BE2163DBFA23C	57F03D3BA66117EDC152646341120DD3A1D7D71B9A98A3723AF5A8AE61BCB3AB
Chrome Cache Entry: 120	HTML document, ASCII text	6526D644C0CA6D00CD44CB3AB2335DAB	7D979A1A6BEE5C11F55B84392DC7A66CD3B45AB7	1B2F76CED97CD453A4F89F1EEC780A7E799AADFCFC58D414ABCA0CB74C14769A
Chrome Cache Entry: 121	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 122	HTML document, ASCII text, with very long lines (1048)	AFE596D22E03E70224D688182A7BAD30	17182642B506F044830CA2D757C0D65F9487B99D	B974B1D98F710416C1561362ADA61FF80672B9CF6BCBF0BB4F35D0C34D037284
Chrome Cache Entry: 123	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 124	HTML document, ASCII text, with very long lines (59377), with CRLF line terminators	E7C184756C4C03CAE740F281A9D52590	884BD08BA52B0AF48EC0DDAF50DA069061F970AF	D2F71E33E9E5F89ED23ED3EA4415F66E3C16DC46B8646B1DFF618FE25C2A623E
Chrome Cache Entry: 125	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 126	HTML document, ASCII text, with very long lines (1048)	AFE596D22E03E70224D688182A7BAD30	17182642B506F044830CA2D757C0D65F9487B99D	B974B1D98F710416C1561362ADA61FF80672B9CF6BCBF0BB4F35D0C34D037284
Chrome Cache Entry: 127	ASCII text, with very long lines (65461)	FDC2BE4EB54FF521EB5F6CA57AEDAE03	580FEFB1274BB5A21E34DC206D3F042512CA2EDC	36C366BC39F4B2EB17CC2EAC87B9B94199CB4DFC0FF9F3D8A2F4C2EADE1BB9C3
Chrome Cache Entry: 128	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 129	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators	78A5500114640D663460BCBB33E694EB	C72B1B93C8BC2DDBD77BA3C042A8ED415B6B8E26	E97FE9DB7CA567DA1F9F5A3B87B669146ADDF1983392C32FDA68C4D667A3CA22
Chrome Cache Entry: 130	SVG Scalable Vector Graphics image	59759B80E24A89C8CD029B14700E646D	651B1921C99E143D3C242DE3FAACFB9AD51DBB53	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
Chrome Cache Entry: 131	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 132	ASCII text, with no line terminators	55D6D0CAE462E2BC690BC8AF45985B15	0AD644096680FB01BFD9AF1CFE5F6E68911EA01F	2E5AE61757DB10E0E3770407B68ADE329068C840070A02F119C9EBE296194043
Chrome Cache Entry: 133	ASCII text, with very long lines (45667)	80F5B8C6A9EEAC15DE93E5A112036A06	F7174635137D37581B11937FC90E9CB325077BCE	0401DE33701F1CAD16ECF952899D23990B6437D0A5B7335524EDF6BDFB932542
Chrome Cache Entry: 134	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 135	PNG image data, 32 x 67, 8-bit/color RGB, non-interlaced	2D62D8189B96AE78224A20B693D7F47C	F0C1337516535585F5A8A2D0D1D2CE6B0F195E36	C30442E76A1BE53FD49550F6D63B163E5F516D2473DE1C3CE23F21078284878A
Chrome Cache Entry: 136	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 137	HTML document, ASCII text, with very long lines (1445), with CRLF line terminators	C734C3848F6F4A500BC3FE96768358FD	7AF426B89ECA05F6E464BE06659433712EDCA3BE	8669BB098962AF19D6EE8E08EC0FA39852527E64B4AD2383D462B51C3109BDC6
Chrome Cache Entry: 138	SVG Scalable Vector Graphics image	59759B80E24A89C8CD029B14700E646D	651B1921C99E143D3C242DE3FAACFB9AD51DBB53	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
Chrome Cache Entry: 139	PNG image data, 1174 x 1108, 8-bit/color RGBA, non-interlaced	FECB0411A485ED218C2BF65240C02CD0	B872806B3ADDB4D237A2C9CE7E45B7945255FE68	E5EA17671E0209051C3AF5F62EE1C72867909650FA85563FD663F2BF90E36422
Chrome Cache Entry: 140	PNG image data, 32 x 67, 8-bit/color RGB, non-interlaced	2D62D8189B96AE78224A20B693D7F47C	F0C1337516535585F5A8A2D0D1D2CE6B0F195E36	C30442E76A1BE53FD49550F6D63B163E5F516D2473DE1C3CE23F21078284878A
Chrome Cache Entry: 141	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 89	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 90	Web Open Font Format (Version 2), TrueType, length 28584, version 1.66	17081510F3A6F2F619EC8C6F244523C7	87F34B2A1532C50F2A424C345D03FE028DB35635	2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
Chrome Cache Entry: 91	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 92	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 93	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 94	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 95	Web Open Font Format, TrueType, length 35970, version 1.0	496B7BBDE91C7DC7CF9BBABBB3921DA8	2BD3C406A715AB52DAD84C803C55BF4A6E66A924	AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
Chrome Cache Entry: 96	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 97	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 98	JSON data	DBAC2EBFBE18E8C7CF3830AF4C420E77	78ADD1C663DD8B4AD6BBF89E48376015EA08A85A	491377DB69C365D489C88BD4AC641D341B52E6A70B034390A5FC3D161268BCA5
Chrome Cache Entry: 99	Web Open Font Format (Version 2), TrueType, length 93276, version 1.0	BCD7983EA5AA57C55F6758B4977983CB	EF3A009E205229E07FB0EC8569E669B11C378EF1	6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 3.5.pages.csv, type: HTML
Source: Yara match	File source: 4.6.pages.csv, type: HTML

HTML page contains suspicious base64 encoded javascript

Source: https://o5u7g.zleu9.com/O5u7Gw/

HTTP Parser: Base64 decoded: <script>

Phishing site detected (based on image similarity)

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM	Matcher: Template: microsoft matched
Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM#	Matcher: Template: microsoft matched

HTML body contains low number of good links

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden URLs or javascript code

Source: https://o5u7g.zleu9.com/O5u7Gw/

HTML title does not match URL

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: Title: BgGaKKKcrg does not match URL

Invalid T&C link found

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM	HTTP Parser: Invalid link: Terms of use
Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM	HTTP Parser: Invalid link: Privacy & cookies

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: <input type="password" .../> found

Source: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288	HTTP Parser: No favicon
Source: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288	HTTP Parser: No favicon
Source: https://o5u7g.zleu9.com/O5u7Gw/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normal	HTTP Parser: No favicon
Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM	HTTP Parser: No favicon

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: No <meta name="author".. found

Source: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM

HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49733 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49720 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49733 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmtiLhfYkhEkgve628OiJsccHyeYc3lkmkn6epsOmmj4-2Fi-2BWjxfm73m7vUzCOGnDWnQJBmmd6DmkDcfIw-3D-3DlLb9_7VBE-2BPKrWdDFE8TeQU0FNoYmRNt3BbsAfHCQfpyMVcUv91cWM1GbR6tMnpfVZqwoeCii1Z-2FHB6Wp4CGi-2FJ4Nq2flvhbRyRKwbWUqyssDslf87wBQZbBQ0EZsTXlvzjuj1ZnarL4QCJJlvUup-2FiM-2F9GPG6X3nhhKKp6sQ0v-2BBs5Jrrpzc3e5B2aUKKEJUx1Hjrx3xc16wmpK1HmM2sLiNIweMaJlJ9frDis7-2BK565mLw-3D HTTP/1.1Host: u44056869.ct.sendgrid.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usa/FormLoader/FormLoader.bundle.js HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://assets-usa.mkt.dynamics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/plainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usa/FormLoader/public/locales/en-us/translation.json HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://assets-usa.mkt.dynamics.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://assets-usa.mkt.dynamics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /usa/FormLoader/public/locales/en-us/translation.json HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/images/1cf4ecdd-c500-ef11-a1fd-7c1e521c0288?ts=638494003333783206 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/images/1cf4ecdd-c500-ef11-a1fd-7c1e521c0288?ts=638494003333783206 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpageforms/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288/visits HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /O5u7Gw/ HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpageforms/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288 HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879066af2d254527 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/O5u7Gw/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkJwS0o3dW9oY040VFdqODZlRjhYcHc9PSIsInZhbHVlIjoiMmFUMkVlZGRsdk9kQnFQTW1vQ3VMcnc1WHUxU1RrZ3JBMUFpS1BWdXUwYlZ6K3oxZ1dIUTNTZFNJZWc3ODJ0THJ5OGJIS1E4Z2tGNmRLNS93NmFuWkFLSElKTk40Q1BmaWNRQjVQdHdhZ21PcndJOVVodTM2STlNMDIremJFK3UiLCJtYWMiOiIxNTk1YTExOTc0MGE2ZTcxZDc1Y2IxNTc3OWJjNzMxN2U4N2IyMzI5MWVkYmExMGRmMzBlMzg2NTkyYmYzYzc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlVbDN3REQyYW9zNmczQ0pqRFlIcUE9PSIsInZhbHVlIjoiUnY2eXBxNU9LUVU5OUM0T1lWSllMYlBYT1R5WnhrOEU3c2FCZHNzQjdCeENNN3RiWThjblhSUXFZOHZmSWVwWjZuQ0VPZ0ZQQzd2T3BBamVyTXZLa0h2STlhRHVTelVSMWdwcFBDbTVkY09BUXlIend3T2swNmFtKzU4MWtnOW4iLCJtYWMiOiJkMmYwMGM5MjYzM2ViMDkyMDU0MmZhOTJlMmE0ZTY1YTRlZDQzYzBhZDIxY2M2Mjc2MDhmMGIyMzY5OGQ3MmJmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/693555097:1713899458:awaYsz5cS08XnYE1eWdisJAHNg9uYwgpGaBpyil3TXY/879066af2d254527/783a92b798bfbc6 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879066af2d254527/1713902022571/cfsO0aDF5k_W65H HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879066af2d254527/1713902022571/cfsO0aDF5k_W65H HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879066af2d254527/1713902022573/2c54c2e92cd6a1adf7ce103072c3ed1a2e53daac1a2c103e1868b6da0e2a356b/KqKxEDIwFgWsKX_ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tbxob/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/693555097:1713899458:awaYsz5cS08XnYE1eWdisJAHNg9uYwgpGaBpyil3TXY/879066af2d254527/783a92b798bfbc6 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/693555097:1713899458:awaYsz5cS08XnYE1eWdisJAHNg9uYwgpGaBpyil3TXY/879066af2d254527/783a92b798bfbc6 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /O5u7Gw/ HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://o5u7g.zleu9.com/O5u7Gw/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjlQRlVUNHN6YnhFT3JocldlRXE4bGc9PSIsInZhbHVlIjoiKzlDc3U3V2pkL0pvTTc3QXNPVk1Fd25NdkhSUFQvaFdDU3JNVHppdFhEd3MvM25YbEd6K1pkclRLcGhQODQrVXRWbWwyQ21HanQxVTF0SEc1b3dsVHZtQkpwVlBtNVdOeURmcDhMaXNlanVpNWttaTV6R2lHdHFjbk1Rd0w3MXQiLCJtYWMiOiIzZjQwOGQ3MThiZDMyMGEyOWE5NjhkNTk2OGZmOGFhMjgzYTVhMTQyZTcwNzgzMDc4YWY4NmU3MDI5YTE0YjIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IisrSXY5Nkx6TTVreW1qQm1sTER6Z2c9PSIsInZhbHVlIjoieFphRkdyOU9kZS90cHhTZEV3YVRBc0pFeGtKUHNPekFyM05DaTI0Q3piQzZSTk40U01vMkNRRGxGODczYU1VZWVtNmlhamhSSncvcTdCcVo5TU5nSVZ5OGVPSVFuMTBxc0ZHN0k1V0hNMHNmcngydm1Nb21RcjNYaHdkcE1sWTEiLCJtYWMiOiIzOTY1ZTM2YzJjZjRjYWRjMzcxOTc1NmUzYjYxMWVlZTNmNDY5NzAyMGRhNGMxOTAyNWExY2RiMWRiZmMxOTRiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /hwQyLxyNOyWBlYH9r31Ztr HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjlQRlVUNHN6YnhFT3JocldlRXE4bGc9PSIsInZhbHVlIjoiKzlDc3U3V2pkL0pvTTc3QXNPVk1Fd25NdkhSUFQvaFdDU3JNVHppdFhEd3MvM25YbEd6K1pkclRLcGhQODQrVXRWbWwyQ21HanQxVTF0SEc1b3dsVHZtQkpwVlBtNVdOeURmcDhMaXNlanVpNWttaTV6R2lHdHFjbk1Rd0w3MXQiLCJtYWMiOiIzZjQwOGQ3MThiZDMyMGEyOWE5NjhkNTk2OGZmOGFhMjgzYTVhMTQyZTcwNzgzMDc4YWY4NmU3MDI5YTE0YjIzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IisrSXY5Nkx6TTVreW1qQm1sTER6Z2c9PSIsInZhbHVlIjoieFphRkdyOU9kZS90cHhTZEV3YVRBc0pFeGtKUHNPekFyM05DaTI0Q3piQzZSTk40U01vMkNRRGxGODczYU1VZWVtNmlhamhSSncvcTdCcVo5TU5nSVZ5OGVPSVFuMTBxc0ZHN0k1V0hNMHNmcngydm1Nb21RcjNYaHdkcE1sWTEiLCJtYWMiOiIzOTY1ZTM2YzJjZjRjYWRjMzcxOTc1NmUzYjYxMWVlZTNmNDY5NzAyMGRhNGMxOTAyNWExY2RiMWRiZmMxOTRiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /O5u7Gw/?Z HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://o5u7g.zleu9.com/O5u7Gw/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkNhZUNlOU01cC9wUFk1Z0ExK1pyMVE9PSIsInZhbHVlIjoiVUIwZ1Y5bkJ3QWZLWmpHa1hhK29UZmFCQ2pEazd0cmpQUGFaTlN6ZzV5Q2pCU3B4WkErZGw4bUkrdHZJU1hOdzBzUmI4eUg2ZkxKVFljTzliTDJkKzJvMWQvak9pQ2VTN21KK3BGZ21leGMvMHEzZ09tY1NvZ2RpV0JVc0pUTmoiLCJtYWMiOiJjZjRjZDAzNGViNTZiMjIwZDk4OTBhOGU2MzljNGQ5YWZiYjkzMWRkOWQ4ZTE4NmU5MjBjOTkwYTY4ZmJjOGY2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkhEdmt1ZDJGbDhyeEs2bWdNK0FNcHc9PSIsInZhbHVlIjoid3JTVnQ0RFBTeWk1SG1veUVuais4amFCc1ZHWjZydTJNS3ZpWFNLZWUzakpQd2gxUEczTlBUMERkbThmMzZrVzRHK2crVjEzWjdLSTRYN2pleFdZZ3pqQjhGR1E1Q05LSDhrQmwvUlF6RTNSMHNTMUdiR2xxTGlqOGlqUElFbHgiLCJtYWMiOiJmMjI1NWRlNmY2OWM0NGYzNjc0YTlhZjBhOGRkZWZlODI0NTRmZjEzYjFjMjZlNDJlNzIyMTQwYzNlM2VkYmI1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYM HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://o5u7g.zleu9.com/O5u7Gw/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkNwc2pyOTFSNCtVU0QwemNubFV0U1E9PSIsInZhbHVlIjoiUE1CQmNLeUZlVkgxeGFiV2QvNXVDT3hkMlY2YVF3QThnZ0lvRkM1MHpXU3B0ZFVseWh0RTJYWUVtekFXTFZDTGJyeTZJTUltS2JCd0FZcWIxcFk1WWJza280ZnMrTkZmVmtHRVBRUWtDb1NuSlBsUHI5RDlYT3p0RVRlU2huMkMiLCJtYWMiOiIzZDc4NDMxMjZiMTZkNDhlY2Q4M2Y0YTFmMDQ3ODEzNmZjNDljOTdiMWNhZjNhYzk5MjMxYTFhNDFjOWM3OWRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlpRcFh1OE9tQjVvZDdTMDFxQ3lzb2c9PSIsInZhbHVlIjoiM2JjRSt0dDlXOERYVmlzRG5Zb0F6a0Z2dGg2c0NNK3RvbEpYRk9BUEY5bFR6ZE1nTm9UYUtKNVc2d1czamVXT1lOODArb05TaGlaQlFIL2hMZjRNNUxPMnRrSFRJVG1uakY2bHhKSkYwRFZTMFdjS2JQR0hHY1VCR3ZXWTJyT0oiLCJtYWMiOiJkNjYwNzZlZTRlODQzNWU2MDJkOWU4OWEwOWU3ODk2NWY3MTk1Yzc0YTQ3MTMxMGFkMTQyYzc0MjAwMzdkNGE1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56AdOYKMMLgoJxyRlCwu18915 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /xyt4uiudpq34gh30 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pqEwuigvKgPpV6LFzQ34GsmKuv38 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12K3yC85Zl4Gjr78g8Ljxqr50 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /90LHee5UjNMUuFaF7C23ZIhMnMnuv58 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /45lqabaypR8xixiJ6pi09abYdPVRJTWCXvw70 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /90HTVtl1EQGeUVQ777gjOfGgcdMHIfEQyz73 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efhiWlN0k9o3QYTD34NIiKf6YeHKyzkl100 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://o5u7g.zleu9.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3DSec-WebSocket-Key: rHvup9pBUQdAXXImR6dzBw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /3409ErMmbVIWH6V2dQUQwijgLL2yQXIIAO89104 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ij787GshcitfnBJkhf2ihQV2StNO4oyDfl89XPW2QQSs69EwDwN3LQe5cHhw1YAvJ7Xmab223 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnl2tHQ07yj2qZbGoQPLc2rws7XKCbM9CrmJtCNM7qbSB856rqfsEpXq5H383Fjyek8KV2n6SNuv220 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvReLdUstUtCbWsqopShVHLQdjK9um4BlP12130 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opPltSeSUXK9DHBf9DPq9LBD1mnqke1dpQ2aQUfvH45131 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBNQ1RsOW5qRm1QaVFuTWZTWWtyVlE9PSIsInZhbHVlIjoiSXlJQ21kQmJ4bzFEaXlMSExneUt0Yk53TEs4S001NTVFa0RKUGF2emNvTGdWQThBbCtQT0dGMUZXcTJuWlBqdFdsYm9aeXpETWVMUjZ5NjZwOXhzSFp2SHMwNWRZSmh4MUIzdW93bGdyK1Q5YzFKVEdXeEdEa3dTRTg1ZXAzb3QiLCJtYWMiOiJmNWFkYjY5ZTRhNDZkOGVhNDZhMjMyZTZkNjY1YjZkM2EwNGQ2NDM0Mzk2Y2Q4ZTc4ZmMzZWI3MjQzMWI3Mjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNsblJUajhYU0tNQW9lZFVDckxQYnc9PSIsInZhbHVlIjoic3dLci9nb1pQWW1vSjRDV3FrcXlrdHRwaUkyeHR4K0FOKzlQS3BvczJuQzBjQ2ZSSXc1czV0MnVVa0hyOTl6a0cyYXVlMUpuTUtpSk9STm5DRDNzdDNlVHNmOWQvQ2txZGNDV3FSbHRHdWhPdTE3Y0NCRnBxaHVwY2EvcmdLcUoiLCJtYWMiOiI5YmZiMGZlZmY2NzBkN2U5ZTY3MDg4YTUxYWY2NmViZTY2NDQ5MmU4ZjQ5M2UyODYxZDljMzcxZTIzYjYzZDcwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ij787GshcitfnBJkhf2ihQV2StNO4oyDfl89XPW2QQSs69EwDwN3LQe5cHhw1YAvJ7Xmab223 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ioA9WkaHpGHbSxWyGOmyjZ4CeUqai9zYvvo9IvKLdFjDvXel HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnl2tHQ07yj2qZbGoQPLc2rws7XKCbM9CrmJtCNM7qbSB856rqfsEpXq5H383Fjyek8KV2n6SNuv220 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mndHSfQb7XvbrLZM9aX9ijbdgEYSAxo5cJl78150 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klOBAXKkM7zxA0PBXtuGSU6IpHSSzXjjkyJZcdNfRjNwpgHUKsNeFPOpTVPLe578167 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxU2EPAQmKCucHi94Nct3opto7kIWmKk6EPt8vWRE90180 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /rsPK886pjR4MWSVO0Uifxwl7OmK6HMvCpponbOALuvbCTlXpqF0r1n0CK0ef200 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvReLdUstUtCbWsqopShVHLQdjK9um4BlP12130 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghKeukEOXpk08d7sqAz7M1lBesvLMPeWkhZORrTevmnvovqEHrlQNU4MGnNhzR0tmqV912202 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opPltSeSUXK9DHBf9DPq9LBD1mnqke1dpQ2aQUfvH45131 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /oprLHzrLMng80jZ02qEKLjc5gebwyGRZI3hfJd0cfOTOSMcWKHstAxOa6DJMyy9rR893W0bISCPqBNcd237 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uv6N4AFPttA1rsB4OrhISLW7u68mn9vUiv3nGs2KGxWywnndfrLnMDhNBKWNovufref260 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o5u7g.zleu9.com/XhaQEKHwmqeXiuCbMVTRVruGRjRPRIDWFUPFICPEYZGBHMWGEVVPPBXVQDKEPFCXWUJ?MCFKKCTFWYSAEFPSCNVZQJIUBPpheTomFVBFOCNFEXHSGGZYDODQKSWFTPNMNKEYPKASTONRVGUROOMDEYMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mndHSfQb7XvbrLZM9aX9ijbdgEYSAxo5cJl78150 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klOBAXKkM7zxA0PBXtuGSU6IpHSSzXjjkyJZcdNfRjNwpgHUKsNeFPOpTVPLe578167 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxU2EPAQmKCucHi94Nct3opto7kIWmKk6EPt8vWRE90180 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /rsPK886pjR4MWSVO0Uifxwl7OmK6HMvCpponbOALuvbCTlXpqF0r1n0CK0ef200 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghKeukEOXpk08d7sqAz7M1lBesvLMPeWkhZORrTevmnvovqEHrlQNU4MGnNhzR0tmqV912202 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /oprLHzrLMng80jZ02qEKLjc5gebwyGRZI3hfJd0cfOTOSMcWKHstAxOa6DJMyy9rR893W0bISCPqBNcd237 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uv6N4AFPttA1rsB4OrhISLW7u68mn9vUiv3nGs2KGxWywnndfrLnMDhNBKWNovufref260 HTTP/1.1Host: o5u7g.zleu9.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: a7QOHEJpPh5pHVWluHZ54A==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: sIEii/csLMqpx0gA7z7n3A==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: TVVeDAGLEyldFZxAWAziaw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: mMst3Bzbq9lleYoOa3ocBg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: o5u7g.zleu9.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://o5u7g.zleu9.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImRFc0YyeHA4T1FiYy8wV2ZWbVZPUVE9PSIsInZhbHVlIjoiclRGeHdnS1lJLzQ0bzFlOVd6eU5nMEt5UXU5VkNZekVKc2tQWjFUc3MwTlpRYitGamVwTUtWenhacjJ5eE5kNU95UVUwSXl6bGE4VTNkc2NKNGYzVHpNWFZqdGNQWWE3aFhkZXVydGpqSjg4TkxNMkNiTTk0L1ZlRzFwUFBTZ2siLCJtYWMiOiIyZDY1Y2Q3NTQyYzVlYzZiOGUwNTVhNmUzYzUxMTcxZmI4Y2E5M2M2YzYyZDc3MTVkYmJlMWI0MDA4MGRlNzY0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZ2bWtPN3pRNHdQY1RNMEJDMDRhYWc9PSIsInZhbHVlIjoiN2plZVJXKzZML3R3L3llTm4zdVFIZ0g1R1FVWGl6alhYN0I3OHNoR2xDd0ZZZU0zNlRlU0RRUHRTVUY5VEhpZW9QcnJQUjdLMC9EWStmNkZDa2JFdWVuZy9Edy80ZGlPbUZteDJlN081WVlRZ1cvLzNaakh2Yi8ybEJNOTN4WDkiLCJtYWMiOiIyYmY3MzgxZTliNzRkM2U2MGQwNTJkODllYTVlMTQ2MzRkYmQ3YWQ2ODE5ZjY1NjQ0NjZlNDc4YTc3MTljZGQ5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: eZi7OBO+iyttvSE0/F0zDg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: unknown

DNS traffic detected: queries for: u44056869.ct.sendgrid.net

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 19:53:22 GMTContent-Type: text/htmlContent-Length: 548Connection: closeStrict-Transport-Security: max-age=2592000; preloadx-azure-ref: 20240423T195322Z-16f56cb894ff7nzt0vygeuawx8000000018g00000000gvvqx-fd-int-roxy-purgeid: 69077000X-Cache: TCP_MISS
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Tue, 23 Apr 2024 19:53:24 GMTContent-Length: 0Connection: closex-ms-trace-id: 16a973ba10837465f1b2d0a16aa27262Strict-Transport-Security: max-age=2592000; preload
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 19:53:42 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HuGAIXqQUHUwoTYEVZ%2FLXVAHfKcrKLZho2oWL0hdPyB1xFXQKec8fDnsXSoBen%2FANSad0as%2Be%2FJL41ZAJLMLZek3%2FbwBkF45GMNcZomG6tN9WvynUFWaQKraFvhQ3A%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: HITAge: 284Server: cloudflareCF-RAY: 879066b659d5138b-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 19:54:05 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aAQBgCXr2ciYWWLO%2BKMYF%2FzADHFbp%2FPmWWOO%2F5FoyHQZTpxR3tugX7jNwxxVqC61Inhpmx%2FBoCwR1IZFHc64BJjMfEcFxQp9z3lWEWvvLN3s9fuieNNVA8qbx9RQYA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 879067491afa6745-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 19:54:09 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bncf2I3IsdN2ZPcdTXyH%2FPuL0lXg3sDyyVoz5dsfdtlq8ucXsQYBcZ8nWgbesNgeJBV28bstElE%2BlFtlfI9kBm62mb4dofYyCF6QVb6HuaLj%2F6xUpCrej8%2Fd6%2FvtWA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 8790675fcadc7bd5-ATL

Source: chromecache_126.2.dr, chromecache_122.2.dr, chromecache_101.2.dr	String found in binary or memory: https://O5u7G.zleu9.com/O5u7Gw/
Source: chromecache_120.2.dr	String found in binary or memory: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/forms/845fbd3
Source: chromecache_126.2.dr, chromecache_122.2.dr, chromecache_101.2.dr	String found in binary or memory: https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/images/1cf4ec
Source: chromecache_119.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_119.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_120.2.dr	String found in binary or memory: https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/usa/FormLoader/FormLoader.bundle.js
Source: chromecache_119.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_119.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_119.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_119.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_120.2.dr	String found in binary or memory: https://public-usa.mkt.dynamics.com/api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpagefo
Source: chromecache_119.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_119.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_119.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_119.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_119.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_119.2.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_115.2.dr, chromecache_119.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_119.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__.
Source: chromecache_115.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49720 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@21/95@32/14

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1900,i,322101976962123545,3161144122731674671,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u44056869.ct.sendgrid.net/ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmtiLhfYkhEkgve628OiJsccHyeYc3lkmkn6epsOmmj4-2Fi-2BWjxfm73m7vUzCOGnDWnQJBmmd6DmkDcfIw-3D-3DlLb9_7VBE-2BPKrWdDFE8TeQU0FNoYmRNt3BbsAfHCQfpyMVcUv91cWM1GbR6tMnpfVZqwoeCii1Z-2FHB6Wp4CGi-2FJ4Nq2flvhbRyRKwbWUqyssDslf87wBQZbBQ0EZsTXlvzjuj1ZnarL4QCJJlvUup-2FiM-2F9GPG6X3nhhKKp6sQ0v-2BBs5Jrrpzc3e5B2aUKKEJUx1Hjrx3xc16wmpK1HmM2sLiNIweMaJlJ9frDis7-2BK565mLw-3D"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1900,i,322101976962123545,3161144122731674671,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1430564
Product:	CloudBasic
Start time:	21:52:19
Start date:	23.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs