Windows Analysis Report
https://itniy4gbb.cc.rs6.net/tn.jsp?f=001DpCT81a7BIE926OduG6KmKkwKebSAbUZq28C52DoY-FfQJyM_2Gq3l18V1j7KWwJQTfGlQ_HSq0vC8xqJqFST9z0CwmpWgUieBjKckdJcSODJ_3vu5MzvaSoOGbGY9SjpWQtg9-aAXm1e6VV91z84Q2_wlyDMR98&c=i37ZFF5Dy2QSFqOfb2TVpr5vkMFqaR6DdoQbIhzcRV7G2oFwX8NEvA==&ch=2ErEiCYnoykaXa1uoD0AgTD1vOpSqc6zh3ef

Overview

General Information

Sample URL: https://itniy4gbb.cc.rs6.net/tn.jsp?f=001DpCT81a7BIE926OduG6KmKkwKebSAbUZq28C52DoY-FfQJyM_2Gq3l18V1j7KWwJQTfGlQ_HSq0vC8xqJqFST9z0CwmpWgUieBjKckdJcSODJ_3vu5MzvaSoOGbGY9SjpWQtg9-aAXm1e6VV91z84Q2_wlyDMR9
Analysis ID: 1431504
Infos:

Detection

HTMLPhisher
Score: 72
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Yara detected HtmlPhish10
Phishing site detected (based on image similarity)
Phishing site detected (based on logo match)
HTML body contains low number of good links
HTML body contains password input but no form action
HTML page contains hidden URLs or javascript code
HTML title does not match URL
HTTP GET or POST without a user agent
Invalid T&C link found
Stores files to the Windows start menu directory

Classification

AV Detection
barindex
Antivirus / Scanner detection for submitted sample
Source: https://itniy4gbb.cc.rs6.net/tn.jsp?f=001DpCT81a7BIE926OduG6KmKkwKebSAbUZq28C52DoY-FfQJyM_2Gq3l18V1j7KWwJQTfGlQ_HSq0vC8xqJqFST9z0CwmpWgUieBjKckdJcSODJ_3vu5MzvaSoOGbGY9SjpWQtg9-aAXm1e6VV91z84Q2_wlyDMR98&c=i37ZFF5Dy2QSFqOfb2TVpr5vkMFqaR6DdoQbIhzcRV7G2oFwX8NEvA==&ch=2ErEiCYnoykaXa1uoD0AgTD1vOpSqc6zh3ef32Gb4XR_ut8_qvmzHA==&c=&ch=&__=/mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw== SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering
Antivirus detection for URL or domain
Source: https://phil.groupavian.com/favicon.ico Avira URL Cloud: Label: phishing

Phishing
barindex
Yara detected HtmlPhish10
Source: Yara match File source: 3.4.pages.csv, type: HTML
Phishing site detected (based on image similarity)
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR Matcher: Found strong image similarity, brand: MICROSOFT
Phishing site detected (based on logo match)
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR Matcher: Template: microsoft matched
HTML body contains low number of good links
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR HTTP Parser: Number of links: 0
HTML body contains password input but no form action
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR HTTP Parser: <input type="password" .../> found but no <form action="...
HTML page contains hidden URLs or javascript code
Source: https://n34j4.erproce.com/ZNj8a/#Dggonzalezsalas@sanitas.es HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <meta http-equiv="X-UA-Compatible" c...
HTML title does not match URL
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR HTTP Parser: Title: VcUmlSiNQx does not match URL
Invalid T&C link found
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR HTTP Parser: Invalid link: Terms of use
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR HTTP Parser: Invalid link: Privacy & cookies
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR HTTP Parser: <input type="password" .../> found
Source: https://n34j4.erproce.com/ZNj8a/#Dggonzalezsalas@sanitas.es HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normal HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normal HTTP Parser: No favicon
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR HTTP Parser: No favicon
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR HTTP Parser: No <meta name="author".. found
Source: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR HTTP Parser: No <meta name="copyright".. found
Source: unknown HTTPS traffic detected: 40.126.7.32:443 -> 192.168.2.17:49729 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49732 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.17:49749 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.17:49786 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.17:49787 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.17:49789 version: TLS 1.2
HTTP GET or POST without a user agent
Source: global traffic HTTP traffic detected: GET /ab HTTP/1.1Host: evoke-windowsservices-tas.msedge.netCache-Control: no-store, no-cacheX-PHOTOS-CALLERID: 9NMPJ99VJBWVX-EVOKE-RING: X-WINNEXT-RING: PublicX-WINNEXT-TELEMETRYLEVEL: BasicX-WINNEXT-OSVERSION: 10.0.19045.0X-WINNEXT-APPVERSION: 1.23082.131.0X-WINNEXT-PLATFORM: DesktopX-WINNEXT-CANTAILOR: FalseX-MSEDGE-CLIENTID: {c1afbad7-f7da-40f2-92f9-8846a91d69bd}X-WINNEXT-PUBDEVICEID: dbfen2nYS7HW6ON4OdOknKxxv2CCI5LJBTojzDztjwI=If-None-Match: 2056388360_-1434155563Accept-Encoding: gzip, deflate, br
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.222.123
Source: unknown TCP traffic detected without corresponding DNS query: 184.30.122.249
Source: unknown TCP traffic detected without corresponding DNS query: 184.30.122.249
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.222.123
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: unknown TCP traffic detected without corresponding DNS query: 40.126.7.32
Source: global traffic HTTP traffic detected: GET /tn.jsp?f=001DpCT81a7BIE926OduG6KmKkwKebSAbUZq28C52DoY-FfQJyM_2Gq3l18V1j7KWwJQTfGlQ_HSq0vC8xqJqFST9z0CwmpWgUieBjKckdJcSODJ_3vu5MzvaSoOGbGY9SjpWQtg9-aAXm1e6VV91z84Q2_wlyDMR98&c=i37ZFF5Dy2QSFqOfb2TVpr5vkMFqaR6DdoQbIhzcRV7G2oFwX8NEvA==&ch=2ErEiCYnoykaXa1uoD0AgTD1vOpSqc6zh3ef32Gb4XR_ut8_qvmzHA==&c=&ch=&__=/mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw== HTTP/1.1Host: itniy4gbb.cc.rs6.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET //mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw== HTTP/1.1Host: phil.groupavian.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: phil.groupavian.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://phil.groupavian.com//mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ZNj8a/ HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://phil.groupavian.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://n34j4.erproce.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://n34j4.erproce.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://n34j4.erproce.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://n34j4.erproce.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879d24de2a915083 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/ZNj8a/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ild2SWNFcGVZN2FXM2huZXFXWWRPWWc9PSIsInZhbHVlIjoibVJOWFhhVUdzeTg0K3F6ZDhoR2dLT2lYaTFLVmxIT3lQeG1wNFczdFJvOVc4VStySkFtSEdQUmRnR0UxQkx3MDQwY0FaSitTR0liYksvbi91NmZzNjRJb1BhWVlZMEx0Nk1NZUlwLzBJZmE4eGVKOFR6c3BSWjZlMmxzcVdqSFoiLCJtYWMiOiIxNzQ5NDllYTIyNWEyNTI1ZjhhZGRhYjc3NWI1OGZiMTFiYTdjZDBlYjhkZTk2YzM3OTVmODZjMzQ3OTU2NWJlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlROS2VsMTFoZ1B0TzBlTzU1blUwNGc9PSIsInZhbHVlIjoib3J1VDR3TGR2OEVVR1JOdmdsazFHSVdUcFZEZzg4c3J2VjNrUkdXSjBDeEFBWlpVNWpuajl4TTVlaUx4VXdtZlNYaDZTd1FjSjUvR1NrZ3M5L3Btc3FkQkEvWFhycTJHRWhmVjRZc250TndoTXBITGlPUi9Lcy83V0F0L2NJMUsiLCJtYWMiOiI4OTg3MDExZjY4N2VlN2U2Njg1Y2MyYzQ3MDU4Yzk4NmU4MWJjNzBmNzFmNzJhOTczZTc5ZTEyZWQ0NzliOTAzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1105556754:1714033711:osjFWx7TQpWmznMrUyZGcWZBMp9QIoTvmH3MrAjIn9Y/879d24de2a915083/87a48736627fe33 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879d24de2a915083/1714035641521/87c31e3198608c0cd83f45520a9ace612bed62f3720df370cd6720e5e1085ff1/xCmJY8c_M25g2Zm HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879d24de2a915083/1714035641521/Xuro9-2i0PAf2DR HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879d24de2a915083/1714035641521/Xuro9-2i0PAf2DR HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1105556754:1714033711:osjFWx7TQpWmznMrUyZGcWZBMp9QIoTvmH3MrAjIn9Y/879d24de2a915083/87a48736627fe33 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1105556754:1714033711:osjFWx7TQpWmznMrUyZGcWZBMp9QIoTvmH3MrAjIn9Y/879d24de2a915083/87a48736627fe33 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ab HTTP/1.1Host: evoke-windowsservices-tas.msedge.netCache-Control: no-store, no-cacheX-PHOTOS-CALLERID: 9NMPJ99VJBWVX-EVOKE-RING: X-WINNEXT-RING: PublicX-WINNEXT-TELEMETRYLEVEL: BasicX-WINNEXT-OSVERSION: 10.0.19045.0X-WINNEXT-APPVERSION: 1.23082.131.0X-WINNEXT-PLATFORM: DesktopX-WINNEXT-CANTAILOR: FalseX-MSEDGE-CLIENTID: {c1afbad7-f7da-40f2-92f9-8846a91d69bd}X-WINNEXT-PUBDEVICEID: dbfen2nYS7HW6ON4OdOknKxxv2CCI5LJBTojzDztjwI=If-None-Match: 2056388360_-1434155563Accept-Encoding: gzip, deflate, br
Source: global traffic HTTP traffic detected: GET /ZNj8a/ HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://n34j4.erproce.com/ZNj8a/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikw0R3RtajN1TFpIOEt2bGdVWlA1QlE9PSIsInZhbHVlIjoiMWpkNVVRR2c5VnliMGF4WmhvMW5ja0J0OCtOQTVSQTNqQU1La3Y5akR3bkh0K25aNm5qbnZNSlhqbGFVL3d4WXNsa1pkY0s3dk9FOFlTK2VMOEhHVGZkU0tBamN2TU5tWVJkelBqTXlpYlROSVpEZzJXM050UmR1Vmw0bEJ1eS8iLCJtYWMiOiIzODgxYWI1MTk3YTIzMjk3ZjE4MTBkNGRlNmEyMjlkYzFmNGQ1N2E4NTE0NGYzYmM1ZDA5NzM3YjA1YWIyMjFkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InY1TW9xd29qU0tycFZCdklMRkk5Z1E9PSIsInZhbHVlIjoiWDYwWUhhMi9HWGFqaW1KeEVOcHpRcWFka1IwbENOZng3dy9CM0orcU1LOVczbCs0Z0NMZlNWVDNTY29CMW95N3B5eVdtQmsrV0Y4K240ODJhUWZhOEJMUXVxQkYrU3h5ZWZuNkpCZHRab1lJVldnVXNEcndXUnowbDlCQUV3UVYiLCJtYWMiOiJkODg3ZjY1ZWYxYjM1NWRmOTQwNzVhMTMxZDAxZmNhYjcyMTg5ZjlhNmJhZDkxMGE2OTBkNjkyZTMzNmM0ZjgxIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /tvKovpkyYa6RDiv8MbJ9xs0XTY6JwFdPUvIMXsxq HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikw0R3RtajN1TFpIOEt2bGdVWlA1QlE9PSIsInZhbHVlIjoiMWpkNVVRR2c5VnliMGF4WmhvMW5ja0J0OCtOQTVSQTNqQU1La3Y5akR3bkh0K25aNm5qbnZNSlhqbGFVL3d4WXNsa1pkY0s3dk9FOFlTK2VMOEhHVGZkU0tBamN2TU5tWVJkelBqTXlpYlROSVpEZzJXM050UmR1Vmw0bEJ1eS8iLCJtYWMiOiIzODgxYWI1MTk3YTIzMjk3ZjE4MTBkNGRlNmEyMjlkYzFmNGQ1N2E4NTE0NGYzYmM1ZDA5NzM3YjA1YWIyMjFkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InY1TW9xd29qU0tycFZCdklMRkk5Z1E9PSIsInZhbHVlIjoiWDYwWUhhMi9HWGFqaW1KeEVOcHpRcWFka1IwbENOZng3dy9CM0orcU1LOVczbCs0Z0NMZlNWVDNTY29CMW95N3B5eVdtQmsrV0Y4K240ODJhUWZhOEJMUXVxQkYrU3h5ZWZuNkpCZHRab1lJVldnVXNEcndXUnowbDlCQUV3UVYiLCJtYWMiOiJkODg3ZjY1ZWYxYjM1NWRmOTQwNzVhMTMxZDAxZmNhYjcyMTg5ZjlhNmJhZDkxMGE2OTBkNjkyZTMzNmM0ZjgxIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /ZNj8a/?FDggonzalezsalas@sanitas.es HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://n34j4.erproce.com/ZNj8a/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZyNVdvSDY3KzJwMlE2cHJwejkxcVE9PSIsInZhbHVlIjoiNlhiQ3FGbmV0QXgyOUdHMWI2MDV2M1AreWdTNEd6bEkrNU53clQzWVV5NitJbDZlNUpMRzJuZG1ON0JoRzNUWW83ajlic3lkVWdJZmtvMVNEUlVZdXhiSjlNQ3RGTW5JaE93TW5GbTZXWGdlTHhqRitreVM1OU5sUjgwY2tnNFIiLCJtYWMiOiJlZDJiODJhZWUxMzRlODYzZjU1YWVjZTA1NGE2NjNkNjFkNWQ4YTAxZjhjYTNiMjQzYjI2OTkxYzBiMjdhNGI1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IldqQVo2MzNxUHVlRnBaS1F3Y3JhQXc9PSIsInZhbHVlIjoid0I1eEJKZllHaytWbFdPL3J5YW4zUVFOS2w0clIrdVB0YVdLUkF0VlBhNkJWSk1HdUQ4RFJSOVZMTS9DZ1h5bkhpWjJLZm1mbytqaVN5VVAvZmJrUkE1YmR2Q2U2dWJ3OGdOcllZdDcyWjYvTzFyamJ0eUxobjlOM2JDY1BOWUgiLCJtYWMiOiJhZDVhMjhjMmMwYWQ5YmU2NGQzZGY0NGE4ODAzYTA2NzgyMjYzYjQ3ZTgzMjJkYTFiMTE5MTY5NTEwMzFmM2VhIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://n34j4.erproce.com/ZNj8a/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjZCWDNSTWVKallHV0FQQmoxY0hRcXc9PSIsInZhbHVlIjoidVZHK1RLbFJTMzZyTStwQzhpRXVGa25kV3BQMWNYY1Mxbyt3dkMyVEN6QzRHNWhydk9NS1ZJaGZMVjQ3VlFVbHg5VUQxWk1hTW1NVkMvaDF5MjdTSkVpVFN3VnV1LzQxaWJNcmtubHhXUitCeGdaYUVzQUxxR2EzUFBpODNXdXgiLCJtYWMiOiIyODg0MTQ5ZTg0MDIyMjk1OWQ4YTRmZDQ1OWY5ZWRiNGE2ZTRkYWY0NDJkZmM4MmM1NzEyM2RjYjhkYjkzOTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImZIelRhQzZTUXY0OWw2V2QvSTdZenc9PSIsInZhbHVlIjoiTEdMbkg1RUJaQ0hZeTFVa3YrM3AxOWhJWHRjdStPc0s0K0JmR3NqR04zTnRRWHNrTSt6TlB4UEs5TVBwamRhVk1ielN1Z2ZadFdyaGR4ZXgrZHpqK0lmWUdpb253U0dGb3pEYWg2RFgxNUhmUng5VTFGQUc1QU0rUmQ1L3Q5ZjQiLCJtYWMiOiI4MjY4NDkxNjBiM2Q4NTMyY2MwNDg2NzE5Zjk4Nzc0OTdjNDM0ZTQ4OTc1N2IyNzA3YzhjMWM4NmNhMjEzNmM0IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=mmaFLh7cpHdpKr2&MD=XduWglKn HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /127ZPXExxyWLex4m6720 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /xyPUGRtkYoP6jpqpsXcgh28 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /rstGHrRJjafcGLlhh4yyzjG9rDDeuv40 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://n34j4.erproce.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /1293McY8556cDs8gAqr46 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://n34j4.erproce.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /78HNvEtZRPUQqWzRTM45xJO2st60 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://n34j4.erproce.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /23vKNU3EMnFq9rLrJw5899LRJreqom9vw70 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://n34j4.erproce.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://n34j4.erproce.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlKHLAQiFoM0BCLnKzQEIitPNAQjB1M0BCLrYzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://n34j4.erproce.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /client/config?cc=CH&setlang=en-CH HTTP/1.1X-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-UserAgeClass: UnknownX-BM-Market: CHX-BM-DateFormat: dd/MM/yyyyX-Device-OSSKU: 48X-BM-DTZ: 120X-DeviceID: 01000A41090080B6X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDYAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAcGyX4wygplhbIQASavGlmQ/%2BEUFNFA6ktNMCm3zHCwo9cVwwrnFRYk5iKCB62jtJcZadKYOx1n%2B6tqrXCAEF%2BI3o8YyyrRASClZTwB/HBXQPAVjI06rajBRkeAg/h5i1dyaJAST0w2pmVPF9irJGyPrI52q3SGx8%2B9EoGcoWab7bLhWHN%2BQOYWk8Z237Ae8ld4gM/T7vomqwRG4brb4Sh6CVnCa0EOZItfJJKWOgeIOODhH5nnTOstCWEnzU8rbOjwBVaoXgUIBdkWEnWIp5EvrB2Ig6KfILwTNjFjFZSny9eGa1PrPObwG19NjbNNnnRrSkVcYaUy51QMpfZvP4ZADZgAACBOaJQ3M75lKqAEtKRZePFRnYfX3GYX5VJPw/oq4OWvL6TLg%2BQZ3S%2BiQ5swBz7s12jkEvxUecpbepjLwtjPwEOLi5XYx0Yf62dF2gF7%2B%2BkLa4nbaEJZVcEFE3rjyCmhjU%2BAs6gvBigRfMzic1CnOPNphx2eN9CvhgphyQusw5NC7Keg/FDjcJyrieqghcm64OgtCWvi9%2BIrHcueIOM2mWhoeE5tFX6uFb/eL2ctNWzRHheTLUhSonrCiGIvn/PgybAf6kzh%2B7QNASWCinLac2qDcoq%2Bhgq0kIntaS2oi5Vg9lLRNNdldnKQdDjzvJW%2B%2BnKLAnGTtJO5Ca/t/I0FW242LeZR6EAqywueVY7zfAhiTavqDh%2BR2cAg%2BtQQYg0aqMPP4fWvPhoOepZ4jf3LIWute880MMK3bscOuaOwE7y4L3lqFn7lQRDyjhckwl89mxNZcdkgC2aWnGhjzZ4veuOfI8GfTBXnw54Zx%2BHUmH2xSiUaAOZBItb4/LwtWvTvuxhoDbAWP2PBkrUWZKasANuPKeuZwRjCjUTm5umBrdzZk4YtLQnfsW%2BlZyBB7okzlSgz52gE%3D%26p%3DX-Agent-DeviceId: 01000A41090080B6X-BM-CBT: 1714035645User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045X-Device-isOptin: falseAccept-language: en-GB, en, en-USX-Device-Touch: falseX-Device-ClientSession: D7359E749B9C4DC48967C199EA8753FCX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIHost: www.bing.comConnection: Keep-AliveCookie: SRCHUID=V=2&GUID=C4EAB6C130004333A34B5668AE4E4D10&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=en; MUID=4590362BB5CF472B95BBEDB3112D4B7B; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
Source: global traffic HTTP traffic detected: GET /90hfGvyT1W88efGLXzh6V0ab73 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://n34j4.erproce.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /efDTqwRZpKsqnr655sK1qTI256HGjJ85PM6HGnHkl100 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://n34j4.erproce.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /34h4Inw3HgaWiYYOIRTn0K43x1klShpvCBevJajmKB89110 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /klS4bgmsjJPiTo0JeLyQPkZwBeRcLaFwW0QevV9uijBiiBDfuXk2RaZpQtBHcljTJmFysqkhDwx213 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: n34j4.erproce.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://n34j4.erproce.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3DSec-WebSocket-Key: eqd7hvMhsKB4ZoVlBV/2kw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic HTTP traffic detected: GET /ijnfkCVKhwufgzAjGpjTzyiV6EJNVKpAopF2wrlTE5kTFEG1uph1LxSInRarnsY3Y4ab227 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /uviHDnAE0gTkmBMJlvBstdx2UgHYVMjMpYKl2bz34126 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /qrWw9nl7xps0Swm3iD7C2H7PwBWlby43tDmnP32EvNGcSfO96YzOM0o67140 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /klS4bgmsjJPiTo0JeLyQPkZwBeRcLaFwW0QevV9uijBiiBDfuXk2RaZpQtBHcljTJmFysqkhDwx213 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /mnvODWTw9m4xGyLG6K2pAhzijNIlOF9P5RUOEVuFIJ78150 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /ijxExAGLfxHDfLwmDue7C5P4MgxyzylIjUMWuSUeJEZkGq78170 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /ijnfkCVKhwufgzAjGpjTzyiV6EJNVKpAopF2wrlTE5kTFEG1uph1LxSInRarnsY3Y4ab227 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /wxiHDnAE0gTkmBMJlvBgKop2UgHYVMjMpYKl2bzp06kYptmsab180 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYvNUhIdWhNRXkzQXhSblg0L2dSZXc9PSIsInZhbHVlIjoiQ1Rsb282cjljekx2Mkg4ZDM5TWdwMWIvbEhxSWdkQnVLWFhnbVdyK0p6TlloRVRnTUd2ejRLWWt4WHRRd0dMUzFxazZybjJrbUNCUWwwS2JwNFlqZjVzK1BEcUh3Mms3VlRWM01PalJKRHZndVIvVWw1NldsVXcxcjBtVFoybHoiLCJtYWMiOiI1N2RhZjhiY2YwM2Q5ZTkzNWM2NmUzY2VhYTMyYzBjMjQwYzU4NTRmYjg4YjYxMmQyMmM4MDZjNWU5OWQ1OTRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlI3WS84Q20wQTlqellyNkhuV0FEU1E9PSIsInZhbHVlIjoidG5NYUNqNE5LZUh2MHRFRTg1SFhUTjg4aWY5Z003NExLYmszMnBkb0F0a3A1QnM2SVVLeXpwQkZBRk12clB6bXBiVDZxcEd0YzI2MzBsRy9uMTJ4SHNVMEFLZ3Ixd2lMTExlUWFQK1d3SlpGbUFtZmFud3dLbzB5UDdud3VObjAiLCJtYWMiOiJhMWZkNGI4ZGZhM2VlMTkwZTlhNDMxODc0OTFhYTAwNWRmYmRmZDVhOGQyZmIzMjExOWNmNDExNDA4ZTNkODM5IiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /opmKBBmiuWfX4G2RHnZU35mWUmBuvkxdQJej9KlnON9zg0ONlPfwsRukaef193 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /wrttubYrCHWuw7VKOWPSc6msuKhcDty50czV8ihSwfHPAkn6Lmb2rdNj8 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /uviHDnAE0gTkmBMJlvBstdx2UgHYVMjMpYKl2bz34126 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /ij8u4gL9HIkKRB4oO4q5sk3cElMCafdq1UbpWklfmpXifaceLpdGMyqef204 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /opRDfkOXrsMnYvNNx4dtbnUz3oOQk0WOw2o32kCcuGj6JmwznBuvcfAnenBLKvCVTSCiPgi0dp4AqvRKFZde59YIvef240 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /qrWw9nl7xps0Swm3iD7C2H7PwBWlby43tDmnP32EvNGcSfO96YzOM0o67140 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /mnvODWTw9m4xGyLG6K2pAhzijNIlOF9P5RUOEVuFIJ78150 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /stKSEEMcBaDAACEnWHScuhHeloVKFflrG54f67TZfPPMiNsoY3axVnsofmeCEHcaGDH2vUAy2yo0ef260 HTTP/1.1Host: n34j4.erproce.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYRAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /ijxExAGLfxHDfLwmDue7C5P4MgxyzylIjUMWuSUeJEZkGq78170 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /wxiHDnAE0gTkmBMJlvBgKop2UgHYVMjMpYKl2bzp06kYptmsab180 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /opmKBBmiuWfX4G2RHnZU35mWUmBuvkxdQJej9KlnON9zg0ONlPfwsRukaef193 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /opRDfkOXrsMnYvNNx4dtbnUz3oOQk0WOw2o32kCcuGj6JmwznBuvcfAnenBLKvCVTSCiPgi0dp4AqvRKFZde59YIvef240 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /ij8u4gL9HIkKRB4oO4q5sk3cElMCafdq1UbpWklfmpXifaceLpdGMyqef204 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /stKSEEMcBaDAACEnWHScuhHeloVKFflrG54f67TZfPPMiNsoY3axVnsofmeCEHcaGDH2vUAy2yo0ef260 HTTP/1.1Host: n34j4.erproce.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3D
Source: global traffic HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: n34j4.erproce.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://n34j4.erproce.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3DSec-WebSocket-Key: 5ORUZT2vPB/UcIp2ulISQw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: n34j4.erproce.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://n34j4.erproce.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3DSec-WebSocket-Key: B6PMICZTctQTC9M7oJMGqw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=mmaFLh7cpHdpKr2&MD=XduWglKn HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: n34j4.erproce.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://n34j4.erproce.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3DSec-WebSocket-Key: FboWz6I1FW90eYJ92JHWOw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: n34j4.erproce.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://n34j4.erproce.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3DSec-WebSocket-Key: lnGJ8CumhO7QpADBeKlduQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: n34j4.erproce.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://n34j4.erproce.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImlFbkRYZmJUNFdTR3pRTFpOeS9ZOFE9PSIsInZhbHVlIjoic1Y3SzZoaVkxWHBHMFdsclIzMzkzdXkxWE82bWhKQ0llWHBBQ29UaUhNM3B2dDJiVFNmS1g4ak12Wk84QjZwaU5tWkZJbWFZZmNPclRTM25YWk5OY0Nia2dqQnNtNUk3NDBRUVE5SW1XYkxKL0tTSFZvNTFLR25HYS9CbEgwMW8iLCJtYWMiOiJjYTRmYjZmM2UxMDhlMjEwN2YyNjgxMTFmNWRlNTEyODM1NWZmNDNlNGE4MmQ1NTg5MjcxN2Q2NjYyY2MyNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5pQ1RwQm1IZENnYWRrTW5lTTE1N2c9PSIsInZhbHVlIjoiRHZKY0g4N21iZDRDMGtNVGthRmg0U0ZaVzJGTXdzUDZKQkZFN2grRzdXY052MlhXT0t2TWp0UzJzZXpZL2NURTM3c2YvNzNqMFFRTTdRQ3A1N3djOWl5emlmUWRQR2FQd3hyVWc0WTlPOHZmTDNhbUQ3a21DSTZsNVlwdkZoWTQiLCJtYWMiOiIyODU1MDQyZTI4NmU2NmU3MzJkZjNhY2RmYzFkMDBmNGRlODQ4MjUzYWMyNmI4NGU2YTkyNGQ5YmFiMzhmMGIzIiwidGFnIjoiIn0%3DSec-WebSocket-Key: hWX/xztz2Va+CoUuE/Ri+w==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic DNS traffic detected: DNS query: itniy4gbb.cc.rs6.net
Source: global traffic DNS traffic detected: DNS query: phil.groupavian.com
Source: global traffic DNS traffic detected: DNS query: n34j4.erproce.com
Source: global traffic DNS traffic detected: DNS query: code.jquery.com
Source: global traffic DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic DNS traffic detected: DNS query: cdn.socket.io
Source: unknown HTTP traffic detected: POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1105556754:1714033711:osjFWx7TQpWmznMrUyZGcWZBMp9QIoTvmH3MrAjIn9Y/879d24de2a915083/87a48736627fe33 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveContent-Length: 2669sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-type: application/x-www-form-urlencodedsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36CF-Challenge: 87a48736627fe33sec-ch-ua-platform: "Windows"Accept: */*Origin: https://challenges.cloudflare.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 09:00:36 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 09:00:41 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iBJtIxjOEg7e0B0Zu3xOJrs10M5lAheO3oMcid2%2FjLKN9dQVVraKFMEgHWZo20cKdymh1Sz%2B9gr43T7OmtNXGfu9uHZFBO%2Fw3ahKa8%2FsChqGB0%2FSMqpcLOZaygE4ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: MISSServer: cloudflareCF-RAY: 879d24e4ba107ba5-ATL
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 09:00:48 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XGEmzPMVwuDo0PqaD3wnnnISN2MAp1ZvNEQCAl56SOaEXrjl9et3ZjJHcvx0I41O%2Fr5xJ1CsOsqBIi8EKNFuBhtsXNzCXi19tvUlEw52PbnPXH1IB2e0ot2qgxvvkw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 879d25138add6763-ATL
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 09:00:53 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIQxneA02aD9lHOj5Bwx4xWNCdlOpUjAfBbDFM4b5uuM5S1uMIlhgZjYdSwsRp1INSOzw06ydMGToVi%2BCcl%2BfED3vWQdSKCAcxQXqXan2hAXRUERqi4bbI0ArBywVQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 879d2532bbf86762-ATL
Source: chromecache_119.1.dr String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_119.1.dr String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_119.1.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_119.1.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_119.1.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_119.1.dr String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_119.1.dr String found in binary or memory: https://recaptcha.net
Source: chromecache_119.1.dr String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_119.1.dr String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_119.1.dr String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_119.1.dr String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_119.1.dr String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_119.1.dr, chromecache_93.1.dr String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_119.1.dr String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
Source: chromecache_93.1.dr String found in binary or memory: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown HTTPS traffic detected: 40.126.7.32:443 -> 192.168.2.17:49729 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49732 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.17:49749 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.17:49786 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.17:49787 version: TLS 1.2
Source: unknown HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.17:49789 version: TLS 1.2
Source: classification engine Classification label: mal72.phis.win@18/81@26/13
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://itniy4gbb.cc.rs6.net/tn.jsp?f=001DpCT81a7BIE926OduG6KmKkwKebSAbUZq28C52DoY-FfQJyM_2Gq3l18V1j7KWwJQTfGlQ_HSq0vC8xqJqFST9z0CwmpWgUieBjKckdJcSODJ_3vu5MzvaSoOGbGY9SjpWQtg9-aAXm1e6VV91z84Q2_wlyDMR98&c=i37ZFF5Dy2QSFqOfb2TVpr5vkMFqaR6DdoQbIhzcRV7G2oFwX8NEvA==&ch=2ErEiCYnoykaXa1uoD0AgTD1vOpSqc6zh3ef32Gb4XR_ut8_qvmzHA==&c=&ch=&__=/mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw==
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=2100,i,16413262173689083580,8775777880304841059,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=2100,i,16413262173689083580,8775777880304841059,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Google Drive.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window Recorder Window detected: More than 3 window changes detected
Stores files to the Windows start menu directory
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1431504 URL: https://itniy4gbb.cc.rs6.ne... Startdate: 25/04/2024 Architecture: WINDOWS Score: 72 22 Antivirus detection for URL or domain 2->22 24 Antivirus / Scanner detection for submitted sample 2->24 26 Yara detected HtmlPhish10 2->26 28 2 other signatures 2->28 6 chrome.exe 9 2->6         started        process3 dnsIp4 12 192.168.2.17, 138, 443, 49305 unknown unknown 6->12 14 239.255.255.250 unknown Reserved 6->14 9 chrome.exe 6->9         started        process5 dnsIp6 16 phil.groupavian.com 162.241.120.242, 443, 49703, 49704 UNIFIEDLAYER-AS-1US United States 9->16 18 142.250.9.147, 443, 49750 GOOGLEUS United States 9->18 20 10 other IPs or domains 9->20
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
108.156.152.88
 d2vgu95hoyrpkh.cloudfront.net United States
16509 AMAZON-02US false
104.21.2.199
 unknown United States
13335 CLOUDFLARENETUS false
151.101.130.137
 code.jquery.com United States
54113 FASTLYUS false
104.17.3.184
 challenges.cloudflare.com United States
13335 CLOUDFLARENETUS false
239.255.255.250
 unknown Reserved
unknown unknown false
172.67.129.155
 n34j4.erproce.com United States
13335 CLOUDFLARENETUS false
35.190.80.1
 a.nel.cloudflare.com United States
15169 GOOGLEUS false
142.250.9.147
 unknown United States
15169 GOOGLEUS false
208.75.122.11
 itniy4gbb.cc.rs6.net United States
40444 ASN-CCUS false
162.241.120.242
 phil.groupavian.com United States
46606 UNIFIEDLAYER-AS-1US false
104.17.2.184
 unknown United States
13335 CLOUDFLARENETUS false
64.233.185.105
 www.google.com United States
15169 GOOGLEUS false

Private

IP
192.168.2.17

Contacted Domains

Name IP Active
a.nel.cloudflare.com 35.190.80.1 true
code.jquery.com 151.101.130.137 true
d2vgu95hoyrpkh.cloudfront.net 108.156.152.88 true
itniy4gbb.cc.rs6.net 208.75.122.11 true
challenges.cloudflare.com 104.17.3.184 true
www.google.com 64.233.185.105 true
n34j4.erproce.com 172.67.129.155 true
phil.groupavian.com 162.241.120.242 true
cdn.socket.io unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://phil.groupavian.com/favicon.ico false
  • Avira URL Cloud: phishing
 unknown
https://n34j4.erproce.com/mnvODWTw9m4xGyLG6K2pAhzijNIlOF9P5RUOEVuFIJ78150 false
  • Avira URL Cloud: safe
 unknown
https://n34j4.erproce.com/favicon.ico false
  • Avira URL Cloud: safe
 unknown
https://code.jquery.com/jquery-3.6.0.min.js false
    		high
    https://n34j4.erproce.com/opmKBBmiuWfX4G2RHnZU35mWUmBuvkxdQJej9KlnON9zg0ONlPfwsRukaef193 false
    • Avira URL Cloud: safe
    		 unknown
    https://a.nel.cloudflare.com/report/v4?s=E2N%2BIytw%2BsKZwt%2FnRkDgdsvatbLF7ZuAGGyme%2BniKDFA0Mg5ffWtiEyYebMc7yiXnZ%2BSNa3p%2BBasgwlmspWwwUvjF62RR2vSX2c3bbEXnbcHgYe5GDjioxRmWiKMFA%3D%3D false
      		high
      https://n34j4.erproce.com/127ZPXExxyWLex4m6720 false
      • Avira URL Cloud: safe
      		 unknown
      https://itniy4gbb.cc.rs6.net/tn.jsp?f=001DpCT81a7BIE926OduG6KmKkwKebSAbUZq28C52DoY-FfQJyM_2Gq3l18V1j7KWwJQTfGlQ_HSq0vC8xqJqFST9z0CwmpWgUieBjKckdJcSODJ_3vu5MzvaSoOGbGY9SjpWQtg9-aAXm1e6VV91z84Q2_wlyDMR98&c=i37ZFF5Dy2QSFqOfb2TVpr5vkMFqaR6DdoQbIhzcRV7G2oFwX8NEvA==&ch=2ErEiCYnoykaXa1uoD0AgTD1vOpSqc6zh3ef32Gb4XR_ut8_qvmzHA==&c=&ch=&__=/mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw== false
        		high
        https://n34j4.erproce.com/web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket false
        • Avira URL Cloud: safe
        		 unknown
        https://n34j4.erproce.com/ij8u4gL9HIkKRB4oO4q5sk3cElMCafdq1UbpWklfmpXifaceLpdGMyqef204 false
        • Avira URL Cloud: safe
        		 unknown
        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879d24de2a915083/1714035641521/Xuro9-2i0PAf2DR false
          		high
          https://n34j4.erproce.com/rstGHrRJjafcGLlhh4yyzjG9rDDeuv40 false
          • Avira URL Cloud: safe
          		 unknown
          https://n34j4.erproce.com/uviHDnAE0gTkmBMJlvBstdx2UgHYVMjMpYKl2bz34126 false
          • Avira URL Cloud: safe
          		 unknown
          https://n34j4.erproce.com/wrttubYrCHWuw7VKOWPSc6msuKhcDty50czV8ihSwfHPAkn6Lmb2rdNj8 false
          • Avira URL Cloud: safe
          		 unknown
          https://n34j4.erproce.com/1293McY8556cDs8gAqr46 false
          • Avira URL Cloud: safe
          		 unknown
          https://www.google.com/recaptcha/api.js false
            		high
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D false
              		high
              https://n34j4.erproce.com/23vKNU3EMnFq9rLrJw5899LRJreqom9vw70 false
              • Avira URL Cloud: safe
              		 unknown
              https://n34j4.erproce.com/ZNj8a/ false
              • Avira URL Cloud: safe
              		 unknown
              https://n34j4.erproce.com/xyPUGRtkYoP6jpqpsXcgh28 false
              • Avira URL Cloud: safe
              		 unknown
              https://n34j4.erproce.com/klS4bgmsjJPiTo0JeLyQPkZwBeRcLaFwW0QevV9uijBiiBDfuXk2RaZpQtBHcljTJmFysqkhDwx213 false
              • Avira URL Cloud: safe
              		 unknown
              https://n34j4.erproce.com/opRDfkOXrsMnYvNNx4dtbnUz3oOQk0WOw2o32kCcuGj6JmwznBuvcfAnenBLKvCVTSCiPgi0dp4AqvRKFZde59YIvef240 false
              • Avira URL Cloud: safe
              		 unknown
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1105556754:1714033711:osjFWx7TQpWmznMrUyZGcWZBMp9QIoTvmH3MrAjIn9Y/879d24de2a915083/87a48736627fe33 false
                		high
                https://n34j4.erproce.com/efDTqwRZpKsqnr655sK1qTI256HGjJ85PM6HGnHkl100 false
                • Avira URL Cloud: safe
                		 unknown
                https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879d24de2a915083/1714035641521/87c31e3198608c0cd83f45520a9ace612bed62f3720df370cd6720e5e1085ff1/xCmJY8c_M25g2Zm false
                  		high
                  https://a.nel.cloudflare.com/report/v4?s=iBJtIxjOEg7e0B0Zu3xOJrs10M5lAheO3oMcid2%2FjLKN9dQVVraKFMEgHWZo20cKdymh1Sz%2B9gr43T7OmtNXGfu9uHZFBO%2Fw3ahKa8%2FsChqGB0%2FSMqpcLOZaygE4ZQ%3D%3D false
                    		high
                    https://n34j4.erproce.com/34h4Inw3HgaWiYYOIRTn0K43x1klShpvCBevJajmKB89110 false
                    • Avira URL Cloud: safe
                    		 unknown
                    https://phil.groupavian.com//mrlZp0zmTKgGvsPpx0JUyCMjGZr4J6/Z2dvbnphbGV6c2FsYXNAc2FuaXRhcy5lcw== false
                      		unknown
                      https://n34j4.erproce.com/wxiHDnAE0gTkmBMJlvBgKop2UgHYVMjMpYKl2bzp06kYptmsab180 false
                      • Avira URL Cloud: safe
                      		 unknown
                      https://n34j4.erproce.com/ZNj8a/#Dggonzalezsalas@sanitas.es false
                        		unknown
                        https://n34j4.erproce.com/90hfGvyT1W88efGLXzh6V0ab73 false
                        • Avira URL Cloud: safe
                        		 unknown
                        https://n34j4.erproce.com/78HNvEtZRPUQqWzRTM45xJO2st60 false
                        • Avira URL Cloud: safe
                        		 unknown
                        https://n34j4.erproce.com/poszxfbkofldajezjnenyJwFRALVSSRCDIFFORVXSPPKGNIGUMQXRLD?TZSGXJMHSRKCZVEJNFPNFHxcrOLlrkTZSDIMMOCQXUELJBFXVRKOOVPZNJXRTJTWSDGYLVOIQFDBIUYR true
                          		unknown
                          https://n34j4.erproce.com/ijnfkCVKhwufgzAjGpjTzyiV6EJNVKpAopF2wrlTE5kTFEG1uph1LxSInRarnsY3Y4ab227 false
                          • Avira URL Cloud: safe
                          		 unknown
                          https://n34j4.erproce.com/stKSEEMcBaDAACEnWHScuhHeloVKFflrG54f67TZfPPMiNsoY3axVnsofmeCEHcaGDH2vUAy2yo0ef260 false
                          • Avira URL Cloud: safe
                          		 unknown
                          https://n34j4.erproce.com/ijxExAGLfxHDfLwmDue7C5P4MgxyzylIjUMWuSUeJEZkGq78170 false
                          • Avira URL Cloud: safe
                          		 unknown
                          https://n34j4.erproce.com/ZNj8a/?FDggonzalezsalas@sanitas.es false
                          • Avira URL Cloud: safe
                          		 unknown
                          https://cdn.socket.io/4.6.0/socket.io.min.js false
                            		high
                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/blvm0/0x4AAAAAAAXy_y66HmFMovxh/auto/normal false
                              		high
                              https://n34j4.erproce.com/tvKovpkyYa6RDiv8MbJ9xs0XTY6JwFdPUvIMXsxq false
                              • Avira URL Cloud: safe
                              		 unknown
                              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879d24de2a915083 false
                                		high