Windows Analysis Report
https://gelw.nalverd.com/AvGEoxV/

Overview

General Information

Sample URL:	https://gelw.nalverd.com/AvGEoxV/
Analysis ID:	1432155
Infos:

Detection

HTMLPhisher

Score:	68
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Yara detected HtmlPhish10

Found suspicious QR code URL

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid T&C link found

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://gelw.nalverd.com/AvGEoxV/

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: 3.6.pages.csv, type: HTML

Found suspicious QR code URL

Source: QR Code extractor	URL: http://
Source: QR Code extractor	URL: http://

Phishing site detected (based on image similarity)

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ	Matcher: Template: microsoft matched
Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ#	Matcher: Template: microsoft matched

HTML body contains low number of good links

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden URLs or javascript code

Source: https://gelw.nalverd.com/AvGEoxV/

HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <meta http-equiv="X-UA-Compatible" c...

HTML title does not match URL

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: Title: kQJjLXZkAH does not match URL

Invalid T&C link found

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ	HTTP Parser: Invalid link: Terms of use
Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ	HTTP Parser: Invalid link: Privacy & cookies

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: <input type="password" .../> found

Source: https://gelw.nalverd.com/AvGEoxV/	HTTP Parser: No favicon
Source: https://gelw.nalverd.com/AvGEoxV/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normal	HTTP Parser: No favicon
Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ	HTTP Parser: No favicon

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: No <meta name="author".. found

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49745 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRmgZjcGOXjrrEGIjC4jVxfp-h1T95D__e1hifsmLHtMbQtVurfMLjuVV-qYNApfmE9CIFqdY7D1CKGhlsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-26-13; NID=513=G94Alckhsj3GYDAid5utgt3toPMw7gixOMraWuaUjZ23C3NcuD3PR2pz4HjUwIwj-gv_ft2CFQdY7YZLrqYiLpLPAZhVnFYnNsJ5hXli6QL4IJLfS5zfHR9Titgmca7yFH9ezkXsonmKmOD6x1-Gh6tcCsREl9zAEG2JLM8J0uU
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRmgZjcGOXjrrEGIjAn68XOZKbfXPOBM4wkhVftkUATczltJ7lJ71WAMuxxnRRZwbK5g7alfIDHjhzA5ZAyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-26-13; NID=513=G94Alckhsj3GYDAid5utgt3toPMw7gixOMraWuaUjZ23C3NcuD3PR2pz4HjUwIwj-gv_ft2CFQdY7YZLrqYiLpLPAZhVnFYnNsJ5hXli6QL4IJLfS5zfHR9Titgmca7yFH9ezkXsonmKmOD6x1-Gh6tcCsREl9zAEG2JLM8J0uU
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /AvGEoxV/ HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87a710338ea567d5 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/AvGEoxV/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlpSV09rN0RlVXd1R3pSc0Z6Nm1jd2c9PSIsInZhbHVlIjoiQVhOU2dSK3JFMTNiMy8xeDJzUnpLK3RXK0pWTlBKMDl3bWFjdURmeHVhWDNLUktIajdtRTlDb1RJZEVRb3dJZFFoODJxYUdCWmN3NGlFUHJVcFBLeU5neTlEZFhhT0JBaEZObjZjNDNOcy9CY2k1ckRhY2NjeTcweDRsNHdMRGkiLCJtYWMiOiIzNzlhOGExZWZiOThmNGNkMzg4ZmYwYmQ0YzU0YWU4MjY5Yzc1NjUxMTFmNjIzYTZkZTAzYjM3MzZhYjFiMzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImFMbjdadXBqWUE2UmxKL0toWHhPcWc9PSIsInZhbHVlIjoiT0dVZ0cvbEZJa3p2VGV6TDB5Ylk3WGhwSmdyK0kzNlJrYTJlR0FHQVVYNzh0TTBtWVVBRmV4ZCtCL3NjenhjekVuc2Vsd0h0Q3FmSTZENklENnJTMm9jNGJwclNpRTh0SklrdmdDVUJZMUM0QkdGMXhoYTdoYjZycGVVTklpcm4iLCJtYWMiOiI0ZDYxZDYyM2QwOTkwZGFkZTMxMTFjZWViZmVkMDkyMWY3NjU5OWUwMzFiOTk4ZmFkZDdmNDQwNDlhMjI1MmUyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/87a710338ea567d5/1714139654150/r0ZfVbOmH73SGQe HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/2068823770:1714138173:Yd-dD0IZEEpfFfpf9Qa63h2pIQIK_QVifXRcV5tB7BU/87a710338ea567d5/a7fbae31b181157 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/87a710338ea567d5/1714139654150/r0ZfVbOmH73SGQe HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/87a710338ea567d5/1714139654153/81999ed28a33744e83b5c38619d9069ef1e685be62df9d2992cd495c0e962af3/v0ZxRUGQqAmyGXK HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/2068823770:1714138173:Yd-dD0IZEEpfFfpf9Qa63h2pIQIK_QVifXRcV5tB7BU/87a710338ea567d5/a7fbae31b181157 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/2068823770:1714138173:Yd-dD0IZEEpfFfpf9Qa63h2pIQIK_QVifXRcV5tB7BU/87a710338ea567d5/a7fbae31b181157 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /AvGEoxV/ HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://gelw.nalverd.com/AvGEoxV/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikw4TWpBYlQybm0zMHlRbTF4VmIrc3c9PSIsInZhbHVlIjoiVndoNGNHcVVQUzRKSnoyVS9mVnM4UHl2OFNwcU1QcGx6YlFGMjlZcUpqTUFMQWNTVWg4U1pZU0RUZnZoN2F4SnJmUlF6K0JPZGkyL01GakpmTnFzVUVqNDFuSllpeGZER2RqLzZjUWx6YnEvZXB3Q0oyTWkyd28rSUxWamxPY1MiLCJtYWMiOiI0Y2IxMjE0Y2ZiZWYwOWZiNjlhN2E5ZWUwMmU4Yzc0MGE1ZGFiMTFiZTg4MjgxMGI5NWZlMTFhNzQxZGVkNGRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InY2TG1PRUc1dDBRMk5HUlJEYlpoZHc9PSIsInZhbHVlIjoiQkRlMjhiZ1A5S3p5MHh5bjBDMDhnOWZXQ2JTVHNoaTVqRUhzaE5FbFVjKzlOMHBqS2IySElKckx5bkh3eGxOc0lPZTB3SG5rbThMbjgyTVo4MW41YzJ2UmRyb3I5VWJGZDJiOXRoWDdXWTJ2UTNpOW05dGlFK3VBT2UyY21GVjMiLCJtYWMiOiI0Y2IxYTJjMThlOGJmMzY4MWNhZmI3ODdjNGY0YzUyNzg0ODRjNTg0MmE0MzIxMWU0MjY1MWFiYWQ3ZDQ2NzZiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ciu6ZlGujadtbi2YBUZC11pmfydNyxiG9k7l HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikw4TWpBYlQybm0zMHlRbTF4VmIrc3c9PSIsInZhbHVlIjoiVndoNGNHcVVQUzRKSnoyVS9mVnM4UHl2OFNwcU1QcGx6YlFGMjlZcUpqTUFMQWNTVWg4U1pZU0RUZnZoN2F4SnJmUlF6K0JPZGkyL01GakpmTnFzVUVqNDFuSllpeGZER2RqLzZjUWx6YnEvZXB3Q0oyTWkyd28rSUxWamxPY1MiLCJtYWMiOiI0Y2IxMjE0Y2ZiZWYwOWZiNjlhN2E5ZWUwMmU4Yzc0MGE1ZGFiMTFiZTg4MjgxMGI5NWZlMTFhNzQxZGVkNGRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InY2TG1PRUc1dDBRMk5HUlJEYlpoZHc9PSIsInZhbHVlIjoiQkRlMjhiZ1A5S3p5MHh5bjBDMDhnOWZXQ2JTVHNoaTVqRUhzaE5FbFVjKzlOMHBqS2IySElKckx5bkh3eGxOc0lPZTB3SG5rbThMbjgyTVo4MW41YzJ2UmRyb3I5VWJGZDJiOXRoWDdXWTJ2UTNpOW05dGlFK3VBT2UyY21GVjMiLCJtYWMiOiI0Y2IxYTJjMThlOGJmMzY4MWNhZmI3ODdjNGY0YzUyNzg0ODRjNTg0MmE0MzIxMWU0MjY1MWFiYWQ3ZDQ2NzZiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /AvGEoxV/?I HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://gelw.nalverd.com/AvGEoxV/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii96dGxzUjRVbW5scVRVRnNYNk1RTWc9PSIsInZhbHVlIjoid1F1ZVN6WS8zdkVOQVdLd29YeEVUWVArVE1lKzVIaFhobTJsN2swYW1sZVZiWTRyY042NGViTHVQNXNQRlE0SjZwYXpTbk9vcmI4QkhqRnNVbm5rQ3RUU3p4LzZBcHNaUm94QmsvV1V2UnZnR3hhc0JESExUb2d3ZGQzVjdvWjAiLCJtYWMiOiJkYjdhMmViN2ZiNTJmM2YwODg4ZDE1YmZhYWEyNzM0MTlmZTE5ZDc2NzNjNjhjZTQyYWE0NjAyZDIyMWY1ZTVhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InoxN2lzZjNKdFlZY0Q3emprTWpNN2c9PSIsInZhbHVlIjoiVTJ4L1N5ZEVpOThzbVVKODZROTVNTXNPWEs3UmtaQzZzcUVVcmhkMk1IVDRGQlNPalBFa0kwL1R5QVoyQlhBVEFlamI4RklYc2xkRTczUjBXK2tFNXg4WFNESHh3d0Y1WVAxWkI1SE9Bb3grMys5NXErbzltUzIvK29DRGhXNnUiLCJtYWMiOiI4M2QzZDI2ZGU3OTlhYmNkMDg2NGVjNjFjNmRhNTE4ZjIwNTMxMmQ0NzQwZGFlMDVmZjIzNWExY2ZkMjFlMmJhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://gelw.nalverd.com/AvGEoxV/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlVPWUR6YXNIUkRTbDZIRER1NVRrRGc9PSIsInZhbHVlIjoia0V4c052aFB1cndYaUI0b3k5R3BrQ2xQU3BRdmtWaWI0SGYyLzRvSE1EWC8za0xPbENtd2NhQUpTb0FSZVlMMnh1dHJHZHlkNDRJdXZvbTNHeHBxN1ZLMEpwZzh4YTZiT2M5MXQ3VmJ2YW1CVWtxTzZ5QzJiSUNRdU1zNzlGekIiLCJtYWMiOiJhZTMxZDhkNTg3NTk1Mjg0MjE1MWU3OTQ1OTNlNWMzZDM0YTAxMTJkODI2YjI2YjY5ZDBjMmZlMWFiMzhjMmU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlpFYzlDa3dyUWd6c21SdjFCV3Z0Znc9PSIsInZhbHVlIjoia2xMNWZnQUVQcEhTejFLaHRrOE9SRXh4OEJaT1diTmxMc0xGL08yMjNqNW9RUzRtb2Q1dmplRk56OEN3NExNZnBDcEpiUWZzQ1Bjc2FiNkExeE1pbzIwOUJZWGozZkdNQW1xMHI4aTVUem9KcUViSU1Ma0dDSzZ1RzUwcjEyNUoiLCJtYWMiOiI5YWY2ZjUxN2VlZmE2NjUyYzkyNWM4MmFhOWM1OGExYTA4ZDBmNmIzYWIwMGMyNzcyNzhkNmRlMTlkZTNkOGM5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12xTPozz5QNdx7URFcdWeF8920 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /xyjOiDrdG3K2xYrsFtzef30 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pq5Loe61P66934Jy6H9zKuv40 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12mFBHzsl1P5UHY78Rh8VKqQwop46 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56K0nbKYrgITt23boQaw63NUst60 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /45yVO44dmTA90syzESKrvw70 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-26-13; NID=513=G94Alckhsj3GYDAid5utgt3toPMw7gixOMraWuaUjZ23C3NcuD3PR2pz4HjUwIwj-gv_ft2CFQdY7YZLrqYiLpLPAZhVnFYnNsJ5hXli6QL4IJLfS5zfHR9Titgmca7yFH9ezkXsonmKmOD6x1-Gh6tcCsREl9zAEG2JLM8J0uU
Source: global traffic	HTTP traffic detected: GET /89FC3LlzFMbfkAIa12MVy6APab80 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efHT9fEl2bIjBxAkf788HZGPIeoMmn93 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56t0gL5gK2cmpN4LsnFcyfwlpkl11tSccwbSup0iu89110 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: gelw.nalverd.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gelw.nalverd.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3DSec-WebSocket-Key: pFT9s2ItGPHJ6hdGXrWlOw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /mnOWaQBrcIdpa34BRhnzOaJ24edeMnemijmE4g5lxOGkEJX6fiGguaVvC2XLwx217 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klj1eG3tSaytCwjrXzICsMuEqyQpW4g8SFRzUj6tIKqr7txlTIREt7dVq58AuzO33Lfaab230 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxzeIZFcFkuD2JEnuWY0FKopaBCDYwWLVVv9vW4bCd34124 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qrqxZQ7i49HVQDFkT2K9mniyQTFXOnXx5i81oj42ckX345139 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mn5trU4TDuv3RovRLaSklrwxCRX3PZ1DLDk90150 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klYxDrIn4c5ahRCJcTlqyzxGkfyG4Q3O2Emd78169 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yzRPf0ukSa92U6vgYnj4wVzAUifxwAyrsUB99awLhumZZ1wwaE3ab180 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opS0liWtiXMPTKhtyAqukrR2E4BkVhGkIyPEij9IxRXmD8amGJE1HQR7T51iDwV8Eef198 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnOWaQBrcIdpa34BRhnzOaJ24edeMnemijmE4g5lxOGkEJX6fiGguaVvC2XLwx217 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /vsM6mmvurLL43CsA8dxFAJ3rUHNM6UX3tRalxywoFHROMEZ4H0ywk9u8BpBzIWiEzk HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klj1eG3tSaytCwjrXzICsMuEqyQpW4g8SFRzUj6tIKqr7txlTIREt7dVq58AuzO33Lfaab230 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxzeIZFcFkuD2JEnuWY0FKopaBCDYwWLVVv9vW4bCd34124 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghul1Tu50F2Y5jjiuNP6JD7kUYmWfHYKkVUyz4FdmnjUBVW0XkEsPF4LxYKUjdA3pZWDJffxref210 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klYxDrIn4c5ahRCJcTlqyzxGkfyG4Q3O2Emd78169 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yzRPf0ukSa92U6vgYnj4wVzAUifxwAyrsUB99awLhumZZ1wwaE3ab180 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opXzx0V3EAxkN1NVtcp1FcM5voH8d1uvMINzY0npJbyzB59Q9k6zaOH8NN1UAEcJPowpabef231 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stfgaECSNBRcwGTjvw4Y2UjQh2isH45Yxy60MMkI4AG5WKuuMRQB3u7ef252 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opS0liWtiXMPTKhtyAqukrR2E4BkVhGkIyPEij9IxRXmD8amGJE1HQR7T51iDwV8Eef198 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mn5trU4TDuv3RovRLaSklrwxCRX3PZ1DLDk90150 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qrqxZQ7i49HVQDFkT2K9mniyQTFXOnXx5i81oj42ckX345139 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opXzx0V3EAxkN1NVtcp1FcM5voH8d1uvMINzY0npJbyzB59Q9k6zaOH8NN1UAEcJPowpabef231 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghul1Tu50F2Y5jjiuNP6JD7kUYmWfHYKkVUyz4FdmnjUBVW0XkEsPF4LxYKUjdA3pZWDJffxref210 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: gelw.nalverd.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gelw.nalverd.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3DSec-WebSocket-Key: 43TXkwQJiEWVqmU+d9NKSA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /stfgaECSNBRcwGTjvw4Y2UjQh2isH45Yxy60MMkI4AG5WKuuMRQB3u7ef252 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: gelw.nalverd.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gelw.nalverd.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3DSec-WebSocket-Key: 8BTlkE7ayTVFHJXxWb5r1g==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: gelw.nalverd.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gelw.nalverd.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3DSec-WebSocket-Key: JQVg/LgVIntA5dEtTHa/aA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: gelw.nalverd.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdn.socket.io

Source: unknown

HTTP traffic detected: POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2068823770:1714138173:Yd-dD0IZEEpfFfpf9Qa63h2pIQIK_QVifXRcV5tB7BU/87a710338ea567d5/a7fbae31b181157 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveContent-Length: 2630sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-type: application/x-www-form-urlencodedsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36CF-Challenge: a7fbae31b181157sec-ch-ua-platform: "Windows"Accept: */*Origin: https://challenges.cloudflare.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 26 Apr 2024 13:54:14 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNhGHBlTK40Qxl8yrzTBH100RSsBCKkzE6mn%2FT1cLWSiQRsNQ%2FRtiz0u8%2BfeYvoIT64L1%2FBrAaEmhuQJwZrIf%2F0Wp7f%2FSaz48XXOoES3a1mlfFYAXrQShML029%2FZ1A%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: MISSServer: cloudflareCF-RAY: 87a71044583da66b-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 26 Apr 2024 13:54:36 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKPGQ8kisvgeqhm5lJckbWKTl2T860yFaaP8efqw8r4bpW7O%2BZuOhAqjw0f8Q7SRvUi%2FwiQqiCfmqjUOpvB1wexQ5gDn0getH5M98RwIoS9hpG5BykQTL2O754MmoA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 87a710ca2f6d09b2-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 26 Apr 2024 13:54:44 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHVyFw9qqLklo16gH6rrTDEcK4CjanMCZoOPWXqNdXJzR82bum%2BZbwK6iPyRil4OTB9KXCPVgicMHeZdPk7dY3YIWQn3Uqv6mHbXjF4u%2BNlBxTwIIx9g1%2B6FzXCiaQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 87a711037fc68dcd-MIA

Source: chromecache_70.3.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_70.3.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_70.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_70.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_70.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_70.3.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_70.3.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_70.3.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_70.3.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_70.3.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_70.3.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_70.3.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_70.3.dr, chromecache_107.3.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_70.3.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
Source: chromecache_107.3.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49745 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.win@30/75@22/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1988,i,14014969750969590740,8094112872708556366,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1992,i,16513210451006904575,5440778139736474350,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1976,i,12066371401791932286,9202225342553752342,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gelw.nalverd.com/AvGEoxV/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1988,i,14014969750969590740,8094112872708556366,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1992,i,16513210451006904575,5440778139736474350,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1976,i,12066371401791932286,9202225342553752342,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
192.178.50.36	unknown	United States	15169	GOOGLEUS	false
104.21.69.145	gelw.nalverd.com	United States	13335	CLOUDFLARENETUS	false
172.217.2.196	www.google.com	United States	15169	GOOGLEUS	false
18.64.174.31	d2vgu95hoyrpkh.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
104.17.3.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
151.101.2.137	code.jquery.com	United States	54113	FASTLYUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.17.2.184	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
a.nel.cloudflare.com	35.190.80.1	true
code.jquery.com	151.101.2.137	true
d2vgu95hoyrpkh.cloudfront.net	18.64.174.31	true
gelw.nalverd.com	104.21.69.145	true
challenges.cloudflare.com	104.17.3.184	true
www.google.com	172.217.2.196	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
cdn.socket.io	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://gelw.nalverd.com/klj1eG3tSaytCwjrXzICsMuEqyQpW4g8SFRzUj6tIKqr7txlTIREt7dVq58AuzO33Lfaab230	false	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v4?s=GNhGHBlTK40Qxl8yrzTBH100RSsBCKkzE6mn%2FT1cLWSiQRsNQ%2FRtiz0u8%2BfeYvoIT64L1%2FBrAaEmhuQJwZrIf%2F0Wp7f%2FSaz48XXOoES3a1mlfFYAXrQShML029%2FZ1A%3D%3D	false		high
https://gelw.nalverd.com/AvGEoxV/?I	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/45yVO44dmTA90syzESKrvw70	false	Avira URL Cloud: safe	unknown
https://code.jquery.com/jquery-3.6.0.min.js	false		high
https://gelw.nalverd.com/vsM6mmvurLL43CsA8dxFAJ3rUHNM6UX3tRalxywoFHROMEZ4H0ywk9u8BpBzIWiEzk	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/56K0nbKYrgITt23boQaw63NUst60	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/mnOWaQBrcIdpa34BRhnzOaJ24edeMnemijmE4g5lxOGkEJX6fiGguaVvC2XLwx217	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/opS0liWtiXMPTKhtyAqukrR2E4BkVhGkIyPEij9IxRXmD8amGJE1HQR7T51iDwV8Eef198	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2068823770:1714138173:Yd-dD0IZEEpfFfpf9Qa63h2pIQIK_QVifXRcV5tB7BU/87a710338ea567d5/a7fbae31b181157	false		high
https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ#	true		unknown
https://gelw.nalverd.com/AvGEoxV/	true		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87a710338ea567d5/1714139654153/81999ed28a33744e83b5c38619d9069ef1e685be62df9d2992cd495c0e962af3/v0ZxRUGQqAmyGXK	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normal	false		high
https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ	true		unknown
https://gelw.nalverd.com/efHT9fEl2bIjBxAkf788HZGPIeoMmn93	false	Avira URL Cloud: safe	unknown
https://www.google.com/recaptcha/api.js	false		high
https://gelw.nalverd.com/pq5Loe61P66934Jy6H9zKuv40	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false		high
https://a.nel.cloudflare.com/report/v4?s=MCigmAka401pAFs%2B4HJoqm%2FJn5ACm1PS1Dw%2B1EAgvXFguHYHl8VBYYldwwjRaDS0%2Fs%2BjKFyTYPyHISGizl%2FOoJaRV6UvZKDNnBEHpTtN1Q05%2F412Ab4G8cGAP1PLVw%3D%3D	false		high
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0	false		high
https://gelw.nalverd.com/89FC3LlzFMbfkAIa12MVy6APab80	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/opXzx0V3EAxkN1NVtcp1FcM5voH8d1uvMINzY0npJbyzB59Q9k6zaOH8NN1UAEcJPowpabef231	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/xyjOiDrdG3K2xYrsFtzef30	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/wxzeIZFcFkuD2JEnuWY0FKopaBCDYwWLVVv9vW4bCd34124	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/12mFBHzsl1P5UHY78Rh8VKqQwop46	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/yzRPf0ukSa92U6vgYnj4wVzAUifxwAyrsUB99awLhumZZ1wwaE3ab180	false	Avira URL Cloud: safe	unknown
https://www.google.com/async/newtab_promos	false		high
https://gelw.nalverd.com/stfgaECSNBRcwGTjvw4Y2UjQh2isH45Yxy60MMkI4AG5WKuuMRQB3u7ef252	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/56t0gL5gK2cmpN4LsnFcyfwlpkl11tSccwbSup0iu89110	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/qrqxZQ7i49HVQDFkT2K9mniyQTFXOnXx5i81oj42ckX345139	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/ghul1Tu50F2Y5jjiuNP6JD7kUYmWfHYKkVUyz4FdmnjUBVW0XkEsPF4LxYKUjdA3pZWDJffxref210	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a710338ea567d5/1714139654150/r0ZfVbOmH73SGQe	false		high
https://gelw.nalverd.com/klYxDrIn4c5ahRCJcTlqyzxGkfyG4Q3O2Emd78169	false	Avira URL Cloud: safe	unknown
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://cdn.socket.io/4.6.0/socket.io.min.js	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87a710338ea567d5	false		high
https://gelw.nalverd.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRmgZjcGOXjrrEGIjC4jVxfp-h1T95D__e1hifsmLHtMbQtVurfMLjuVV-qYNApfmE9CIFqdY7D1CKGhlsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM	false		high
https://gelw.nalverd.com/ciu6ZlGujadtbi2YBUZC11pmfydNyxiG9k7l	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/12xTPozz5QNdx7URFcdWeF8920	false	Avira URL Cloud: safe	unknown
https://gelw.nalverd.com/mn5trU4TDuv3RovRLaSklrwxCRX3PZ1DLDk90150	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	Web Open Font Format (Version 2), TrueType, length 43596, version 1.0	2A05E9E5572ABC320B2B7EA38A70DCC1	D5FA2A856D5632C2469E42436159375117EF3C35	3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
Chrome Cache Entry: 101	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 102	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 103	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 104	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 105	Web Open Font Format, TrueType, length 36696, version 1.0	A69E9AB8AFDD7486EC0749C551051FF2	C34E6AA327B536FB48D1FE03577A47C7EE2231B8	FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
Chrome Cache Entry: 106	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators	78A5500114640D663460BCBB33E694EB	C72B1B93C8BC2DDBD77BA3C042A8ED415B6B8E26	E97FE9DB7CA567DA1F9F5A3B87B669146ADDF1983392C32FDA68C4D667A3CA22
Chrome Cache Entry: 107	ASCII text, with very long lines (1222), with no line terminators	463D838587C8B5873CB6E4E942B770C9	E69DCF383A6F3F51F123CA2D86F19FC4BE09E612	1448EC1B3F30A554233BD280AA99A7EAF690D1098647E7DDDEA286C757884F9C
Chrome Cache Entry: 108	PNG image data, 28 x 59, 8-bit/color RGB, non-interlaced	B06BFF421317451C04524EC2ACA830F5	8B86CA4F6DADE5F337D16C769A323CFFB974842B	D0170D7D2EFE1AA85C3E2A99BB37311E1438A88AD271D94570EACA2C5E5664B5
Chrome Cache Entry: 109	HTML document, ASCII text, with very long lines (1445), with CRLF line terminators	21B75B65203A3FC31F6616F5EAC793EA	37F83B057E614752C251FB66D2A661AB371BFE91	04DFE1ECA2BE2E326134B4128F653D203A4040C8ECE9641967CAD6350C6EA653
Chrome Cache Entry: 110	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 111	ASCII text, with very long lines (42414)	F94A2211CE789A95A7C67E8C660D63E8	F1FC19B6BCB96D0A905BF3192AAFF0885FF9F36F	926DC3302F99EC05E4206E965DDEB7250F5910A8C38E82C7BEAFB724BBAAF37B
Chrome Cache Entry: 112	Web Open Font Format (Version 2), TrueType, length 28584, version 1.66	17081510F3A6F2F619EC8C6F244523C7	87F34B2A1532C50F2A424C345D03FE028DB35635	2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
Chrome Cache Entry: 69	ASCII text, with very long lines (45667)	80F5B8C6A9EEAC15DE93E5A112036A06	F7174635137D37581B11937FC90E9CB325077BCE	0401DE33701F1CAD16ECF952899D23990B6437D0A5B7335524EDF6BDFB932542
Chrome Cache Entry: 70	ASCII text, with very long lines (631)	E2E79D6B927169D9E0E57E3BAECC0993	1299473950B2999BA0B7F39BD5E4A60EAFD1819D	231336ED913A5EBD4445B85486E053CAF2B81CAB91318241375F3F7A245B6C6B
Chrome Cache Entry: 71	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 72	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 73	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 74	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 75	Web Open Font Format, TrueType, length 35970, version 1.0	496B7BBDE91C7DC7CF9BBABBB3921DA8	2BD3C406A715AB52DAD84C803C55BF4A6E66A924	AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
Chrome Cache Entry: 76	PNG image data, 28 x 59, 8-bit/color RGB, non-interlaced	B06BFF421317451C04524EC2ACA830F5	8B86CA4F6DADE5F337D16C769A323CFFB974842B	D0170D7D2EFE1AA85C3E2A99BB37311E1438A88AD271D94570EACA2C5E5664B5
Chrome Cache Entry: 77	ASCII text, with very long lines (796)	E9B5A2A94195BAABCBBB2449DE68C729	981B377929E4F1DF6754CC4E4CAC1E5BC5548C45	76D24D57D78E0BF7D5E509DC4CCF29857196E441E61B379EE90BE23E7D0810A8
Chrome Cache Entry: 78	ASCII text, with very long lines (1437), with CRLF line terminators	FBE2FCF4596B299453C91B7231BA7427	743291EE60A551E043529AFDC9E3FBE72D70E776	2DE22B4CDEDCBEB9CD5F63EA7A0DF8F77D0EF9086D200B052BFA9EE949DEED40
Chrome Cache Entry: 79	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 80	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 81	Web Open Font Format (Version 2), TrueType, length 93276, version 1.0	BCD7983EA5AA57C55F6758B4977983CB	EF3A009E205229E07FB0EC8569E669B11C378EF1	6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
Chrome Cache Entry: 82	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 83	ASCII text, with no line terminators	734E66D68796EAD1885CB40F56786C18	BFA1C382331F86ED268618F08F2EB8157A05E22E	3EA25D10DDF8F321B8D98FCB1790E98B4EC0E9BE978DD58FC69A1EC626AAB3E5
Chrome Cache Entry: 84	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 85	Web Open Font Format (Version 2), TrueType, length 28000, version 1.66	A4BCA6C95FED0D0C5CC46CF07710DCEC	73B56E33B82B42921DB8702A33EFD0F2B2EC9794	5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
Chrome Cache Entry: 86	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 87	HTML document, ASCII text, with very long lines (59237), with CRLF line terminators	C9F89FD5DE615D6E9D9A93596FACCFC8	F9211964FFFE3568942B8744AFBD1DB029C7B7F5	67D748C511B3F85AA2D5C2D95569D919F8885BC61629249078DFA3DFBB5B79BD
Chrome Cache Entry: 88	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 89	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 90	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 91	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 92	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 93	SVG Scalable Vector Graphics image	59759B80E24A89C8CD029B14700E646D	651B1921C99E143D3C242DE3FAACFB9AD51DBB53	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
Chrome Cache Entry: 94	ASCII text, with very long lines (23398), with no line terminators	C1C51D30D5E7094136F2D828349E520F	10AE8971AD7A8798BC9732707FE4896B57541557	0C55057782E3B346C2B819574BFA916852BC8AC5BB4E01D56E8FBFFC22043C98
Chrome Cache Entry: 95	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 96	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 97	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 98	SVG Scalable Vector Graphics image	59759B80E24A89C8CD029B14700E646D	651B1921C99E143D3C242DE3FAACFB9AD51DBB53	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
Chrome Cache Entry: 99	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://gelw.nalverd.com/AvGEoxV/

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: 3.6.pages.csv, type: HTML

Found suspicious QR code URL

Source: QR Code extractor	URL: http://
Source: QR Code extractor	URL: http://

Phishing site detected (based on image similarity)

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ	Matcher: Template: microsoft matched
Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ#	Matcher: Template: microsoft matched

HTML body contains low number of good links

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden URLs or javascript code

Source: https://gelw.nalverd.com/AvGEoxV/

HTML title does not match URL

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: Title: kQJjLXZkAH does not match URL

Invalid T&C link found

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ	HTTP Parser: Invalid link: Terms of use
Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ	HTTP Parser: Invalid link: Privacy & cookies

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: <input type="password" .../> found

Source: https://gelw.nalverd.com/AvGEoxV/	HTTP Parser: No favicon
Source: https://gelw.nalverd.com/AvGEoxV/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normal	HTTP Parser: No favicon
Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ	HTTP Parser: No favicon

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: No <meta name="author".. found

Source: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49745 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRmgZjcGOXjrrEGIjC4jVxfp-h1T95D__e1hifsmLHtMbQtVurfMLjuVV-qYNApfmE9CIFqdY7D1CKGhlsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-26-13; NID=513=G94Alckhsj3GYDAid5utgt3toPMw7gixOMraWuaUjZ23C3NcuD3PR2pz4HjUwIwj-gv_ft2CFQdY7YZLrqYiLpLPAZhVnFYnNsJ5hXli6QL4IJLfS5zfHR9Titgmca7yFH9ezkXsonmKmOD6x1-Gh6tcCsREl9zAEG2JLM8J0uU
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRmgZjcGOXjrrEGIjAn68XOZKbfXPOBM4wkhVftkUATczltJ7lJ71WAMuxxnRRZwbK5g7alfIDHjhzA5ZAyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-26-13; NID=513=G94Alckhsj3GYDAid5utgt3toPMw7gixOMraWuaUjZ23C3NcuD3PR2pz4HjUwIwj-gv_ft2CFQdY7YZLrqYiLpLPAZhVnFYnNsJ5hXli6QL4IJLfS5zfHR9Titgmca7yFH9ezkXsonmKmOD6x1-Gh6tcCsREl9zAEG2JLM8J0uU
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /AvGEoxV/ HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87a710338ea567d5 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/AvGEoxV/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlpSV09rN0RlVXd1R3pSc0Z6Nm1jd2c9PSIsInZhbHVlIjoiQVhOU2dSK3JFMTNiMy8xeDJzUnpLK3RXK0pWTlBKMDl3bWFjdURmeHVhWDNLUktIajdtRTlDb1RJZEVRb3dJZFFoODJxYUdCWmN3NGlFUHJVcFBLeU5neTlEZFhhT0JBaEZObjZjNDNOcy9CY2k1ckRhY2NjeTcweDRsNHdMRGkiLCJtYWMiOiIzNzlhOGExZWZiOThmNGNkMzg4ZmYwYmQ0YzU0YWU4MjY5Yzc1NjUxMTFmNjIzYTZkZTAzYjM3MzZhYjFiMzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImFMbjdadXBqWUE2UmxKL0toWHhPcWc9PSIsInZhbHVlIjoiT0dVZ0cvbEZJa3p2VGV6TDB5Ylk3WGhwSmdyK0kzNlJrYTJlR0FHQVVYNzh0TTBtWVVBRmV4ZCtCL3NjenhjekVuc2Vsd0h0Q3FmSTZENklENnJTMm9jNGJwclNpRTh0SklrdmdDVUJZMUM0QkdGMXhoYTdoYjZycGVVTklpcm4iLCJtYWMiOiI0ZDYxZDYyM2QwOTkwZGFkZTMxMTFjZWViZmVkMDkyMWY3NjU5OWUwMzFiOTk4ZmFkZDdmNDQwNDlhMjI1MmUyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/87a710338ea567d5/1714139654150/r0ZfVbOmH73SGQe HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/2068823770:1714138173:Yd-dD0IZEEpfFfpf9Qa63h2pIQIK_QVifXRcV5tB7BU/87a710338ea567d5/a7fbae31b181157 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/87a710338ea567d5/1714139654150/r0ZfVbOmH73SGQe HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/87a710338ea567d5/1714139654153/81999ed28a33744e83b5c38619d9069ef1e685be62df9d2992cd495c0e962af3/v0ZxRUGQqAmyGXK HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j7byh/0x4AAAAAAAXFpOFgzO5Hc4Qb/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/2068823770:1714138173:Yd-dD0IZEEpfFfpf9Qa63h2pIQIK_QVifXRcV5tB7BU/87a710338ea567d5/a7fbae31b181157 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/2068823770:1714138173:Yd-dD0IZEEpfFfpf9Qa63h2pIQIK_QVifXRcV5tB7BU/87a710338ea567d5/a7fbae31b181157 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /AvGEoxV/ HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://gelw.nalverd.com/AvGEoxV/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikw4TWpBYlQybm0zMHlRbTF4VmIrc3c9PSIsInZhbHVlIjoiVndoNGNHcVVQUzRKSnoyVS9mVnM4UHl2OFNwcU1QcGx6YlFGMjlZcUpqTUFMQWNTVWg4U1pZU0RUZnZoN2F4SnJmUlF6K0JPZGkyL01GakpmTnFzVUVqNDFuSllpeGZER2RqLzZjUWx6YnEvZXB3Q0oyTWkyd28rSUxWamxPY1MiLCJtYWMiOiI0Y2IxMjE0Y2ZiZWYwOWZiNjlhN2E5ZWUwMmU4Yzc0MGE1ZGFiMTFiZTg4MjgxMGI5NWZlMTFhNzQxZGVkNGRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InY2TG1PRUc1dDBRMk5HUlJEYlpoZHc9PSIsInZhbHVlIjoiQkRlMjhiZ1A5S3p5MHh5bjBDMDhnOWZXQ2JTVHNoaTVqRUhzaE5FbFVjKzlOMHBqS2IySElKckx5bkh3eGxOc0lPZTB3SG5rbThMbjgyTVo4MW41YzJ2UmRyb3I5VWJGZDJiOXRoWDdXWTJ2UTNpOW05dGlFK3VBT2UyY21GVjMiLCJtYWMiOiI0Y2IxYTJjMThlOGJmMzY4MWNhZmI3ODdjNGY0YzUyNzg0ODRjNTg0MmE0MzIxMWU0MjY1MWFiYWQ3ZDQ2NzZiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ciu6ZlGujadtbi2YBUZC11pmfydNyxiG9k7l HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikw4TWpBYlQybm0zMHlRbTF4VmIrc3c9PSIsInZhbHVlIjoiVndoNGNHcVVQUzRKSnoyVS9mVnM4UHl2OFNwcU1QcGx6YlFGMjlZcUpqTUFMQWNTVWg4U1pZU0RUZnZoN2F4SnJmUlF6K0JPZGkyL01GakpmTnFzVUVqNDFuSllpeGZER2RqLzZjUWx6YnEvZXB3Q0oyTWkyd28rSUxWamxPY1MiLCJtYWMiOiI0Y2IxMjE0Y2ZiZWYwOWZiNjlhN2E5ZWUwMmU4Yzc0MGE1ZGFiMTFiZTg4MjgxMGI5NWZlMTFhNzQxZGVkNGRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InY2TG1PRUc1dDBRMk5HUlJEYlpoZHc9PSIsInZhbHVlIjoiQkRlMjhiZ1A5S3p5MHh5bjBDMDhnOWZXQ2JTVHNoaTVqRUhzaE5FbFVjKzlOMHBqS2IySElKckx5bkh3eGxOc0lPZTB3SG5rbThMbjgyTVo4MW41YzJ2UmRyb3I5VWJGZDJiOXRoWDdXWTJ2UTNpOW05dGlFK3VBT2UyY21GVjMiLCJtYWMiOiI0Y2IxYTJjMThlOGJmMzY4MWNhZmI3ODdjNGY0YzUyNzg0ODRjNTg0MmE0MzIxMWU0MjY1MWFiYWQ3ZDQ2NzZiIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /AvGEoxV/?I HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://gelw.nalverd.com/AvGEoxV/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii96dGxzUjRVbW5scVRVRnNYNk1RTWc9PSIsInZhbHVlIjoid1F1ZVN6WS8zdkVOQVdLd29YeEVUWVArVE1lKzVIaFhobTJsN2swYW1sZVZiWTRyY042NGViTHVQNXNQRlE0SjZwYXpTbk9vcmI4QkhqRnNVbm5rQ3RUU3p4LzZBcHNaUm94QmsvV1V2UnZnR3hhc0JESExUb2d3ZGQzVjdvWjAiLCJtYWMiOiJkYjdhMmViN2ZiNTJmM2YwODg4ZDE1YmZhYWEyNzM0MTlmZTE5ZDc2NzNjNjhjZTQyYWE0NjAyZDIyMWY1ZTVhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InoxN2lzZjNKdFlZY0Q3emprTWpNN2c9PSIsInZhbHVlIjoiVTJ4L1N5ZEVpOThzbVVKODZROTVNTXNPWEs3UmtaQzZzcUVVcmhkMk1IVDRGQlNPalBFa0kwL1R5QVoyQlhBVEFlamI4RklYc2xkRTczUjBXK2tFNXg4WFNESHh3d0Y1WVAxWkI1SE9Bb3grMys5NXErbzltUzIvK29DRGhXNnUiLCJtYWMiOiI4M2QzZDI2ZGU3OTlhYmNkMDg2NGVjNjFjNmRhNTE4ZjIwNTMxMmQ0NzQwZGFlMDVmZjIzNWExY2ZkMjFlMmJhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQ HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://gelw.nalverd.com/AvGEoxV/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlVPWUR6YXNIUkRTbDZIRER1NVRrRGc9PSIsInZhbHVlIjoia0V4c052aFB1cndYaUI0b3k5R3BrQ2xQU3BRdmtWaWI0SGYyLzRvSE1EWC8za0xPbENtd2NhQUpTb0FSZVlMMnh1dHJHZHlkNDRJdXZvbTNHeHBxN1ZLMEpwZzh4YTZiT2M5MXQ3VmJ2YW1CVWtxTzZ5QzJiSUNRdU1zNzlGekIiLCJtYWMiOiJhZTMxZDhkNTg3NTk1Mjg0MjE1MWU3OTQ1OTNlNWMzZDM0YTAxMTJkODI2YjI2YjY5ZDBjMmZlMWFiMzhjMmU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlpFYzlDa3dyUWd6c21SdjFCV3Z0Znc9PSIsInZhbHVlIjoia2xMNWZnQUVQcEhTejFLaHRrOE9SRXh4OEJaT1diTmxMc0xGL08yMjNqNW9RUzRtb2Q1dmplRk56OEN3NExNZnBDcEpiUWZzQ1Bjc2FiNkExeE1pbzIwOUJZWGozZkdNQW1xMHI4aTVUem9KcUViSU1Ma0dDSzZ1RzUwcjEyNUoiLCJtYWMiOiI5YWY2ZjUxN2VlZmE2NjUyYzkyNWM4MmFhOWM1OGExYTA4ZDBmNmIzYWIwMGMyNzcyNzhkNmRlMTlkZTNkOGM5IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12xTPozz5QNdx7URFcdWeF8920 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /xyjOiDrdG3K2xYrsFtzef30 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pq5Loe61P66934Jy6H9zKuv40 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12mFBHzsl1P5UHY78Rh8VKqQwop46 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56K0nbKYrgITt23boQaw63NUst60 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /45yVO44dmTA90syzESKrvw70 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-26-13; NID=513=G94Alckhsj3GYDAid5utgt3toPMw7gixOMraWuaUjZ23C3NcuD3PR2pz4HjUwIwj-gv_ft2CFQdY7YZLrqYiLpLPAZhVnFYnNsJ5hXli6QL4IJLfS5zfHR9Titgmca7yFH9ezkXsonmKmOD6x1-Gh6tcCsREl9zAEG2JLM8J0uU
Source: global traffic	HTTP traffic detected: GET /89FC3LlzFMbfkAIa12MVy6APab80 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /efHT9fEl2bIjBxAkf788HZGPIeoMmn93 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://gelw.nalverd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56t0gL5gK2cmpN4LsnFcyfwlpkl11tSccwbSup0iu89110 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: gelw.nalverd.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gelw.nalverd.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3DSec-WebSocket-Key: pFT9s2ItGPHJ6hdGXrWlOw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /mnOWaQBrcIdpa34BRhnzOaJ24edeMnemijmE4g5lxOGkEJX6fiGguaVvC2XLwx217 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klj1eG3tSaytCwjrXzICsMuEqyQpW4g8SFRzUj6tIKqr7txlTIREt7dVq58AuzO33Lfaab230 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxzeIZFcFkuD2JEnuWY0FKopaBCDYwWLVVv9vW4bCd34124 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qrqxZQ7i49HVQDFkT2K9mniyQTFXOnXx5i81oj42ckX345139 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imc4cFdwYkQyTFI5UkhROGs3a3UxT3c9PSIsInZhbHVlIjoiM1ovd3E0VDBDM0llM2Y3T084dUdBWEV2dU8yUXJSRFYvanRXNWFvU2JzSXB1VUpWWU9TNmFjZWo3SUZYQmQ1UFdKb2wxN1NrN2VmYWdPRExyYXBubG9HTWVSSHQ2Y1VzU2M3MU5ha3puQ0tDQzVVc3ZFOTNDakdyMDVaR3FqQnkiLCJtYWMiOiJiMmM3NDcyNWVjNzY5Y2I2ZmU4ZTFkNTgzYjM2ZWRhMmQ0MWEwMTFjY2NlNmEyYzk4Y2IzZjU0N2IyM2ZkZGEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Inc2eHp3T0pDQWZuYWxjQ2dWQ3JLSkE9PSIsInZhbHVlIjoiUFBaRk9YeWtZUkgyUHYzK1hCeXFmUlE4dFZKS0N4U1FzN1V5S2k3TlhEczF0T2p3cXRSQ00zM0J4Tm8vYW96TUhUT21JL24vR3BLSzVKWTZaR1ZnbjlNQXFGN3NCYVJOaE5vY1o1a0RwRSsyN0tRWkpuN0FVUk9xeDhORFB3ZU8iLCJtYWMiOiJiYzU1NDIxNzE1OTQyOWQ2NzFhMWZhOGNjYThhNTJlODk5Mzg4MTUzNjUyYzY1MDE5OWE2NDIzZjIxMGYzODU2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mn5trU4TDuv3RovRLaSklrwxCRX3PZ1DLDk90150 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klYxDrIn4c5ahRCJcTlqyzxGkfyG4Q3O2Emd78169 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yzRPf0ukSa92U6vgYnj4wVzAUifxwAyrsUB99awLhumZZ1wwaE3ab180 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opS0liWtiXMPTKhtyAqukrR2E4BkVhGkIyPEij9IxRXmD8amGJE1HQR7T51iDwV8Eef198 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnOWaQBrcIdpa34BRhnzOaJ24edeMnemijmE4g5lxOGkEJX6fiGguaVvC2XLwx217 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /vsM6mmvurLL43CsA8dxFAJ3rUHNM6UX3tRalxywoFHROMEZ4H0ywk9u8BpBzIWiEzk HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klj1eG3tSaytCwjrXzICsMuEqyQpW4g8SFRzUj6tIKqr7txlTIREt7dVq58AuzO33Lfaab230 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxzeIZFcFkuD2JEnuWY0FKopaBCDYwWLVVv9vW4bCd34124 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghul1Tu50F2Y5jjiuNP6JD7kUYmWfHYKkVUyz4FdmnjUBVW0XkEsPF4LxYKUjdA3pZWDJffxref210 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /klYxDrIn4c5ahRCJcTlqyzxGkfyG4Q3O2Emd78169 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yzRPf0ukSa92U6vgYnj4wVzAUifxwAyrsUB99awLhumZZ1wwaE3ab180 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opXzx0V3EAxkN1NVtcp1FcM5voH8d1uvMINzY0npJbyzB59Q9k6zaOH8NN1UAEcJPowpabef231 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /stfgaECSNBRcwGTjvw4Y2UjQh2isH45Yxy60MMkI4AG5WKuuMRQB3u7ef252 HTTP/1.1Host: gelw.nalverd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gelw.nalverd.com/FWGyepeeTcNLGevvghfBiFFrzBGCYUBPWXEMKIPPIVBICGFWIRWQZIQCXMQI?NUXHCCSXGMHREERTFBIRZOTJnUNpiQBJQVUNRJGENPXLFHUCZQRYGBXSLLNBBLAQSWMBHQAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opS0liWtiXMPTKhtyAqukrR2E4BkVhGkIyPEij9IxRXmD8amGJE1HQR7T51iDwV8Eef198 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mn5trU4TDuv3RovRLaSklrwxCRX3PZ1DLDk90150 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qrqxZQ7i49HVQDFkT2K9mniyQTFXOnXx5i81oj42ckX345139 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opXzx0V3EAxkN1NVtcp1FcM5voH8d1uvMINzY0npJbyzB59Q9k6zaOH8NN1UAEcJPowpabef231 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghul1Tu50F2Y5jjiuNP6JD7kUYmWfHYKkVUyz4FdmnjUBVW0XkEsPF4LxYKUjdA3pZWDJffxref210 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: gelw.nalverd.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gelw.nalverd.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3DSec-WebSocket-Key: 43TXkwQJiEWVqmU+d9NKSA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /stfgaECSNBRcwGTjvw4Y2UjQh2isH45Yxy60MMkI4AG5WKuuMRQB3u7ef252 HTTP/1.1Host: gelw.nalverd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: gelw.nalverd.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gelw.nalverd.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3DSec-WebSocket-Key: 8BTlkE7ayTVFHJXxWb5r1g==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: gelw.nalverd.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://gelw.nalverd.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImkzM3QxU0pJRHM3Q1lrSXVXWC9ONUE9PSIsInZhbHVlIjoiNG1yS1pONkhmdWp0QW5ZRG5GTmh1YmQ5QnErczgxQ2plVTA3b3lOZitRaUw5M0UzWmVwSDEzQkZHK2ZUY3RmRldMcW82S3QzSFNHcERFaFRUQTdDdTBWTFN6bVhNMlloRUh5UllwenNNSkdZclNwbjhpU24rMTFTMVQ3OGgra1QiLCJtYWMiOiI5YTg4ZTM0OTUxOTk5ZWQ2OGM2YzlkZGZiNmZjMzZlZjVhYTdlM2VjZDk4MmE1MGIwZmIzMDNmZjZkMDg1NWMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYyajhjc05pdTJiczhSOGs2T1Y1TEE9PSIsInZhbHVlIjoiZ0tvL09WM2NrdXJsUG5KcUZaUytra2Nlb2Z3T1VIanc3bC8xaEYrUTVLZnZ0L3dmMHJJTWl5eUw2L1owbEg2akJhcHdqb0NVWUY5RXhqanpndE5CYy83WU50MUg5SW1tWUNlaFh4VU5Uell1U2tpamprZjVud01Rb2N6VHhHUFEiLCJtYWMiOiJiNWEzYzlhZjA5YzI1OWRkODNhZWI0NTM2OTU5OWVmOWYwMjlkMWExY2Y4Y2M3OWI2MTRhOGY5ZTIwMDAzOWVhIiwidGFnIjoiIn0%3DSec-WebSocket-Key: JQVg/LgVIntA5dEtTHa/aA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: gelw.nalverd.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdn.socket.io

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 26 Apr 2024 13:54:14 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNhGHBlTK40Qxl8yrzTBH100RSsBCKkzE6mn%2FT1cLWSiQRsNQ%2FRtiz0u8%2BfeYvoIT64L1%2FBrAaEmhuQJwZrIf%2F0Wp7f%2FSaz48XXOoES3a1mlfFYAXrQShML029%2FZ1A%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: MISSServer: cloudflareCF-RAY: 87a71044583da66b-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 26 Apr 2024 13:54:36 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKPGQ8kisvgeqhm5lJckbWKTl2T860yFaaP8efqw8r4bpW7O%2BZuOhAqjw0f8Q7SRvUi%2FwiQqiCfmqjUOpvB1wexQ5gDn0getH5M98RwIoS9hpG5BykQTL2O754MmoA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 87a710ca2f6d09b2-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 26 Apr 2024 13:54:44 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHVyFw9qqLklo16gH6rrTDEcK4CjanMCZoOPWXqNdXJzR82bum%2BZbwK6iPyRil4OTB9KXCPVgicMHeZdPk7dY3YIWQn3Uqv6mHbXjF4u%2BNlBxTwIIx9g1%2B6FzXCiaQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 87a711037fc68dcd-MIA

Source: chromecache_70.3.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_70.3.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_70.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_70.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_70.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_70.3.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_70.3.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_70.3.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_70.3.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_70.3.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_70.3.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_70.3.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_70.3.dr, chromecache_107.3.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_70.3.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
Source: chromecache_107.3.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49745 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.win@30/75@22/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1988,i,14014969750969590740,8094112872708556366,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1992,i,16513210451006904575,5440778139736474350,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1976,i,12066371401791932286,9202225342553752342,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gelw.nalverd.com/AvGEoxV/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1988,i,14014969750969590740,8094112872708556366,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1992,i,16513210451006904575,5440778139736474350,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1976,i,12066371401791932286,9202225342553752342,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1432155
Product:	CloudBasic
Start time:	15:52:46
Start date:	26.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://gelw.nalverd.com/AvGEoxV/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://gelw.nalverd.com/AvGEoxV/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://gelw.nalverd.com/AvGEoxV/