Windows Analysis Report
http://tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25

Overview

General Information

Sample URL:	http://tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25
Analysis ID:	1433160
Infos:

Detection

Score:	21
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Performs DNS queries to domains with low reputation

Found iframes

HTML page contains hidden URLs or javascript code

Classification

Signatures

Found iframes

Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74

HTML page contains hidden URLs or javascript code

Source: http://ww25.tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25&subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35

HTTP Parser: Base64 decoded: {"uuid":"887cc404-ff50-446f-88d9-3050aadd9d75","page_time":1714378347,"page_url":"http://ww25.tmnz.xyz/?s1=abl3\u0026s3=ses\u0026email=%25%25recipient_email%25%25\u0026subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35","page_method":"GET","page_request":{"email...

Source: http://ww25.tmnz.xyz/legal	HTTP Parser: No favicon
Source: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsi...	HTTP Parser: No favicon
Source: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsi...	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&s=iRhd0i2fkvRK4PC05e5-PklbYTO46NVR77dV8j7LqwfReYw-nlwaY20opDhKyEUd4oj6DH8l-CobPw90OEqRN4Se9dSfiBePDTQOZZeU1e6q77B-HY_nFGz6S0BdOajk-3hWKKRN0rqus9eLOnNtcsTN7Hl2A8FTF3zJ_oMldErynRsv6gcCxBo17K_RUCGI-XHUbBjEK2_MReYNy7KhXBwHD9R3u2SGUW0CuOWBWNwr2g47iaBhFnpAQ90gwKsjZwxBrYnhYNOLcstaPMdet5mhTsurThg&cb=cojajca2ktto	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74	HTTP Parser: No favicon

Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="author".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="author".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="author".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="author".. found

Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="copyright".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="copyright".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="copyright".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.203.40.158:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.203.40.158:443 -> 192.168.2.4:49751 version: TLS 1.2

Networking

Performs DNS queries to domains with low reputation

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: tmnz.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: tmnz.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: ww25.tmnz.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: ww25.tmnz.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: ww25.tmnz.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: ww25.tmnz.xyz

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.52.42.7
Source: unknown	TCP traffic detected without corresponding DNS query: 23.52.42.7
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic

HTTP traffic detected: HTTP/1.1 200 OKserver: openrestydate: Mon, 29 Apr 2024 08:12:27 GMTcontent-type: text/html; charset=UTF-8content-encoding: gzipcontent-length: 2565cache-control: no-cachex-version: 2.118.0expires: Thu, 01 Jan 1970 00:00:01 GMTcache-control: no-store, must-revalidatecache-control: post-check=0, pre-check=0pragma: no-cacheset-cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; expires=Mon, 29 Apr 2024 08:27:27 GMT; Max-Age=900; path=/; httponlyData Raw: 1f 8b 08 00 00 00 00 00 04 03 bd 58 4b 9b a2 4a 12 fd 41 bd 18 40 a9 6e 17 77 a1 58 bc 46 50 90 67 ee 20 b1 e4 91 a0 5f fb e0 f1 eb e7 24 5a 6a f5 74 cf 9d d9 cc a2 be 2a 48 32 33 e2 c4 89 88 13 e5 77 6a 16 58 ad ad da ad 2d b4 c3 7a f9 de a7 c1 ae 37 6b a2 ce 06 12 99 12 89 8c 62 5d 98 47 aa 08 9d a5 08 bd b5 7c 3f 5b 5e 7c b6 4a 47 5c d5 41 69 15 f2 31 6d 5c 46 6b 39 4f 15 e3 64 d4 a4 8a 26 36 a3 0d 61 94 cd aa 38 72 59 a6 b1 33 d9 1a 6f 96 47 3b 7b 69 4d d6 4b 4b b0 fb b6 a0 9a da 10 7f d6 62 fd 9a 36 56 b1 6e 4e 05 d5 83 62 1b 3a fc ce 8a 2a 62 91 4a ee 91 0e 56 1b 0d 76 9b 8c e7 bb d7 34 54 8f 29 33 19 91 d8 90 e9 66 9e 36 e3 f7 39 ed c5 8a d6 ac 5a 79 86 b0 f6 28 ee 89 7b 6b 88 05 db f3 5b ab 34 8a 95 62 b6 f0 69 48 25 d8 aa b1 37 12 ba 0b a2 e3 de 9a e4 a9 6e 33 ac f7 24 b2 c5 54 77 07 7f b4 cd cc a9 14 04 b4 6e b9 3d 87 4c 77 db 35 6b af 91 32 9b 64 83 21 ae 1a f7 9c 36 87 cb 4e 67 6f 46 d1 16 b0 6b 1a 68 41 9f fa 1d 4b eb 4c 80 bd 6f b6 37 07 26 f6 21 0e e5 0b 09 c7 73 da 24 74 ce 71 3d ab 92 c8 3a 13 c9 86 ef 6e 9f 4a 2d b0 35 4e 54 83 fd a1 79 25 1a 1b 56 61 56 c2 56 81 d6 b3 13 fc f9 e3 9a 35 cc a7 2b 7d 71 24 9f 78 f5 62 13 4b b3 0b b0 b9 a6 cb 77 d1 2a ba 3f dd 29 58 c3 88 cb cf ac 37 e0 03 e2 37 c6 52 1c 8c f2 50 70 9f e2 d0 15 80 89 c0 9f 53 89 d4 fc 1d 9d b8 72 aa 05 26 81 7f 46 69 75 96 07 06 79 54 b2 97 73 8e f1 2d 66 a2 cb d2 68 71 e2 f1 77 c2 ee 94 02 b1 b0 e6 31 76 fb 2c 0c 66 e3 77 da ac 4c 26 78 c7 ce df 71 af 4c 35 9f e3 dc 93 b0 cb 33 2d a8 80 7d 4e 81 dd 68 07 f7 47 43 dc eb a0 e7 b6 50 f0 05 67 88 c9 8d 3f e7 24 3a 32 a3 3c d6 71 d8 0d 64 8b 58 34 01 30 1e bf 1d 3e b6 dd eb f9 39 8f 39 f6 8e d8 c6 21 bb dc 39 9e 13 70 9c df 95 85 6c 43 75 f7 98 86 e0 08 78 4b 6a f5 44 25 1f 71 94 c5 34 34 19 2d c0 e5 89 98 e1 0c f0 8f 9d 48 04 1f f0 0e 71 ba 66 ca e2 7b a4 4d f7 86 22 9c 69 63 4f 12 e0 97 2c 0f 7b 7b 98 b7 54 df 63 4d 9e e1 87 a6 35 62 ac 57 27 43 cb 85 34 6c f7 3b b1 bb 18 ca 7c 6f 68 04 7c 70 ce b8 f3 9c 84 9d bc 2e 16 03 b8 33 ac 22 e4 54 cd ea 95 32 6f 9c c8 3c c6 61 db ac 1f 7b 72 96 84 d9 21 c3 3d 96 37 6f 4d ef 4c d3 02 67 29 0b c4 cf fe 49 26 e6 35 0b 65 f0 0a 5c d3 66 fd ba Data Ascii: XKJA@nwXFPg _$Zjt*H23wjX-z7kb]G|?[^|JG\Ai1m\Fk9Od&6a8rY3oG;{iMKKb6VnNb:*bJVv4T)3f69Zy({k[4biH%7n3$Twn=Lw5k2d!6NgoFkhAKLo7&!s$tq=:n

Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://ww25.tmnz.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol308%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol432&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.tmnz.xyz%2F%3Fcaf%3D1%26s1%3Dabl3%26s3%3Dses%26email%3D%2525%2525recipient_email%2525%2525%26subid1%3D20240429-1812-26c4-a5f5-bdf32fa5fb35&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client_gdprApplies=0&format=r3&nocache=4061714378349545&num=0&output=afd_ads&domain_name=ww25.tmnz.xyz&v=3&bsl=8&pac=0&u_his=1&u_tz=120&dt=1714378349547&u_w=1280&u_h=1024&biw=1280&bih=907&psw=1280&psh=816&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=627058929&rurl=http%3A%2F%2Fww25.tmnz.xyz%2F%3Fs1%3Dabl3%26s3%3Dses%26email%3D%2525%2525recipient_email%2525%2525%26subid1%3D20240429-1812-26c4-a5f5-bdf32fa5fb35 HTTP/1.1Host: www.adsensecustomsearchads.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://ww25.tmnz.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D627058929%26rurl%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fs1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35&hl=en&q=EgRRtT5aGO-svbEGIjDjtRki3HGnvXliW7o6WwpQpvuj6dv3iuW3lLbFJuffVlS9E3uzuYP9x8g_ONdmYwQyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: http://ww25.tmnz.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D627058929%26rurl%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fs1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35&hl=en&q=EgRRtT5aGO-svbEGIjDjtRki3HGnvXliW7o6WwpQpvuj6dv3iuW3lLbFJuffVlS9E3uzuYP9x8g_ONdmYwQyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&s=iRhd0i2fkvRK4PC05e5-PklbYTO46NVR77dV8j7LqwfReYw-nlwaY20opDhKyEUd4oj6DH8l-CobPw90OEqRN4Se9dSfiBePDTQOZZeU1e6q77B-HY_nFGz6S0BdOajk-3hWKKRN0rqus9eLOnNtcsTN7Hl2A8FTF3zJ_oMldErynRsv6gcCxBo17K_RUCGI-XHUbBjEK2_MReYNy7KhXBwHD9R3u2SGUW0CuOWBWNwr2g47iaBhFnpAQ90gwKsjZwxBrYnhYNOLcstaPMdet5mhTsurThg&cb=cojajca2ktto HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D627058929%26rurl%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fs1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35&hl=en&q=EgRRtT5aGO-svbEGIjDjtRki3HGnvXliW7o6WwpQpvuj6dv3iuW3lLbFJuffVlS9E3uzuYP9x8g_ONdmYwQyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&s=iRhd0i2fkvRK4PC05e5-PklbYTO46NVR77dV8j7LqwfReYw-nlwaY20opDhKyEUd4oj6DH8l-CobPw90OEqRN4Se9dSfiBePDTQOZZeU1e6q77B-HY_nFGz6S0BdOajk-3hWKKRN0rqus9eLOnNtcsTN7Hl2A8FTF3zJ_oMldErynRsv6gcCxBo17K_RUCGI-XHUbBjEK2_MReYNy7KhXBwHD9R3u2SGUW0CuOWBWNwr2g47iaBhFnpAQ90gwKsjZwxBrYnhYNOLcstaPMdet5mhTsurThg&cb=cojajca2kttoAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/lkTXq49YG5_ej1w7m4T9Nw_1Lx1Ocd1gteWQpsfV_Tk.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&s=iRhd0i2fkvRK4PC05e5-PklbYTO46NVR77dV8j7LqwfReYw-nlwaY20opDhKyEUd4oj6DH8l-CobPw90OEqRN4Se9dSfiBePDTQOZZeU1e6q77B-HY_nFGz6S0BdOajk-3hWKKRN0rqus9eLOnNtcsTN7Hl2A8FTF3zJ_oMldErynRsv6gcCxBo17K_RUCGI-XHUbBjEK2_MReYNy7KhXBwHD9R3u2SGUW0CuOWBWNwr2g47iaBhFnpAQ90gwKsjZwxBrYnhYNOLcstaPMdet5mhTsurThg&cb=cojajca2kttoAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D627058929%26rurl%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fs1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35&hl=en&q=EgRRtT5aGO-svbEGIjDjtRki3HGnvXliW7o6WwpQpvuj6dv3iuW3lLbFJuffVlS9E3uzuYP9x8g_ONdmYwQyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /takedown-request HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/app.css?id=c87e71429bf4f4d8f19a HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ikhpa1FhdHRHSERxQ3NOY1RYZ21ZY0E9PSIsInZhbHVlIjoiTEd4Nld4aFhTZUFwR2QwQ3FUOXVRSnM0aFdFZzJwcHV5V2NpUGxwUEhWeUJybVNZR2dCcUE5QkpnVTZ2UEl5NXQrNkhBcmRyeUZpRWQ4bzFjVGNrc1ljb2U5VVNCZC9xenpRZ0w2dEV1ek04UXJxcE9pT2E5eHlEVTgzM1A4UXEiLCJtYWMiOiJiNGIxODUzNDRmOTE2ZTM0OWQ5Nzg3ZGUxZjNlOTM1MDcyYjI1NDc0YTI5Y2FjZDczMzM0OTk1ZWE3NjBjMWYyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /js/app.js?id=a6d102922d07b5b652c9 HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ikhpa1FhdHRHSERxQ3NOY1RYZ21ZY0E9PSIsInZhbHVlIjoiTEd4Nld4aFhTZUFwR2QwQ3FUOXVRSnM0aFdFZzJwcHV5V2NpUGxwUEhWeUJybVNZR2dCcUE5QkpnVTZ2UEl5NXQrNkhBcmRyeUZpRWQ4bzFjVGNrc1ljb2U5VVNCZC9xenpRZ0w2dEV1ek04UXJxcE9pT2E5eHlEVTgzM1A4UXEiLCJtYWMiOiJiNGIxODUzNDRmOTE2ZTM0OWQ5Nzg3ZGUxZjNlOTM1MDcyYjI1NDc0YTI5Y2FjZDczMzM0OTk1ZWE3NjBjMWYyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /dfp.js HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ikhpa1FhdHRHSERxQ3NOY1RYZ21ZY0E9PSIsInZhbHVlIjoiTEd4Nld4aFhTZUFwR2QwQ3FUOXVRSnM0aFdFZzJwcHV5V2NpUGxwUEhWeUJybVNZR2dCcUE5QkpnVTZ2UEl5NXQrNkhBcmRyeUZpRWQ4bzFjVGNrc1ljb2U5VVNCZC9xenpRZ0w2dEV1ek04UXJxcE9pT2E5eHlEVTgzM1A4UXEiLCJtYWMiOiJiNGIxODUzNDRmOTE2ZTM0OWQ5Nzg3ZGUxZjNlOTM1MDcyYjI1NDc0YTI5Y2FjZDczMzM0OTk1ZWE3NjBjMWYyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /api/account HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /X-XSRF-TOKEN: eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0=X-CSRF-TOKEN: URxiRTqrQu8DpckgD1BlvEgcEv4ce02jnakSIlMssec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ikhpa1FhdHRHSERxQ3NOY1RYZ21ZY0E9PSIsInZhbHVlIjoiTEd4Nld4aFhTZUFwR2QwQ3FUOXVRSnM0aFdFZzJwcHV5V2NpUGxwUEhWeUJybVNZR2dCcUE5QkpnVTZ2UEl5NXQrNkhBcmRyeUZpRWQ4bzFjVGNrc1ljb2U5VVNCZC9xenpRZ0w2dEV1ek04UXJxcE9pT2E5eHlEVTgzM1A4UXEiLCJtYWMiOiJiNGIxODUzNDRmOTE2ZTM0OWQ5Nzg3ZGUxZjNlOTM1MDcyYjI1NDc0YTI5Y2FjZDczMzM0OTk1ZWE3NjBjMWYyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/reamaze.js HTTP/1.1Host: cdn.reamaze.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/logo.svg HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ikhpa1FhdHRHSERxQ3NOY1RYZ21ZY0E9PSIsInZhbHVlIjoiTEd4Nld4aFhTZUFwR2QwQ3FUOXVRSnM0aFdFZzJwcHV5V2NpUGxwUEhWeUJybVNZR2dCcUE5QkpnVTZ2UEl5NXQrNkhBcmRyeUZpRWQ4bzFjVGNrc1ljb2U5VVNCZC9xenpRZ0w2dEV1ek04UXJxcE9pT2E5eHlEVTgzM1A4UXEiLCJtYWMiOiJiNGIxODUzNDRmOTE2ZTM0OWQ5Nzg3ZGUxZjNlOTM1MDcyYjI1NDc0YTI5Y2FjZDczMzM0OTk1ZWE3NjBjMWYyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/script.js HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/banner.js HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/chunks/14.3a7973fff8110300ff48.js HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlpDR0UwNisvNzBpUVhzYzJUVTd3K1E9PSIsInZhbHVlIjoiKzNEUUE3eVAyUC9kcUxqekFMSjByZW04VVZEV3NNS1RmM1BOWlhGNThhZ3l6cmYyRVlXRWgyY3J1eFlkT2txSVRXQUdZVkh4T3MweUVESXVHYk53b1M3U3IzeWc1YXE3YisyYUhVcjVwM0lQaHYwb2FRUXZVVk9IQ2ljeTZtV2IiLCJtYWMiOiJjNTM1MjhhYzdlMTZhMmZlMTk0Yzc4ZWQzMTFhYTJlZWQzMDkzMzdmYzFjZTliYWVjMjI4YWJiNzY2MjllYjliIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /data/brands/bodis/ping HTTP/1.1Host: cdn.reamaze.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/logo.svg HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlpDR0UwNisvNzBpUVhzYzJUVTd3K1E9PSIsInZhbHVlIjoiKzNEUUE3eVAyUC9kcUxqekFMSjByZW04VVZEV3NNS1RmM1BOWlhGNThhZ3l6cmYyRVlXRWgyY3J1eFlkT2txSVRXQUdZVkh4T3MweUVESXVHYk53b1M3U3IzeWc1YXE3YisyYUhVcjVwM0lQaHYwb2FRUXZVVk9IQ2ljeTZtV2IiLCJtYWMiOiJjNTM1MjhhYzdlMTZhMmZlMTk0Yzc4ZWQzMTFhYTJlZWQzMDkzMzdmYzFjZTliYWVjMjI4YWJiNzY2MjllYjliIiwidGFnIjoiIn0%3D; cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /X-XSRF-TOKEN: eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0=X-CSRF-TOKEN: URxiRTqrQu8DpckgD1BlvEgcEv4ce02jnakSIlMssec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlpDR0UwNisvNzBpUVhzYzJUVTd3K1E9PSIsInZhbHVlIjoiKzNEUUE3eVAyUC9kcUxqekFMSjByZW04VVZEV3NNS1RmM1BOWlhGNThhZ3l6cmYyRVlXRWgyY3J1eFlkT2txSVRXQUdZVkh4T3MweUVESXVHYk53b1M3U3IzeWc1YXE3YisyYUhVcjVwM0lQaHYwb2FRUXZVVk9IQ2ljeTZtV2IiLCJtYWMiOiJjNTM1MjhhYzdlMTZhMmZlMTk0Yzc4ZWQzMTFhYTJlZWQzMDkzMzdmYzFjZTliYWVjMjI4YWJiNzY2MjllYjliIiwidGFnIjoiIn0%3D; cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/brands/bodis/ping HTTP/1.1Host: cdn.reamaze.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/reamaze-push.js HTTP/1.1Host: push.reamaze.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/pusher/7.0.1/pusher.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: k1GnZwr/n1h8ERNGEIJ9MA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /X-XSRF-TOKEN: eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0=X-CSRF-TOKEN: URxiRTqrQu8DpckgD1BlvEgcEv4ce02jnakSIlMssec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlpDR0UwNisvNzBpUVhzYzJUVTd3K1E9PSIsInZhbHVlIjoiKzNEUUE3eVAyUC9kcUxqekFMSjByZW04VVZEV3NNS1RmM1BOWlhGNThhZ3l6cmYyRVlXRWgyY3J1eFlkT2txSVRXQUdZVkh4T3MweUVESXVHYk53b1M3U3IzeWc1YXE3YisyYUhVcjVwM0lQaHYwb2FRUXZVVk9IQ2ljeTZtV2IiLCJtYWMiOiJjNTM1MjhhYzdlMTZhMmZlMTk0Yzc4ZWQzMTFhYTJlZWQzMDkzMzdmYzFjZTliYWVjMjI4YWJiNzY2MjllYjliIiwidGFnIjoiIn0%3D; cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1714378387.1.0.1714378387.60.0.0; _ga=GA1.1.1690271585.1714378387; XSRF-TOKEN=eyJpdiI6Ik92dGNZOW5xdm1hV05Zb0Y2RzY2Qmc9PSIsInZhbHVlIjoiUnRIT3VUUkNrYUJBS0pmclcxWVpPVWZjZzk3TldjMlplRWU0R2p1R1JTcmd2Q2tVdnpCZTIxRU1zbFZxb3lRdnNJaEdaTTAwMFRxcUk0N3d2Tm9PRHpFdHprS0pGVXQ1K2tQdkNmbFZDVXZadTFUcjVpdlNIL3pYeDlvZkh0TWwiLCJtYWMiOiIxMjU5M2FlYWY1ZWE0NTJlYmFmZGIyZmIwOWYxODI4NTE1MmI3NjljOTVkNzU4YzQzMDY1MjE3NmUyZTc1OTk1IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ik5NVm1MRkU4NDB2OFRTMmxzLzQ4Q0E9PSIsInZhbHVlIjoiQVBUYkV5ZlB6K2cwMVZtNXlGV2lDbzM2bHlZMmxDU0ZZaWlCVWRzY1RSLzRtQ0ZpUlhWQzBpbzRBYmFTcTlvZ1ZlTm5pbnRncy9PelNYcDdNOEJUNGZ1elVOK0Y3ZnhxTFpiZFZNZ0pkTXFnQ2hrV2o2OFVRQXhkUXNkWHJ2VXQiLCJtYWMiOiI1Nzk0ODdmODhiODI1NGIxYjkyOTY5ZjdlYTNkMDQ1ZWZjYzU4ZWY3ZTM0ZDIxMTM3YzUzOThkMDcxOWQ0MWY0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1714378387.1.0.1714378387.60.0.0; _ga=GA1.1.1690271585.1714378387; XSRF-TOKEN=eyJpdiI6Imk3T3dFazdiNHBzWklLVWlmbTNsMUE9PSIsInZhbHVlIjoiTzBrY1RoRmp2Z0hMWk15WDA4U0ZEb0FiV28wR0IzaFBsY0p6dW1iUVZ6V1hJQ2FFRkUrWkNCaWo3akpxaW1LZEdZd3BDVHpkNVFmZm13Y2tiODl4TFo1elBNbyswMVdNZW16anEwSFRzTENIMWRibzQ1emVJczRYSzVKaWxVS0YiLCJtYWMiOiI3YzIyMTE1OWVjYjUzZmEyZmRkYTZjMWZmNWIyMjNkY2Y4MjhmZjczNTAxMDg2NDAwMjE0YjE1ODI5OTBjOTNjIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlBPVnJneFRua2VGME5HY28rNWtLdnc9PSIsInZhbHVlIjoiQUxQaUhNNFhSVURtNjJwOXVOTGR2RTlUMG1QK2RMN0xNbnZGU2lEeVloQ1NDRkZwcVdaNE9FRkYxRHBZKzRoWDRLUmhBeGpNYmdlVUwydGZzQ1RpT2R1UzZCRW1qcS9pNWx2NnVvbjVxR0d5MTRqRDUvV0hIdjBJRWpkMG9pOEgiLCJtYWMiOiJhMjQ2ZDEyNGVkYmQ4MWExYjYwOWE4MWY0OWMyZjExNjBiZWRhYjkzYzcyMTA4NDlhNDgzN2U0NWYxOTBiODUyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8 HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/fyCF3lmo_OYnC_9rGWUF-CeQvtOEKKrTUK_XXS1Fd1s.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.recaptcha.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 2dGv4b7OU0pfinHgbMSbAg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74 HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/gZm2ypof.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1714378387.1.0.1714378387.60.0.0; _ga=GA1.1.1690271585.1714378387; XSRF-TOKEN=eyJpdiI6IkkxSjZERldkUXVDVDdoUGJiMjZxVkE9PSIsInZhbHVlIjoiK3BranVBajA1a0Z4VXBMbzM4WHN4TEkrZmtvc3Z3QUw1bzdXaWhoeEI5QXJSN2JUTU1IK1dIS0RNWncwekFXTXVQK1pSNVFSU0QrdnYxYlloMnh1amxPQkgvMUQ4NThaR2hCVnNFNEI5WkdHT0x6M1NUY3A4b3pZZUNTV2lpNjAiLCJtYWMiOiJjZjMwNzhkNWRiMTk2NDllNmVlMDM5Y2M3ODFlYmI1MjkxOGU0YjE3YjgyNmJmY2EwZjFkZGMyYWU4MzZkNjRlIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlFVRXFNa0lrVlVyd0tHcGRLUy9uTmc9PSIsInZhbHVlIjoiSlNNYzBndkZncjZLbGtLUlRxR2RubHlOQVVLdHZORStUL0JGSVVyTTBQY2kzbjJzT09oTWJKbFFUcFlUNjNtcVpLc0tWWUhBQythNHFZL0dwS1djK2JuSm80a1BpdUVReHRzUDVBbmpPZFpSc1dleVlCMElTdzN5YzhPd3M2NjEiLCJtYWMiOiI1ZGE3NmMxYjE4NDNhMjE5YjA1ZWI3MjJmZjFmOWQ3YTdkYzI4MWFjZGI3MmRiN2FlN2FiNWQ4OTY3YjMyNmZmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1714378387.1.0.1714378387.60.0.0; _ga=GA1.1.1690271585.1714378387; XSRF-TOKEN=eyJpdiI6IkkxSjZERldkUXVDVDdoUGJiMjZxVkE9PSIsInZhbHVlIjoiK3BranVBajA1a0Z4VXBMbzM4WHN4TEkrZmtvc3Z3QUw1bzdXaWhoeEI5QXJSN2JUTU1IK1dIS0RNWncwekFXTXVQK1pSNVFSU0QrdnYxYlloMnh1amxPQkgvMUQ4NThaR2hCVnNFNEI5WkdHT0x6M1NUY3A4b3pZZUNTV2lpNjAiLCJtYWMiOiJjZjMwNzhkNWRiMTk2NDllNmVlMDM5Y2M3ODFlYmI1MjkxOGU0YjE3YjgyNmJmY2EwZjFkZGMyYWU4MzZkNjRlIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlFVRXFNa0lrVlVyd0tHcGRLUy9uTmc9PSIsInZhbHVlIjoiSlNNYzBndkZncjZLbGtLUlRxR2RubHlOQVVLdHZORStUL0JGSVVyTTBQY2kzbjJzT09oTWJKbFFUcFlUNjNtcVpLc0tWWUhBQythNHFZL0dwS1djK2JuSm80a1BpdUVReHRzUDVBbmpPZFpSc1dleVlCMElTdzN5YzhPd3M2NjEiLCJtYWMiOiI1ZGE3NmMxYjE4NDNhMjE5YjA1ZWI3MjJmZjFmOWQ3YTdkYzI4MWFjZGI3MmRiN2FlN2FiNWQ4OTY3YjMyNmZmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/gZm2ypof.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/ip HTTP/1.1Host: directory.cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/config/ZXSmM0UO.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/ip HTTP/1.1Host: directory.cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/translations/aE73XpKx.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/config/ZXSmM0UO.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/audit-table/jYoNmHK1.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/translations/aE73XpKx.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/audit-table/jYoNmHK1.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/close.svg HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/poweredbtcky.svg HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/close.svg HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/poweredbtcky.svg HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 1cCRne5FrKG1bmpX1LiZ8Q==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: Oxpn7BYSy3JuZSeYrE1s7g==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /js/bg/lkTXq49YG5_ej1w7m4T9Nw_1Lx1Ocd1gteWQpsfV_Tk.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.recaptcha.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6s-4MX2kz3VNLAzZmfd-7yXjbkbTSWAwj4Kz96bCQFX-EI8nvaf3Xkq2ZBjYXCMoIpCn36bjTxAXaLDnmXjMUvj-D8D1yxfXMAOHS6hmVO0J-yHtAhMtcSUaFcwnvkQ_Gq7WHrAJjL1JSh9Y0SyTyd_mC9cv-zIHGIhaawRdHz8eBizc9Fd20PxSmYeelBpS0BbTPi&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74 HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AN_JpP-WG2XUH_gJzietZATudya64lmy4fZuIsAwreJLqGK0-aZKLTJaNcn-AutA5GXt_c56vsMePt0b2z7MorM
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/reload?k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74 HTTP/1.1Host: www.recaptcha.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AN_JpP-WG2XUH_gJzietZATudya64lmy4fZuIsAwreJLqGK0-aZKLTJaNcn-AutA5GXt_c56vsMePt0b2z7MorM
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6s-4MX2kz3VNLAzZmfd-7yXjbkbTSWAwj4Kz96bCQFX-EI8nvaf3Xkq2ZBjYXCMoIpCn36bjTxAXaLDnmXjMUvj-D8D1yxfXMAOHS6hmVO0J-yHtAhMtcSUaFcwnvkQ_Gq7WHrAJjL1JSh9Y0SyTyd_mC9cv-zIHGIhaawRdHz8eBizc9Fd20PxSmYeelBpS0BbTPi&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74 HTTP/1.1Host: www.recaptcha.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AN_JpP-WG2XUH_gJzietZATudya64lmy4fZuIsAwreJLqGK0-aZKLTJaNcn-AutA5GXt_c56vsMePt0b2z7MorM
Source: global traffic	HTTP traffic detected: GET /?s1=abl3&s3=ses&email=%25%25recipient_email%25%25 HTTP/1.1Host: tmnz.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?s1=abl3&s3=ses&email=%25%25recipient_email%25%25&subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35 HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bFUOzuoWY.js HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ww25.tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25&subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75
Source: global traffic	HTTP traffic detected: GET /_fd?s1=abl3&s3=ses&email=%25%25recipient_email%25%25&subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35 HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75
Source: global traffic	HTTP traffic detected: GET /legal HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ww25.tmnz.xyz/legalAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /legal HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /legal HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ww25.tmnz.xyz/legalAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg

Source: chromecache_150.2.dr

String found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: tmnz.xyz
Source: global traffic	DNS traffic detected: DNS query: ww25.tmnz.xyz
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.adsensecustomsearchads.com
Source: global traffic	DNS traffic detected: DNS query: www.bodis.com
Source: global traffic	DNS traffic detected: DNS query: cdn.reamaze.com
Source: global traffic	DNS traffic detected: DNS query: cdn-cookieyes.com
Source: global traffic	DNS traffic detected: DNS query: log.cookieyes.com
Source: global traffic	DNS traffic detected: DNS query: www.recaptcha.net
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: ws.reamaze.com
Source: global traffic	DNS traffic detected: DNS query: push.reamaze.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: directory.cookieyes.com

Source: unknown

HTTP traffic detected: POST /api/v1/log HTTP/1.1Host: log.cookieyes.comConnection: keep-aliveContent-Length: 556sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryS2icQ2GpotNEyaHSAccept: */*Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_152.2.dr	String found in binary or memory: http://www.domainname.com/page.html
Source: chromecache_150.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_150.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_135.2.dr	String found in binary or memory: https://bodis.medium.com/
Source: chromecache_150.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_127.2.dr	String found in binary or memory: https://easylist-downloads.adblockplus.org/easylist.txt
Source: chromecache_100.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=
Source: chromecache_81.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:300
Source: chromecache_146.2.dr, chromecache_106.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:400
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xEIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xFIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xLIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_145.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_145.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.22.5/LICENSE
Source: chromecache_150.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_100.2.dr, chromecache_150.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_100.2.dr	String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: chromecache_99.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_101.2.dr	String found in binary or memory: https://pusher.com/
Source: chromecache_99.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_150.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_150.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_99.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_100.2.dr	String found in binary or memory: https://syndicatedsearch.goog
Source: chromecache_150.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_136.2.dr	String found in binary or memory: https://www.bodis.com/dfp.js
Source: chromecache_136.2.dr	String found in binary or memory: https://www.bodis.com/favicon-32x32.png
Source: chromecache_152.2.dr	String found in binary or memory: https://www.bodis.com/takedown-request
Source: chromecache_152.2.dr	String found in binary or memory: https://www.bodis.com/terms/infringement-notification-policy
Source: chromecache_150.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_134.2.dr, chromecache_133.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_150.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_150.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
Source: chromecache_147.2.dr, chromecache_151.2.dr, chromecache_133.2.dr, chromecache_85.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
Source: chromecache_150.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_85.2.dr	String found in binary or memory: https://www.recaptcha.net/recaptcha/api2/
Source: chromecache_146.2.dr, chromecache_106.2.dr	String found in binary or memory: https://www2.bodis.com/svg/logo.svg

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443

Source: unknown	HTTPS traffic detected: 23.203.40.158:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.203.40.158:443 -> 192.168.2.4:49751 version: TLS 1.2

Source: classification engine

Classification label: sus21.troj.win@22/129@52/21

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1956,i,7510211062430527393,10561017148369666314,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1956,i,7510211062430527393,10561017148369666314,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.22.59.91	unknown	United States	13335	CLOUDFLARENETUS	false
104.22.9.8	push.reamaze.com	United States	13335	CLOUDFLARENETUS	false
104.22.8.8	cdn.reamaze.com	United States	13335	CLOUDFLARENETUS	false
142.250.190.67	unknown	United States	15169	GOOGLEUS	false
142.251.177.156	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
199.59.243.50	www.bodis.com	United States	395082	BODIS-NJUS	false
172.67.28.250	unknown	United States	13335	CLOUDFLARENETUS	false
108.128.23.94	event-log-producer-alb-1487800978.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
142.250.191.132	www.google.com	United States	15169	GOOGLEUS	false
104.22.58.91	cdn-cookieyes.com	United States	13335	CLOUDFLARENETUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
103.224.212.210	tmnz.xyz	Australia	133618	TRELLIAN-AS-APTrellianPtyLimitedAU	true
142.250.190.35	www.recaptcha.net	United States	15169	GOOGLEUS	false
216.239.36.181	analytics-alv.google.com	United States	15169	GOOGLEUS	false
172.217.4.196	unknown	United States	15169	GOOGLEUS	false
172.217.1.100	unknown	United States	15169	GOOGLEUS	false
199.59.243.225	77026.bodis.com	United States	395082	BODIS-NJUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.5.14	unknown	United States	15169	GOOGLEUS	false
142.250.191.100	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
tmnz.xyz	103.224.212.210	true
77026.bodis.com	199.59.243.225	true
www.bodis.com	199.59.243.50	true
www.recaptcha.net	142.250.190.35	true
event-log-producer-alb-1487800978.eu-west-1.elb.amazonaws.com	108.128.23.94	true
cdn-cookieyes.com	104.22.58.91	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
stats.g.doubleclick.net	142.251.177.156	true
bg.microsoft.map.fastly.net	199.232.210.172	true
analytics-alv.google.com	216.239.36.181	true
www3.l.google.com	142.250.190.46	true
cdnjs.cloudflare.com	104.17.24.14	true
www.google.com	142.250.191.132	true
cdn.reamaze.com	104.22.8.8	true
log.cookieyes.com	108.128.23.94	true
push.reamaze.com	104.22.9.8	true
ws.reamaze.com	104.22.9.8	true
ww25.tmnz.xyz	unknown	unknown
www.adsensecustomsearchads.com	unknown	unknown
directory.cookieyes.com	unknown	unknown
analytics.google.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn.reamaze.com/data/brands/bodis/ping	false		high
https://www.recaptcha.net/recaptcha/api2/reload?k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74	false	Avira URL Cloud: safe	unknown
https://cdn-cookieyes.com/client_data/3155f51cab94cfafe4b265a7/gZm2ypof.json	false	Avira URL Cloud: safe	unknown
https://www.bodis.com/dfp.js	false		high
https://www.bodis.com/svg/logo.svg	false		high
about:blank	false	Avira URL Cloud: safe	low
https://www.bodis.com/js/chunks/14.3a7973fff8110300ff48.js	false		high
https://analytics.google.com/g/collect?v=2&tid=G-L32F1DFB3K&_ng=1&gtm=45je44o0v9116287315za200&_p=1714378384231&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1690271585.1714378387&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_s=1&dt=takedown-request&dp=%2Ftakedown-request&dl=https%3A%2F%2Fwww.bodis.com%2Ftakedown-request&sid=1714378387&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5106	false		high
https://log.cookieyes.com/api/v1/log	false	URL Reputation: safe	unknown
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m	false	Avira URL Cloud: safe	unknown
http://ww25.tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25&subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35	false		unknown
http://ww25.tmnz.xyz/legal	false		unknown
https://www.google.com/recaptcha/api.js	false		high
https://cdn-cookieyes.com/client_data/3155f51cab94cfafe4b265a7/banner.js	false	Avira URL Cloud: safe	unknown
https://cdn-cookieyes.com/client_data/3155f51cab94cfafe4b265a7/script.js	false	Avira URL Cloud: safe	unknown
http://ww25.tmnz.xyz/favicon.ico	false	Avira URL Cloud: safe	unknown
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8	false		unknown
https://www.bodis.com/api/account	false		high
https://cdnjs.cloudflare.com/ajax/libs/pusher/7.0.1/pusher.min.js	false		high
http://ww25.tmnz.xyz/bFUOzuoWY.js	false	Avira URL Cloud: safe	unknown
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74	false		unknown
https://cdn.reamaze.com/assets/reamaze.js	false		high
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m	false		high
https://www.recaptcha.net/recaptcha/api.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://ws.reamaze.com/app/?EIO=3&transport=websocket	false		high
https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true	false		high
http://tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25	false		unknown
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&s=iRhd0i2fkvRK4PC05e5-PklbYTO46NVR77dV8j7LqwfReYw-nlwaY20opDhKyEUd4oj6DH8l-CobPw90OEqRN4Se9dSfiBePDTQOZZeU1e6q77B-HY_nFGz6S0BdOajk-3hWKKRN0rqus9eLOnNtcsTN7Hl2A8FTF3zJ_oMldErynRsv6gcCxBo17K_RUCGI-XHUbBjEK2_MReYNy7KhXBwHD9R3u2SGUW0CuOWBWNwr2g47iaBhFnpAQ90gwKsjZwxBrYnhYNOLcstaPMdet5mhTsurThg&cb=cojajca2ktto	false		high
https://www.google.com/js/bg/fyCF3lmo_OYnC_9rGWUF-CeQvtOEKKrTUK_XXS1Fd1s.js	false		high
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-L32F1DFB3K&cid=1690271585.1714378387&gtm=45je44o0v9116287315za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0	false		high
https://directory.cookieyes.com/api/v1/ip	false	URL Reputation: safe	unknown
https://cdn-cookieyes.com/client_data/3155f51cab94cfafe4b265a7/config/ZXSmM0UO.json	false	Avira URL Cloud: safe	unknown
https://cdn-cookieyes.com/client_data/3155f51cab94cfafe4b265a7/audit-table/jYoNmHK1.json	false	Avira URL Cloud: safe	unknown
https://www.bodis.com/takedown-request	false		high
https://www.bodis.com/js/app.js?id=a6d102922d07b5b652c9	false		high
https://push.reamaze.com/assets/reamaze-push.js	false		high
https://cdn-cookieyes.com/assets/images/close.svg	false	URL Reputation: safe	unknown
https://www.bodis.com/css/app.css?id=c87e71429bf4f4d8f19a	false		high
https://cdn-cookieyes.com/assets/images/poweredbtcky.svg	false	URL Reputation: safe	unknown
https://www.bodis.com/api/countries	false		high
https://www.google.com/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b	false		high
https://www.bodis.com/favicon-32x32.png	false		high
https://www.recaptcha.net/recaptcha/api2/payload?p=06AFcWeA6s-4MX2kz3VNLAzZmfd-7yXjbkbTSWAwj4Kz96bCQFX-EI8nvaf3Xkq2ZBjYXCMoIpCn36bjTxAXaLDnmXjMUvj-D8D1yxfXMAOHS6hmVO0J-yHtAhMtcSUaFcwnvkQ_Gq7WHrAJjL1JSh9Y0SyTyd_mC9cv-zIHGIhaawRdHz8eBizc9Fd20PxSmYeelBpS0BbTPi&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74	false	Avira URL Cloud: safe	unknown
http://ww25.tmnz.xyz/_fd?s1=abl3&s3=ses&email=%25%25recipient_email%25%25&subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35	false	Avira URL Cloud: safe	unknown
https://www.google.com/js/bg/lkTXq49YG5_ej1w7m4T9Nw_1Lx1Ocd1gteWQpsfV_Tk.js	false		high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with very long lines (2247)	468A668B852712D152986D80F4FA63D7	2B66E62394C29F6D38A84E98D413DA5ADEEF47D5	ADED81D77FDC94EECD2A8AADF261A4AA2D2139BE93CE9BC1DA8AA1CAA144603A
Chrome Cache Entry: 101	ASCII text, with very long lines (65405)	E1BE14BCD111694D8E5AC59DB0560AA4	135246FFFDB51A130C046F7D7F8C371ED6872B8F	355557A7ADDF5FF91B246281CEC6AD20F35B2BA7C44DD327926F337D6F0394E0
Chrome Cache Entry: 102	JSON data	F17B7A294C4D5B3575E5CF528EC3C19F	A408DEC791141800C64E0B9A5CCEC51416215DB5	6F6AD8F69A30DDDDF8F5E0F1416F8C2B8B017952324DD4302292806E68E350E6
Chrome Cache Entry: 103	Unicode text, UTF-8 text, with very long lines (33788)	8A51FDDCB2118F8428C7274D196B74B5	43C7043729A1372FE8E3B5AC45790AA8721F68E6	4FFA4569923384331A8F6CB933100CBB1DAD86E5BEE0574C933AC399C792A3F7
Chrome Cache Entry: 104	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3	1300A3B44EDF258BC30A9F2B3BE8D93A	0190E26F59AEB78E0ECA9653C1749D32B550F8C0	178EC02A78F7F642CCC492645D58B53A8B13ACE6F8CEA33F2A280FF530DB9DA8
Chrome Cache Entry: 105	ASCII text, with very long lines (631)	E2E79D6B927169D9E0E57E3BAECC0993	1299473950B2999BA0B7F39BD5E4A60EAFD1819D	231336ED913A5EBD4445B85486E053CAF2B81CAB91318241375F3F7A245B6C6B
Chrome Cache Entry: 106	JSON data	88300E10AB354B763D8A449873ABA55C	D00265D4EF23549E46035935F2C22584DE81449D	50F7B2417899E6B3C39210C684F040AB92FBAA3FDD43C9C7BC09C98D50887A0C
Chrome Cache Entry: 107	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	0F2A4639B8A4CB30C76E8333C00D30A6	57E273A270BB864970D747C74B3F0A7C8E515B13	44B988703019CD6BFA86C91840FECF2A42B611B364E3EEA2F4EB63BF62714E98
Chrome Cache Entry: 108	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 109	Web Open Font Format (Version 2), TrueType, length 15340, version 1.0	19B7A0ADFDD4F808B53AF7E2CE2AD4E5	81D5D4C7B5035AD10CCE63CF7100295E0C51FDDA	C912A9CE0C3122D4B2B29AD26BFE06B0390D1A5BDAA5D6128692C0BEFD1DFBBD
Chrome Cache Entry: 110	C source, ASCII text, with very long lines (2752)	42F8EEC1C24ED1CA9F6FBD72F0DDCEB9	198C2841C4D1AB1F7285301F8EFCE1E54F705182	52132DA463628ECDD559B91C7B0C71EA3D7D6A9D00A644D9D90C16B489B2B721
Chrome Cache Entry: 111	Web Open Font Format (Version 2), TrueType, length 15744, version 1.0	15D9F621C3BD1599F0169DCF0BD5E63E	7CA9C5967F3BB8BFFEAB24B639B49C1E7D03FA52	F6734F8177112C0839B961F96D813FCB189D81B60E96C33278C1983B6F419615
Chrome Cache Entry: 112	Web Open Font Format (Version 2), TrueType, length 15552, version 1.0	285467176F7FE6BB6A9C6873B3DAD2CC	EA04E4FF5142DDD69307C183DEF721A160E0A64E	5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
Chrome Cache Entry: 113	SVG Scalable Vector Graphics image	463A29230026F25D47804E96C507F787	F50E0EAC87BB8F5CFF8F7D8CCB5D72AEDDA7E78D	A049E1ABE441835A2BCF35258936072189A0A52D0000C4ED2094E59D2AFD189B
Chrome Cache Entry: 114	Unicode text, UTF-8 text, with very long lines (65535), with no line terminators	B7746A672378BB3E78FBB314EEEA4563	4B625511F4A59F695E29FF95C8C29FE33B9B2FFE	B67ACD703769FEBB48BC02ACCF4F807E8370C62FC801A8A852937B44141D6016
Chrome Cache Entry: 115	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	07BF314AAB04047B9E9A959EE6F63DA3	17BEF6602672E2FD9956381E01356245144003E5	55EAF62CB05DA20088DC12B39D7D254D046CB1FD61DDF3AE641F1439EFD0A5EE
Chrome Cache Entry: 116	ASCII text, with very long lines (17673)	9FBB8606566EBF96C502666BFFFD254A	FEB80CB296B30432EC659D7EEDFE3C6022A450E2	9644D7AB8F581B9FDE8F5C3B9B84FD370FF52F1D4E71DD60B5E590A6C7D5FD39
Chrome Cache Entry: 117	ASCII text, with very long lines (56412), with no line terminators	2C00B9F417B688224937053CD0C284A5	17B4C18EBC129055DD25F214C3F11E03E9DF2D82	1E754B107428162C65A26D399B66DB3DAAEA09616BF8620D9DE4BC689CE48EED
Chrome Cache Entry: 118	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	8D5FEB395D9213D29AAE3AF40E52C495	B5F5B77DFB3C7070595851572D609CF080957B7D	56B1603B488EAA0B34FE9B942B3CD5A7070B1B17DB89F411EB28AFE9A02F3E7B
Chrome Cache Entry: 119	ASCII text, with very long lines (32763)	D52F8B946639C8F80AB9A7FC9CFA34A9	0D080ABE99644CD0EB4F3B1F571A981EE796B0B2	9C496DA5273E146169BA2F4045A9FF3259086DA6FCC45D5F583CC5CDBAA2710D
Chrome Cache Entry: 120	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 121	JSON data	22C967D69F0D5054CDF0C3725CB8B2CF	5578DE8E9B2ADFEDEC93B3483096D6B39C400678	DE059BE36FA3924307EEAD3CDE43546467F695181804528945151EBE0E5A0C51
Chrome Cache Entry: 122	JSON data	1F7C2DEC23C043D91014C48507519DC8	2E36EB4E85B55DB86CDF4E9B2E786A7930ACE8FA	ED039C85779AF96DD672E99CA77B346A6DF578DC27E9EA6A2C42C7087DDD5862
Chrome Cache Entry: 123	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 124	JSON data	A5A39F0EF91D7503131A1DABA1C42BEA	194F34D835275E2BBC16CB09CEE12E0135462831	7A07243DCE72A51F6E6A8AB37A374903EAB1D7B142A75437B1796A767B1AA7F4
Chrome Cache Entry: 125	HTML document, ASCII text	B54D0452E2FDB8C0D91C455D1C5495F9	DDD85730B9CB4CB9905B1D7E7643F595D2F33CB8	F4138D99EC6E17514BB87CEEAD1C1D2A204219C970864FC85BFF00949EE18082
Chrome Cache Entry: 126	ASCII text, with very long lines (370), with no line terminators	FC89ABDAD1D9C79FC25A77365101A35F	8C0917176B0661E1297A8E6957370A09C553CB44	EB4E505693375E39FFD2572FD21257A2E3FFAE779DD0B3B7787F97AF4F7BB8AC
Chrome Cache Entry: 127	ASCII text	0245D9DC4390BA3F9E18E4099EFE1374	5B4C107BAB954AE53BB455C2E2E3EC00BB68FE84	FD83CE7A2441BC061F683A0B54941BC980CCF1FF4B0BF2569AF2BA77CC74687F
Chrome Cache Entry: 128	Unicode text, UTF-8 text, with very long lines (37797), with no line terminators	E13A3BB57B3DE64DDB1063EBF0B6EF06	1DEB092663574B4E08AB419152EC2AE9341537EF	155F46382793DADA28B7E0ABA67158AB367F51B3AE3CEFF105D65FE71CDE9D24
Chrome Cache Entry: 129	JSON data	46DFB00125FD04E78B457DCA37D63984	4DBFFA7352821922DA741E169BD20C8CFB97027B	CBC9ACF63E730BC46DE403379A3587363C03CE28D8591436064DA09BFAF35656
Chrome Cache Entry: 130	SVG Scalable Vector Graphics image	463A29230026F25D47804E96C507F787	F50E0EAC87BB8F5CFF8F7D8CCB5D72AEDDA7E78D	A049E1ABE441835A2BCF35258936072189A0A52D0000C4ED2094E59D2AFD189B
Chrome Cache Entry: 131	JSON data	54D930AD5DF74842D73ADFCEB20ED111	2F799DF8DC57E8606D49FF7D6DDC5D829AD1266A	D954741496AED53F2BE630F849812F9E41145550BC2EE34D1DC8551381E283DC
Chrome Cache Entry: 132	SVG Scalable Vector Graphics image	54E7A9A0BFB9E5BFC77C6BDB5558BE5B	051F12FB0E2FD868C4DDF9EF7F4D962EF5F0DBF2	B2E7272CEB88761DB810B1D595B90BAB1894D597568B3D80E8DCA6AB88155747
Chrome Cache Entry: 133	ASCII text, with very long lines (1222), with no line terminators	463D838587C8B5873CB6E4E942B770C9	E69DCF383A6F3F51F123CA2D86F19FC4BE09E612	1448EC1B3F30A554233BD280AA99A7EAF690D1098647E7DDDEA286C757884F9C
Chrome Cache Entry: 134	ASCII text, with very long lines (631)	E2E79D6B927169D9E0E57E3BAECC0993	1299473950B2999BA0B7F39BD5E4A60EAFD1819D	231336ED913A5EBD4445B85486E053CAF2B81CAB91318241375F3F7A245B6C6B
Chrome Cache Entry: 135	Unicode text, UTF-8 text, with very long lines (65531), with no line terminators	A6D102922D07B5B652C9F3989B52AD30	50CBA6BBF9F14E1F91070A282965B6533F5E813E	69C1503C29447CC7332133614F97FDEC71777FBD49004925494C7406288F39C4
Chrome Cache Entry: 136	HTML document, ASCII text	9C8AA48DC60CA759F82CF8F4B934D5BE	7F76D27A280CEC1300BA541777C7CE772AF5175F	40E66D694F0CDEBDD26B8C29154A2DD5FAEB3DD6517EEBD84BE4B58CE51E1EE2
Chrome Cache Entry: 137	JSON data	46DFB00125FD04E78B457DCA37D63984	4DBFFA7352821922DA741E169BD20C8CFB97027B	CBC9ACF63E730BC46DE403379A3587363C03CE28D8591436064DA09BFAF35656
Chrome Cache Entry: 138	ASCII text, with no line terminators	97FBD2A4E9789633D10E874FB5D200CF	5CA9E1150B27732F90E8CDC8C72E62C2896E0407	B193C36D5B9C3CC115320CC82F3BBDB2E9D8F386392EB7367B306430BF9172BB
Chrome Cache Entry: 139	ASCII text, with very long lines (17673)	9FBB8606566EBF96C502666BFFFD254A	FEB80CB296B30432EC659D7EEDFE3C6022A450E2	9644D7AB8F581B9FDE8F5C3B9B84FD370FF52F1D4E71DD60B5E590A6C7D5FD39
Chrome Cache Entry: 140	JSON data	54D930AD5DF74842D73ADFCEB20ED111	2F799DF8DC57E8606D49FF7D6DDC5D829AD1266A	D954741496AED53F2BE630F849812F9E41145550BC2EE34D1DC8551381E283DC
Chrome Cache Entry: 141	ASCII text, with no line terminators	A3144EE887752BC84252FAACD4DFFD83	172430F70BAEDA54BB9F533293E0E80A2DA5835D	8B87CFF79D0F8142D02D4A5991C83A5D59A7733BCB0EBEDD0DE57E559C6EAEFB
Chrome Cache Entry: 142	ASCII text, with very long lines (1572)	E5E956AE76786260368FC06814058B3A	5A3A087CB51FF5D3EB8E9B7BAE66D4F4071FF2D6	D6838157457C9809FD811E8353A966C9672158AA0593B514FBC0A69F69FBB03D
Chrome Cache Entry: 143	JSON data	F17B7A294C4D5B3575E5CF528EC3C19F	A408DEC791141800C64E0B9A5CCEC51416215DB5	6F6AD8F69A30DDDDF8F5E0F1416F8C2B8B017952324DD4302292806E68E350E6
Chrome Cache Entry: 144	JSON data	22C967D69F0D5054CDF0C3725CB8B2CF	5578DE8E9B2ADFEDEC93B3483096D6B39C400678	DE059BE36FA3924307EEAD3CDE43546467F695181804528945151EBE0E5A0C51
Chrome Cache Entry: 145	Unicode text, UTF-8 text, with very long lines (37205), with NEL line terminators	ECD73684AD61A9D4CD0F5B678875F1D1	895631C45CE04D9A70BA60822B327003901A138F	1853B1E586FBA02AF78F3C10847E0085A7920F6CA5B4777856F4907CCEF0A631
Chrome Cache Entry: 146	JSON data	88300E10AB354B763D8A449873ABA55C	D00265D4EF23549E46035935F2C22584DE81449D	50F7B2417899E6B3C39210C684F040AB92FBAA3FDD43C9C7BC09C98D50887A0C
Chrome Cache Entry: 147	ASCII text, with no line terminators	284B36421A1CF446F32CB8F7987B1091	EB14D6298C9DA3FB26D75B54C087EA2DF9F3F05F	94AB2BE973685680D0BE9C08D4E1A7465F3C09053CF631126BD33F49CC2F939B
Chrome Cache Entry: 148	ASCII text, with very long lines (17691)	040162F6DA25C64FEAAED69ABC0AC96B	818D0D73C7EFDEAFE6898255D407C519173A5131	7F2085DE59A8FCE6270BFF6B196505F82790BED38428AAD350AFD75D2D45775B
Chrome Cache Entry: 149	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	88E0F42C9FA4F94AA8BCD54D1685C180	5AD9D47A49B82718BAA3BE88550A0B3350270C42	89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992
Chrome Cache Entry: 150	ASCII text, with very long lines (5945)	1733560DE675A6B2960E132C5EECDE9D	F7FB466762F0A4393A9C5067E2CC5A1B0DC1BBBC	576EEA9911DE2C58C98F957D6E62FBAAB50AE292DCD6916A82334C09DD063427
Chrome Cache Entry: 151	ASCII text, with no line terminators	284B36421A1CF446F32CB8F7987B1091	EB14D6298C9DA3FB26D75B54C087EA2DF9F3F05F	94AB2BE973685680D0BE9C08D4E1A7465F3C09053CF631126BD33F49CC2F939B
Chrome Cache Entry: 152	HTML document, Unicode text, UTF-8 text	869C4A10BC717E37A1B2D61034F8BFC4	584C922FF58C4A000F251D1D55486CDBF347976C	97D2094AB604D8079FE53BB5F595036EF8755894171E1E3146F3DC61356E8816
Chrome Cache Entry: 80	SVG Scalable Vector Graphics image	2E4DF113EDE6D5CE8DE2DC1338A3890E	3AF1721CA29F4ADA0CD422206C253CF8EE52781A	911F58B8D14BD6F73A83FD774E44BEC97E896317C7093DC83E96921E64F1FBD5
Chrome Cache Entry: 81	ASCII text, with very long lines (65338)	C87E71429BF4F4D8F19A4ED1CBBC9365	A0339336170F75C801958AC8D73D2C05749C821F	A7F7EF56CE1DA2FE89C795F858968B4B35A44C9FDD23144BEB64B50D1D2268AF
Chrome Cache Entry: 82	ASCII text, with no line terminators	AFB69DF47958EB78B4E941270772BD6A	D9FE9A625E906FF25C1F165E7872B1D9C731E78E	874809FB1235F80831B706B9E9B903D80BD5662D036B7712CC76F8C684118878
Chrome Cache Entry: 83	SVG Scalable Vector Graphics image	2E4DF113EDE6D5CE8DE2DC1338A3890E	3AF1721CA29F4ADA0CD422206C253CF8EE52781A	911F58B8D14BD6F73A83FD774E44BEC97E896317C7093DC83E96921E64F1FBD5
Chrome Cache Entry: 84	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0	5D4AEB4E5F5EF754E307D7FFAEF688BD	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
Chrome Cache Entry: 85	ASCII text, with very long lines (1536), with no line terminators	162E25637D65B40F434F0B958505D0BB	D173DC72B7081C80632DF0C31D1DAFD43FF474EB	5D74187DBCFE69598A91CBE485AB391DC28228796035E77A8148EA43FE7F87B2
Chrome Cache Entry: 86	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	8D5FEB395D9213D29AAE3AF40E52C495	B5F5B77DFB3C7070595851572D609CF080957B7D	56B1603B488EAA0B34FE9B942B3CD5A7070B1B17DB89F411EB28AFE9A02F3E7B
Chrome Cache Entry: 87	JSON data	A5A39F0EF91D7503131A1DABA1C42BEA	194F34D835275E2BBC16CB09CEE12E0135462831	7A07243DCE72A51F6E6A8AB37A374903EAB1D7B142A75437B1796A767B1AA7F4
Chrome Cache Entry: 88	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	07BF314AAB04047B9E9A959EE6F63DA3	17BEF6602672E2FD9956381E01356245144003E5	55EAF62CB05DA20088DC12B39D7D254D046CB1FD61DDF3AE641F1439EFD0A5EE
Chrome Cache Entry: 89	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0	5D4AEB4E5F5EF754E307D7FFAEF688BD	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
Chrome Cache Entry: 90	SVG Scalable Vector Graphics image	54E7A9A0BFB9E5BFC77C6BDB5558BE5B	051F12FB0E2FD868C4DDF9EF7F4D962EF5F0DBF2	B2E7272CEB88761DB810B1D595B90BAB1894D597568B3D80E8DCA6AB88155747
Chrome Cache Entry: 91	ASCII text, with very long lines (56412), with no line terminators	2C00B9F417B688224937053CD0C284A5	17B4C18EBC129055DD25F214C3F11E03E9DF2D82	1E754B107428162C65A26D399B66DB3DAAEA09616BF8620D9DE4BC689CE48EED
Chrome Cache Entry: 92	Web Open Font Format (Version 2), TrueType, length 15920, version 1.0	3A44E06EB954B96AA043227F3534189D	23CEF6993DDB2B2979E8E7647FC3763694E2BA7D	B019538234514166EC7665359D097403358F8A4C991901983922FB4D56989F1E
Chrome Cache Entry: 93	Web Open Font Format (Version 2), TrueType, length 15860, version 1.0	E9F5AAF547F165386CD313B995DDDD8E	ACDEF5603C2387B0E5BFFD744B679A24A8BC1968	F5AEBDFEA35D1E7656EF4ACC5DB1F243209755AE3300943EF8FC6280F363C860
Chrome Cache Entry: 94	ASCII text, with no line terminators	7B105F75DBDF29981519E670CCD970B7	BC4C21456B811793A8ACCB131FCA3E61F46E84CB	A7061F9CFD36E407F892747754B2C01B4287F1FE4CBE519ACBA51E8758DB8894
Chrome Cache Entry: 95	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	88E0F42C9FA4F94AA8BCD54D1685C180	5AD9D47A49B82718BAA3BE88550A0B3350270C42	89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992
Chrome Cache Entry: 96	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	0F2A4639B8A4CB30C76E8333C00D30A6	57E273A270BB864970D747C74B3F0A7C8E515B13	44B988703019CD6BFA86C91840FECF2A42B611B364E3EEA2F4EB63BF62714E98
Chrome Cache Entry: 97	JSON data	1F7C2DEC23C043D91014C48507519DC8	2E36EB4E85B55DB86CDF4E9B2E786A7930ACE8FA	ED039C85779AF96DD672E99CA77B346A6DF578DC27E9EA6A2C42C7087DDD5862
Chrome Cache Entry: 98	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3	1300A3B44EDF258BC30A9F2B3BE8D93A	0190E26F59AEB78E0ECA9653C1749D32B550F8C0	178EC02A78F7F642CCC492645D58B53A8B13ACE6F8CEA33F2A280FF530DB9DA8
Chrome Cache Entry: 99	ASCII text, with very long lines (631)	E2E79D6B927169D9E0E57E3BAECC0993	1299473950B2999BA0B7F39BD5E4A60EAFD1819D	231336ED913A5EBD4445B85486E053CAF2B81CAB91318241375F3F7A245B6C6B

Found iframes

Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74

HTML page contains hidden URLs or javascript code

Source: http://ww25.tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25&subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35

Source: http://ww25.tmnz.xyz/legal	HTTP Parser: No favicon
Source: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsi...	HTTP Parser: No favicon
Source: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsi...	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&s=iRhd0i2fkvRK4PC05e5-PklbYTO46NVR77dV8j7LqwfReYw-nlwaY20opDhKyEUd4oj6DH8l-CobPw90OEqRN4Se9dSfiBePDTQOZZeU1e6q77B-HY_nFGz6S0BdOajk-3hWKKRN0rqus9eLOnNtcsTN7Hl2A8FTF3zJ_oMldErynRsv6gcCxBo17K_RUCGI-XHUbBjEK2_MReYNy7KhXBwHD9R3u2SGUW0CuOWBWNwr2g47iaBhFnpAQ90gwKsjZwxBrYnhYNOLcstaPMdet5mhTsurThg&cb=cojajca2ktto	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74	HTTP Parser: No favicon

Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="author".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="author".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="author".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="author".. found

Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="copyright".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="copyright".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="copyright".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.203.40.158:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.203.40.158:443 -> 192.168.2.4:49751 version: TLS 1.2

Networking

Performs DNS queries to domains with low reputation

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: tmnz.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: tmnz.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: ww25.tmnz.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: ww25.tmnz.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: ww25.tmnz.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: ww25.tmnz.xyz

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.40.158
Source: unknown	TCP traffic detected without corresponding DNS query: 23.52.42.7
Source: unknown	TCP traffic detected without corresponding DNS query: 23.52.42.7
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic

Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://ww25.tmnz.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol308%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol432&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.tmnz.xyz%2F%3Fcaf%3D1%26s1%3Dabl3%26s3%3Dses%26email%3D%2525%2525recipient_email%2525%2525%26subid1%3D20240429-1812-26c4-a5f5-bdf32fa5fb35&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client_gdprApplies=0&format=r3&nocache=4061714378349545&num=0&output=afd_ads&domain_name=ww25.tmnz.xyz&v=3&bsl=8&pac=0&u_his=1&u_tz=120&dt=1714378349547&u_w=1280&u_h=1024&biw=1280&bih=907&psw=1280&psh=816&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=627058929&rurl=http%3A%2F%2Fww25.tmnz.xyz%2F%3Fs1%3Dabl3%26s3%3Dses%26email%3D%2525%2525recipient_email%2525%2525%26subid1%3D20240429-1812-26c4-a5f5-bdf32fa5fb35 HTTP/1.1Host: www.adsensecustomsearchads.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://ww25.tmnz.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D627058929%26rurl%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fs1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35&hl=en&q=EgRRtT5aGO-svbEGIjDjtRki3HGnvXliW7o6WwpQpvuj6dv3iuW3lLbFJuffVlS9E3uzuYP9x8g_ONdmYwQyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: http://ww25.tmnz.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D627058929%26rurl%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fs1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35&hl=en&q=EgRRtT5aGO-svbEGIjDjtRki3HGnvXliW7o6WwpQpvuj6dv3iuW3lLbFJuffVlS9E3uzuYP9x8g_ONdmYwQyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&s=iRhd0i2fkvRK4PC05e5-PklbYTO46NVR77dV8j7LqwfReYw-nlwaY20opDhKyEUd4oj6DH8l-CobPw90OEqRN4Se9dSfiBePDTQOZZeU1e6q77B-HY_nFGz6S0BdOajk-3hWKKRN0rqus9eLOnNtcsTN7Hl2A8FTF3zJ_oMldErynRsv6gcCxBo17K_RUCGI-XHUbBjEK2_MReYNy7KhXBwHD9R3u2SGUW0CuOWBWNwr2g47iaBhFnpAQ90gwKsjZwxBrYnhYNOLcstaPMdet5mhTsurThg&cb=cojajca2ktto HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D627058929%26rurl%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fs1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35&hl=en&q=EgRRtT5aGO-svbEGIjDjtRki3HGnvXliW7o6WwpQpvuj6dv3iuW3lLbFJuffVlS9E3uzuYP9x8g_ONdmYwQyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&s=iRhd0i2fkvRK4PC05e5-PklbYTO46NVR77dV8j7LqwfReYw-nlwaY20opDhKyEUd4oj6DH8l-CobPw90OEqRN4Se9dSfiBePDTQOZZeU1e6q77B-HY_nFGz6S0BdOajk-3hWKKRN0rqus9eLOnNtcsTN7Hl2A8FTF3zJ_oMldErynRsv6gcCxBo17K_RUCGI-XHUbBjEK2_MReYNy7KhXBwHD9R3u2SGUW0CuOWBWNwr2g47iaBhFnpAQ90gwKsjZwxBrYnhYNOLcstaPMdet5mhTsurThg&cb=cojajca2kttoAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/lkTXq49YG5_ej1w7m4T9Nw_1Lx1Ocd1gteWQpsfV_Tk.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&s=iRhd0i2fkvRK4PC05e5-PklbYTO46NVR77dV8j7LqwfReYw-nlwaY20opDhKyEUd4oj6DH8l-CobPw90OEqRN4Se9dSfiBePDTQOZZeU1e6q77B-HY_nFGz6S0BdOajk-3hWKKRN0rqus9eLOnNtcsTN7Hl2A8FTF3zJ_oMldErynRsv6gcCxBo17K_RUCGI-XHUbBjEK2_MReYNy7KhXBwHD9R3u2SGUW0CuOWBWNwr2g47iaBhFnpAQ90gwKsjZwxBrYnhYNOLcstaPMdet5mhTsurThg&cb=cojajca2kttoAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%3Doff%26psid%3D3113057640%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol202%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol308%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol432%26client%3Ddp-bodis30_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fcaf%253D1%2526s1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2497786236455022%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D4061714378349545%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.tmnz.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D120%26dt%3D1714378349547%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D816%26frm%3D0%26uio%3D-%26cont%3Drs%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D627058929%26rurl%3Dhttp%253A%252F%252Fww25.tmnz.xyz%252F%253Fs1%253Dabl3%2526s3%253Dses%2526email%253D%252525%252525recipient_email%252525%252525%2526subid1%253D20240429-1812-26c4-a5f5-bdf32fa5fb35&hl=en&q=EgRRtT5aGO-svbEGIjDjtRki3HGnvXliW7o6WwpQpvuj6dv3iuW3lLbFJuffVlS9E3uzuYP9x8g_ONdmYwQyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /takedown-request HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/app.css?id=c87e71429bf4f4d8f19a HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ikhpa1FhdHRHSERxQ3NOY1RYZ21ZY0E9PSIsInZhbHVlIjoiTEd4Nld4aFhTZUFwR2QwQ3FUOXVRSnM0aFdFZzJwcHV5V2NpUGxwUEhWeUJybVNZR2dCcUE5QkpnVTZ2UEl5NXQrNkhBcmRyeUZpRWQ4bzFjVGNrc1ljb2U5VVNCZC9xenpRZ0w2dEV1ek04UXJxcE9pT2E5eHlEVTgzM1A4UXEiLCJtYWMiOiJiNGIxODUzNDRmOTE2ZTM0OWQ5Nzg3ZGUxZjNlOTM1MDcyYjI1NDc0YTI5Y2FjZDczMzM0OTk1ZWE3NjBjMWYyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /js/app.js?id=a6d102922d07b5b652c9 HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ikhpa1FhdHRHSERxQ3NOY1RYZ21ZY0E9PSIsInZhbHVlIjoiTEd4Nld4aFhTZUFwR2QwQ3FUOXVRSnM0aFdFZzJwcHV5V2NpUGxwUEhWeUJybVNZR2dCcUE5QkpnVTZ2UEl5NXQrNkhBcmRyeUZpRWQ4bzFjVGNrc1ljb2U5VVNCZC9xenpRZ0w2dEV1ek04UXJxcE9pT2E5eHlEVTgzM1A4UXEiLCJtYWMiOiJiNGIxODUzNDRmOTE2ZTM0OWQ5Nzg3ZGUxZjNlOTM1MDcyYjI1NDc0YTI5Y2FjZDczMzM0OTk1ZWE3NjBjMWYyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /dfp.js HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ikhpa1FhdHRHSERxQ3NOY1RYZ21ZY0E9PSIsInZhbHVlIjoiTEd4Nld4aFhTZUFwR2QwQ3FUOXVRSnM0aFdFZzJwcHV5V2NpUGxwUEhWeUJybVNZR2dCcUE5QkpnVTZ2UEl5NXQrNkhBcmRyeUZpRWQ4bzFjVGNrc1ljb2U5VVNCZC9xenpRZ0w2dEV1ek04UXJxcE9pT2E5eHlEVTgzM1A4UXEiLCJtYWMiOiJiNGIxODUzNDRmOTE2ZTM0OWQ5Nzg3ZGUxZjNlOTM1MDcyYjI1NDc0YTI5Y2FjZDczMzM0OTk1ZWE3NjBjMWYyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /api/account HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /X-XSRF-TOKEN: eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0=X-CSRF-TOKEN: URxiRTqrQu8DpckgD1BlvEgcEv4ce02jnakSIlMssec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ikhpa1FhdHRHSERxQ3NOY1RYZ21ZY0E9PSIsInZhbHVlIjoiTEd4Nld4aFhTZUFwR2QwQ3FUOXVRSnM0aFdFZzJwcHV5V2NpUGxwUEhWeUJybVNZR2dCcUE5QkpnVTZ2UEl5NXQrNkhBcmRyeUZpRWQ4bzFjVGNrc1ljb2U5VVNCZC9xenpRZ0w2dEV1ek04UXJxcE9pT2E5eHlEVTgzM1A4UXEiLCJtYWMiOiJiNGIxODUzNDRmOTE2ZTM0OWQ5Nzg3ZGUxZjNlOTM1MDcyYjI1NDc0YTI5Y2FjZDczMzM0OTk1ZWE3NjBjMWYyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/reamaze.js HTTP/1.1Host: cdn.reamaze.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/logo.svg HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im9KaTl0OVZhSW0rNU82Y1JtYnZGTHc9PSIsInZhbHVlIjoiUXZodzAxV2c5bDh6UmhWV1dodGZTREZ3S0s2MHZLc3RiOGRnUmNTYWZreEM1TnlRMUlTNGh4dmZBdWtxTzI1VnVsR0U5UWlSd0NLUWZMZW1iQkI1WDB5ajBVOVFvdDBjV2tUbjBmTUJmR3IxVE8xWjAyN0dtRjgvRDhSdkMzZnAiLCJtYWMiOiIwNDgyODA4Yjk4OGM2YmZhMzE2MGJiNDUwOTJjNGMwZGI0ZjU4OWZlMmZiMTRjYjlkMGRiZjFlZTMwOTNhNzU5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ikhpa1FhdHRHSERxQ3NOY1RYZ21ZY0E9PSIsInZhbHVlIjoiTEd4Nld4aFhTZUFwR2QwQ3FUOXVRSnM0aFdFZzJwcHV5V2NpUGxwUEhWeUJybVNZR2dCcUE5QkpnVTZ2UEl5NXQrNkhBcmRyeUZpRWQ4bzFjVGNrc1ljb2U5VVNCZC9xenpRZ0w2dEV1ek04UXJxcE9pT2E5eHlEVTgzM1A4UXEiLCJtYWMiOiJiNGIxODUzNDRmOTE2ZTM0OWQ5Nzg3ZGUxZjNlOTM1MDcyYjI1NDc0YTI5Y2FjZDczMzM0OTk1ZWE3NjBjMWYyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/script.js HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/banner.js HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/chunks/14.3a7973fff8110300ff48.js HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlpDR0UwNisvNzBpUVhzYzJUVTd3K1E9PSIsInZhbHVlIjoiKzNEUUE3eVAyUC9kcUxqekFMSjByZW04VVZEV3NNS1RmM1BOWlhGNThhZ3l6cmYyRVlXRWgyY3J1eFlkT2txSVRXQUdZVkh4T3MweUVESXVHYk53b1M3U3IzeWc1YXE3YisyYUhVcjVwM0lQaHYwb2FRUXZVVk9IQ2ljeTZtV2IiLCJtYWMiOiJjNTM1MjhhYzdlMTZhMmZlMTk0Yzc4ZWQzMTFhYTJlZWQzMDkzMzdmYzFjZTliYWVjMjI4YWJiNzY2MjllYjliIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /data/brands/bodis/ping HTTP/1.1Host: cdn.reamaze.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/logo.svg HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlpDR0UwNisvNzBpUVhzYzJUVTd3K1E9PSIsInZhbHVlIjoiKzNEUUE3eVAyUC9kcUxqekFMSjByZW04VVZEV3NNS1RmM1BOWlhGNThhZ3l6cmYyRVlXRWgyY3J1eFlkT2txSVRXQUdZVkh4T3MweUVESXVHYk53b1M3U3IzeWc1YXE3YisyYUhVcjVwM0lQaHYwb2FRUXZVVk9IQ2ljeTZtV2IiLCJtYWMiOiJjNTM1MjhhYzdlMTZhMmZlMTk0Yzc4ZWQzMTFhYTJlZWQzMDkzMzdmYzFjZTliYWVjMjI4YWJiNzY2MjllYjliIiwidGFnIjoiIn0%3D; cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /X-XSRF-TOKEN: eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0=X-CSRF-TOKEN: URxiRTqrQu8DpckgD1BlvEgcEv4ce02jnakSIlMssec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlpDR0UwNisvNzBpUVhzYzJUVTd3K1E9PSIsInZhbHVlIjoiKzNEUUE3eVAyUC9kcUxqekFMSjByZW04VVZEV3NNS1RmM1BOWlhGNThhZ3l6cmYyRVlXRWgyY3J1eFlkT2txSVRXQUdZVkh4T3MweUVESXVHYk53b1M3U3IzeWc1YXE3YisyYUhVcjVwM0lQaHYwb2FRUXZVVk9IQ2ljeTZtV2IiLCJtYWMiOiJjNTM1MjhhYzdlMTZhMmZlMTk0Yzc4ZWQzMTFhYTJlZWQzMDkzMzdmYzFjZTliYWVjMjI4YWJiNzY2MjllYjliIiwidGFnIjoiIn0%3D; cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/brands/bodis/ping HTTP/1.1Host: cdn.reamaze.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/reamaze-push.js HTTP/1.1Host: push.reamaze.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/pusher/7.0.1/pusher.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: k1GnZwr/n1h8ERNGEIJ9MA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /X-XSRF-TOKEN: eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0=X-CSRF-TOKEN: URxiRTqrQu8DpckgD1BlvEgcEv4ce02jnakSIlMssec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9iUGYya0o4WDdMUFRiZUE5elZSVmc9PSIsInZhbHVlIjoiVk4vNUxscGhMTDluQTI4andIdnlHRXpoekhZLzZ5YVZlbGtnYndkTWJKR3FTQUIxUUZHQTVsek9SbW1sS2tQU25ubU42d3llNWJwYnFnUjRydUwyWmlSN05nNWU0Z0IrVGwrbXFYczJSY2p3TlJVVFlVQWJhUUFoVUM0MC9oMjUiLCJtYWMiOiJkMzlhMDhiMTg4NzViNDVmMTMxMTYzN2UwYzdmNTExOWVkNTRlM2M4N2MxNzU1ZjA5YmIyOTYxZTgyMjlmMjQzIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlpDR0UwNisvNzBpUVhzYzJUVTd3K1E9PSIsInZhbHVlIjoiKzNEUUE3eVAyUC9kcUxqekFMSjByZW04VVZEV3NNS1RmM1BOWlhGNThhZ3l6cmYyRVlXRWgyY3J1eFlkT2txSVRXQUdZVkh4T3MweUVESXVHYk53b1M3U3IzeWc1YXE3YisyYUhVcjVwM0lQaHYwb2FRUXZVVk9IQ2ljeTZtV2IiLCJtYWMiOiJjNTM1MjhhYzdlMTZhMmZlMTk0Yzc4ZWQzMTFhYTJlZWQzMDkzMzdmYzFjZTliYWVjMjI4YWJiNzY2MjllYjliIiwidGFnIjoiIn0%3D; cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1714378387.1.0.1714378387.60.0.0; _ga=GA1.1.1690271585.1714378387; XSRF-TOKEN=eyJpdiI6Ik92dGNZOW5xdm1hV05Zb0Y2RzY2Qmc9PSIsInZhbHVlIjoiUnRIT3VUUkNrYUJBS0pmclcxWVpPVWZjZzk3TldjMlplRWU0R2p1R1JTcmd2Q2tVdnpCZTIxRU1zbFZxb3lRdnNJaEdaTTAwMFRxcUk0N3d2Tm9PRHpFdHprS0pGVXQ1K2tQdkNmbFZDVXZadTFUcjVpdlNIL3pYeDlvZkh0TWwiLCJtYWMiOiIxMjU5M2FlYWY1ZWE0NTJlYmFmZGIyZmIwOWYxODI4NTE1MmI3NjljOTVkNzU4YzQzMDY1MjE3NmUyZTc1OTk1IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6Ik5NVm1MRkU4NDB2OFRTMmxzLzQ4Q0E9PSIsInZhbHVlIjoiQVBUYkV5ZlB6K2cwMVZtNXlGV2lDbzM2bHlZMmxDU0ZZaWlCVWRzY1RSLzRtQ0ZpUlhWQzBpbzRBYmFTcTlvZ1ZlTm5pbnRncy9PelNYcDdNOEJUNGZ1elVOK0Y3ZnhxTFpiZFZNZ0pkTXFnQ2hrV2o2OFVRQXhkUXNkWHJ2VXQiLCJtYWMiOiI1Nzk0ODdmODhiODI1NGIxYjkyOTY5ZjdlYTNkMDQ1ZWZjYzU4ZWY3ZTM0ZDIxMTM3YzUzOThkMDcxOWQ0MWY0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1714378387.1.0.1714378387.60.0.0; _ga=GA1.1.1690271585.1714378387; XSRF-TOKEN=eyJpdiI6Imk3T3dFazdiNHBzWklLVWlmbTNsMUE9PSIsInZhbHVlIjoiTzBrY1RoRmp2Z0hMWk15WDA4U0ZEb0FiV28wR0IzaFBsY0p6dW1iUVZ6V1hJQ2FFRkUrWkNCaWo3akpxaW1LZEdZd3BDVHpkNVFmZm13Y2tiODl4TFo1elBNbyswMVdNZW16anEwSFRzTENIMWRibzQ1emVJczRYSzVKaWxVS0YiLCJtYWMiOiI3YzIyMTE1OWVjYjUzZmEyZmRkYTZjMWZmNWIyMjNkY2Y4MjhmZjczNTAxMDg2NDAwMjE0YjE1ODI5OTBjOTNjIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlBPVnJneFRua2VGME5HY28rNWtLdnc9PSIsInZhbHVlIjoiQUxQaUhNNFhSVURtNjJwOXVOTGR2RTlUMG1QK2RMN0xNbnZGU2lEeVloQ1NDRkZwcVdaNE9FRkYxRHBZKzRoWDRLUmhBeGpNYmdlVUwydGZzQ1RpT2R1UzZCRW1qcS9pNWx2NnVvbjVxR0d5MTRqRDUvV0hIdjBJRWpkMG9pOEgiLCJtYWMiOiJhMjQ2ZDEyNGVkYmQ4MWExYjYwOWE4MWY0OWMyZjExNjBiZWRhYjkzYzcyMTA4NDlhNDgzN2U0NWYxOTBiODUyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8 HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=wqdbk2cftpl8Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/fyCF3lmo_OYnC_9rGWUF-CeQvtOEKKrTUK_XXS1Fd1s.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.recaptcha.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 2dGv4b7OU0pfinHgbMSbAg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74 HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/gZm2ypof.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1714378387.1.0.1714378387.60.0.0; _ga=GA1.1.1690271585.1714378387; XSRF-TOKEN=eyJpdiI6IkkxSjZERldkUXVDVDdoUGJiMjZxVkE9PSIsInZhbHVlIjoiK3BranVBajA1a0Z4VXBMbzM4WHN4TEkrZmtvc3Z3QUw1bzdXaWhoeEI5QXJSN2JUTU1IK1dIS0RNWncwekFXTXVQK1pSNVFSU0QrdnYxYlloMnh1amxPQkgvMUQ4NThaR2hCVnNFNEI5WkdHT0x6M1NUY3A4b3pZZUNTV2lpNjAiLCJtYWMiOiJjZjMwNzhkNWRiMTk2NDllNmVlMDM5Y2M3ODFlYmI1MjkxOGU0YjE3YjgyNmJmY2EwZjFkZGMyYWU4MzZkNjRlIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlFVRXFNa0lrVlVyd0tHcGRLUy9uTmc9PSIsInZhbHVlIjoiSlNNYzBndkZncjZLbGtLUlRxR2RubHlOQVVLdHZORStUL0JGSVVyTTBQY2kzbjJzT09oTWJKbFFUcFlUNjNtcVpLc0tWWUhBQythNHFZL0dwS1djK2JuSm80a1BpdUVReHRzUDVBbmpPZFpSc1dleVlCMElTdzN5YzhPd3M2NjEiLCJtYWMiOiI1ZGE3NmMxYjE4NDNhMjE5YjA1ZWI3MjJmZjFmOWQ3YTdkYzI4MWFjZGI3MmRiN2FlN2FiNWQ4OTY3YjMyNmZmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:aE5iQVVGb0tOdktyQ1dLUUJoY0o5bUpwaFptVkgzZVc,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1714378387.1.0.1714378387.60.0.0; _ga=GA1.1.1690271585.1714378387; XSRF-TOKEN=eyJpdiI6IkkxSjZERldkUXVDVDdoUGJiMjZxVkE9PSIsInZhbHVlIjoiK3BranVBajA1a0Z4VXBMbzM4WHN4TEkrZmtvc3Z3QUw1bzdXaWhoeEI5QXJSN2JUTU1IK1dIS0RNWncwekFXTXVQK1pSNVFSU0QrdnYxYlloMnh1amxPQkgvMUQ4NThaR2hCVnNFNEI5WkdHT0x6M1NUY3A4b3pZZUNTV2lpNjAiLCJtYWMiOiJjZjMwNzhkNWRiMTk2NDllNmVlMDM5Y2M3ODFlYmI1MjkxOGU0YjE3YjgyNmJmY2EwZjFkZGMyYWU4MzZkNjRlIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlFVRXFNa0lrVlVyd0tHcGRLUy9uTmc9PSIsInZhbHVlIjoiSlNNYzBndkZncjZLbGtLUlRxR2RubHlOQVVLdHZORStUL0JGSVVyTTBQY2kzbjJzT09oTWJKbFFUcFlUNjNtcVpLc0tWWUhBQythNHFZL0dwS1djK2JuSm80a1BpdUVReHRzUDVBbmpPZFpSc1dleVlCMElTdzN5YzhPd3M2NjEiLCJtYWMiOiI1ZGE3NmMxYjE4NDNhMjE5YjA1ZWI3MjJmZjFmOWQ3YTdkYzI4MWFjZGI3MmRiN2FlN2FiNWQ4OTY3YjMyNmZmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/gZm2ypof.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/ip HTTP/1.1Host: directory.cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/config/ZXSmM0UO.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/ip HTTP/1.1Host: directory.cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/translations/aE73XpKx.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/config/ZXSmM0UO.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/audit-table/jYoNmHK1.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/translations/aE73XpKx.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/audit-table/jYoNmHK1.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/close.svg HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/poweredbtcky.svg HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/close.svg HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/poweredbtcky.svg HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 1cCRne5FrKG1bmpX1LiZ8Q==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: Oxpn7BYSy3JuZSeYrE1s7g==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /js/bg/lkTXq49YG5_ej1w7m4T9Nw_1Lx1Ocd1gteWQpsfV_Tk.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.recaptcha.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6s-4MX2kz3VNLAzZmfd-7yXjbkbTSWAwj4Kz96bCQFX-EI8nvaf3Xkq2ZBjYXCMoIpCn36bjTxAXaLDnmXjMUvj-D8D1yxfXMAOHS6hmVO0J-yHtAhMtcSUaFcwnvkQ_Gq7WHrAJjL1JSh9Y0SyTyd_mC9cv-zIHGIhaawRdHz8eBizc9Fd20PxSmYeelBpS0BbTPi&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74 HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AN_JpP-WG2XUH_gJzietZATudya64lmy4fZuIsAwreJLqGK0-aZKLTJaNcn-AutA5GXt_c56vsMePt0b2z7MorM
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/reload?k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74 HTTP/1.1Host: www.recaptcha.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AN_JpP-WG2XUH_gJzietZATudya64lmy4fZuIsAwreJLqGK0-aZKLTJaNcn-AutA5GXt_c56vsMePt0b2z7MorM
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6s-4MX2kz3VNLAzZmfd-7yXjbkbTSWAwj4Kz96bCQFX-EI8nvaf3Xkq2ZBjYXCMoIpCn36bjTxAXaLDnmXjMUvj-D8D1yxfXMAOHS6hmVO0J-yHtAhMtcSUaFcwnvkQ_Gq7WHrAJjL1JSh9Y0SyTyd_mC9cv-zIHGIhaawRdHz8eBizc9Fd20PxSmYeelBpS0BbTPi&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74 HTTP/1.1Host: www.recaptcha.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AN_JpP-WG2XUH_gJzietZATudya64lmy4fZuIsAwreJLqGK0-aZKLTJaNcn-AutA5GXt_c56vsMePt0b2z7MorM
Source: global traffic	HTTP traffic detected: GET /?s1=abl3&s3=ses&email=%25%25recipient_email%25%25 HTTP/1.1Host: tmnz.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?s1=abl3&s3=ses&email=%25%25recipient_email%25%25&subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35 HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bFUOzuoWY.js HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ww25.tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25&subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75
Source: global traffic	HTTP traffic detected: GET /_fd?s1=abl3&s3=ses&email=%25%25recipient_email%25%25&subid1=20240429-1812-26c4-a5f5-bdf32fa5fb35 HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75
Source: global traffic	HTTP traffic detected: GET /legal HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ww25.tmnz.xyz/legalAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /legal HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /legal HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ww25.tmnz.xyz/legalAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww25.tmnz.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: parking_session=887cc404-ff50-446f-88d9-3050aadd9d75; __gsas=ID=f53f0a9518a838c3:T=1714378351:RT=1714378351:S=ALNI_MaWIc4_ZuEhT41DzGuL14pWfVrnVg

Source: chromecache_150.2.dr

Source: global traffic	DNS traffic detected: DNS query: tmnz.xyz
Source: global traffic	DNS traffic detected: DNS query: ww25.tmnz.xyz
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.adsensecustomsearchads.com
Source: global traffic	DNS traffic detected: DNS query: www.bodis.com
Source: global traffic	DNS traffic detected: DNS query: cdn.reamaze.com
Source: global traffic	DNS traffic detected: DNS query: cdn-cookieyes.com
Source: global traffic	DNS traffic detected: DNS query: log.cookieyes.com
Source: global traffic	DNS traffic detected: DNS query: www.recaptcha.net
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: ws.reamaze.com
Source: global traffic	DNS traffic detected: DNS query: push.reamaze.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: directory.cookieyes.com

Source: unknown

Source: chromecache_152.2.dr	String found in binary or memory: http://www.domainname.com/page.html
Source: chromecache_150.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_150.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_135.2.dr	String found in binary or memory: https://bodis.medium.com/
Source: chromecache_150.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_127.2.dr	String found in binary or memory: https://easylist-downloads.adblockplus.org/easylist.txt
Source: chromecache_100.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=
Source: chromecache_81.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:300
Source: chromecache_146.2.dr, chromecache_106.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:400
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xEIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xFIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xLIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_142.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_145.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_145.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.22.5/LICENSE
Source: chromecache_150.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_100.2.dr, chromecache_150.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_100.2.dr	String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: chromecache_99.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_101.2.dr	String found in binary or memory: https://pusher.com/
Source: chromecache_99.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_150.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_150.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_99.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_100.2.dr	String found in binary or memory: https://syndicatedsearch.goog
Source: chromecache_150.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_136.2.dr	String found in binary or memory: https://www.bodis.com/dfp.js
Source: chromecache_136.2.dr	String found in binary or memory: https://www.bodis.com/favicon-32x32.png
Source: chromecache_152.2.dr	String found in binary or memory: https://www.bodis.com/takedown-request
Source: chromecache_152.2.dr	String found in binary or memory: https://www.bodis.com/terms/infringement-notification-policy
Source: chromecache_150.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_134.2.dr, chromecache_133.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_150.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_150.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_134.2.dr, chromecache_105.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
Source: chromecache_147.2.dr, chromecache_151.2.dr, chromecache_133.2.dr, chromecache_85.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
Source: chromecache_150.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_85.2.dr	String found in binary or memory: https://www.recaptcha.net/recaptcha/api2/
Source: chromecache_146.2.dr, chromecache_106.2.dr	String found in binary or memory: https://www2.bodis.com/svg/logo.svg

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443

Source: unknown	HTTPS traffic detected: 23.203.40.158:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.203.40.158:443 -> 192.168.2.4:49751 version: TLS 1.2

Source: classification engine

Classification label: sus21.troj.win@22/129@52/21

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1956,i,7510211062430527393,10561017148369666314,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1956,i,7510211062430527393,10561017148369666314,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1433160
Product:	CloudBasic
Start time:	10:11:33
Start date:	29.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://tmnz.xyz/?s1=abl3&s3=ses&email=%25%25recipient_email%25%25