Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://awqffg.newburuan2023.biz.id/next.php

Overview

General Information

Sample URL:http://awqffg.newburuan2023.biz.id/next.php
Analysis ID:1461357
Infos:

Detection

HTMLPhisher
Score:84
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Multi AV Scanner detection for submitted file
Yara detected HtmlPhish10
Performs DNS queries to domains with low reputation
HTML body contains low number of good links
HTML title does not match URL
HTTP GET or POST without a user agent
None HTTPS page querying sensitive user data (password, username or email)

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3704 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
    • chrome.exe (PID: 1880 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2000,i,3456001468419010909,16608271696989204041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • chrome.exe (PID: 2036 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://awqffg.newburuan2023.biz.id/next.php" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
0.5.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
    0.1.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
      0.0.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
        0.3.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
          0.4.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
            Click to see the 1 entries

            Sigma Signatures

            No Sigma rule has matched

            Snort Signatures

            No Snort rule has matched

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Antivirus / Scanner detection for submitted sample
            Source: http://awqffg.newburuan2023.biz.id/next.phpAvira URL Cloud: detection malicious, Label: phishing
            Source: http://awqffg.newburuan2023.biz.id/next.phpSlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social usering
            Antivirus detection for URL or domain
            Source: http://awqffg.newburuan2023.biz.id/img/event-notification-icon.pngAvira URL Cloud: Label: phishing
            Source: https://awqffg.newburuan2023.biz.id/img/7.pngAvira URL Cloud: Label: phishing
            Source: http://awqffg.newburuan2023.biz.id/img/4.pngAvira URL Cloud: Label: phishing
            Source: http://awqffg.newburuan2023.biz.id/img/rewards-box-navbar.pngAvira URL Cloud: Label: phishing
            Source: https://awqffg.newburuan2023.biz.id/img/5.pngAvira URL Cloud: Label: phishing
            Source: http://awqffg.newburuan2023.biz.id/img/6.pngAvira URL Cloud: Label: phishing
            Source: https://awqffg.newburuan2023.biz.id/img/3.pngAvira URL Cloud: Label: phishing
            Source: http://awqffg.newburuan2023.biz.id/img/menu-on.pngAvira URL Cloud: Label: phishing
            Source: https://awqffg.newburuan2023.biz.id/img/rewards-box-content.pngAvira URL Cloud: Label: phishing
            Source: https://awqffg.newburuan2023.biz.id/img/btn-on.pngAvira URL Cloud: Label: phishing
            Source: https://awqffg.newburuan2023.biz.id/img/menu-on.pngAvira URL Cloud: Label: phishing
            Source: http://awqffg.newburuan2023.biz.id/img/1.pngAvira URL Cloud: Label: phishing
            Source: http://awqffg.newburuan2023.biz.id/img/rewards-box-content.pngAvira URL Cloud: Label: phishing
            Source: https://awqffg.newburuan2023.biz.id/img/1.pngAvira URL Cloud: Label: phishing
            Source: http://awqffg.newburuan2023.biz.id/css/login/facebook.cssAvira URL Cloud: Label: phishing
            Source: https://awqffg.newburuan2023.biz.id/img/event-notification-icon.pngAvira URL Cloud: Label: phishing
            Source: http://awqffg.newburuan2023.biz.id/img/3.pngAvira URL Cloud: Label: phishing
            Source: http://awqffg.newburuan2023.biz.id/img/5.pngAvira URL Cloud: Label: phishing
            Multi AV Scanner detection for submitted file
            Source: http://awqffg.newburuan2023.biz.id/next.phpVirustotal: Detection: 17%Perma Link

            Phishing

            barindex
            AI detected phishing page
            Source: http://awqffg.newburuan2023.biz.idLLM: Score: 8 brands: Mobile Legends Reasons: The URL 'http://awqffg.newburuan2023.biz.id' is highly suspicious as it does not match the legitimate domain 'mobilelegends.com' associated with the Mobile Legends brand. The use of a subdomain and a non-standard TLD (.biz.id) is a common tactic in phishing attacks. The webpage appears to offer rewards and limited skins, which is a common social usering technique to lure users. The presence of a countdown timer is another tactic to create urgency and prompt users to act quickly without verifying the site's legitimacy. There are no login forms or captchas present, but the overall setup and domain strongly indicate a phishing attempt. DOM: 0.0.pages.csv
            Source: http://awqffg.newburuan2023.biz.idLLM: Score: 8 brands: Mobile Legends Reasons: The URL 'http://awqffg.newburuan2023.biz.id' is highly suspicious. The domain name does not match the legitimate domain for Mobile Legends, which is 'mobilelegends.com'. The use of a random subdomain and a non-standard TLD (biz.id) is a common tactic in phishing attacks. The webpage design mimics the legitimate Mobile Legends site, which is a social usering technique to mislead users. The presence of 'Collect' buttons for rewards is another common phishing tactic to entice users to click on potentially harmful links. There is no login form or captcha present, but the overall setup and domain inconsistencies strongly indicate a phishing attempt. DOM: 0.1.pages.csv
            Yara detected HtmlPhish10
            Source: Yara matchFile source: 0.5.pages.csv, type: HTML
            Source: Yara matchFile source: 0.1.pages.csv, type: HTML
            Source: Yara matchFile source: 0.0.pages.csv, type: HTML
            Source: Yara matchFile source: 0.3.pages.csv, type: HTML
            Source: Yara matchFile source: 0.4.pages.csv, type: HTML
            Source: Yara matchFile source: 0.2.pages.csv, type: HTML
            Source: http://awqffg.newburuan2023.biz.id/next.phpHTTP Parser: Number of links: 0
            Source: http://awqffg.newburuan2023.biz.id/next.phpHTTP Parser: Title: Mobile Legends: Bang Bang does not match URL
            Source: http://awqffg.newburuan2023.biz.id/next.phpHTTP Parser: Has password / email / username input fields
            Source: http://awqffg.newburuan2023.biz.id/next.phpHTTP Parser: <input type="password" .../> found
            Source: http://awqffg.newburuan2023.biz.id/next.phpHTTP Parser: No <meta name="author".. found
            Source: http://awqffg.newburuan2023.biz.id/next.phpHTTP Parser: No <meta name="author".. found
            Source: http://awqffg.newburuan2023.biz.id/next.phpHTTP Parser: No <meta name="author".. found
            Source: http://awqffg.newburuan2023.biz.id/next.phpHTTP Parser: No <meta name="author".. found
            Source: http://awqffg.newburuan2023.biz.id/next.phpHTTP Parser: No <meta name="author".. found
            Source: http://awqffg.newburuan2023.biz.id/next.phpHTTP Parser: No <meta name="author".. found
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49717 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49767 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49783 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49784 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49801 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49932 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49963 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49987 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49988 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49989 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49993 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49995 version: TLS 1.2

            Networking

            barindex
            Performs DNS queries to domains with low reputation
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: bagasarya.xyz
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: bagasarya.xyz
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: bagasarya.xyz
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: bagasarya.xyz
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: ipinfo.ioConnection: Keep-Alive
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sun, 23 Jun 2024 22:30:19 GMTContent-Type: text/cssContent-Length: 2814Connection: keep-alivecache-control: public, max-age=604800expires: Sun, 30 Jun 2024 22:30:19 GMTlast-modified: Sun, 19 Feb 2023 22:44:18 GMTcontent-encoding: gzipvary: Accept-Encodingx-turbo-charged-by: LiteSpeedCF-Cache-Status: MISSAccept-Ranges: bytesReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yssW4uo1J3hgP779ZSfbAGzzV7XFdVaDeW7mmMi7qOHoz66KL8m5S%2FGys8MwMdZdUP7cj02ucF9OJ9mFBJm8hib9LHuX2e9tYNHRSDiH6B%2FGU7v82LPeHLffBen1Pqzpe1LMCfZTepIl%2BTGidg8%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8987ec00ae7341de-EWRalt-svc: h3=":443"; ma=86400Data Raw: 1f 8b 08 00 00 00 00 00 00 03 d5 1a db 72 db b8 f5 d9 99 c9 3f 60 ec f1 c4 ce 98 32 29 89 92 45 4f db 24 9b b8 cf bd 3c b4 7d c9 80 24 48 61 4d 02 1c 12 b2 ec 64 f3 ef 1d 80 00 09 80 20 a5 38 4e bb bb d9 dd 89 40 e0 e0 dc 6f 38 ef 92 2d ac 1b c4 c0 e9 8e 65 de cd e9 ed eb 57 ef 70 59 d1 9a 81 5d 5d 5c 9c 6e 19 ab 9a e8 fa 3a a3 84 35 b3 9c d2 bc 40 b0 c2 cd 2c a1 e5 75 d2 34 7f c9 60 89 8b a7 3f fd 9d c6 94 d1 68 e1 fb 57 4b df bf 0a 7d ff 6a ed fb bf fd 13 dd 1b 8b a7 97 b7 af 5f bd bd 7a 1b c5 28 a3 35 ba 7a 1b c1 8c a1 1a 7c 7d fd ea c4 db a3 f8 1e 33 2f a6 8f 5e 83 bf 60 92 47 31 ad 53 54 f3 95 5b be a1 a4 5f c6 bf 8e 7d f8 f6 fa d5 8c c0 87 18 b6 b7 c4 30 b9 cf 6b ba 23 69 04 ce fc 5f f8 1f 7e 7a 8f 53 b6 8d 40 e0 fb e7 fc e7 16 e1 7c cb 22 b0 0a 2b 13 86 d7 6c 69 25 00 c9 13 f3 76 c7 49 09 eb 1c 13 8f d1 2a 02 c1 c6 58 ab 5b 58 73 df 86 55 40 92 ef 60 8e 5e 0a 5e 89 c8 ce 80 e5 1f 0b 6b 40 a6 58 d7 61 c1 1d a3 fc 5c 56 50 c8 22 20 be 9b 47 52 ba 27 05 85 e9 90 cd 59 96 c0 60 a1 b1 79 b9 6a 91 50 6c 5e ba 88 f6 5d 88 aa 55 29 e2 1a a6 78 d7 44 60 dd ae 1e 81 1c 2e 73 17 8b 14 26 f3 40 bf 35 02 c1 a2 e3 cc 16 c1 54 aa ea 88 b6 28 1e 49 94 63 ca 18 2d 23 10 84 36 0c 0b 89 03 70 04 3b 3c df 06 f2 80 53 44 7f 00 0c 7a 40 84 79 0c b3 02 79 fb 1a 56 d5 10 b1 1b df e0 6b 81 32 66 1c 6e 76 b1 38 cf cf 00 Data Ascii: r?`2)EO$<}$HaMd 8N@o8-eWpY]]\n:5@,u4`?hWK}j_z(5z|}3/^`G1ST[_}0k#i_~zS@|"+li%vI*X[XsU@`^^k@Xa\VP" GR'Y`yjPl^]U)xD`.s&@5T(Ic-#6p;<SDz@yyVk2fnv8
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: ipinfo.ioConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ions-package@3.2.7/ionicons.map.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /F0M517t/download-1.png HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /jg52JWm/F7-LH3-Swbs-AAk-F6-A.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /KLHDscv/IMG-20231214-WA0004.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /1M4VvTM/IMG-20231214-WA0003.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /VL0vycT/quality-restoration-20240615182251990.jpg HTTP/1.1Host: i.ibb.co.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/event-notification-icon.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /F0M517t/download-1.png HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /KLHDscv/IMG-20231214-WA0004.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /yBHN0Cp/IMG-20231125-WA0021.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /yY3mCvp/quality-restoration-20240615182815255.jpg HTTP/1.1Host: i.ibb.co.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /TqhQ1yg/quality-restoration-20240615182727420.jpg HTTP/1.1Host: i.ibb.co.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /X2tdG3x/IMG-20231117-WA0007.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /HtVxWtD/quality-restoration-20240615182902818.jpg HTTP/1.1Host: i.ibb.co.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /g95jWyW/IMG-20231117-WA0006.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /1M4VvTM/IMG-20231214-WA0003.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /MnKmpNc/1696698639716.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ZWp9Zpj/1696698675917.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /YPC3TQw/1696698216392.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /jg52JWm/F7-LH3-Swbs-AAk-F6-A.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: http://awqffg.newburuan2023.biz.idsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /X7kfYXd5/Xavierjjk.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/border/background.png HTTP/1.1Host: bagasarya.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /KYRBfNV7/Juliann-Jjk.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /QMw5y7G2/yinJjk.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /qvm22YmM/melisajjk.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /BbyF7zDF/Claude-kbrstore.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /BbtDg38s/Fanny-kbrstore.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /VH7V8Pn/20220811-180040.png HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /DgDKH0L/IMG-20230913-WA0035.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /tLFhDPB/IMG-20230913-WA0034.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cNS56Fp/IMG-20230913-WA0037.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /SycXDBP/IMG-20230913-WA0038.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /303JfCX/IMG-20230913-WA0039.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /63Dymz1q/IMG-20230124-WA0049.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Jncn4Jr4/IMG-20230124-WA0050.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /kGLXTyws/IMG-20230124-WA0051.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /66FvjV8F/IMG-20230124-WA0052.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /bvGPBnDF/IMG-20230124-WA0053.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /vdQNnx6/IMG-20230913-WA0040.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /7Qkm4yz/IMG-20230913-WA0041.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /415BzcM/IMG-20230913-WA0042.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
            Source: global trafficHTTP traffic detected: GET /VL0vycT/quality-restoration-20240615182251990.jpg HTTP/1.1Host: i.ibb.co.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /TBTspJm/IMG-20230913-WA0043.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /8zcrx9Rx/IMG-20221222-204556.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /SdXKTP5/IMG-20230913-WA0044.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /SNy9fJJS/IMG-20221222-204658.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /tJxRzYz/IMG-20230913-WA0045.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /1QWj2sV/IMG-20230913-WA0033.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /wWvYgwW/IMG-20230913-WA0046.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /c3Q0Sf6/IMG-20230905-201237.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /jdZ7gt7z/IMG-20221222-204720.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /TqhQ1yg/quality-restoration-20240615182727420.jpg HTTP/1.1Host: i.ibb.co.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /qv5dSCJX/Bagasarya-Lesley-Star.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /gh/arpantek/logArpan@main/mlbb-5v5.webp HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/border/background.png HTTP/1.1Host: bagasarya.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /yY3mCvp/quality-restoration-20240615182815255.jpg HTTP/1.1Host: i.ibb.co.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /yBHN0Cp/IMG-20231125-WA0021.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /X2tdG3x/IMG-20231117-WA0007.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ZWp9Zpj/1696698675917.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /HtVxWtD/quality-restoration-20240615182902818.jpg HTTP/1.1Host: i.ibb.co.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /g95jWyW/IMG-20231117-WA0006.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /MnKmpNc/1696698639716.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /YPC3TQw/1696698216392.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/rewards-box-navbar.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/menu-on.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/event-notification.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/rewards-box-content.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/btn-on.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /rHZp9Ff/IMG-20230905-201324.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/menu-off.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /GvMf3dB/IMG-20230831-091813.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Zxp516G/8.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /GHbmkYC/4.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /6twbHvG/5.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /FqRpHQV/6.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /X7kfYXd5/Xavierjjk.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /sxtPc197/1661772927382.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /KYRBfNV7/Juliann-Jjk.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /QMw5y7G2/yinJjk.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /qvm22YmM/melisajjk.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /BbyF7zDF/Claude-kbrstore.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /6Q28NpYw/IMG-20220524-181348.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /PJxGBPQQ/IMG-20220524-181326.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /0QVFd91M/IMG-20220524-181304.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /DgDKH0L/IMG-20230913-WA0035.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cNS56Fp/IMG-20230913-WA0037.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /tLFhDPB/IMG-20230913-WA0034.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /VH7V8Pn/20220811-180040.png HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/4.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/5.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /303JfCX/IMG-20230913-WA0039.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /SycXDBP/IMG-20230913-WA0038.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/6.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/7.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/2.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/3.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /BbtDg38s/Fanny-kbrstore.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /zG1zXB8/IMG-20230716-011938.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /1T0H17d/Picsart-23-07-03-17-42-40-981.png HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /6bpFNLV/Picsart-23-07-03-17-44-51-448.png HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /9pm2ffJ/Picsart-23-07-03-17-45-37-751.png HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Jncn4Jr4/IMG-20230124-WA0050.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /L1b21P2/Picsart-23-07-03-17-46-14-634.png HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /66FvjV8F/IMG-20230124-WA0052.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /63Dymz1q/IMG-20230124-WA0049.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /BBz3Mt9/1673016816213.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /kGLXTyws/IMG-20230124-WA0051.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/1.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /fyJcLQjr/1650272368820.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /W3vX7c5g/IMG-20220513-160904.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /bvGPBnDF/IMG-20230124-WA0053.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /x1mY0VSq/kbr-legend-guin.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /7Qkm4yz/IMG-20230913-WA0041.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /vdQNnx6/IMG-20230913-WA0040.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /415BzcM/IMG-20230913-WA0042.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /TBTspJm/IMG-20230913-WA0043.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /QxLT8s2W/kbr-M-World-ling.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /tJxRzYz/IMG-20230913-WA0045.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /SNy9fJJS/IMG-20221222-204658.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /8zcrx9Rx/IMG-20221222-204556.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /jdZ7gt7z/IMG-20221222-204720.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /qv5dSCJX/Bagasarya-Lesley-Star.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /sxtPc197/1661772927382.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /GWM94Hx/1673097440815.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /2NbgDdv/IMG-20221022-121321.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /FD2S2Jd/IMG-20221022-121346.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /1QWj2sV/IMG-20230913-WA0033.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /SdXKTP5/IMG-20230913-WA0044.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /wWvYgwW/IMG-20230913-WA0046.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /30Mfgd4/IMG-20221022-121407.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /F0W2RX4/IMG-20221022-121435.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /YLq3wVv/IMG-20221001-172227.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /284B3MY9/kbr-M-World-Wan-Wan.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /vZbxnhHY/kbr-M-World-yin.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ZqfN4NmT/kbr-515-zilong.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /c3Q0Sf6/IMG-20230905-201237.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /FqRpHQV/6.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /GHbmkYC/4.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /wvZssd3Z/kbr-515%20eParty-angela.jpgg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /W3vX7c5g/IMG-20220513-160904.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /fyJcLQjr/1650272368820.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /QxLT8s2W/kbr-M-World-ling.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /6twbHvG/5.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /GvMf3dB/IMG-20230831-091813.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /qdcxRWH/IMG-20221001-172257.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /3kK18tF/1661337953268.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /sHCMx01/1661337857469.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /rHZp9Ff/IMG-20230905-201324.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Lp9Bnrc/1661337912443.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Zxp516G/8.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /wvZssd3Z/kbr-515%20eParty-angela.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /909wdN7M/kbr-515%20eParty-claude.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /zG1zXB8/IMG-20230716-011938.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /CLvc5py5/20220622-011746.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /JhH6S62n/20220622-011823.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /BBz3Mt9/1673016816213.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /NNVZ6Bj/1661337890778.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Tq95WdX/kbrstore-sun.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /N6B5NN2/kbrstore-natan.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /k44dp4r/IMG-20220802-214423.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /1T0H17d/Picsart-23-07-03-17-42-40-981.png HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /L1b21P2/Picsart-23-07-03-17-46-14-634.png HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /6RVBVbJ/kbrstore-luoyi.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Tw87xVzc/20220622-011910.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /SNQZmNvH/20220622-011934.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /BZqh9K2/kbrstore-kimmy.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /j2cZyGL8/20220622-011954.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /p22Xvd1/kbrstore-yss.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /qR8mvt0H/20220622-012050.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /59S7cFnw/20220622-012132.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /MspFG9t/Remini20220611131253287.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /P4MQZkT/Remini20220611131130808.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /wjZ6477D/20220622-084916.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ht9C6YGM/20220622-084935.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /G5fJm2M/Remini20220611131149746.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Xv42bgGW/20220622-084957.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /QtM0BxJn/20220622-085010.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /1zBv5Nwq/20220622-085026.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /jWN9pjF7atbqHYXAAfwvIjtzpGwTIVwX9etT0-9HiWjRjE1hInoEgJiWjwsiemu2rEb8 HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /2NbgDdv/IMG-20221022-121321.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /GWM94Hx/1673097440815.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /YLq3wVv/IMG-20221001-172227.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /FD2S2Jd/IMG-20221022-121346.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /30Mfgd4/IMG-20221022-121407.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /F0W2RX4/IMG-20221022-121435.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /284B3MY9/kbr-M-World-Wan-Wan.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ZqfN4NmT/kbr-515-zilong.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /vZbxnhHY/kbr-M-World-yin.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /RFxVt2PL/IMG-20220518-122857.png HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /3wBVgZTz/login-Method1.png HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /DZYQm0Gm/footer-bg.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3 HTTP/1.1Host: rawcdn.githack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, *;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: audioReferer: http://awqffg.newburuan2023.biz.id/Accept-Language: en-US,en;q=0.9Range: bytes=0-
            Source: global trafficHTTP traffic detected: GET /AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3 HTTP/1.1Host: rawcdn.githack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, *;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: audioReferer: http://awqffg.newburuan2023.biz.id/Accept-Language: en-US,en;q=0.9Range: bytes=0-
            Source: global trafficHTTP traffic detected: GET /3kK18tF/1661337953268.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /wvZssd3Z/kbr-515%20eParty-angela.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /qdcxRWH/IMG-20221001-172257.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /JhH6S62n/20220622-011823.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Lp9Bnrc/1661337912443.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /CLvc5py5/20220622-011746.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /sHCMx01/1661337857469.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /909wdN7M/kbr-515%20eParty-claude.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /NNVZ6Bj/1661337890778.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Tq95WdX/kbrstore-sun.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3 HTTP/1.1Host: raw.githubusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, *;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: audioReferer: http://awqffg.newburuan2023.biz.id/Accept-Language: en-US,en;q=0.9Range: bytes=0-
            Source: global trafficHTTP traffic detected: GET /AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3 HTTP/1.1Host: raw.githubusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, *;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: audioReferer: http://awqffg.newburuan2023.biz.id/Accept-Language: en-US,en;q=0.9Range: bytes=0-
            Source: global trafficHTTP traffic detected: GET /j2cZyGL8/20220622-011954.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /qR8mvt0H/20220622-012050.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/popup-close.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /6RVBVbJ/kbrstore-luoyi.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /p22Xvd1/kbrstore-yss.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /k44dp4r/IMG-20220802-214423.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /BZqh9K2/kbrstore-kimmy.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /SNQZmNvH/20220622-011934.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Tw87xVzc/20220622-011910.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /N6B5NN2/kbrstore-natan.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /59S7cFnw/20220622-012132.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /wjZ6477D/20220622-084916.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /P4MQZkT/Remini20220611131130808.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /jWN9pjF7atbqHYXAAfwvIjtzpGwTIVwX9etT0-9HiWjRjE1hInoEgJiWjwsiemu2rEb8 HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ht9C6YGM/20220622-084935.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Xv42bgGW/20220622-084957.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /1zBv5Nwq/20220622-085026.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /QtM0BxJn/20220622-085010.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /DZYQm0Gm/footer-bg.jpg HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /3wBVgZTz/login-Method1.png HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /MspFG9t/Remini20220611131253287.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /G5fJm2M/Remini20220611131149746.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /RFxVt2PL/IMG-20220518-122857.png HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /next.php HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /css/style.css HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,*/*;q=0.1Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /css/animate.css HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,*/*;q=0.1Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /css/login/facebook.css HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,*/*;q=0.1Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /css/login/twitter.css HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,*/*;q=0.1Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/event-notification-icon.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /jquery-1.10.2.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://awqffg.newburuan2023.biz.id/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/rewards-box-content.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/rewards-box-navbar.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/btn-on.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/css/style.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/event-notification.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/menu-off.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/menu-on.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/4.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/5.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/6.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/7.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/1.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/2.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/3.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /img/popup-close.png HTTP/1.1Host: awqffg.newburuan2023.biz.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://awqffg.newburuan2023.biz.id/next.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
            Source: global trafficDNS traffic detected: DNS query: awqffg.newburuan2023.biz.id
            Source: global trafficDNS traffic detected: DNS query: stackpath.bootstrapcdn.com
            Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
            Source: global trafficDNS traffic detected: DNS query: i.ibb.co
            Source: global trafficDNS traffic detected: DNS query: www.pubgmobile.com
            Source: global trafficDNS traffic detected: DNS query: code.jquery.com
            Source: global trafficDNS traffic detected: DNS query: unpkg.com
            Source: global trafficDNS traffic detected: DNS query: www.google.com
            Source: global trafficDNS traffic detected: DNS query: i.ibb.co.com
            Source: global trafficDNS traffic detected: DNS query: i.postimg.cc
            Source: global trafficDNS traffic detected: DNS query: bagasarya.xyz
            Source: global trafficDNS traffic detected: DNS query: cdn.jsdelivr.net
            Source: global trafficDNS traffic detected: DNS query: play-lh.googleusercontent.com
            Source: global trafficDNS traffic detected: DNS query: rawcdn.githack.com
            Source: global trafficDNS traffic detected: DNS query: m.mobilelegends.com
            Source: global trafficDNS traffic detected: DNS query: raw.githubusercontent.com
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 23 Jun 2024 22:30:19 GMTContent-Type: text/plain; charset=utf-8Transfer-Encoding: chunkedConnection: closeaccess-control-allow-origin: *etag: W/"26-PN+8spSK049Sb0b/4fQPv3wPrp8"via: 1.1 fly.iofly-request-id: 01J13KHFN9GWH31ASC3P8E5DPS-lgaCF-Cache-Status: EXPIREDStrict-Transport-Security: max-age=31536000; includeSubDomains; preloadX-Content-Type-Options: nosniffServer: cloudflareCF-RAY: 8987ec04288d8ca8-EWR
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Sun, 23 Jun 2024 22:30:28 GMTContent-Type: image/pngContent-Length: 2712Connection: close
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Sun, 23 Jun 2024 22:30:28 GMTContent-Type: image/pngContent-Length: 2712Connection: close
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Sun, 23 Jun 2024 22:30:28 GMTContent-Type: image/pngContent-Length: 2712Connection: close
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Length: 14Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandboxStrict-Transport-Security: max-age=31536000X-Content-Type-Options: nosniffX-Frame-Options: denyX-XSS-Protection: 1; mode=blockContent-Type: text/plain; charset=utf-8X-GitHub-Request-Id: 28D0:2EC4C8:EC63D:108140:6678A20EAccept-Ranges: bytesDate: Sun, 23 Jun 2024 22:30:39 GMTVia: 1.1 varnishX-Served-By: cache-ewr18157-EWRX-Cache: MISSX-Cache-Hits: 0X-Timer: S1719181840.635844,VS0,VE29Vary: Authorization,Accept-Encoding,OriginAccess-Control-Allow-Origin: *Cross-Origin-Resource-Policy: cross-originX-Fastly-Request-ID: c4358124e7ba2972f8155f47db95f16348966f9cExpires: Sun, 23 Jun 2024 22:35:39 GMTSource-Age: 0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Length: 14Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandboxStrict-Transport-Security: max-age=31536000X-Content-Type-Options: nosniffX-Frame-Options: denyX-XSS-Protection: 1; mode=blockContent-Type: text/plain; charset=utf-8X-GitHub-Request-Id: A4BD:1641B:F27A3:10E70E:6678A20EAccept-Ranges: bytesDate: Sun, 23 Jun 2024 22:30:39 GMTVia: 1.1 varnishX-Served-By: cache-ewr18167-EWRX-Cache: MISSX-Cache-Hits: 0X-Timer: S1719181840.635783,VS0,VE106Vary: Authorization,Accept-Encoding,OriginAccess-Control-Allow-Origin: *Cross-Origin-Resource-Policy: cross-originX-Fastly-Request-ID: 5cc540582f13695adcb6954fa249ee06a85b3b99Expires: Sun, 23 Jun 2024 22:35:39 GMTSource-Age: 0
            Source: chromecache_326.2.drString found in binary or memory: http://fontawesome.io
            Source: chromecache_326.2.drString found in binary or memory: http://fontawesome.io/license
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfa19pRtB.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaJ9pRtB.woff2)
            Source: chromecache_269.2.drString found in binary or memory: https://fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2)
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
            Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
            Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
            Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
            Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
            Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
            Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
            Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
            Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
            Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
            Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
            Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
            Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
            Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
            Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
            Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
            Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
            Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
            Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
            Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
            Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
            Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
            Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
            Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
            Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
            Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
            Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
            Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
            Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49947 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49992 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
            Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
            Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49940
            Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
            Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49936
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49935
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
            Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49931
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49930
            Source: unknownNetwork traffic detected: HTTP traffic on port 49925 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49936 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49960 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49929
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49928
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49926
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49925
            Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49924
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
            Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49920
            Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49982 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
            Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49918
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49917
            Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49916
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49914
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49912
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49911
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49910
            Source: unknownNetwork traffic detected: HTTP traffic on port 49948 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49959 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49907
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49906
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49905
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49904
            Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49993 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49903
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49902
            Source: unknownNetwork traffic detected: HTTP traffic on port 49903 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49900
            Source: unknownNetwork traffic detected: HTTP traffic on port 49888 -> 443
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49717 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49767 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49783 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49784 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49801 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49932 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49963 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49987 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49988 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49989 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49993 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49995 version: TLS 1.2
            Source: classification engineClassification label: mal84.phis.troj.win@16/394@50/22
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2000,i,3456001468419010909,16608271696989204041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://awqffg.newburuan2023.biz.id/next.php"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2000,i,3456001468419010909,16608271696989204041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: Window RecorderWindow detected: More than 3 window changes detected

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
            Process Injection            		1
            Process Injection            		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
            Encrypted Channel            		Exfiltration Over Other Network MediumAbuse Accessibility Features
            CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
            Non-Application Layer Protocol            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
            Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture4
            Ingress Tool Transfer            		Traffic DuplicationData Destruction

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.