Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60#cl/26081_md/7/18507/5419/19036/1614238

Overview

General Information

Sample URL:https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60#cl/26081_md/7/1850
Analysis ID:1431397
Infos:

Detection

Phisher
Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected Phisher

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2716 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
    • chrome.exe (PID: 6548 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2380,i,10488771299582749174,9797868801963240454,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • chrome.exe (PID: 4896 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60#cl/26081_md/7/18507/5419/19036/1614238" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_57JoeSecurity_Phisher_2Yara detected PhisherJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Snort Signatures

    No Snort rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60#cl/26081_md/7/18507/5419/19036/1614238SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social usering

    Phishing

    barindex
    Yara detected Phisher
    Source: Yara matchFile source: dropped/chromecache_57, type: DROPPED
    Source: unknownHTTPS traffic detected: 23.216.73.151:443 -> 192.168.2.6:49714 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 23.216.73.151:443 -> 192.168.2.6:49715 version: TLS 1.2
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownTCP traffic detected without corresponding DNS query: 23.216.73.151
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: global trafficHTTP traffic detected: GET /0/0/0/cebf06515fb74f5ce98492177dc6c2eb/7/26081_18/19036_1614238_18507_5419_md HTTP/1.1Host: servingspec.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://fassouyatajadalravuij.blob.core.windows.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /index2.php?id=209&s1=351947&s2=1173598737&s3=6398&p=us5mbshp7c HTTP/1.1Host: bltizflash.latConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://servingspec.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /?32cecd10adf41758e498d801f1d9119a HTTP/1.1Host: duvetflip.sbsConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://servingspec.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
    Source: global trafficHTTP traffic detected: GET /jquery-2.2.4.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://duvetflip.sbssec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://duvetflip.sbs/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /master/us169/bundle.6659c6537395db0e8db6.css HTTP/1.1Host: duvetflip.sbsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119aAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
    Source: global trafficHTTP traffic detected: GET /inc/msg.js?98d5d532843288f7feebd03089f211b1 HTTP/1.1Host: duvetflip.sbsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119aAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
    Source: global trafficHTTP traffic detected: GET /master/us169/xmlogo.png?v=1 HTTP/1.1Host: duvetflip.sbsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119aAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
    Source: global trafficHTTP traffic detected: GET /master/us169/sapp.png HTTP/1.1Host: duvetflip.sbsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119aAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
    Source: global trafficHTTP traffic detected: GET /master/us169/sapp.png HTTP/1.1Host: duvetflip.sbsConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
    Source: global trafficHTTP traffic detected: GET /master/us169/xmlogo.png?v=1 HTTP/1.1Host: duvetflip.sbsConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
    Source: global trafficHTTP traffic detected: GET /scripts/push/v9e118mez8 HTTP/1.1Host: trk-adulvion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://duvetflip.sbs/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /master/us169/ntfico.png HTTP/1.1Host: duvetflip.sbsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119aAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
    Source: global trafficHTTP traffic detected: GET /service-worker.js HTTP/1.1Host: duvetflip.sbsConnection: keep-aliveCache-Control: max-age=0Accept: */*Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119aUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
    Source: global trafficHTTP traffic detected: GET /scripts/pg/v9e118mez8 HTTP/1.1Host: trk-amropode.comConnection: keep-aliveCache-Control: max-age=0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://duvetflip.sbs/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /scripts/sw/v9e118mez8 HTTP/1.1Host: trk-amropode.comConnection: keep-aliveCache-Control: max-age=0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://duvetflip.sbs/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /register/event_log/v9e118mez8 HTTP/1.1Host: event.trk-adulvion.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficDNS traffic detected: DNS query: servingspec.com
    Source: global trafficDNS traffic detected: DNS query: www.google.com
    Source: global trafficDNS traffic detected: DNS query: bltizflash.lat
    Source: global trafficDNS traffic detected: DNS query: duvetflip.sbs
    Source: global trafficDNS traffic detected: DNS query: code.jquery.com
    Source: global trafficDNS traffic detected: DNS query: trk-adulvion.com
    Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
    Source: global trafficDNS traffic detected: DNS query: trk-amropode.com
    Source: global trafficDNS traffic detected: DNS query: event.trk-adulvion.com
    Source: unknownHTTP traffic detected: POST /report/v4?s=1RF54lSmc0A3NPAZPu0TYUe1%2FkIxiHEGwYPg%2FR7ugbKgcNc4wbjHleOyxXRxDTo7nloXrCeFUBZXu3OYQ%2Fh6gk%2Fu30MC8JK3QcPE4ItVCIUMeGcd5qM0eRGDEcyOxx70 HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 460Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 24 Apr 2024 23:18:52 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeCache-Control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachex-frame-options: SAMEORIGINx-xss-protection: 1; mode=blockx-content-type-options: nosniffvary: User-Agentalt-svc: h3=":443"; ma=86400CF-Cache-Status: BYPASSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RF54lSmc0A3NPAZPu0TYUe1%2FkIxiHEGwYPg%2FR7ugbKgcNc4wbjHleOyxXRxDTo7nloXrCeFUBZXu3OYQ%2Fh6gk%2Fu30MC8JK3QcPE4ItVCIUMeGcd5qM0eRGDEcyOxx70"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8799d0a0e86312eb-ATL
    Source: chromecache_57.2.drString found in binary or memory: https://bltizflash.lat/index2.php?id=209&s1=351947&s2=1173598737&s3=6398&p=us5mbshp7c
    Source: chromecache_64.2.drString found in binary or memory: https://fonts.googleapis.com/css2?family=Lato:wght
    Source: chromecache_61.2.drString found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwaPGR_p.woff2)
    Source: chromecache_61.2.drString found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2)
    Source: chromecache_61.2.drString found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
    Source: chromecache_61.2.drString found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
    Source: chromecache_61.2.drString found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
    Source: chromecache_61.2.drString found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4iaVI
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4jaVI
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4kaVI
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4saVI
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4taVI
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVI
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4vaVI
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B5OaVI
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B5caVI
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2)
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2)
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2)
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2)
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2)
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2)
    Source: chromecache_55.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2)
    Source: chromecache_60.2.drString found in binary or memory: https://servingspec.com/0/0/0/cebf06515fb74f5ce98492177dc6c2eb/
    Source: chromecache_65.2.drString found in binary or memory: https://trk-adulvion.com/scripts/push/v9e118mez8
    Source: chromecache_58.2.drString found in binary or memory: https://trk-amropode.com/scripts/pg/v9e118mez8
    Source: chromecache_58.2.drString found in binary or memory: https://trk-amropode.com/scripts/sw/v9e118mez8
    Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
    Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
    Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
    Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
    Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
    Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
    Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
    Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
    Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
    Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
    Source: unknownHTTPS traffic detected: 23.216.73.151:443 -> 192.168.2.6:49714 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 23.216.73.151:443 -> 192.168.2.6:49715 version: TLS 1.2
    Source: classification engineClassification label: mal56.phis.win@19/30@24/12
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2380,i,10488771299582749174,9797868801963240454,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60#cl/26081_md/7/18507/5419/19036/1614238"
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2380,i,10488771299582749174,9797868801963240454,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
    Process Injection    		1
    Process Injection    		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
    Encrypted Channel    		Exfiltration Over Other Network MediumAbuse Accessibility Features
    CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
    Non-Application Layer Protocol    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
    Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
    Ingress Tool Transfer    		Traffic DuplicationData Destruction

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60#cl/26081_md/7/18507/5419/19036/16142380%Avira URL Cloudsafe
    https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60#cl/26081_md/7/18507/5419/19036/1614238100%SlashNextFraudulent Website type: Phishing & Social usering

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://event.trk-adulvion.com/register/event_log/v9e118mez80%URL Reputationsafe
    https://trk-adulvion.com/scripts/push/v9e118mez80%URL Reputationsafe
    https://bltizflash.lat/index2.php?id=209&s1=351947&s2=1173598737&s3=6398&p=us5mbshp7c0%Avira URL Cloudsafe
    https://servingspec.com/0/0/0/cebf06515fb74f5ce98492177dc6c2eb/0%Avira URL Cloudsafe
    https://trk-amropode.com/scripts/sw/v9e118mez80%Avira URL Cloudsafe
    https://duvetflip.sbs/service-worker.js0%Avira URL Cloudsafe
    https://duvetflip.sbs/inc/msg.js?98d5d532843288f7feebd03089f211b10%Avira URL Cloudsafe
    https://duvetflip.sbs/master/us169/bundle.6659c6537395db0e8db6.css0%Avira URL Cloudsafe
    https://duvetflip.sbs/master/us169/ntfico.png0%Avira URL Cloudsafe
    https://trk-amropode.com/scripts/pg/v9e118mez80%Avira URL Cloudsafe
    https://servingspec.com/0/0/0/cebf06515fb74f5ce98492177dc6c2eb/7/26081_18/19036_1614238_18507_5419_md0%Avira URL Cloudsafe
    https://duvetflip.sbs/master/us169/sapp.png0%Avira URL Cloudsafe
    https://duvetflip.sbs/master/us169/xmlogo.png?v=10%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    bltizflash.lat
    		172.67.138.227
    		truefalse
      		unknown
      bg.microsoft.map.fastly.net
      		199.232.210.172
      		truefalse
        		unknown
        a.nel.cloudflare.com
        		35.190.80.1
        		truefalse
          		high
          code.jquery.com
          		151.101.2.137
          		truefalse
            		high
            trk-amropode.com
            		172.67.205.30
            		truefalse
              		unknown
              www.google.com
              		172.217.215.147
              		truefalse
                		high
                trk-adulvion.com
                		172.67.177.226
                		truefalse
                  		unknown
                  event.trk-adulvion.com
                  		104.21.80.104
                  		truefalse
                    		unknown
                    duvetflip.sbs
                    		104.21.71.85
                    		truefalse
                      		unknown
                      fp2e7a.wpc.phicdn.net
                      		192.229.211.108
                      		truefalse
                        		unknown
                        servingspec.com
                        		217.78.233.95
                        		truefalse
                          		unknown

                          Contacted URLs

                          NameMaliciousAntivirus DetectionReputation
                          https://event.trk-adulvion.com/register/event_log/v9e118mez8false
                          • URL Reputation: safe
                          		unknown
                          https://bltizflash.lat/index2.php?id=209&s1=351947&s2=1173598737&s3=6398&p=us5mbshp7cfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://trk-amropode.com/scripts/pg/v9e118mez8false
                          • Avira URL Cloud: safe
                          		unknown
                          https://duvetflip.sbs/service-worker.jsfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://trk-amropode.com/scripts/sw/v9e118mez8false
                          • Avira URL Cloud: safe
                          		unknown
                          https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119afalse
                            		unknown
                            https://a.nel.cloudflare.com/report/v4?s=1RF54lSmc0A3NPAZPu0TYUe1%2FkIxiHEGwYPg%2FR7ugbKgcNc4wbjHleOyxXRxDTo7nloXrCeFUBZXu3OYQ%2Fh6gk%2Fu30MC8JK3QcPE4ItVCIUMeGcd5qM0eRGDEcyOxx70false
                              		high
                              https://duvetflip.sbs/inc/msg.js?98d5d532843288f7feebd03089f211b1false
                              • Avira URL Cloud: safe
                              		unknown
                              https://duvetflip.sbs/master/us169/ntfico.pngfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://code.jquery.com/jquery-2.2.4.min.jsfalse
                                		high
                                https://servingspec.com/0/0/0/cebf06515fb74f5ce98492177dc6c2eb/7/26081_18/19036_1614238_18507_5419_mdfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://duvetflip.sbs/master/us169/bundle.6659c6537395db0e8db6.cssfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://duvetflip.sbs/master/us169/sapp.pngfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://trk-adulvion.com/scripts/push/v9e118mez8false
                                • URL Reputation: safe
                                		unknown
                                https://duvetflip.sbs/master/us169/xmlogo.png?v=1false
                                • Avira URL Cloud: safe
                                		unknown

                                URLs from Memory and Binaries

                                NameSourceMaliciousAntivirus DetectionReputation
                                https://servingspec.com/0/0/0/cebf06515fb74f5ce98492177dc6c2eb/chromecache_60.2.drfalse
                                • Avira URL Cloud: safe
                                		unknown

                                World Map of Contacted IPs

                                • No. of IPs < 25%
                                • 25% < No. of IPs < 50%
                                • 50% < No. of IPs < 75%
                                • 75% < No. of IPs

                                Public IPs

                                IPDomainCountryFlagASNASN NameMalicious
                                172.217.215.147
                                		www.google.comUnited States
                                		15169GOOGLEUSfalse
                                172.67.205.30
                                		trk-amropode.comUnited States
                                		13335CLOUDFLARENETUSfalse
                                151.101.2.137
                                		code.jquery.comUnited States
                                		54113FASTLYUSfalse
                                239.255.255.250
                                		unknownReserved
                                		unknownunknownfalse
                                217.78.233.95
                                		servingspec.comRussian Federation
                                		197349SKYLINEWIMAXRUfalse
                                104.21.71.85
                                		duvetflip.sbsUnited States
                                		13335CLOUDFLARENETUSfalse
                                172.67.177.226
                                		trk-adulvion.comUnited States
                                		13335CLOUDFLARENETUSfalse
                                35.190.80.1
                                		a.nel.cloudflare.comUnited States
                                		15169GOOGLEUSfalse
                                172.67.138.227
                                		bltizflash.latUnited States
                                		13335CLOUDFLARENETUSfalse
                                172.67.143.252
                                		unknownUnited States
                                		13335CLOUDFLARENETUSfalse
                                104.21.80.104
                                		event.trk-adulvion.comUnited States
                                		13335CLOUDFLARENETUSfalse

                                Private

                                IP
                                192.168.2.6

                                General Information

                                Joe Sandbox version:40.0.0 Tourmaline
                                Analysis ID:1431397
                                Start date and time:2024-04-25 01:17:53 +02:00
                                Joe Sandbox product:CloudBasic
                                Overall analysis duration:0h 3m 15s
                                Hypervisor based Inspection enabled:false
                                Report type:full
                                Cookbook file name:browseurl.jbs
                                Sample URL:https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60#cl/26081_md/7/18507/5419/19036/1614238
                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                Number of analysed new started processes analysed:6
                                Number of new started drivers analysed:0
                                Number of existing processes analysed:0
                                Number of existing drivers analysed:0
                                Number of injected processes analysed:0
                                Technologies:
                                • HCA enabled
                                • EGA enabled
                                • AMSI enabled
                                Analysis Mode:default
                                Analysis stop reason:Timeout
                                Detection:MAL
                                Classification:mal56.phis.win@19/30@24/12
                                EGA Information:Failed
                                HCA Information:
                                • Successful, ratio: 100%
                                • Number of executed functions: 0
                                • Number of non-executed functions: 0

                                Warnings

                                • Exclude process from analysis (whitelisted): WMIADAP.exe, SIHClient.exe, svchost.exe
                                • Excluded IPs from analysis (whitelisted): 172.217.215.94, 142.250.9.100, 142.250.9.139, 142.250.9.101, 142.250.9.138, 142.250.9.113, 142.250.9.102, 142.250.105.84, 34.104.35.123, 20.209.75.225, 173.194.219.95, 142.251.15.94, 52.165.165.26, 199.232.210.172, 192.229.211.108, 20.166.126.56, 52.165.164.15, 64.233.176.94
                                • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                • Not all processes where analyzed, report is missing behavior information
                                • Report size getting too big, too many NtSetInformationFile calls found.
                                • VT rate limit hit for: https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60#cl/26081_md/7/18507/5419/19036/1614238

                                Simulations

                                Behavior and APIs

                                No simulations

                                Joe Sandbox View / Context

                                IPs

                                No context

                                Domains

                                No context

                                ASNs

                                No context

                                JA3 Fingerprints

                                No context

                                Dropped Files

                                No context

                                Created / dropped Files

                                Chrome Cache Entry: 54

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:Web Open Font Format (Version 2), TrueType, length 18704, version 1.0
                                Category:downloaded
                                Size (bytes):18704
                                Entropy (8bit):7.988012838552749
                                Encrypted:false
                                SSDEEP:384:k2OL0lPp/fbqzGNF3VQwlUlFdomdAaHoSbOrzYr:Hd32zI3VFlyFdDdAaHtAW
                                MD5:E4BEDEFE2836B39D626053935CF2F803
                                SHA1:105FC75FF4D76C2AE06E422F6304DC9B1552389D
                                SHA-256:758015E3CB56989DF5CFCF912D2C3861A62E623D386EF12D4BACF15891A4EB81
                                SHA-512:041AA8392FD5BC2922301312C4CD315B9AF15BCB5502AC8467CF13E9D4E76E726F0822B50392D3FCDFCD0F37A119CC8AFBE26E75130C36DDADB102D1595A0CB1
                                Malicious:false
                                Reputation:low
                                URL:https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
                                Preview:wOF2......I........(..H..........................|..r..h.`?STATZ..0..|........8.....2..6.$..`. ...........z'....p;..n....6.....E.l...........!`..L..a....+...0....gU...i$........0.....g.....y....Z....<.4..?2[.T...B.-..Z.. .3..U.Z..E.........m6.FW...E.*l..W.n..:..E.N..Br..:9.R...o....a.[..{..2%L..o..~....$...U.........U...2.h.d ..d.]." .q.U...;t.mh..h.f....1b<$...>5...%..M1js.Q....3.m.%R....D1.....c*...k.U...L......={....8I.D.....~v.n..c..BDe_u....P.)0.X...L&.......,..%.>..u.....Hn...!.C.$./..D.....8!.lU.y....m..Z`...Y.(..^.....xK%.M...f@....Z..."s.-....JQ#.*.I.ZE..X..0.....8W.k.$-.I.....R?.......R',..#.......t.k2m..p........z...Y.tA.".x..R.f_...fDX...:E.H..c.#H?B...k..L..j..>...t.J....>4).D..o<...!......P]j.....l.......$.l.6..I...N..a...$.)........q.i..B..w.l6..(5..)0..2..Tf.K.......H$.....;=:....0..1.@g..n.3#.\.R.S.!b......'..er.B........n....Cq..q"..D...A0........i.l.....,.. .2`lJ...j.GK:Ed....m.S.#...|.'...p..3..Id..?|. `,........]...|_^B.8./..

                                Chrome Cache Entry: 55

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (1572)
                                Category:downloaded
                                Size (bytes):13280
                                Entropy (8bit):5.53194656808433
                                Encrypted:false
                                SSDEEP:384:fGyq9ylmjA2zkf/llkv20jwKl0V62lWZV:OikjA0kf/jkvzjwKWV6mWZV
                                MD5:A09AEFB726F82310FFDB1A059C8BC30B
                                SHA1:5C07C43F8BC106DC3683FAE78686052DD7C50542
                                SHA-256:F7B0577D4C989C0389144E4C1E5CFC7E17F197C0B0BE822FF7F57AA51D45704F
                                SHA-512:69E05089043AB32DE571C487D3A111515BA9D4AFDFD6FE6AA7FD7F66A8747C4410CDE7718003E30D8B2654F7D48686300B5B0A7859CC46D807C6ECC88F6CCD29
                                Malicious:false
                                Reputation:low
                                URL:https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&family=Roboto+Slab:wght@600;700;800&display=swap
                                Preview:/* cyrillic-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4taVIGxA.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4kaVIGxA.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4saVIGxA.woff2) for

                                Chrome Cache Entry: 56

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 250 x 39, 8-bit/color RGBA, non-interlaced
                                Category:dropped
                                Size (bytes):15282
                                Entropy (8bit):7.945694119031426
                                Encrypted:false
                                SSDEEP:384:K2nR3gRHKGMVvAsYaEucHT+s8MzZ+1Ux1lBkaepMinTwS9pRdB:zqRHFM5If+sjZtx17kLp5T7d
                                MD5:E18A5F4DF5FE44188EBCE0368273435C
                                SHA1:473E78F479678C77623E531682011365385CCE75
                                SHA-256:99624CE26C7B9513285C459DE44E282A0E840011D2048D33EE2C7E1B06E65453
                                SHA-512:3AB522D80363FE0B49DD754357BDC14A00AD747AD85AF07C14CE25952A68AF1868BBC9FECAF01C6B0B0B8ED7BF9AAF652629896F9458C4993BA1CE3DD67759B8
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR.......'.....&LU.....pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmp:CreateDate="2024-03-29T04:02:22+05:30" xmp:ModifyDate="2024-03-29T04:27+05:30" xmp:MetadataDate="2024-03-29T04:27+05:30" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:9894f71f-79b0-0143-a259-076a8fe0c398" xmpMM:DocumentID="adobe:docid:photoshop:8276363e-f922-2140-83e7-aa33669d63be" xmpMM:

                                Chrome Cache Entry: 57

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ASCII text, with no line terminators
                                Category:downloaded
                                Size (bytes):148
                                Entropy (8bit):5.081844456313369
                                Encrypted:false
                                SSDEEP:3:gnkAqRAdu6/GY7voOkADYn979ERpMYkUXFRrKSWQcQVK75DyDQjUBYb:7AqJm7+mYn99i6orrYeVIZSYb
                                MD5:2F3F785F267569D4E85D0AB5F099B3BD
                                SHA1:DCBED4FFD4F0F3D73E5C195C107BDEE02A03BF64
                                SHA-256:FA4B8D13181941FBC819CECC1704EA81961E863F25E7F2365B18CD745C7D4F04
                                SHA-512:CD501363A0C03062223BE49024984AD381B0FA0D50890F4C55964191374B3802BC1E492C3AD8803F87FC0E2B2187B020CB3EE61D27FB90D9E5BADF8C79817409
                                Malicious:false
                                Reputation:low
                                URL:https://servingspec.com/0/0/0/cebf06515fb74f5ce98492177dc6c2eb/7/26081_18/19036_1614238_18507_5419_md
                                Preview:<script type="text/javascript">window.location.href="https://bltizflash.lat/index2.php?id=209&s1=351947&s2=1173598737&s3=6398&p=us5mbshp7c"</script>

                                Chrome Cache Entry: 58

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:Java source, ASCII text
                                Category:downloaded
                                Size (bytes):185
                                Entropy (8bit):4.8593925474505815
                                Encrypted:false
                                SSDEEP:3:RFD0nR6qKZSaSCeADKLbQBMWnhaEE3WGkRpQAU3ug8MWnhaEE3WGkROYH:jD0nR6qKfSlbQhhaEn7RpQAUzohaEn7N
                                MD5:F8C35BEFC54DBBB14E6AA0EFC09980E4
                                SHA1:BCF9C431F88A844FC0835D1339DA380C5FF26AF6
                                SHA-256:8BC60D55FD15E07D9BEB78B65C3E8A9E3B610742FD31EEF11996B2ACF656ED44
                                SHA-512:4CD664EDD52C4F0FE5ABF65C03BE575DB58ADD0AF97D7C96C034B8F04D76C9DF01464F26887501DCECDEADEA3DB2A22C440954A2BCBAF2F36D7953D628AC77AA
                                Malicious:false
                                Reputation:low
                                URL:https://duvetflip.sbs/service-worker.js
                                Preview:// general.if(typeof window === 'undefined'){. importScripts('https://trk-amropode.com/scripts/pg/v9e118mez8').}.importScripts('https://trk-amropode.com/scripts/sw/v9e118mez8');.

                                Chrome Cache Entry: 59

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 250 x 39, 8-bit/color RGBA, non-interlaced
                                Category:downloaded
                                Size (bytes):15282
                                Entropy (8bit):7.945694119031426
                                Encrypted:false
                                SSDEEP:384:K2nR3gRHKGMVvAsYaEucHT+s8MzZ+1Ux1lBkaepMinTwS9pRdB:zqRHFM5If+sjZtx17kLp5T7d
                                MD5:E18A5F4DF5FE44188EBCE0368273435C
                                SHA1:473E78F479678C77623E531682011365385CCE75
                                SHA-256:99624CE26C7B9513285C459DE44E282A0E840011D2048D33EE2C7E1B06E65453
                                SHA-512:3AB522D80363FE0B49DD754357BDC14A00AD747AD85AF07C14CE25952A68AF1868BBC9FECAF01C6B0B0B8ED7BF9AAF652629896F9458C4993BA1CE3DD67759B8
                                Malicious:false
                                Reputation:low
                                URL:https://duvetflip.sbs/master/us169/xmlogo.png?v=1
                                Preview:.PNG........IHDR.......'.....&LU.....pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmp:CreateDate="2024-03-29T04:02:22+05:30" xmp:ModifyDate="2024-03-29T04:27+05:30" xmp:MetadataDate="2024-03-29T04:27+05:30" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:9894f71f-79b0-0143-a259-076a8fe0c398" xmpMM:DocumentID="adobe:docid:photoshop:8276363e-f922-2140-83e7-aa33669d63be" xmpMM:

                                Chrome Cache Entry: 60

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ASCII text, with CRLF line terminators
                                Category:downloaded
                                Size (bytes):613
                                Entropy (8bit):5.209968927737007
                                Encrypted:false
                                SSDEEP:12:GM8SqXyWOpdBfDj+fljUDDGisoMyhLGUDEni388Kaks/OKYG2L2xL4/Mv:GM8lNjr6k9ch4/Mv
                                MD5:49B5427379D1C29D8A0FF170AA87F7FD
                                SHA1:786E667BF08FB758CC057621C5AD927E4FFDD95C
                                SHA-256:25A3E6E209AECB5B635FC7C2F8C9A1B4FC19967C660D2D9CC8541585B6A53527
                                SHA-512:55CFD1D6DAAE8E74EB2712EF60F9A39F48BC356AE7F4EB69927DC98D72D538E6DB68DB6326ECEDA58F96376E257E74473581DD49A53C455EBD4C112A22621BB9
                                Malicious:false
                                Reputation:low
                                URL:https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60
                                Preview:<meta http-equiv="refresh" content="3; url=">..<script>..// Initial URL....var initialURL = window.location.href;....// Extracting the hash part of the URL..var hashPart = initialURL.split('#')[1];....// Extracting values from the hash part..var hashValues = hashPart.split('/');....// Rearranging the values for the new URL format..var newURL = 'https://servingspec.com/0/0/0/cebf06515fb74f5ce98492177dc6c2eb/' + hashValues[2] + '/' + hashValues[1].split('_')[0] + '_18/' + hashValues[5] + '_' + hashValues[6] + '_' + hashValues[3] + '_' + hashValues[4] + '_md' ;....document.location.href = newURL;..</script>..

                                Chrome Cache Entry: 61

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text
                                Category:downloaded
                                Size (bytes):2299
                                Entropy (8bit):5.340338593036902
                                Encrypted:false
                                SSDEEP:48:HOEa21RVc+u7OEaPN0oDOpacRVc+u7OpajN0oDObaORVc+u7ObaNN0oD:HOEa2PVc+u7OEaPNHOpaYVc+u7OpajNb
                                MD5:8694244219F1F19DFAF74022E200AE73
                                SHA1:08E3D3DFDC0B6DD53BE4B7BA3BAE0AA26C50014C
                                SHA-256:3D3FDEF74B51045D7A82AA9A0AC59011087BE9A9A59083272C3D7A5C8BA521B5
                                SHA-512:9A537569A5AD988CEBBF9F6CA70EE73C1C1ED3A97CC56B3C61D168B0450BA7330B8CCFF693FF0A638D742580903F71F313E83BFEF64A89AC7B0AC560B12B394D
                                Malicious:false
                                Reputation:low
                                URL:https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
                                Preview:/* latin-ext */.@font-face {. font-family: 'Lato';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./* latin */.@font-face {. font-family: 'Lato';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2) format('woff2');. unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;.}./* latin-ext */.@font-face {. font-family: 'Lato';. font-style: normal;. font-weight: 700;. font-display: swap;. src: url(https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2) format('woff2');. unicode-range: U+0100-02

                                Chrome Cache Entry: 62

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 600 x 531, 8-bit/color RGBA, non-interlaced
                                Category:dropped
                                Size (bytes):25090
                                Entropy (8bit):7.881474049040121
                                Encrypted:false
                                SSDEEP:768:opeMFKDnu9WTndgYf7Sf0S4Yn5xgqcGUUXtiJHB4jvo:opeMFGnu9qdgYfef0S4Y5xg2UUX4JHB5
                                MD5:5C4192E5BD16F292CF8E9FA42E03CE0A
                                SHA1:7709DC5BDFBE577CBC9F4275635B35706FFE9D00
                                SHA-256:5686B5332BA2A6A5004289B41A0DF566652B026450C6DF39D55BCA0475EAA98F
                                SHA-512:2AB711554F6327C4D340A3703C7EE00B83BF1B934C2292C476A1E74A039B19B89E693AEBDA2717E4758B0761154B07DF9BF57B3EA120EA88A4346DCDBBAC9C7F
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR...X...........bs..@.IDATx..Mv.V...Jn......33..F`d.V..ed.V. ..J.A...<.@...=.@.oU.UL..AB..Q"H...g..........xu.!8I0.@..;...4I>.kKWK-&..'Ir...k}.M>...F..}....o6...2k....:&0.<.....&....Y.|9.p.2.2..S.S....ju..d.JK...7r........X.3...xH..T.i*a!...DT.N./v.@+.J.%%.K40.@....V+\.....4=RI.....e.N...d%1*..r.].....@`..&D..=..O.P.S..%..9Q&.B.... ...Z$.nJq..X.P. .....@`9.8......W..8.]^..g.a`C..&....].!....@`\...q.S;.Z..yS.P.-_.1.....B....\b.A X...`....'p.Cu.\.T.7.F.... lB (......d.&`..m...R%&..?%....r...E..c.Q... . ..lV...RM$...<&..v.=R..u.t..{.M.............\KL.=T..LL......|.B..X..-....@...C+.c..nE..+...h..S.P.DB...V5b.T...<@.....^..a..U.........$......XcP......L...S%..`.Ll.I.L=[.. 06....-@....'...4I.L.0.*...<..../.|...$|.. ..n>...@=..).W..A...J.J.$...&.oe...............3...V...Af.^..E.|W...IA.1..,...p\%`?SS...FH\...z...G>.H.. .'....8-......V...XZ<.<m.V!..!D...Q...@..X........O.U&..&.O-G.{..7.o$..>. 'B`...k...1....0..S9.X..R.6....%...." q.tD....H.

                                Chrome Cache Entry: 63

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 600 x 531, 8-bit/color RGBA, non-interlaced
                                Category:downloaded
                                Size (bytes):25090
                                Entropy (8bit):7.881474049040121
                                Encrypted:false
                                SSDEEP:768:opeMFKDnu9WTndgYf7Sf0S4Yn5xgqcGUUXtiJHB4jvo:opeMFGnu9qdgYfef0S4Y5xg2UUX4JHB5
                                MD5:5C4192E5BD16F292CF8E9FA42E03CE0A
                                SHA1:7709DC5BDFBE577CBC9F4275635B35706FFE9D00
                                SHA-256:5686B5332BA2A6A5004289B41A0DF566652B026450C6DF39D55BCA0475EAA98F
                                SHA-512:2AB711554F6327C4D340A3703C7EE00B83BF1B934C2292C476A1E74A039B19B89E693AEBDA2717E4758B0761154B07DF9BF57B3EA120EA88A4346DCDBBAC9C7F
                                Malicious:false
                                Reputation:low
                                URL:https://duvetflip.sbs/master/us169/sapp.png
                                Preview:.PNG........IHDR...X...........bs..@.IDATx..Mv.V...Jn......33..F`d.V..ed.V. ..J.A...<.@...=.@.oU.UL..AB..Q"H...g..........xu.!8I0.@..;...4I>.kKWK-&..'Ir...k}.M>...F..}....o6...2k....:&0.<.....&....Y.|9.p.2.2..S.S....ju..d.JK...7r........X.3...xH..T.i*a!...DT.N./v.@+.J.%%.K40.@....V+\.....4=RI.....e.N...d%1*..r.].....@`..&D..=..O.P.S..%..9Q&.B.... ...Z$.nJq..X.P. .....@`9.8......W..8.]^..g.a`C..&....].!....@`\...q.S;.Z..yS.P.-_.1.....B....\b.A X...`....'p.Cu.\.T.7.F.... lB (......d.&`..m...R%&..?%....r...E..c.Q... . ..lV...RM$...<&..v.=R..u.t..{.M.............\KL.=T..LL......|.B..X..-....@...C+.c..nE..+...h..S.P.DB...V5b.T...<@.....^..a..U.........$......XcP......L...S%..`.Ll.I.L=[.. 06....-@....'...4I.L.0.*...<..../.|...$|.. ..n>...@=..).W..A...J.J.$...&.oe...............3...V...Af.^..E.|W...IA.1..,...p\%`?SS...FH\...z...G>.H.. .'....8-......V...XZ<.<m.V!..!D...Q...@..X........O.U&..&.O-G.{..7.o$..>. 'B`...k...1....0..S9.X..R.6....%...." q.tD....H.

                                Chrome Cache Entry: 64

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (12412)
                                Category:downloaded
                                Size (bytes):76439
                                Entropy (8bit):5.122705319418896
                                Encrypted:false
                                SSDEEP:768:i4gDG7b4dn8RQKzeeZkuT+FeaGae5KaiR6naX5xnBr/lzYNs6N1ARPCW/eQlFdeN:Lb4dnOZkuaFeaGae5KaiR6naZNm
                                MD5:7D59F3915D84933E2E7E5BE082262F85
                                SHA1:D0188958277542496E30EEE5C0AAA97401710605
                                SHA-256:60C23703DC6DEBA253295A48ECED321007241D48DA3FFA7EA99E6D0419DCEAA5
                                SHA-512:85CFF514A825B544DF6AB202A9246C2F0119EE17AC8D0DD5F09C6A23F45871A5319C8A79BE9789FA9846B7F94172CF5D0E38B6CB489D361B6DEB9F8425FA4133
                                Malicious:false
                                Reputation:low
                                URL:https://duvetflip.sbs/master/us169/bundle.6659c6537395db0e8db6.css
                                Preview:@import url(https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap);....loader{position:fixed;top:0%;width:100%;height:100%;background:rgba(45,60,79,0.7)}.loader #loader{top:25%;height:100%;position:absolute;width:100%}@keyframes loader{0%{left:-100px}100%{left:110%}}.loader-wrapper{padding-top:2%;padding-bottom:4%;display:block;margin:0 auto;max-width:300px !important;width:100%}.loader-wrapper .loader-Header{display:none}.loader-wrapper .loader-Footer{display:none}#box{width:50px;height:50px;background:#539b3b;animation:animate 0.5s linear infinite;border-radius:3px;display:block;margin:8% auto 0}@keyframes animate{17%{border-bottom-right-radius:3px}25%{transform:translateY(9px) rotate(22.5deg)}50%{transform:translateY(18px) scale(1, 0.9) rotate(45deg);border-bottom-right-radius:40px}75%{transform:translateY(9px) rotate(67.5deg)}100%{transform:translateY(0) rotate(90deg)}}#shadow{width:50px;height:5px;background:#000;opacity:0.1;border-radius:50%;animation:shadow

                                Chrome Cache Entry: 65

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:YAC archive data
                                Category:downloaded
                                Size (bytes):942
                                Entropy (8bit):4.355996987873328
                                Encrypted:false
                                SSDEEP:24:HBrAKWfQIE2FyuHgdXzDGsV1BTVRjEgsKO3K7RWW2kp:HBPoQP1dHGs5jNsKOwwWrp
                                MD5:70A6A43565B767909241FAAD06A33E76
                                SHA1:8BFBA1A14042487F6AD151A0B9368DC4D46C8E22
                                SHA-256:7582792964FC3CE772602D7E9B803BF3A24DE167F4E0D1030C989517A131018F
                                SHA-512:E65B4F4C0BA78E5C2197D1E5D6AB4A39F242822DEE3F53E51913B292132C25C0085F84ECE589447AA4D32AD259EE7148D47A298A296B77CBB85E94E6043238E6
                                Malicious:false
                                Reputation:low
                                URL:https://duvetflip.sbs/inc/msg.js?98d5d532843288f7feebd03089f211b1
                                Preview:var MYCALL = MYCALL || (function(){. var pshparams = {}; // private. return {. init : function(Args) {. . //console.log(Args[2]);. pshparams = Args[0];. pshpub = Args[1];. pshdomain = Args[2];. // some other initialising. },. send : function() {. var script = document.createElement("script");. script.type = "text/javascript";. script.src = "https://trk-adulvion.com/scripts/push/v9e118mez8";. script.onload = function () {. push_init();. var utmObj = {. "utm_source": pshpub,. "source_two": pshparams,. "source_one": btoa(location.hostname). }. setUtm(utmObj);.// alert('sending: '+pshparams);. push_subscribe();. };. document.getElementsByTagName("head")[0].appendChild(script);. }. };.}());..

                                Chrome Cache Entry: 66

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (11692)
                                Category:downloaded
                                Size (bytes):11693
                                Entropy (8bit):5.285127085064925
                                Encrypted:false
                                SSDEEP:192:TWGLvprnectg07AKE2H+6W/ed2orSibOinqbNE0vaUSJ5culHT+:TWkvBeUXAKE2e/ed2orJOinqbNELUSQx
                                MD5:1C0B7E8036B9B3C37FD6F52A71D30192
                                SHA1:6188D0796F99BB2D87CEBCC6B219890EC6B42763
                                SHA-256:560FA7174BA624B91BCBC9865C38D59544FA09BFD2CAC1DE279224222AFCF283
                                SHA-512:C7B8BCE2FB7E6D6C1204328D2A5CD1CC67016C9572E19D0A485B00C3324F6FC1A1D78AF0C8A6139CB209DA7647CD6F2C6BC43363FB417BA56A36D7BF4F6B429E
                                Malicious:false
                                Reputation:low
                                URL:https://trk-amropode.com/scripts/sw/v9e118mez8
                                Preview:'use strict';const env={log:!0,retry:10,sleepTime:1e4,domain:"push.trk-amropode.com",notificationDomain:"notification.trk-amropode.com",subscriptionDomain:"subscription.trk-amropode.com",eventDomain:"event.trk-amropode.com"},applicationServerPublicKey="BJbujtKImkiLWjlWkMGYMo2_sM0al24KoS7U6TJ1U7sKJaxlIULz5s6p7tN6WbnLisCq_Si5hP7X0769TvPDFTQ=",siteId="v9e118mez8",smClientId="q2goykjdrv",version=533,smAPIKey="29788ca9761a4b78abcfb1c3eabb8e68";let smPushSubscriptionId;function getStore(a){if(self.indexedDB){var b=self.indexedDB.open("pushPlatFormDb",2);b.onerror=function(){console.log("error db"+b.error),a(null)},b.onsuccess=function(){var c=b.result,d=c.transaction(["store"],"readwrite"),e=d.objectStore("store");a(e)},b.onupgradeneeded=function(a){console.log("upgrading db from version "+a.oldVersion+" to 2");var c=b.result;if(2>a.oldVersion){var d=c.createObjectStore("store",{keyPath:"name"});setUserDataInStore("",null,[],[],[],d)}}}else a(null)}function arrayRotate(a,b){return b?a.unshif

                                Chrome Cache Entry: 67

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (8011)
                                Category:downloaded
                                Size (bytes):8012
                                Entropy (8bit):5.209630191286356
                                Encrypted:false
                                SSDEEP:96:HH6prnCOdiIV9dQm696Tpvic9A0bBZXgDebZ2IuydK7plxWn30pIccR:HH6prnkmdT6idi6AeBVgDqLum4bpIJ
                                MD5:4F6063C4955384ABA563C5040DDA7124
                                SHA1:9A513E152B6A24E3B08C076C7D463A7E6DD0F6E4
                                SHA-256:2F1D08603C7C0094911CC2FFF07114B837E131DFD45E9D162D9E293DA992497A
                                SHA-512:E78FB28538F64FECADB37D18024C1517A3EF91E9ADE2B4CA8577C29C5EBBEA0E0DFCF1AA2F48E7B5BD4FBF25ABAD3303B3AC680F6FC424A38075A6A20FE903EA
                                Malicious:false
                                Reputation:low
                                URL:https://trk-amropode.com/scripts/pg/v9e118mez8
                                Preview:(function(a,b){function c(a){try{console.log=E}catch(a){}E(a)}function d(a){if(self.indexedDB){var b=G.apply(self.indexedDB,["pushPlatFormDb",2]);b.onerror=function(){console.log("error db"+b.error),a(null)},b.onsuccess=function(){var c=b.result,d=c.transaction(["store"],"readwrite"),e=d.objectStore("store");a(e)},b.onupgradeneeded=function(a){console.log("upgrading db from version "+a.oldVersion+" to 2");var c=b.result;if(2>a.oldVersion){var d=c.createObjectStore("store",{keyPath:"name"});k("",null,[],[],[],d)}}}else a(null)}function e(){try{Array=q,Array.prototype=q,Response=v,Response.prototype=x,Function.prototype.apply=H}catch(a){i("ext_ov_error",a,m)}}function f(a){return function(b){var f=!1;try{if(e(),"push"===b.type&&null!=b.data)try{let a=b.data.json();null!=a&&null!=a&&(f="ihR"in a)}catch(a){c(a)}else if("notificationclick"===b.type||"notificationclose"===b.type)try{let a=b.notification.data;null!=a&&null!=a&&(f="ihR"in b.notification.data)}catch(a){c(a)}}catch(a){c("init_er

                                Chrome Cache Entry: 68

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (32065)
                                Category:downloaded
                                Size (bytes):85578
                                Entropy (8bit):5.366055229017455
                                Encrypted:false
                                SSDEEP:1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2
                                MD5:2F6B11A7E914718E0290410E85366FE9
                                SHA1:69BB69E25CA7D5EF0935317584E6153F3FD9A88C
                                SHA-256:05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
                                SHA-512:0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB
                                Malicious:false
                                Reputation:low
                                URL:https://code.jquery.com/jquery-2.2.4.min.js
                                Preview:/*! jQuery v2.2.4 | (c) jQuery Foundation | jquery.org/license */.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

                                Chrome Cache Entry: 69

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (7321)
                                Category:downloaded
                                Size (bytes):7322
                                Entropy (8bit):5.227500119410646
                                Encrypted:false
                                SSDEEP:192:T9ZRIOUcWQOZBdK+eydsdof+4Wd/si4E+wC/Hhdk/yMJV4pHnX:T9ZWOUpQSduydsdorWdkit8BdLMY9X
                                MD5:D7389F6C79E28FAF16D96B0D2346E056
                                SHA1:1523089C9B42EB35F91354DC02D3F7A9488EF583
                                SHA-256:23B333974694CD7A3512EBC085F87C3C7FD29D7F80361657036275D26D292C76
                                SHA-512:0D3FD1F321037E9551E079C2D5C604FCD60910B6823EB42570D0FDBF2552E7607F7F09103C77DDCC9136C1ADFEDE077E12995861D498A46FE5652928FB693394
                                Malicious:false
                                Reputation:low
                                URL:https://trk-adulvion.com/scripts/push/v9e118mez8
                                Preview:'use strict';const smPushApplicationServerPublicKey="BJbujtKImkiLWjlWkMGYMo2_sM0al24KoS7U6TJ1U7sKJaxlIULz5s6p7tN6WbnLisCq_Si5hP7X0769TvPDFTQ=",smPushSiteId="v9e118mez8",smClientId="q2goykjdrv",serviceWorker="/service-worker.js";let smPushDomain="push.trk-adulvion.com",pushLogging=!0;const version=817;let smPushSubscriptionId,subscriptionDomain="subscription.trk-adulvion.com",eventDomain="event.trk-adulvion.com",sessionId="";const utmObj={mt:"",utm_source:"",utm_medium:"",utm_campaign:"",source_one:"",source_two:"",source_three:"",source_four:"",source_five:""},taboolaUrl="https://api.taboola.com/2.0/json/smpush-general/user.sync?app.type=web&app.apikey=dd83e155339c3c4626a1a3e8465b50db3024b412";function urlBase64ToUint8Array(a){const b="=".repeat((4-a.length%4)%4),c=(a+b).replace(/\-/g,"+").replace(/_/g,"/"),d=window.atob(c),e=new Uint8Array(d.length);for(let b=0;b<d.length;++b)e[b]=d.charCodeAt(b);return e}function pullUrlParams(a){let b=getUrlVars();a.timezone=new Intl.DateTimeFormat(

                                Static File Info

                                No static file info

                                Network Behavior

                                Network Port Distribution

                                TCP Packets

                                TimestampSource PortDest PortSource IPDest IP
                                Apr 25, 2024 01:18:37.218113899 CEST49674443192.168.2.6173.222.162.64
                                Apr 25, 2024 01:18:37.218116999 CEST49673443192.168.2.6173.222.162.64
                                Apr 25, 2024 01:18:37.560340881 CEST49672443192.168.2.6173.222.162.64
                                Apr 25, 2024 01:18:46.214721918 CEST49708443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:46.214757919 CEST44349708217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:46.214848042 CEST49708443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:46.215225935 CEST49709443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:46.215296030 CEST44349709217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:46.215363026 CEST49709443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:46.215436935 CEST49708443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:46.215456009 CEST44349708217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:46.215677023 CEST49709443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:46.215706110 CEST44349709217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:46.825896025 CEST49674443192.168.2.6173.222.162.64
                                Apr 25, 2024 01:18:46.825897932 CEST49673443192.168.2.6173.222.162.64
                                Apr 25, 2024 01:18:47.070378065 CEST44349709217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.071177959 CEST49709443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.071240902 CEST44349709217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.072829962 CEST44349709217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.072904110 CEST49709443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.075155020 CEST49709443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.075267076 CEST44349709217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.076180935 CEST49709443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.076199055 CEST44349709217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.090552092 CEST44349708217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.090934992 CEST49708443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.090955019 CEST44349708217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.094526052 CEST44349708217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.094602108 CEST49708443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.096268892 CEST49708443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.096466064 CEST44349708217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.124767065 CEST49709443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.139717102 CEST49708443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.139736891 CEST44349708217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.169091940 CEST49672443192.168.2.6173.222.162.64
                                Apr 25, 2024 01:18:47.181963921 CEST49708443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.726583004 CEST44349709217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.726675987 CEST44349709217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.726730108 CEST49709443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.728138924 CEST49709443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:47.728157043 CEST44349709217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:47.825138092 CEST49710443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:18:47.825210094 CEST44349710172.217.215.147192.168.2.6
                                Apr 25, 2024 01:18:47.825290918 CEST49710443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:18:47.825579882 CEST49710443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:18:47.825612068 CEST44349710172.217.215.147192.168.2.6
                                Apr 25, 2024 01:18:47.920016050 CEST49711443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:47.920053959 CEST44349711172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:47.920140982 CEST49711443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:47.920564890 CEST49711443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:47.920582056 CEST44349711172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.059575081 CEST44349710172.217.215.147192.168.2.6
                                Apr 25, 2024 01:18:48.059878111 CEST49710443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:18:48.059936047 CEST44349710172.217.215.147192.168.2.6
                                Apr 25, 2024 01:18:48.061506987 CEST44349710172.217.215.147192.168.2.6
                                Apr 25, 2024 01:18:48.061582088 CEST49710443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:18:48.157924891 CEST44349711172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.158273935 CEST49711443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.158304930 CEST44349711172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.159394979 CEST44349711172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.159463882 CEST49711443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.343692064 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.343741894 CEST44349712172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.343805075 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.344784021 CEST49710443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:18:48.345010996 CEST44349710172.217.215.147192.168.2.6
                                Apr 25, 2024 01:18:48.345710993 CEST49711443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.345894098 CEST44349711172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.346360922 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.346390009 CEST44349712172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.353287935 CEST49711443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.353321075 CEST44349711172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.390945911 CEST49710443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:18:48.390974998 CEST44349710172.217.215.147192.168.2.6
                                Apr 25, 2024 01:18:48.406399965 CEST49711443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.444441080 CEST49710443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:18:48.540055037 CEST44349711172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.540146112 CEST44349711172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.540419102 CEST49711443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.562535048 CEST49711443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.562587976 CEST44349711172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.574069977 CEST44349712172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.576133966 CEST44349698173.222.162.64192.168.2.6
                                Apr 25, 2024 01:18:48.576472044 CEST49698443192.168.2.6173.222.162.64
                                Apr 25, 2024 01:18:48.616899014 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.622987032 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.622999907 CEST44349712172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.624278069 CEST44349712172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.624360085 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.630026102 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.630120993 CEST44349712172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.671570063 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.671590090 CEST44349712172.67.138.227192.168.2.6
                                Apr 25, 2024 01:18:48.720191956 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:18:48.738054991 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:48.738128901 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:48.738240004 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:48.738670111 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:48.738697052 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:48.844676018 CEST49714443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:48.844707966 CEST4434971423.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:48.844778061 CEST49714443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:48.847368956 CEST49714443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:48.847390890 CEST4434971423.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:48.973197937 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:48.982127905 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:48.982191086 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:48.983351946 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:48.983444929 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:48.994793892 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:48.994889021 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:48.995202065 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:48.995232105 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.046483040 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.080066919 CEST4434971423.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.080183983 CEST49714443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.086297989 CEST49714443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.086323977 CEST4434971423.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.086786985 CEST4434971423.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.139636040 CEST49714443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.170593977 CEST49714443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.216125965 CEST4434971423.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.301687002 CEST4434971423.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.301826954 CEST4434971423.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.301888943 CEST49714443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.302172899 CEST49714443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.302190065 CEST4434971423.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.316453934 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.316504955 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.316536903 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.316565037 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.316576958 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.316605091 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.316627979 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.316631079 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.316669941 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.316673994 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.316683054 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.316742897 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.317012072 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.317081928 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.317127943 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.317157030 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.317183018 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.317220926 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.317251921 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.317933083 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.317965031 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.317991972 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.318017960 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.318033934 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.318059921 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.318459034 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.318485975 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.318506956 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.318521023 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.318598986 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.318610907 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.319367886 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.319401026 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.319422960 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.319436073 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.319477081 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.319505930 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.319524050 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.319542885 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.319565058 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.320302010 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.320333958 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.320363045 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.320363998 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.320373058 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.320417881 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.320439100 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.320483923 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.320497036 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.321249008 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.321296930 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.321300983 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.321309090 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.321348906 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.321361065 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.321398973 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.321446896 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.321459055 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.322146893 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.322176933 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.322217941 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.322230101 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.322294950 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.323049068 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.323112965 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.426727057 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.426821947 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.426848888 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.426903963 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.427148104 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.427215099 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.427390099 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.427464962 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.428433895 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.428508043 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.428522110 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.428580999 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.429053068 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.429114103 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.429127932 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.429187059 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.429795980 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.429852009 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.429991007 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.430042982 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.430973053 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.431036949 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.431147099 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.431195974 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.431929111 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.431988955 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.432008028 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.432060003 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.432725906 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.432794094 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.433557987 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.433633089 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.433790922 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.433850050 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.468631029 CEST49715443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.468673944 CEST4434971523.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.468754053 CEST49715443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.469252110 CEST49715443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.469274044 CEST4434971523.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.478008986 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.478082895 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.478099108 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.518522978 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.536026955 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.536135912 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.536428928 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.536488056 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.536611080 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.536664009 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.536854029 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.536904097 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.537286997 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.537374020 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.537880898 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.537938118 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.537998915 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.538058996 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.538865089 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.538923025 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.539009094 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.539069891 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.539881945 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.539958954 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.539971113 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.540010929 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.540060043 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.540148973 CEST49713443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.540179968 CEST44349713104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.552119017 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:49.552133083 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:49.552244902 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:49.552463055 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:49.552474976 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:49.701414108 CEST4434971523.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.701503038 CEST49715443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.703105927 CEST49715443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.703118086 CEST4434971523.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.703444004 CEST4434971523.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.704663038 CEST49715443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.748117924 CEST4434971523.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.782437086 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:49.782628059 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:49.782634974 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:49.783696890 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:49.783756018 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:49.910547972 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:49.910703897 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:49.910929918 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:49.910943985 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:49.917821884 CEST49718443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.917851925 CEST44349718104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.918538094 CEST49718443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.918621063 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.918632984 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.918684006 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.919154882 CEST49718443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.919173002 CEST44349718104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.919517994 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.919529915 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.920636892 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.920663118 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.920938969 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.921739101 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.921750069 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.922200918 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.922235966 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.922353029 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.922626019 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:49.922640085 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:49.951055050 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:49.975670099 CEST4434971523.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.975785017 CEST4434971523.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:49.976016045 CEST49715443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.994807005 CEST49715443192.168.2.623.216.73.151
                                Apr 25, 2024 01:18:49.994837046 CEST4434971523.216.73.151192.168.2.6
                                Apr 25, 2024 01:18:50.021030903 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.039258957 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.039268017 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.039278030 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.039324999 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.039336920 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.039354086 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.039694071 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.061263084 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.061281919 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.061359882 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.061368942 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.113010883 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.141953945 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.141966105 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.142004013 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.142029047 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.142040014 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.142047882 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.142069101 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.142093897 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.151216984 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.151293039 CEST44349718104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.151345968 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.153841972 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.159246922 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.159262896 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.159450054 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.159456968 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.159867048 CEST49718443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.159881115 CEST44349718104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.159929991 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.160075903 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.160085917 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.160284996 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.160343885 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.160373926 CEST44349718104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.161032915 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.161051035 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.161101103 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.161109924 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.161153078 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.161171913 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.161235094 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.162133932 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.162219048 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.163075924 CEST49718443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.163162947 CEST44349718104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.164196968 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.164262056 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.164813042 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.164880037 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.167331934 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.167532921 CEST49718443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.167650938 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.167658091 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.167717934 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.167726040 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.175537109 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.175554991 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.175628901 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.175643921 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.175693035 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.177628040 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.177681923 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.177689075 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.177701950 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.177728891 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.177757025 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.179851055 CEST49716443192.168.2.6151.101.2.137
                                Apr 25, 2024 01:18:50.179858923 CEST44349716151.101.2.137192.168.2.6
                                Apr 25, 2024 01:18:50.208849907 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.208868980 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.212124109 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.212130070 CEST44349718104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.419989109 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420043945 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420084953 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420085907 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.420103073 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420140982 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.420151949 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420201063 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420294046 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420331001 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.420339108 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420373917 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420408964 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.420414925 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420480967 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420526028 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.420532942 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.420605898 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.421241045 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421262026 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421300888 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421335936 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421360016 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421384096 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.421392918 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421396017 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421415091 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.421431065 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421462059 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421480894 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.421487093 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421511889 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421525955 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.421552896 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.421560049 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421740055 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421782970 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421788931 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.421797991 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.421852112 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.421859026 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.422025919 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.422094107 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.422100067 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.422153950 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.422195911 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.422419071 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.422458887 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.422462940 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.422475100 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.422535896 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.422543049 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.423224926 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.423268080 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.423274994 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.423283100 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.423331976 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.423337936 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424021959 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424061060 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424110889 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.424118042 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424164057 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.424168110 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424180031 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424235106 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.424242020 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424427032 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424487114 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424529076 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424550056 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.424568892 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424603939 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.424609900 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424658060 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424701929 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424706936 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.424717903 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424772024 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.424777985 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424911976 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424915075 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424959898 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.424968958 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.424994946 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.425000906 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.425004959 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.425057888 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.425065994 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.425079107 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.425132036 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.425137997 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.425148964 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.425180912 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.425683022 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.425735950 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.425743103 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.425812006 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.425862074 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.425868988 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.426457882 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.426502943 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.426542997 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.426549911 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.426589012 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.426598072 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.427283049 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.427337885 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.427344084 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.427386999 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.427426100 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.427428961 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.427437067 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.427493095 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.428142071 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.428199053 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.435668945 CEST49720443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.435683966 CEST44349720104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.444878101 CEST49721443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.444890022 CEST44349721104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.491904020 CEST44349718104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.492055893 CEST44349718104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.492136955 CEST49718443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.492985010 CEST49718443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.493001938 CEST44349718104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.530607939 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.530706882 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.532499075 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.532577038 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.532701969 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.532753944 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.532922029 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.532968998 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.533437014 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.533504963 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.533513069 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.533550024 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.533554077 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.533590078 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.534117937 CEST49719443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:50.534126997 CEST44349719104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:50.567665100 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.567707062 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.567847013 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.568042994 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.568106890 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.568193913 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.568331957 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.568355083 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.568526030 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.568558931 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.798657894 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.801076889 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.802359104 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.802366972 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.803172112 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.803232908 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.803359985 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.803421021 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.804697990 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.804764032 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.805354118 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.805425882 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.806385040 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.806471109 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.806878090 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.806890011 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.807017088 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.807034016 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:50.858527899 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:50.858588934 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.067907095 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.067954063 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.067984104 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.068012953 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.068030119 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.068046093 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.068078995 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.068092108 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.068129063 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.068133116 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.068139076 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.068213940 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.068329096 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.068416119 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.068640947 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.068659067 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.068958044 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.069015026 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.069020033 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.069094896 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.069122076 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.069154978 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.069160938 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.069238901 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.069768906 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.069853067 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.069885969 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.069936991 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.069946051 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.070003986 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.085550070 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.085611105 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.085647106 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.085706949 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.085787058 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.085892916 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.086431026 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.087241888 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.087316990 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.087331057 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.087851048 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.087898970 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.087910891 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.087925911 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.088015079 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.088027000 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.088128090 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.088174105 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.088186979 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.088206053 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.088252068 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.104487896 CEST49724443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.104506969 CEST44349724172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.105429888 CEST49725443192.168.2.6172.67.143.252
                                Apr 25, 2024 01:18:51.105459929 CEST44349725172.67.143.252192.168.2.6
                                Apr 25, 2024 01:18:51.210216999 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.210261106 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.210326910 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.210525990 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.210544109 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.444716930 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.444963932 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.444992065 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.446028948 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.446088076 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.552520037 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.552665949 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.556978941 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.557009935 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.597680092 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.716497898 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.716571093 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.716605902 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.716656923 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.716660023 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.716695070 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.716711044 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.716730118 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.716758013 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.716782093 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.716790915 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.716836929 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.716844082 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.716872931 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.716911077 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.790349960 CEST49726443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:51.790388107 CEST44349726172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:51.874566078 CEST49728443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:51.874639034 CEST44349728104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:51.874727011 CEST49728443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:51.878324032 CEST49728443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:51.878359079 CEST44349728104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:51.929667950 CEST49729443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:51.929697990 CEST44349729104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:51.929781914 CEST49729443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:51.930156946 CEST49729443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:51.930169106 CEST44349729104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.090100050 CEST44349708217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:52.090198040 CEST44349708217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:52.090609074 CEST49708443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:52.109282017 CEST44349728104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.110873938 CEST49728443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.110905886 CEST44349728104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.111268044 CEST44349728104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.111887932 CEST49728443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.111963987 CEST44349728104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.112040997 CEST49728443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.152120113 CEST44349728104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.156193018 CEST49728443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.164356947 CEST44349729104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.164580107 CEST49729443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.164601088 CEST44349729104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.165695906 CEST44349729104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.166224957 CEST49729443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.166356087 CEST49729443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.166359901 CEST44349729104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.166390896 CEST44349729104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.216753006 CEST49729443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.398798943 CEST44349728104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.398881912 CEST44349728104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.398982048 CEST49728443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.435636997 CEST44349729104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.435825109 CEST44349729104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.435902119 CEST49729443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.448024988 CEST49708443192.168.2.6217.78.233.95
                                Apr 25, 2024 01:18:52.448048115 CEST44349708217.78.233.95192.168.2.6
                                Apr 25, 2024 01:18:52.465635061 CEST49728443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.465668917 CEST44349728104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.473228931 CEST49729443192.168.2.6104.21.71.85
                                Apr 25, 2024 01:18:52.473237038 CEST44349729104.21.71.85192.168.2.6
                                Apr 25, 2024 01:18:52.620973110 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:52.621011019 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:52.621059895 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:52.621548891 CEST49731443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:52.621571064 CEST4434973135.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:52.621745110 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:52.621764898 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:52.621773958 CEST49731443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:52.622059107 CEST49731443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:52.622070074 CEST4434973135.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:52.852655888 CEST4434973135.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:52.859771013 CEST49731443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:52.859792948 CEST4434973135.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:52.860960960 CEST4434973135.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:52.861028910 CEST49731443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:52.865643024 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:52.870104074 CEST49731443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:52.870176077 CEST4434973135.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:52.870493889 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:52.870512962 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:52.870743990 CEST49731443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:52.870749950 CEST4434973135.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:52.872438908 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:52.872508049 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:52.889142036 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:52.889267921 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:52.889364004 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:52.889380932 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:52.920049906 CEST49731443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:52.935436964 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.094918013 CEST4434973135.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.094989061 CEST4434973135.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.095041990 CEST49731443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:53.121011019 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.121239901 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.121329069 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.121414900 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.121504068 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.121588945 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.121819973 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.121853113 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.121874094 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.121925116 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.124495029 CEST49731443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:53.124516010 CEST4434973135.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.125587940 CEST49732443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:53.125616074 CEST4434973235.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.125682116 CEST49732443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:53.126157999 CEST49732443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:53.126172066 CEST4434973235.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.130705118 CEST49730443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.130727053 CEST44349730172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.149429083 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.149468899 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.149538040 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.150028944 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.150048018 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.353647947 CEST4434973235.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.354029894 CEST49732443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:53.354041100 CEST4434973235.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.354513884 CEST4434973235.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.355086088 CEST49732443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:53.355199099 CEST4434973235.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.355391979 CEST49732443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:53.374612093 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.375019073 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.375032902 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.375380039 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.375855923 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.375920057 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.376260996 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.396137953 CEST4434973235.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.420134068 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.604787111 CEST4434973235.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.604878902 CEST4434973235.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:53.604938030 CEST49732443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:53.646852970 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.646946907 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.646966934 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.646986961 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.647001982 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.647012949 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.647037029 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.647161961 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.647196054 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.647207975 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.647664070 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.647687912 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.647701025 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.647713900 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.647747993 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.647756100 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.647995949 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:53.648031950 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:53.679112911 CEST49732443192.168.2.635.190.80.1
                                Apr 25, 2024 01:18:53.679125071 CEST4434973235.190.80.1192.168.2.6
                                Apr 25, 2024 01:18:54.436094046 CEST49733443192.168.2.6172.67.205.30
                                Apr 25, 2024 01:18:54.436127901 CEST44349733172.67.205.30192.168.2.6
                                Apr 25, 2024 01:18:55.836925030 CEST49734443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:55.836957932 CEST44349734104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:55.837024927 CEST49734443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:55.837548971 CEST49734443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:55.837563038 CEST44349734104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.069638968 CEST44349734104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.094345093 CEST49734443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.094361067 CEST44349734104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.095858097 CEST44349734104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.095926046 CEST49734443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.101084948 CEST49734443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.101172924 CEST44349734104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.101563931 CEST49734443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.101572990 CEST44349734104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.200025082 CEST49734443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.398374081 CEST44349734104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.398487091 CEST44349734104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.398531914 CEST49734443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.400425911 CEST49734443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.400446892 CEST44349734104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.403151035 CEST49735443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.403187037 CEST44349735104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.403253078 CEST49735443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.404548883 CEST49735443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.404565096 CEST44349735104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.634357929 CEST44349735104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.634855986 CEST49735443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.634881020 CEST44349735104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.635304928 CEST44349735104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.635982037 CEST49735443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.636096001 CEST44349735104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.636174917 CEST49735443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.684112072 CEST44349735104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.970072985 CEST44349735104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.970196962 CEST44349735104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:56.970252991 CEST49735443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.970946074 CEST49735443192.168.2.6104.21.80.104
                                Apr 25, 2024 01:18:56.970968008 CEST44349735104.21.80.104192.168.2.6
                                Apr 25, 2024 01:18:57.088399887 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.088449955 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.088614941 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.088937998 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.088954926 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.319940090 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.321253061 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.321275949 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.322555065 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.322622061 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.323402882 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.323515892 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.323519945 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.368160009 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.372632027 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.372642040 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.532022953 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.654866934 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.655170918 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.655311108 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.655361891 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.655375957 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.655606985 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.655625105 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.655652046 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.655659914 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.655668020 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.656133890 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.656181097 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.656212091 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.656223059 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.656229019 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.656253099 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.656744003 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.656754017 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.656797886 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.656802893 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.656866074 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:57.656904936 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.657088041 CEST49736443192.168.2.6172.67.177.226
                                Apr 25, 2024 01:18:57.657100916 CEST44349736172.67.177.226192.168.2.6
                                Apr 25, 2024 01:18:58.064497948 CEST44349710172.217.215.147192.168.2.6
                                Apr 25, 2024 01:18:58.064554930 CEST44349710172.217.215.147192.168.2.6
                                Apr 25, 2024 01:18:58.064651966 CEST49710443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:19:00.005527020 CEST49710443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:19:00.005593061 CEST44349710172.217.215.147192.168.2.6
                                Apr 25, 2024 01:19:03.566790104 CEST44349712172.67.138.227192.168.2.6
                                Apr 25, 2024 01:19:03.566864014 CEST44349712172.67.138.227192.168.2.6
                                Apr 25, 2024 01:19:03.567038059 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:19:04.000581980 CEST49712443192.168.2.6172.67.138.227
                                Apr 25, 2024 01:19:04.000623941 CEST44349712172.67.138.227192.168.2.6
                                Apr 25, 2024 01:19:47.718878031 CEST49746443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:19:47.718909979 CEST44349746172.217.215.147192.168.2.6
                                Apr 25, 2024 01:19:47.718982935 CEST49746443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:19:47.719208002 CEST49746443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:19:47.719218969 CEST44349746172.217.215.147192.168.2.6
                                Apr 25, 2024 01:19:47.943901062 CEST44349746172.217.215.147192.168.2.6
                                Apr 25, 2024 01:19:47.944240093 CEST49746443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:19:47.944255114 CEST44349746172.217.215.147192.168.2.6
                                Apr 25, 2024 01:19:47.944574118 CEST44349746172.217.215.147192.168.2.6
                                Apr 25, 2024 01:19:47.944911957 CEST49746443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:19:47.944977045 CEST44349746172.217.215.147192.168.2.6
                                Apr 25, 2024 01:19:47.998681068 CEST49746443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:19:57.960875034 CEST44349746172.217.215.147192.168.2.6
                                Apr 25, 2024 01:19:57.960962057 CEST44349746172.217.215.147192.168.2.6
                                Apr 25, 2024 01:19:57.961066008 CEST49746443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:19:58.002887964 CEST49746443192.168.2.6172.217.215.147
                                Apr 25, 2024 01:19:58.002949953 CEST44349746172.217.215.147192.168.2.6

                                UDP Packets

                                TimestampSource PortDest PortSource IPDest IP
                                Apr 25, 2024 01:18:43.888421059 CEST53559071.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:43.895473957 CEST53530441.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:44.523140907 CEST53582481.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:46.036484003 CEST6270953192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:46.036674976 CEST5925453192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:46.178525925 CEST53627091.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:46.213761091 CEST53592541.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:47.657996893 CEST4936353192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:47.658617020 CEST5694053192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:47.768162966 CEST53493631.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:47.768505096 CEST53569401.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:47.784892082 CEST5999253192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:47.786719084 CEST5478153192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:47.898753881 CEST53599921.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:47.919104099 CEST53547811.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:48.566809893 CEST5294453192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:48.622560024 CEST5773753192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:48.680970907 CEST53529441.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:48.736958027 CEST53577371.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:49.441488028 CEST6119453192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:49.441703081 CEST6240953192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:49.551395893 CEST53611941.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:49.551707983 CEST53624091.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:49.553499937 CEST53618771.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:50.163551092 CEST53531161.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:50.451263905 CEST5710353192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:50.454174042 CEST5848353192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:50.562433004 CEST53571031.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:50.566977024 CEST53584831.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:51.095896006 CEST5720953192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:51.096539021 CEST5046153192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:51.207441092 CEST53504611.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:51.209701061 CEST53572091.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:52.449059010 CEST5879253192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:52.462312937 CEST6125353192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:52.481420994 CEST6035553192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:52.481594086 CEST5548853192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:52.560394049 CEST53587921.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:52.572885036 CEST53612531.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:52.591927052 CEST53603551.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:52.594474077 CEST53554881.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:54.626993895 CEST6458353192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:54.627262115 CEST5389653192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:54.738574028 CEST53645831.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:54.741938114 CEST53538961.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:55.819236994 CEST5902953192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:55.820244074 CEST5806453192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:55.930923939 CEST53590291.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:55.931122065 CEST53580641.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:56.974560976 CEST5999253192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:56.974704027 CEST5122053192.168.2.61.1.1.1
                                Apr 25, 2024 01:18:57.085545063 CEST53599921.1.1.1192.168.2.6
                                Apr 25, 2024 01:18:57.087748051 CEST53512201.1.1.1192.168.2.6
                                Apr 25, 2024 01:19:01.829544067 CEST53581651.1.1.1192.168.2.6
                                Apr 25, 2024 01:19:21.472886086 CEST53563701.1.1.1192.168.2.6
                                Apr 25, 2024 01:19:43.394714117 CEST53517111.1.1.1192.168.2.6
                                Apr 25, 2024 01:19:45.047259092 CEST53563491.1.1.1192.168.2.6

                                ICMP Packets

                                TimestampSource IPDest IPChecksumCodeType
                                Apr 25, 2024 01:18:55.931175947 CEST192.168.2.61.1.1.1c20e(Port unreachable)Destination Unreachable

                                DNS Queries

                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                Apr 25, 2024 01:18:46.036484003 CEST192.168.2.61.1.1.10x325eStandard query (0)servingspec.comA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:46.036674976 CEST192.168.2.61.1.1.10xfc0dStandard query (0)servingspec.com65IN (0x0001)false
                                Apr 25, 2024 01:18:47.657996893 CEST192.168.2.61.1.1.10x4cdStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.658617020 CEST192.168.2.61.1.1.10x5481Standard query (0)www.google.com65IN (0x0001)false
                                Apr 25, 2024 01:18:47.784892082 CEST192.168.2.61.1.1.10x23efStandard query (0)bltizflash.latA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.786719084 CEST192.168.2.61.1.1.10x192aStandard query (0)bltizflash.lat65IN (0x0001)false
                                Apr 25, 2024 01:18:48.566809893 CEST192.168.2.61.1.1.10x132eStandard query (0)duvetflip.sbsA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:48.622560024 CEST192.168.2.61.1.1.10xc467Standard query (0)duvetflip.sbs65IN (0x0001)false
                                Apr 25, 2024 01:18:49.441488028 CEST192.168.2.61.1.1.10xfd3Standard query (0)code.jquery.comA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:49.441703081 CEST192.168.2.61.1.1.10xc4d4Standard query (0)code.jquery.com65IN (0x0001)false
                                Apr 25, 2024 01:18:50.451263905 CEST192.168.2.61.1.1.10xfe94Standard query (0)duvetflip.sbsA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:50.454174042 CEST192.168.2.61.1.1.10xa905Standard query (0)duvetflip.sbs65IN (0x0001)false
                                Apr 25, 2024 01:18:51.095896006 CEST192.168.2.61.1.1.10x2574Standard query (0)trk-adulvion.comA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:51.096539021 CEST192.168.2.61.1.1.10x5e09Standard query (0)trk-adulvion.com65IN (0x0001)false
                                Apr 25, 2024 01:18:52.449059010 CEST192.168.2.61.1.1.10x59fStandard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:52.462312937 CEST192.168.2.61.1.1.10x2cacStandard query (0)a.nel.cloudflare.com65IN (0x0001)false
                                Apr 25, 2024 01:18:52.481420994 CEST192.168.2.61.1.1.10x9a45Standard query (0)trk-amropode.comA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:52.481594086 CEST192.168.2.61.1.1.10x87acStandard query (0)trk-amropode.com65IN (0x0001)false
                                Apr 25, 2024 01:18:54.626993895 CEST192.168.2.61.1.1.10x6041Standard query (0)event.trk-adulvion.comA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:54.627262115 CEST192.168.2.61.1.1.10x373eStandard query (0)event.trk-adulvion.com65IN (0x0001)false
                                Apr 25, 2024 01:18:55.819236994 CEST192.168.2.61.1.1.10x236Standard query (0)event.trk-adulvion.comA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:55.820244074 CEST192.168.2.61.1.1.10x7a4fStandard query (0)event.trk-adulvion.com65IN (0x0001)false
                                Apr 25, 2024 01:18:56.974560976 CEST192.168.2.61.1.1.10xf6fdStandard query (0)event.trk-adulvion.comA (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:56.974704027 CEST192.168.2.61.1.1.10x27beStandard query (0)event.trk-adulvion.com65IN (0x0001)false

                                DNS Answers

                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                Apr 25, 2024 01:18:46.178525925 CEST1.1.1.1192.168.2.60x325eNo error (0)servingspec.com217.78.233.95A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.768162966 CEST1.1.1.1192.168.2.60x4cdNo error (0)www.google.com172.217.215.147A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.768162966 CEST1.1.1.1192.168.2.60x4cdNo error (0)www.google.com172.217.215.104A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.768162966 CEST1.1.1.1192.168.2.60x4cdNo error (0)www.google.com172.217.215.105A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.768162966 CEST1.1.1.1192.168.2.60x4cdNo error (0)www.google.com172.217.215.103A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.768162966 CEST1.1.1.1192.168.2.60x4cdNo error (0)www.google.com172.217.215.106A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.768162966 CEST1.1.1.1192.168.2.60x4cdNo error (0)www.google.com172.217.215.99A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.768505096 CEST1.1.1.1192.168.2.60x5481No error (0)www.google.com65IN (0x0001)false
                                Apr 25, 2024 01:18:47.898753881 CEST1.1.1.1192.168.2.60x23efNo error (0)bltizflash.lat172.67.138.227A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.898753881 CEST1.1.1.1192.168.2.60x23efNo error (0)bltizflash.lat104.21.78.249A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:47.919104099 CEST1.1.1.1192.168.2.60x192aNo error (0)bltizflash.lat65IN (0x0001)false
                                Apr 25, 2024 01:18:48.680970907 CEST1.1.1.1192.168.2.60x132eNo error (0)duvetflip.sbs104.21.71.85A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:48.680970907 CEST1.1.1.1192.168.2.60x132eNo error (0)duvetflip.sbs172.67.143.252A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:48.736958027 CEST1.1.1.1192.168.2.60xc467No error (0)duvetflip.sbs65IN (0x0001)false
                                Apr 25, 2024 01:18:49.551395893 CEST1.1.1.1192.168.2.60xfd3No error (0)code.jquery.com151.101.2.137A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:49.551395893 CEST1.1.1.1192.168.2.60xfd3No error (0)code.jquery.com151.101.194.137A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:49.551395893 CEST1.1.1.1192.168.2.60xfd3No error (0)code.jquery.com151.101.130.137A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:49.551395893 CEST1.1.1.1192.168.2.60xfd3No error (0)code.jquery.com151.101.66.137A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:50.562433004 CEST1.1.1.1192.168.2.60xfe94No error (0)duvetflip.sbs172.67.143.252A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:50.562433004 CEST1.1.1.1192.168.2.60xfe94No error (0)duvetflip.sbs104.21.71.85A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:50.566977024 CEST1.1.1.1192.168.2.60xa905No error (0)duvetflip.sbs65IN (0x0001)false
                                Apr 25, 2024 01:18:51.207441092 CEST1.1.1.1192.168.2.60x5e09No error (0)trk-adulvion.com65IN (0x0001)false
                                Apr 25, 2024 01:18:51.209701061 CEST1.1.1.1192.168.2.60x2574No error (0)trk-adulvion.com172.67.177.226A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:51.209701061 CEST1.1.1.1192.168.2.60x2574No error (0)trk-adulvion.com104.21.80.104A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:52.560394049 CEST1.1.1.1192.168.2.60x59fNo error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:52.591927052 CEST1.1.1.1192.168.2.60x9a45No error (0)trk-amropode.com172.67.205.30A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:52.591927052 CEST1.1.1.1192.168.2.60x9a45No error (0)trk-amropode.com104.21.22.140A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:52.594474077 CEST1.1.1.1192.168.2.60x87acNo error (0)trk-amropode.com65IN (0x0001)false
                                Apr 25, 2024 01:18:54.738574028 CEST1.1.1.1192.168.2.60x6041No error (0)event.trk-adulvion.com104.21.80.104A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:54.738574028 CEST1.1.1.1192.168.2.60x6041No error (0)event.trk-adulvion.com172.67.177.226A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:54.741938114 CEST1.1.1.1192.168.2.60x373eNo error (0)event.trk-adulvion.com65IN (0x0001)false
                                Apr 25, 2024 01:18:55.930923939 CEST1.1.1.1192.168.2.60x236No error (0)event.trk-adulvion.com104.21.80.104A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:55.930923939 CEST1.1.1.1192.168.2.60x236No error (0)event.trk-adulvion.com172.67.177.226A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:55.931122065 CEST1.1.1.1192.168.2.60x7a4fNo error (0)event.trk-adulvion.com65IN (0x0001)false
                                Apr 25, 2024 01:18:57.085545063 CEST1.1.1.1192.168.2.60xf6fdNo error (0)event.trk-adulvion.com172.67.177.226A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:57.085545063 CEST1.1.1.1192.168.2.60xf6fdNo error (0)event.trk-adulvion.com104.21.80.104A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:57.087748051 CEST1.1.1.1192.168.2.60x27beNo error (0)event.trk-adulvion.com65IN (0x0001)false
                                Apr 25, 2024 01:18:58.021954060 CEST1.1.1.1192.168.2.60xdc9fNo error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:58.021954060 CEST1.1.1.1192.168.2.60xdc9fNo error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:18:58.403827906 CEST1.1.1.1192.168.2.60xe891No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 25, 2024 01:18:58.403827906 CEST1.1.1.1192.168.2.60xe891No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:19:11.126818895 CEST1.1.1.1192.168.2.60xf3d5No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 25, 2024 01:19:11.126818895 CEST1.1.1.1192.168.2.60xf3d5No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:19:37.204135895 CEST1.1.1.1192.168.2.60xd04dNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 25, 2024 01:19:37.204135895 CEST1.1.1.1192.168.2.60xd04dNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                Apr 25, 2024 01:19:56.141289949 CEST1.1.1.1192.168.2.60x48edNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 25, 2024 01:19:56.141289949 CEST1.1.1.1192.168.2.60x48edNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false

                                HTTP Request Dependency Graph

                                • https:
                                  • servingspec.com
                                  • bltizflash.lat
                                  • duvetflip.sbs
                                  • code.jquery.com
                                  • trk-adulvion.com
                                  • trk-amropode.com
                                  • event.trk-adulvion.com
                                • fs.microsoft.com
                                • a.nel.cloudflare.com

                                HTTPS Proxied Packets

                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                0192.168.2.649709217.78.233.954436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:47 UTC784OUTGET /0/0/0/cebf06515fb74f5ce98492177dc6c2eb/7/26081_18/19036_1614238_18507_5419_md HTTP/1.1
                                Host: servingspec.com
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                sec-ch-ua-platform: "Windows"
                                Upgrade-Insecure-Requests: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: navigate
                                Sec-Fetch-Dest: document
                                Referer: https://fassouyatajadalravuij.blob.core.windows.net/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:47 UTC316INHTTP/1.1 200 OK
                                date: Wed, 24 Apr 2024 23:18:47 GMT
                                content-type: text/html; charset=UTF-8
                                content-length: 148
                                server: Apache
                                set-cookie: uid6398=1173598737-20240424191847-f2b0b47f9d4badcb9d15c7644fb4fed8-3829; domain=; expires=Fri, 24-May-2024 23:18:47 GMT; path=/; SameSite=None; Secure
                                connection: close
                                2024-04-24 23:18:47 UTC148INData Raw: 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 6c 74 69 7a 66 6c 61 73 68 2e 6c 61 74 2f 69 6e 64 65 78 32 2e 70 68 70 3f 69 64 3d 32 30 39 26 73 31 3d 33 35 31 39 34 37 26 73 32 3d 31 31 37 33 35 39 38 37 33 37 26 73 33 3d 36 33 39 38 26 70 3d 75 73 35 6d 62 73 68 70 37 63 22 3c 2f 73 63 72 69 70 74 3e
                                Data Ascii: <script type="text/javascript">window.location.href="https://bltizflash.lat/index2.php?id=209&s1=351947&s2=1173598737&s3=6398&p=us5mbshp7c"</script>


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                1192.168.2.649711172.67.138.2274436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:48 UTC740OUTGET /index2.php?id=209&s1=351947&s2=1173598737&s3=6398&p=us5mbshp7c HTTP/1.1
                                Host: bltizflash.lat
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                sec-ch-ua-platform: "Windows"
                                Upgrade-Insecure-Requests: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: navigate
                                Sec-Fetch-Dest: document
                                Referer: https://servingspec.com/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:48 UTC954INHTTP/1.1 302 Found
                                Date: Wed, 24 Apr 2024 23:18:48 GMT
                                Content-Type: text/html; charset=UTF-8
                                Transfer-Encoding: chunked
                                Connection: close
                                location: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119a
                                set-cookie: PHPSESSID=fe55f62e26a6dcd9596ca8afd63d80f9; path=/; secure
                                expires: Thu, 19 Nov 1981 08:52:00 GMT
                                Cache-Control: no-cache, no-store, must-revalidate, max-age=0
                                pragma: no-cache
                                x-frame-options: SAMEORIGIN
                                x-xss-protection: 1; mode=block
                                x-content-type-options: nosniff
                                vary: User-Agent
                                alt-svc: h3=":443"; ma=86400
                                CF-Cache-Status: DYNAMIC
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qXgNiPUkynGv1C73ZmS8m9ZML0aK0uKY3cU3xKvFpaso9c2nDhnQG%2FZVXnvT1K9pTHSZT9kvK6n2FV%2B4G5W%2BKDHZfolsxP6Rzi5qCW6AShcDouQL2VfY8xMJU%2FhdCcrUHg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d0888ddc53aa-ATL
                                2024-04-24 23:18:48 UTC5INData Raw: 30 0d 0a 0d 0a
                                Data Ascii: 0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                2192.168.2.649713104.21.71.854436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:48 UTC710OUTGET /?32cecd10adf41758e498d801f1d9119a HTTP/1.1
                                Host: duvetflip.sbs
                                Connection: keep-alive
                                Upgrade-Insecure-Requests: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: navigate
                                Sec-Fetch-Dest: document
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                sec-ch-ua-platform: "Windows"
                                Referer: https://servingspec.com/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:49 UTC877INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:49 GMT
                                Content-Type: text/html; charset=UTF-8
                                Transfer-Encoding: chunked
                                Connection: close
                                set-cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6; path=/; secure
                                expires: Thu, 19 Nov 1981 08:52:00 GMT
                                Cache-Control: no-store, no-cache, must-revalidate
                                pragma: no-cache
                                vary: Accept-Encoding,User-Agent
                                x-frame-options: SAMEORIGIN
                                x-xss-protection: 1; mode=block
                                x-content-type-options: nosniff
                                alt-svc: h3=":443"; ma=86400
                                CF-Cache-Status: DYNAMIC
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OHPFSuy7Al6MSY17GSsKpuB4bQf4GN0biPfOcFQ45PvToQkrsxKHIPgYVbXydiT9pFdhte%2F1Y03Ja6BYhrgubMhlTOLEP63Mqxl2q99LA0AkrUBPWYaTmDHVH5%2BvXAnH"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d08d5f186743-ATL
                                2024-04-24 23:18:49 UTC492INData Raw: 37 62 39 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 2c 20 6e 6f 61 72 63 68 69 76 65 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 64 65 2e 6a 71 75 65 72 79 2e 63 6f 6d 2f 6a 71 75 65 72 79 2d 32 2e 32 2e 34 2e 6d 69 6e 2e 6a 73 22 20 69 6e 74 65 67 72 69 74 79 3d 22 73 68 61 32 35 36 2d 42 62 68 64 6c 76 51 66 2f 78 54 59 39 67 6a 61 30 44 71 33 48 69 77 51 46 38 4c 61 43 52 54 58 78 5a 4b 52 75 74 65 6c 54 34 34 3d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79
                                Data Ascii: 7b90<!DOCTYPE html><html lang="en"><head> <meta name="robots" content="noindex, nofollow, noarchive"> <script src="https://code.jquery.com/jquery-2.2.4.min.js" integrity="sha256-BbhdlvQf/xTY9gja0Dq3HiwQF8LaCRTXxZKRutelT44=" crossorigin="anony
                                2024-04-24 23:18:49 UTC1369INData Raw: 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6d 73 61 70 70 6c 69 63 61 74 69 6f 6e 2d 54 69 6c 65 43 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 64 61 35 33 32 63 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 66 66 66 66 66 66 22 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 40 69
                                Data Ascii: "> <meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1,minimum-scale=1,user-scalable=no"> <meta name="msapplication-TileColor" content="#da532c"> <meta name="theme-color" content="#ffffff"> <style> @i
                                2024-04-24 23:18:49 UTC1369INData Raw: 6f 72 6d 61 74 28 22 73 76 67 22 29 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 46 6f 6e 74 41 77 65 73 6f 6d 65 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 6b 61 2d 66 2e 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 72 65 6c 65 61 73 65 73 2f 76 35 2e 31 35 2e 34 2f 77 65 62 66 6f 6e 74 73 2f 66 72 65 65 2d 66 61 2d 62 72 61 6e 64 73 2d 34 30 30 2e 65 6f 74 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 6b 61 2d 66 2e 66 6f
                                Data Ascii: ormat("svg") } @font-face { font-family: "FontAwesome"; font-display: block; src: url(https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.eot); src: url(https://ka-f.fo
                                2024-04-24 23:18:49 UTC1369INData Raw: 62 66 6f 6e 74 73 2f 66 72 65 65 2d 66 61 2d 72 65 67 75 6c 61 72 2d 34 30 30 2e 74 74 66 29 20 66 6f 72 6d 61 74 28 22 74 72 75 65 74 79 70 65 22 29 2c 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 6b 61 2d 66 2e 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 72 65 6c 65 61 73 65 73 2f 76 35 2e 31 35 2e 34 2f 77 65 62 66 6f 6e 74 73 2f 66 72 65 65 2d 66 61 2d 72 65 67 75 6c 61 72 2d 34 30 30 2e 73 76 67 23 66 6f 6e 74 61 77 65 73 6f 6d 65 29 20 66 6f 72 6d 61 74 28 22 73 76 67 22 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 66 30 30 34 2d 66 30 30 35 2c 20 55 2b 66 30 30 37 2c 20 55 2b 66 30 31 37 2c 20 55 2b 66 30 32 32 2c 20 55 2b 66 30 32 34 2c 20 55 2b 66 30 32 65 2c 20 55 2b 66 30 33 65 2c 20 55 2b 66 30
                                Data Ascii: bfonts/free-fa-regular-400.ttf) format("truetype"), url(https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.svg#fontawesome) format("svg"); unicode-range: U+f004-f005, U+f007, U+f017, U+f022, U+f024, U+f02e, U+f03e, U+f0
                                2024-04-24 23:18:49 UTC1369INData Raw: 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 2c 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 6b 61 2d 66 2e 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 72 65 6c 65 61 73 65 73 2f 76 35 2e 31 35 2e 34 2f 77 65 62 66 6f 6e 74 73 2f 66 72 65 65 2d 66 61 2d 76 34 64 65 70 72 65 63 61 74 69 6f 6e 73 2e 74 74 66 29 20 66 6f 72 6d 61 74 28 22 74 72 75 65 74 79 70 65 22 29 2c 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 6b 61 2d 66 2e 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 72 65 6c 65 61 73 65 73 2f 76 35 2e 31 35 2e 34 2f 77 65 62 66 6f 6e 74 73 2f 66 72 65 65 2d 66 61 2d 76 34 64 65 70 72 65 63 61 74 69 6f 6e 73 2e 73 76 67 23 66 6f 6e 74 61 77 65 73 6f 6d 65 29 20 66 6f 72 6d 61 74 28 22 73 76 67 22 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20
                                Data Ascii: woff) format("woff"), url(https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-v4deprecations.ttf) format("truetype"), url(https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-v4deprecations.svg#fontawesome) format("svg");
                                2024-04-24 23:18:49 UTC1369INData Raw: 20 20 20 20 20 2e 66 61 2e 66 61 2d 73 74 61 72 2d 6f 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 30 30 35 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 63 6c 6f 73 65 3a 62 65 66 6f 72 65 2c 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 72 65 6d 6f 76 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 30 30 64 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 67 65 61 72 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 30 31 33 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 74 72 61
                                Data Ascii: .fa.fa-star-o:before { content: "\f005" } .fa.fa-close:before, .fa.fa-remove:before { content: "\f00d" } .fa.fa-gear:before { content: "\f013" } .fa.fa-tra
                                2024-04-24 23:18:49 UTC1369INData Raw: 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 31 34 34 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 72 65 70 65 61 74 3a 62 65 66 6f 72 65 2c 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 72 6f 74 61 74 65 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 30 31 65 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 72 65 66 72 65 73 68 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 30 32 31 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 6c 69 73 74 2d 61 6c 74 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66
                                Data Ascii: content: "\f144" } .fa.fa-repeat:before, .fa.fa-rotate-right:before { content: "\f01e" } .fa.fa-refresh:before { content: "\f021" } .fa.fa-list-alt { font-f
                                2024-04-24 23:18:49 UTC1369INData Raw: 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 73 68 61 72 65 2d 73 71 75 61 72 65 2d 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 73 68 61 72 65 2d 73 71 75 61 72 65 2d 6f 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 31 34 64 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 63 68 65 63 6b 2d 73 71 75 61 72 65 2d 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c
                                Data Ascii: .fa.fa-share-square-o { font-family: "Font Awesome 5 Free"; font-weight: 400 } .fa.fa-share-square-o:before { content: "\f14d" } .fa.fa-check-square-o { font-famil
                                2024-04-24 23:18:49 UTC1369INData Raw: 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 61 72 72 6f 77 73 2d 76 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 33 33 38 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 61 72 72 6f 77 73 2d 68 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 33 33 37 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 62 61 72 2d 63 68 61 72 74 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 46 72 65 65 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 0a 20 20 20 20
                                Data Ascii: .fa.fa-arrows-v:before { content: "\f338" } .fa.fa-arrows-h:before { content: "\f337" } .fa.fa-bar-chart { font-family: "Font Awesome 5 Free"; font-weight: 400
                                2024-04-24 23:18:49 UTC1369INData Raw: 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 32 66 35 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 6c 69 6e 6b 65 64 69 6e 2d 73 71 75 61 72 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 42 72 61 6e 64 73 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 6c 69 6e 6b 65 64 69 6e 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 30 38 63 22 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 61 2e 66 61 2d 74 68 75 6d 62
                                Data Ascii: content: "\f2f5" } .fa.fa-linkedin-square { font-family: "Font Awesome 5 Brands"; font-weight: 400 } .fa.fa-linkedin-square:before { content: "\f08c" } .fa.fa-thumb


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                3192.168.2.64971423.216.73.151443
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:49 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                Connection: Keep-Alive
                                Accept: */*
                                Accept-Encoding: identity
                                User-Agent: Microsoft BITS/7.8
                                Host: fs.microsoft.com
                                2024-04-24 23:18:49 UTC467INHTTP/1.1 200 OK
                                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                Content-Type: application/octet-stream
                                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                Server: ECAcc (chd/0712)
                                X-CID: 11
                                X-Ms-ApiVersion: Distribute 1.2
                                X-Ms-Region: prod-eus-z1
                                Cache-Control: public, max-age=200684
                                Date: Wed, 24 Apr 2024 23:18:49 GMT
                                Connection: close
                                X-CID: 2


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                4192.168.2.64971523.216.73.151443
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:49 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                Connection: Keep-Alive
                                Accept: */*
                                Accept-Encoding: identity
                                If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                Range: bytes=0-2147483646
                                User-Agent: Microsoft BITS/7.8
                                Host: fs.microsoft.com
                                2024-04-24 23:18:49 UTC531INHTTP/1.1 200 OK
                                Content-Type: application/octet-stream
                                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                ApiVersion: Distribute 1.1
                                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                X-Azure-Ref: 0DZ+oYgAAAABSxwJpMgMuSLkfS640ajfFQVRBRURHRTEyMTkAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                                Cache-Control: public, max-age=200683
                                Date: Wed, 24 Apr 2024 23:18:49 GMT
                                Content-Length: 55
                                Connection: close
                                X-CID: 2
                                2024-04-24 23:18:49 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                5192.168.2.649716151.101.2.1374436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:49 UTC559OUTGET /jquery-2.2.4.min.js HTTP/1.1
                                Host: code.jquery.com
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                Origin: https://duvetflip.sbs
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                sec-ch-ua-platform: "Windows"
                                Accept: */*
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: cors
                                Sec-Fetch-Dest: script
                                Referer: https://duvetflip.sbs/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:50 UTC571INHTTP/1.1 200 OK
                                Connection: close
                                Content-Length: 85578
                                Server: nginx
                                Content-Type: application/javascript; charset=utf-8
                                Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
                                ETag: "28feccc0-14e4a"
                                Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
                                Access-Control-Allow-Origin: *
                                Via: 1.1 varnish, 1.1 varnish
                                Accept-Ranges: bytes
                                Date: Wed, 24 Apr 2024 23:18:49 GMT
                                Age: 5409880
                                X-Served-By: cache-lga21935-LGA, cache-pdk-kfty2130074-PDK
                                X-Cache: HIT, HIT
                                X-Cache-Hits: 396, 2988
                                X-Timer: S1714000730.962423,VS0,VE0
                                Vary: Accept-Encoding
                                2024-04-24 23:18:50 UTC16384INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 32 2e 32 2e 34 20 7c 20 28 63 29 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 61 2e 64 6f 63 75 6d 65 6e 74 3f 62 28 61 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69 6e 64 6f 77 20 77 69 74 68 20 61 20 64 6f 63 75 6d 65 6e
                                Data Ascii: /*! jQuery v2.2.4 | (c) jQuery Foundation | jquery.org/license */!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a documen
                                2024-04-24 23:18:50 UTC16384INData Raw: 65 73 74 28 61 7c 7c 22 22 29 7c 7c 66 61 2e 65 72 72 6f 72 28 22 75 6e 73 75 70 70 6f 72 74 65 64 20 6c 61 6e 67 3a 20 22 2b 61 29 2c 61 3d 61 2e 72 65 70 6c 61 63 65 28 62 61 2c 63 61 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 3b 64 6f 20 69 66 28 63 3d 70 3f 62 2e 6c 61 6e 67 3a 62 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 78 6d 6c 3a 6c 61 6e 67 22 29 7c 7c 62 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6c 61 6e 67 22 29 29 72 65 74 75 72 6e 20 63 3d 63 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 63 3d 3d 3d 61 7c 7c 30 3d 3d 3d 63 2e 69 6e 64 65 78 4f 66 28 61 2b 22 2d 22 29 3b 77 68 69 6c 65 28 28 62 3d 62 2e 70 61 72 65 6e 74 4e 6f 64 65 29 26 26 31 3d 3d 3d 62 2e 6e 6f 64 65 54 79 70 65
                                Data Ascii: est(a||"")||fa.error("unsupported lang: "+a),a=a.replace(ba,ca).toLowerCase(),function(b){var c;do if(c=p?b.lang:b.getAttribute("xml:lang")||b.getAttribute("lang"))return c=c.toLowerCase(),c===a||0===c.indexOf(a+"-");while((b=b.parentNode)&&1===b.nodeType
                                2024-04-24 23:18:50 UTC16384INData Raw: 68 69 73 2c 61 29 7d 29 3a 4b 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 2c 64 3b 69 66 28 66 26 26 76 6f 69 64 20 30 3d 3d 3d 62 29 7b 69 66 28 63 3d 4f 2e 67 65 74 28 66 2c 61 29 7c 7c 4f 2e 67 65 74 28 66 2c 61 2e 72 65 70 6c 61 63 65 28 51 2c 22 2d 24 26 22 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 2c 76 6f 69 64 20 30 21 3d 3d 63 29 72 65 74 75 72 6e 20 63 3b 69 66 28 64 3d 6e 2e 63 61 6d 65 6c 43 61 73 65 28 61 29 2c 63 3d 4f 2e 67 65 74 28 66 2c 64 29 2c 76 6f 69 64 20 30 21 3d 3d 63 29 72 65 74 75 72 6e 20 63 3b 69 66 28 63 3d 52 28 66 2c 64 2c 76 6f 69 64 20 30 29 2c 76 6f 69 64 20 30 21 3d 3d 63 29 72 65 74 75 72 6e 20 63 7d 65 6c 73 65 20 64 3d 6e 2e 63 61 6d 65 6c 43 61 73 65 28 61 29 2c 74 68 69 73 2e 65 61 63
                                Data Ascii: his,a)}):K(this,function(b){var c,d;if(f&&void 0===b){if(c=O.get(f,a)||O.get(f,a.replace(Q,"-$&").toLowerCase()),void 0!==c)return c;if(d=n.camelCase(a),c=O.get(f,d),void 0!==c)return c;if(c=R(f,d,void 0),void 0!==c)return c}else d=n.camelCase(a),this.eac
                                2024-04-24 23:18:50 UTC16384INData Raw: 2e 73 74 79 6c 65 2e 62 61 63 6b 67 72 6f 75 6e 64 43 6c 69 70 2c 67 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 3d 22 62 6f 72 64 65 72 3a 30 3b 77 69 64 74 68 3a 38 70 78 3b 68 65 69 67 68 74 3a 30 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 2d 39 39 39 39 70 78 3b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 22 2c 67 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 68 29 3b 66 75 6e 63 74 69 6f 6e 20 69 28 29 7b 68 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 3d 22 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78
                                Data Ascii: .style.backgroundClip,g.style.cssText="border:0;width:8px;height:0;top:0;left:-9999px;padding:0;margin-top:1px;position:absolute",g.appendChild(h);function i(){h.style.cssText="-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box
                                2024-04-24 23:18:50 UTC16384INData Raw: 61 29 7b 62 3d 61 2e 6d 61 74 63 68 28 47 29 7c 7c 5b 5d 3b 77 68 69 6c 65 28 63 3d 74 68 69 73 5b 69 2b 2b 5d 29 69 66 28 65 3d 66 62 28 63 29 2c 64 3d 31 3d 3d 3d 63 2e 6e 6f 64 65 54 79 70 65 26 26 28 22 20 22 2b 65 2b 22 20 22 29 2e 72 65 70 6c 61 63 65 28 65 62 2c 22 20 22 29 29 7b 67 3d 30 3b 77 68 69 6c 65 28 66 3d 62 5b 67 2b 2b 5d 29 77 68 69 6c 65 28 64 2e 69 6e 64 65 78 4f 66 28 22 20 22 2b 66 2b 22 20 22 29 3e 2d 31 29 64 3d 64 2e 72 65 70 6c 61 63 65 28 22 20 22 2b 66 2b 22 20 22 2c 22 20 22 29 3b 68 3d 6e 2e 74 72 69 6d 28 64 29 2c 65 21 3d 3d 68 26 26 63 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 22 2c 68 29 7d 7d 72 65 74 75 72 6e 20 74 68 69 73 7d 2c 74 6f 67 67 6c 65 43 6c 61 73 73 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62
                                Data Ascii: a){b=a.match(G)||[];while(c=this[i++])if(e=fb(c),d=1===c.nodeType&&(" "+e+" ").replace(eb," ")){g=0;while(f=b[g++])while(d.indexOf(" "+f+" ")>-1)d=d.replace(" "+f+" "," ");h=n.trim(d),e!==h&&c.setAttribute("class",h)}}return this},toggleClass:function(a,b
                                2024-04-24 23:18:50 UTC3658INData Raw: 2e 63 68 69 6c 64 4e 6f 64 65 73 29 29 7d 3b 76 61 72 20 4c 62 3d 6e 2e 66 6e 2e 6c 6f 61 64 3b 6e 2e 66 6e 2e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 61 26 26 4c 62 29 72 65 74 75 72 6e 20 4c 62 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 3b 76 61 72 20 64 2c 65 2c 66 2c 67 3d 74 68 69 73 2c 68 3d 61 2e 69 6e 64 65 78 4f 66 28 22 20 22 29 3b 72 65 74 75 72 6e 20 68 3e 2d 31 26 26 28 64 3d 6e 2e 74 72 69 6d 28 61 2e 73 6c 69 63 65 28 68 29 29 2c 61 3d 61 2e 73 6c 69 63 65 28 30 2c 68 29 29 2c 6e 2e 69 73 46 75 6e 63 74 69 6f 6e 28 62 29 3f 28 63 3d 62 2c 62 3d 76 6f 69 64 20 30 29 3a 62 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 62 26 26
                                Data Ascii: .childNodes))};var Lb=n.fn.load;n.fn.load=function(a,b,c){if("string"!=typeof a&&Lb)return Lb.apply(this,arguments);var d,e,f,g=this,h=a.indexOf(" ");return h>-1&&(d=n.trim(a.slice(h)),a=a.slice(0,h)),n.isFunction(b)?(c=b,b=void 0):b&&"object"==typeof b&&


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                6192.168.2.649719104.21.71.854436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:50 UTC654OUTGET /master/us169/bundle.6659c6537395db0e8db6.css HTTP/1.1
                                Host: duvetflip.sbs
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                sec-ch-ua-platform: "Windows"
                                Accept: text/css,*/*;q=0.1
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: style
                                Referer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119a
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
                                2024-04-24 23:18:50 UTC810INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:50 GMT
                                Content-Type: text/css
                                Transfer-Encoding: chunked
                                Connection: close
                                Cache-Control: public, max-age=604800
                                expires: Wed, 01 May 2024 20:12:10 GMT
                                last-modified: Thu, 21 Mar 2024 19:45:11 GMT
                                vary: Accept-Encoding,User-Agent
                                x-frame-options: SAMEORIGIN
                                x-xss-protection: 1; mode=block
                                x-content-type-options: nosniff
                                alt-svc: h3=":443"; ma=86400
                                CF-Cache-Status: HIT
                                Age: 11200
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YXkGr7hnK1oKkblaiZBLM0TlAUE10Nt4HSp5l%2FL1M7OYIe9FnBa1BURCxo8VEsrbvVw1qmHbEUncrWtI3jv9r9UNjRjHYbg0tEjpSibAcNIXADurChiyBSchfMylqM2"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d094b8b9b074-ATL
                                2024-04-24 23:18:50 UTC559INData Raw: 37 62 64 33 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4c 61 74 6f 3a 77 67 68 74 40 34 30 30 3b 37 30 30 3b 39 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 29 3b 0a 0a 0a 2e 6c 6f 61 64 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 74 6f 70 3a 30 25 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 61 28 34 35 2c 36 30 2c 37 39 2c 30 2e 37 29 7d 2e 6c 6f 61 64 65 72 20 23 6c 6f 61 64 65 72 7b 74 6f 70 3a 32 35 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 77 69 64 74 68 3a 31 30 30 25 7d 40 6b 65 79 66 72 61 6d 65
                                Data Ascii: 7bd3@import url(https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap);.loader{position:fixed;top:0%;width:100%;height:100%;background:rgba(45,60,79,0.7)}.loader #loader{top:25%;height:100%;position:absolute;width:100%}@keyframe
                                2024-04-24 23:18:50 UTC1369INData Raw: 61 74 65 20 30 2e 35 73 20 6c 69 6e 65 61 72 20 69 6e 66 69 6e 69 74 65 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 33 70 78 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 3a 38 25 20 61 75 74 6f 20 30 7d 40 6b 65 79 66 72 61 6d 65 73 20 61 6e 69 6d 61 74 65 7b 31 37 25 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 33 70 78 7d 32 35 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 39 70 78 29 20 72 6f 74 61 74 65 28 32 32 2e 35 64 65 67 29 7d 35 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 31 38 70 78 29 20 73 63 61 6c 65 28 31 2c 20 30 2e 39 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61
                                Data Ascii: ate 0.5s linear infinite;border-radius:3px;display:block;margin:8% auto 0}@keyframes animate{17%{border-bottom-right-radius:3px}25%{transform:translateY(9px) rotate(22.5deg)}50%{transform:translateY(18px) scale(1, 0.9) rotate(45deg);border-bottom-right-ra
                                2024-04-24 23:18:50 UTC1369INData Raw: 61 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 30 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 33 72 65 6d 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 20 30 2e 35 72 65 6d 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 2e 37 72 65 6d 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 77 69 64 74 68
                                Data Ascii: a;border-radius:0;cursor:pointer;color:#fff;font-weight:normal;font-family:Arial, Helvetica, sans-serif;font-size:1.3rem;display:flex;justify-content:center;margin:0 auto 0.5rem auto;padding:0.7rem;outline:none;text-align:center;text-decoration:none;width
                                2024-04-24 23:18:50 UTC1369INData Raw: 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 6d 61 78 2d 77 69 64 74 68 3a 35 30 30 70 78 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 72 67 69 6e 3a 31 35 25 20 61 75 74 6f 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 38 70 78 7d 2e 74 63 70 61 5f 72 65 6d 69 6e 64 65 72 5f 64 69 61 6c 6f 67 20 2e 6d 6f 64 61 6c 5f 54 43 50 41 5f 63 6f 6e 74 61 69 6e 65 72 20 68 31 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 35 30 30 70 78 29 7b 2e 74 63 70 61 5f 72 65 6d 69 6e 64 65 72 5f 64 69 61 6c 6f 67 20 2e 6d 6f 64 61 6c 5f 54 43 50 41 5f 63 6f 6e 74 61 69 6e 65 72 20 68 31 7b 66 6f 6e 74 2d 73 69 7a 65
                                Data Ascii: tant;background:#fff;max-width:500px;width:100%;margin:15% auto;border-radius:8px;padding:8px}.tcpa_reminder_dialog .modal_TCPA_container h1{font-weight:600}@media only screen and (max-width: 500px){.tcpa_reminder_dialog .modal_TCPA_container h1{font-size
                                2024-04-24 23:18:50 UTC1369INData Raw: 65 78 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 6d 61 78 2d 77 69 64 74 68 3a 33 30 30 70 78 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 72 67 69 6e 3a 30 20 31 32 70 78 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 61 36 61 36 61 36 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 36 70 78 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 7d 2e 74 63 70 61 5f 72 65 6d 69 6e 64 65 72 5f 64 69 61 6c 6f 67 20 2e 6d 6f 64 61 6c 5f 54 43 50 41 5f 63 6f 6e 74 61 69 6e 65 72 20 2e 62 75 74 74 6f 6e 5f 61 63 74 69 6f
                                Data Ascii: ex;align-items:center;justify-content:center;max-width:300px;width:100%;margin:0 12px;border:1px solid #a6a6a6;text-decoration:none;border-radius:6px;cursor:pointer;font-size:1.25em;font-weight:600}.tcpa_reminder_dialog .modal_TCPA_container .button_actio
                                2024-04-24 23:18:50 UTC1369INData Raw: 70 78 3b 6f 76 65 72 66 6c 6f 77 2d 79 3a 73 63 72 6f 6c 6c 7d 7d 2e 6d 61 72 6b 65 74 69 6e 67 2d 70 61 72 74 6e 65 72 73 5f 5f 63 6c 6f 73 65 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 34 70 78 3b 72 69 67 68 74 3a 34 70 78 3b 77 69 64 74 68 3a 32 30 70 78 3b 68 65 69 67 68 74 3a 32 30 70 78 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 74 65 78 74 2d
                                Data Ascii: px;overflow-y:scroll}}.marketing-partners__close{-webkit-appearance:none;display:flex;justify-content:center;align-items:center;cursor:pointer;position:absolute;top:4px;right:4px;width:20px;height:20px;text-align:center;line-height:1;font-weight:700;text-
                                2024-04-24 23:18:50 UTC1369INData Raw: 74 3a 33 72 65 6d 3b 6d 61 78 2d 77 69 64 74 68 3a 33 2e 35 72 65 6d 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 77 69 64 74 68 3a 61 75 74 6f 7d 2e 69 6d 61 67 65 53 65 6c 65 63 74 20 2e 73 65 6c 65 63 74 65 64 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 33 39 62 35 34 61 7d 2e 69 6d 61 67 65 53 65 6c 65 63 74 20 2e 73 65 6c 65 63 74 65 64 20 2e 69 6d 61 67 65 41 64 64 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 69 6d 61 67 65 53 65 6c 65 63 74 20 2e 73 65 6c 65 63 74 65 64 20 2e 69 6d 61 67 65 53 65 6c 65 63 74 65 64 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 2e 69 6d 61 67 65 53 65 6c 65 63 74 20 2e 73 65 6c 65 63 74 65 64 20 2e 69 6d 61 67 65 5f 5f 74 65 78 74 7b 63 6f 6c 6f 72 3a 23 33 39 62 35 34 61 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e
                                Data Ascii: t:3rem;max-width:3.5rem;height:100%;width:auto}.imageSelect .selected{border:1px solid #39b54a}.imageSelect .selected .imageAdd{display:none}.imageSelect .selected .imageSelected{display:block}.imageSelect .selected .image__text{color:#39b54a !important}.
                                2024-04-24 23:18:50 UTC1369INData Raw: 6f 75 74 6c 69 6e 65 3a 30 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 31 30 30 25 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 7d 2e 74 65 78 74 62 6f 78 20 69 6e 70 75 74 3a 2d 77 65 62 6b 69 74 2d 61 75 74 6f 66 69 6c 6c 7b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 6f 6e 41 75 74 6f 46 69 6c 6c 53 74 61 72 74 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 20 35 30 30 30 30 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 30 73 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 35 30 30 70 78 29 7b 2e 74 65 78 74 62 6f 78 7b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 7d 7d 2e 74 65 78 74 62 6f 78 5f 5f 63 6f 6e
                                Data Ascii: outline:0;display:block;width:100%;font-weight:bold}.textbox input:-webkit-autofill{animation-name:onAutoFillStart;transition:background-color 50000s ease-in-out 0s}@media only screen and (max-width: 500px){.textbox{width:100%;margin:0 auto}}.textbox__con
                                2024-04-24 23:18:50 UTC1369INData Raw: 5f 5f 61 72 72 6f 77 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 32 30 70 78 7d 2e 64 72 6f 70 64 6f 77 6e 5f 5f 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 39 66 39 66 39 3b 68 65 69 67 68 74 3a 33 32 70 78 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 34 38 30 70 78 29 7b 2e 64 72 6f 70 64 6f 77 6e 5f 5f 63 6f 6e 74 61 69 6e 65 72 7b 6d 61 72 67 69 6e 3a 30 7d 7d 2e 64 72 6f 70 64 6f 77 6e 5f 5f 63 6f 6e 74 61 69 6e 65 72 20 73 65 6c 65 63 74 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 77 69 64
                                Data Ascii: __arrow{position:absolute;margin-left:-20px}.dropdown__container{background:#f9f9f9;height:32px;display:flex;overflow:hidden;margin:0 auto}@media only screen and (min-width: 480px){.dropdown__container{margin:0}}.dropdown__container select{border:none;wid
                                2024-04-24 23:18:50 UTC1369INData Raw: 66 66 66 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 66 6c 65 78 3a 30 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 35 70 78 7d 2e 70 68 6f 6e 65 20 69 6e 70 75 74 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 77 69 64 74 68 3a 31 30 30 25 3b 63 6f 6c 6f 72 3a 23 35 35 35 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 66 6c 65 78 3a 31 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 38 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 63 6f 6c 6f 72 3a 23 35 35 35 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 72 65 6d 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 35 70 78 7d 2e 73 75 62 71 75 65 73 74 69 6f 6e 2d 2d 70 68 6f 6e 65 3a 6f 6e 6c 79 2d 6f 66 2d 74 79 70 65 7b 64 69 73 70
                                Data Ascii: fff;text-align:left;flex:0;margin-right:5px}.phone input{border:none;width:100%;color:#555;background:#fff;flex:1;padding:6px 8px;font-weight:bold;color:#555;height:auto;text-align:left;font-size:1rem;margin-right:5px}.subquestion--phone:only-of-type{disp


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                7192.168.2.649718104.21.71.854436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:50 UTC639OUTGET /inc/msg.js?98d5d532843288f7feebd03089f211b1 HTTP/1.1
                                Host: duvetflip.sbs
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                sec-ch-ua-platform: "Windows"
                                Accept: */*
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: script
                                Referer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119a
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
                                2024-04-24 23:18:50 UTC815INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:50 GMT
                                Content-Type: application/javascript
                                Transfer-Encoding: chunked
                                Connection: close
                                Cache-Control: public, max-age=604800
                                expires: Wed, 01 May 2024 23:18:50 GMT
                                last-modified: Tue, 05 Dec 2023 15:48:50 GMT
                                vary: Accept-Encoding,User-Agent
                                x-frame-options: SAMEORIGIN
                                x-xss-protection: 1; mode=block
                                x-content-type-options: nosniff
                                alt-svc: h3=":443"; ma=86400
                                CF-Cache-Status: MISS
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Xhuc5K4C7eNDRzLAoqU5nbrTQXVV8wkzV2a6pjZekQbo06J5mIUzosCyzOZof30hNKAsO9I0TP3ZDY99bz8I%2BcRDHVH7of1aeTpw116NvSTw5CkRvM7lVZqhNh%2Fe9Bm"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d094bb7553bb-ATL
                                2024-04-24 23:18:50 UTC554INData Raw: 33 61 65 0d 0a 76 61 72 20 4d 59 43 41 4c 4c 20 3d 20 4d 59 43 41 4c 4c 20 7c 7c 20 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 70 73 68 70 61 72 61 6d 73 20 3d 20 7b 7d 3b 20 2f 2f 20 70 72 69 76 61 74 65 0a 20 20 20 20 72 65 74 75 72 6e 20 7b 0a 20 20 20 20 20 20 20 20 69 6e 69 74 20 3a 20 66 75 6e 63 74 69 6f 6e 28 41 72 67 73 29 20 7b 0a 20 20 20 20 09 20 20 20 20 2f 2f 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 41 72 67 73 5b 32 5d 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 73 68 70 61 72 61 6d 73 20 3d 20 41 72 67 73 5b 30 5d 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 73 68 70 75 62 20 3d 20 41 72 67 73 5b 31 5d 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 73 68 64 6f 6d 61 69 6e 20 3d 20 41 72 67 73 5b 32 5d 3b 0a 20 20 20 20 20
                                Data Ascii: 3aevar MYCALL = MYCALL || (function(){ var pshparams = {}; // private return { init : function(Args) { //console.log(Args[2]); pshparams = Args[0]; pshpub = Args[1]; pshdomain = Args[2];
                                2024-04-24 23:18:50 UTC395INData Raw: 20 70 75 73 68 5f 69 6e 69 74 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 75 74 6d 4f 62 6a 20 3d 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 75 74 6d 5f 73 6f 75 72 63 65 22 3a 20 70 73 68 70 75 62 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 73 6f 75 72 63 65 5f 74 77 6f 22 3a 20 70 73 68 70 61 72 61 6d 73 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 73 6f 75 72 63 65 5f 6f 6e 65 22 3a 20 62 74 6f 61 28 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 29 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 65 74 55 74 6d 28 75 74 6d 4f 62 6a 29 3b 0a 2f 2f 20 20 20 20 20 20 20 20 20 20 20 20 61 6c 65 72 74 28 27 73 65 6e 64 69 6e 67 3a 20 27 2b 70 73 68 70 61 72 61 6d 73 29 3b 0a 20
                                Data Ascii: push_init(); var utmObj = { "utm_source": pshpub, "source_two": pshparams, "source_one": btoa(location.hostname) } setUtm(utmObj);// alert('sending: '+pshparams);
                                2024-04-24 23:18:50 UTC5INData Raw: 30 0d 0a 0d 0a
                                Data Ascii: 0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                8192.168.2.649721104.21.71.854436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:50 UTC683OUTGET /master/us169/xmlogo.png?v=1 HTTP/1.1
                                Host: duvetflip.sbs
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                sec-ch-ua-platform: "Windows"
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: image
                                Referer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119a
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
                                2024-04-24 23:18:50 UTC822INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:50 GMT
                                Content-Type: image/png
                                Content-Length: 15282
                                Connection: close
                                Cache-Control: public, max-age=604800
                                expires: Wed, 01 May 2024 20:12:10 GMT
                                last-modified: Thu, 28 Mar 2024 22:56:33 GMT
                                x-frame-options: SAMEORIGIN
                                x-xss-protection: 1; mode=block
                                x-content-type-options: nosniff
                                vary: User-Agent
                                alt-svc: h3=":443"; ma=86400
                                CF-Cache-Status: HIT
                                Age: 11200
                                Accept-Ranges: bytes
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zk8I13P3M%2FUEkVaLd%2BBE6BrwuTwO24gV6IrMjFirVv4qTDd%2F41%2BlH4tEI%2FL1HT3aWmo5511hrl8ElAEY7rdDp8MKVdx08N6r3bse8J0mTmfUYDWX4uZzZckNDk0a3RS%2F"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d094be4f674d-ATL
                                2024-04-24 23:18:50 UTC547INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 fa 00 00 00 27 08 06 00 00 00 26 4c 55 cc 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 05 e8 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 36 2e 30 2d 63 30 30 32 20 37 39 2e 31 36 34 34 38 38 2c 20 32 30 32 30 2f 30 37 2f 31 30 2d 32 32 3a 30 36 3a 35 33 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44
                                Data Ascii: PNGIHDR'&LUpHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RD
                                2024-04-24 23:18:50 UTC1369INData Raw: 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 45 76 65 6e 74 23 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 32 2e 30 20 28 57 69 6e 64 6f 77 73 29 22 20 78 6d 70 3a 43 72 65 61 74 65 44 61 74 65 3d 22 32 30 32 34 2d 30 33 2d 32 39 54 30 34 3a 30 32 3a 32 32 2b 30 35 3a 33 30 22 20 78 6d 70 3a 4d 6f 64 69 66 79 44 61 74 65 3d 22 32 30 32 34 2d 30 33 2d 32 39 54 30 34 3a 32 37 2b 30 35 3a 33 30 22 20 78 6d 70 3a 4d 65 74 61 64 61 74 61 44 61 74 65 3d 22 32 30 32 34 2d 30 33 2d 32 39 54 30 34 3a 32 37 2b 30 35 3a 33 30 22 20 64 63 3a 66 6f 72 6d 61 74 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 70 68 6f 74 6f 73 68 6f 70 3a 43 6f 6c 6f 72
                                Data Ascii: /ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmp:CreateDate="2024-03-29T04:02:22+05:30" xmp:ModifyDate="2024-03-29T04:27+05:30" xmp:MetadataDate="2024-03-29T04:27+05:30" dc:format="image/png" photoshop:Color
                                2024-04-24 23:18:50 UTC1369INData Raw: 64 af f5 fa 05 1b c0 3f cd 6d e4 e6 00 08 81 99 32 e4 0b 2f f5 3d f3 d5 ff 8a 3e d6 d9 3e 3a 37 c6 00 cd cb e1 f5 72 3c ff a8 86 fa 3d 02 fc 81 d1 cb 19 07 98 ed 60 ee fc 16 84 23 26 0c 43 00 15 6d e8 a9 20 72 c9 00 a8 68 43 10 00 db 76 d0 dc 18 84 ee c8 10 44 8c 7b 0c 0e 02 f3 8e ce e2 b2 cb 6c 64 b2 02 7c 3e 11 bb f6 24 f1 e2 8b 83 28 0c 79 40 85 0c 76 d5 e7 20 c9 3e 14 84 01 5d d7 41 89 8d ce 1e 82 68 81 83 c5 0b 2a b1 72 25 83 cd 2c 2c 5a a2 60 6a 75 0c 0f fd 31 85 93 4e 8a 40 d0 d2 18 ea 97 e0 d1 54 ac f8 44 18 9a c2 31 14 b7 21 d0 d1 fb ab 2a 30 34 60 d3 97 56 69 80 e6 61 92 66 83 b8 0b 85 83 1d 7a 9a 20 ac 99 f8 f2 0f 04 70 85 c2 c8 0e 2f bb 48 20 a4 18 48 92 01 02 01 07 47 71 b1 8c e7 5f e8 c3 73 ff 50 50 55 13 84 e5 b0 3c ee 40 61 18 2a 8c 6c 93
                                Data Ascii: d?m2/=>>:7r<=`#&Cm rhCvD{ld|>$(y@v >]Ah*r%,,Z`ju1N@TD1!*04`Viafz p/H HGq_sPPU<@a*l
                                2024-04-24 23:18:50 UTC1369INData Raw: 77 f4 51 e1 a6 b7 56 67 90 cb 02 a5 e5 8a 29 cb 47 8a 03 bb 82 b1 ab ce 5c 56 e0 b7 e0 81 01 89 73 58 4e 00 b6 ed 05 87 17 2d ad f2 a2 11 c1 75 24 d8 6e 24 82 76 0a 70 70 ce c1 18 50 55 cd f1 fe 66 fb d4 bb 7e 19 d9 bd 75 7b f1 a9 80 3a 0c 6c 7b 9c 87 74 41 3d bd 26 f7 f6 51 f3 a8 33 e7 68 67 f3 f8 92 97 0d 83 de 86 65 f9 c9 33 4f 97 df f6 9b fb d5 67 a2 11 1b 82 e0 a0 bc dc 8b 29 53 7d 18 4a d8 30 19 81 61 53 c9 bd 87 38 ce 29 ed fb d9 b6 a8 06 50 08 94 82 50 8e 4d 1b c3 68 ac 57 11 0c c2 95 f2 13 dc 2b 32 0c 76 d3 20 30 2d 03 a5 93 b2 10 05 01 46 4e 86 69 ca d2 f8 f3 da 7f 8e 49 22 78 ba 3d 0c b1 10 47 cc 4b f0 b7 27 bd 58 b7 f1 3f 0f e4 63 4d 40 af 57 84 c3 08 d6 6d 1c 40 71 a9 84 13 4f 8c 62 d1 92 00 16 2d f1 21 10 f2 e3 d7 f7 54 3d 7a f6 59 fa 9f 5d
                                Data Ascii: wQVg)G\VsXN-u$n$vppPUf~u{:l{tA=&Q3hge3Og)S}J0aS8)PPMhW+2v 0-FNiI"x=GK'X?cM@Wm@qOb-!T=zY]
                                2024-04-24 23:18:50 UTC1369INData Raw: f7 c7 d0 8a aa da a8 dd dc c8 20 c9 32 5a 5a 12 f0 fa 3e 2a 4d 8b 23 11 23 de ee 46 79 e1 ec 39 ea 86 98 69 c1 70 12 90 05 86 b6 36 b2 04 08 1c 21 fb 7c cc 53 52 c9 c1 9b 6f 67 0a 9e 7d ce b9 14 d0 90 3f 17 74 17 49 56 72 6c f6 fc f4 53 6d 5d 59 28 9a 07 93 2a 55 9c 7a aa f1 c8 f6 0f ac 63 01 71 02 63 d9 30 2d 95 dc fd ab f4 d7 ce 3e db ba 33 9b 4b a3 aa 2a 86 ed 3b 02 b3 57 af f1 7c 55 95 61 12 ca f8 78 4c 27 95 e0 8a 37 c2 5f 9d 3c 8d bc f8 de 7b 03 68 6b 63 0b b7 6e 0f 5d 2c 88 d4 1c 91 b8 ff c2 a6 38 21 dc 21 72 49 79 ef 4a 41 d1 df 71 74 1b b5 b5 02 7a 7a d2 55 ab 5f 55 be bf 71 9d f7 ac 44 52 2b 1c 71 24 be f3 8e 0f b3 66 4f 3e 26 a2 79 37 a6 33 fa ec 97 df 62 5f b5 75 62 8a e2 81 e1 ca 38 81 91 b2 95 92 a9 f4 d5 29 47 d3 17 63 a9 41 bc b7 4d 38 67
                                Data Ascii: 2ZZ>*M##Fy9ip6!|SRog}?tIVrlSm]Y(*Uzcqc0->3K*;W|UaxL'7_<{hkcn],8!!rIyJAqtzzU_UqDR+q$fO>&y73b_ub8)GcAM8g
                                2024-04-24 23:18:50 UTC1369INData Raw: e2 68 83 e0 f8 70 c3 f5 e2 93 2e 91 e7 3e f4 da e1 7c bb 61 72 22 13 da 5c 57 1e 8e d8 c2 7c 02 44 01 70 30 70 38 fb 4e 10 0e 10 01 20 74 f8 53 f8 90 a8 c6 81 c7 14 45 0a 50 8a e5 cb 2b f0 b5 af cd 86 69 66 70 f7 dd 7c cd 6b ab 0b af 70 1d b2 b9 3c d5 df f1 e6 3d cc 28 b8 8c b5 6b cb 6e 5c bf 3e 78 6f 69 19 83 37 40 a1 78 28 14 8d a0 bc 5a c3 b4 5a 01 a5 51 13 05 21 0b 8e 95 c3 15 df 0c 35 7e e7 bb ec 72 97 7e 84 09 ac 95 93 67 bc 5c 02 90 c0 2d b7 93 d3 4a ca bc e6 fb 5b 75 a4 b2 1c 16 27 d8 b5 d3 c0 60 bf 0d 55 fd a8 a4 f9 28 15 f5 f6 b2 f2 a1 7e 61 7a 24 a0 42 52 09 ea 9b ac a5 8c 7d 34 9e 59 71 d1 42 0f 34 2d a5 8d 70 b9 ca ca 54 fb 92 45 b1 af 1b 86 bf b9 b1 4e 98 cc 38 17 44 c9 71 1d 5a 20 60 0c d0 75 02 0e 4e 4f fc 94 d3 6f d9 fe dc f3 cf a5 91 cc
                                Data Ascii: hp.>|ar"\W|Dp0p8N tSEP+ifp|kp<=(kn\>xoi7@x(ZZQ!5~r~g\-J[u'`U(~az$BR}4YqB4-pTEN8DqZ `uNOo
                                2024-04-24 23:18:50 UTC1369INData Raw: 14 57 7d 2d bc 7b 6f 57 ff 37 6e bd d9 f8 b5 eb 58 3d 14 b0 8f d8 e5 71 dc 7c 9b 76 7a 41 61 34 fb fa 5b fa be 4a 44 49 a6 68 6b 37 f0 ee c6 14 7c fe c3 55 db 39 08 68 ac ba 5a 7f ab a1 81 5f 78 b0 0c b7 ce 2e 7e 74 ef 80 85 b6 16 71 4a 22 c1 bd 07 63 22 15 15 56 7d 6d 2d df b4 ed 03 fa a5 09 a9 ee dd b1 24 4e 3a cd 7a fe fe 07 94 f8 60 bf 12 1a e5 ea ae 37 b9 b3 a3 70 d6 0d 3f 4c ad 3b f3 2c f3 b6 c1 3e 31 52 57 57 7c 4e 5f bf 5a e8 aa 25 63 91 18 c2 68 e1 8a 02 20 0c c0 42 47 a7 17 40 e1 f0 78 36 d6 bc 65 c6 0a a3 78 b7 a2 52 5c 2b 2b e6 f3 1e cd da 5e 58 44 e0 f7 3b 98 6f 9b 30 6d 09 e9 0c a0 aa a3 09 1c 1f bd 9d 3b f6 33 1f 75 e8 df 3f 5f d5 d0 1d 14 97 a9 50 43 92 36 38 88 8a 7c a5 95 a2 91 74 ef 00 81 e8 50 cc a8 c9 21 18 51 a1 46 cb 70 cd 0d e2 ed
                                Data Ascii: W}-{oW7nX=q|vzAa4[JDIhk7|U9hZ_x.~tqJ"c"V}m-$N:z`7p?L;,>1RWW|N_Z%ch BG@x6exR\++^XD;o0m;3u?_PC68|tP!QFp
                                2024-04-24 23:18:50 UTC1369INData Raw: 45 e2 11 d4 35 51 4c ad 96 60 39 0c 95 85 a9 b5 d3 a6 49 68 6a 0d c0 b2 2c fc bb 1e 8c 51 38 0e c3 49 9f f2 63 c7 76 f1 e9 fa 7a 73 4e 3e c9 29 7c 1f 78 cc 7d 6b c6 98 86 78 dc 5b 1c 8f f3 53 1b 1a 9c 53 81 10 5e 7b cd 48 4e 9e 9a 5e bb ec 18 f6 f7 63 8f 4d 3f ee d1 72 d6 ae 5d 06 52 59 86 59 9a 0f e5 8e 84 5c da 01 38 90 35 28 a6 96 18 a8 08 e7 3e 84 d1 d8 a8 99 16 85 6e 9b f8 ca 25 99 e7 7a 7a cb 6a 26 96 07 ee ce b8 a1 31 b4 e0 07 df 8b ff f9 1f af c8 5f 26 92 08 3d e7 b8 60 e7 80 2f c4 71 f4 22 09 f5 3b 75 d8 b6 5b 51 78 b8 8c 54 91 3c 65 27 1e e3 7d f5 f7 f7 01 a6 7d 20 cc b8 1a 63 2a e5 c1 48 66 e7 78 63 2e 5e 82 77 15 af 88 c6 56 56 34 d1 dc 02 da da d2 8c ad 5b 77 20 9e 18 40 2e 27 a0 bb c7 8b 85 8b 84 df 5f fe b5 d8 b4 13 4f 6a fb 69 24 32 d4 33
                                Data Ascii: E5QL`9Ihj,Q8IcvzsN>)|x}kx[SS^{HN^cM?r]RYY\85(>n%zzj&1_&=`/q";u[QxT<e'}} c*Hfxc.^wVV4[w @.'_Oji$23
                                2024-04-24 23:18:50 UTC1369INData Raw: d7 af 72 d6 02 05 f4 c8 38 85 5d 73 a0 b3 2d 34 f3 aa cb e3 bf 7e f4 99 d0 37 4c c3 03 5d 67 70 6c 60 6a b5 80 a9 35 36 b6 6f 49 21 1c 95 0e e3 1e 04 7a 56 20 ad cd c0 c2 63 84 d7 35 cd 61 b9 1c a1 c0 a1 46 91 28 a6 57 eb 6f d7 cc c8 18 4b 97 8a 28 2d 13 c5 89 fa ca 44 e6 30 d9 b2 1c 88 22 67 fb 6a b3 98 e0 3a ef 89 ab 86 51 6a 42 40 02 e9 2c 68 61 61 54 9b 3b b7 2c f1 f6 7a 07 0d cd 1c 21 55 ec 9a 35 c7 d3 55 52 9e 7c 2d 9d 4d c1 ef ef 47 a2 9f 86 f7 76 17 2f 6c 6f 17 57 ec d8 4e 2f ea ee f1 96 8d 76 86 cd 8b 04 f1 ea ea 58 c9 bc f9 59 44 a2 da c7 20 3a dd 05 f3 68 d6 ee ce d6 1c fa fa e4 7d 91 1d 45 b5 10 09 f8 90 8e 79 20 ab e6 91 69 14 78 08 e6 88 47 92 3c 61 8f 0c 2b cd 11 0c 4a e8 e3 06 5a 06 13 10 29 a0 48 40 7f 0f 29 32 8c 89 39 68 18 03 a2 51 82
                                Data Ascii: r8]s-4~7L]gpl`j56oI!zV c5aF(WoK(-D0"gj:QjB@,haaT;,z!U5UR|-MGv/loWN/vXYD :h}Ey ixG<a+JZ)H@)29hQ
                                2024-04-24 23:18:50 UTC1369INData Raw: 33 17 c8 05 17 5f c5 71 de a5 12 e6 56 17 63 41 6d 05 36 6d 96 0b ae bf ce ff 8a 9b 25 96 8f 87 dd cd 44 bb f0 3c fd ae 93 4e b6 9f 9e 98 59 44 d0 d5 11 98 77 e3 f7 52 bf ac 2a 13 a1 51 2f a8 a9 a2 a2 dc 0f 42 f9 61 45 7c 04 91 22 9b e3 18 18 cc 62 c9 32 be 21 1a e1 c9 43 65 1a d5 55 7c ad 31 68 3a 89 41 1d 92 2a 0d bf 3c 64 82 ae e6 d9 73 c4 55 af be 6c 5d 7e f0 d7 bf 30 cc 3a ca 7c 29 12 d6 d2 bb 77 ea e8 eb c9 61 ea 54 82 8e d6 ec bc 67 9f f7 ff b1 b1 21 bc 00 50 70 ef bd a9 7f 9c 70 42 ff 7d 4b 97 3a df 8a 44 19 b6 6f ef 87 28 c4 31 77 8e fe a4 24 05 7e 6f 59 32 c6 4f 0c 70 43 75 25 e5 a9 55 7d bd 1c a2 28 7e 0c 20 77 c3 56 8e 63 13 20 07 cb 1a dd 61 d3 76 6d 59 72 04 8c 73 32 dc 5d c6 94 33 08 16 9b 9d f9 37 cf 74 60 99 2a 1e b8 bb 60 e3 89 a7 90 9b
                                Data Ascii: 3_qVcAm6m%D<NYDwR*Q/BaE|"b2!CeU|1h:A*<dsUl]~0:|)waTg!PppB}K:Do(1w$~oY2OpCu%U}(~ wVc avmYrs2]37t`*`


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                9192.168.2.649720104.21.71.854436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:50 UTC677OUTGET /master/us169/sapp.png HTTP/1.1
                                Host: duvetflip.sbs
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                sec-ch-ua-platform: "Windows"
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: image
                                Referer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119a
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
                                2024-04-24 23:18:50 UTC816INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:50 GMT
                                Content-Type: image/png
                                Content-Length: 25090
                                Connection: close
                                Cache-Control: public, max-age=604800
                                expires: Wed, 01 May 2024 20:12:10 GMT
                                last-modified: Thu, 28 Mar 2024 22:51:11 GMT
                                x-frame-options: SAMEORIGIN
                                x-xss-protection: 1; mode=block
                                x-content-type-options: nosniff
                                vary: User-Agent
                                alt-svc: h3=":443"; ma=86400
                                CF-Cache-Status: HIT
                                Age: 11200
                                Accept-Ranges: bytes
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4O7wFKeZYBwmgOgxtOjEbnu5TthOcajGfuSgLOm%2FvJlmQU7N271rCjjdLXXs2Bh1BbMeJwUy4c7tcCQYoYqpJzXx8BBOutsG%2F%2BrccRe8Qs0PQjwiJ3E1DMoRrOQVBNd"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d094b95617f7-ATL
                                2024-04-24 23:18:50 UTC553INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 58 00 00 02 13 08 06 00 00 00 db f9 62 73 00 00 40 00 49 44 41 54 78 01 ed bd 4d 76 db 56 16 b6 0b 4a 6e dc 9e 95 15 a7 d6 d7 33 33 02 b3 46 60 64 04 56 9a b7 65 64 04 56 8d 20 f0 08 4a 1e 41 e0 11 94 3c 82 40 bd db 0b 3d 82 40 bd 6f 55 94 55 4c df b6 ee bb 41 42 a6 18 51 22 48 fc 9c 9f 67 af b5 85 1f 02 e7 ec fd 1c 90 78 75 ce 21 38 49 30 08 40 00 02 3b 13 f8 df 34 49 3e c9 6b 4b 57 4b 2d 26 eb eb 27 49 72 f3 e2 eb 6b 7d ac 4d 3e aa 8e c5 46 c9 f3 8d 7d e5 d7 d7 9f e8 b5 6f 36 8f ff fa 32 6b 10 80 00 04 3a 26 30 e9 b8 3c 8a 83 00 04 bc 26 d0 08 a8 a3 59 92 7c 39 91 70 d2 32 d1 32 b1 e5 53 af 53 fb 1a fc e5 6a 75 be 14 64 93 4a 4b f9 13 f9 37 72 0c 02 10 80 c0 e1 04 10 58 87 33 a4 04 08 78 48 e0 8f
                                Data Ascii: PNGIHDRXbs@IDATxMvVJn33F`dVedV JA<@=@oUULABQ"Hgxu!8I0@;4I>kKWK-&'Irk}M>F}o62k:&0<&Y|9p22SSjudJK7rX3xH
                                2024-04-24 23:18:50 UTC1369INData Raw: 24 a6 8e e4 3c 26 c1 9f 76 eb 3d 52 9b c3 75 b1 74 86 13 7b a7 4d 05 10 e8 81 00 02 ab 07 a8 14 09 81 87 09 5c 4b 4c d5 3d 54 a9 96 4c 4c 7f 18 16 af 2e 09 7c d0 42 82 eb 58 ce dc 2d 2e 0a 08 f8 40 00 81 e5 43 2b 11 63 00 04 6e 45 95 89 2b 86 fe 02 68 d1 11 53 d0 50 e2 44 42 eb c8 c4 56 35 62 1c 54 0d 01 08 3c 40 00 81 f5 00 1c 5e 82 c0 61 04 10 55 87 f1 e3 ec 1d 08 d0 b3 b5 03 24 0e 81 c0 18 04 10 58 63 50 a7 ce 80 09 d8 9c aa a3 4c 09 9a d3 53 25 08 d8 60 04 4c 6c 15 49 f2 4c 3d 5b 18 04 20 30 36 01 04 d6 d8 2d 40 fd 01 10 b0 27 a8 7f c9 34 49 fd 4c c9 30 a7 2a 80 16 f5 3c 85 d5 04 f9 2f e7 7c 1b d1 f3 96 24 7c af 09 20 b0 bc 6e 3e 82 1f 97 40 3d 04 98 29 86 57 e3 c6 41 ed 10 d8 4a e0 4a f3 b5 24 b4 8e 0a 26 c7 6f 65 c4 0b 10 e8 85 00 02 ab 17 ac 14 1a
                                Data Ascii: $<&v=Rut{M\KL=TLL.|BX-.@C+cnE+hSPDBV5bT<@^aU$XcPLS%`LlIL=[ 06-@'4IL0*</|$| n>@=)WAJJ$&oe
                                2024-04-24 23:18:50 UTC1369INData Raw: 5e df 97 80 0d 21 7e c9 34 7c 78 a6 12 42 7b 92 bc fe 31 99 e4 49 f2 ad de 43 18 04 fc 23 80 c0 f2 af cd 02 8a 38 d8 5e ab f7 f4 56 05 74 99 7a 93 4a dd ab 65 42 2b b4 6f dc ea fd 54 ff ae e1 c2 9b a6 20 50 08 88 00 02 8b cb 60 24 02 f5 d3 d8 4b 55 1e ca c3 16 af d4 8b 50 24 c9 13 fd b7 cd a3 15 46 ba a8 a8 b6 26 50 ff e3 92 6b f5 54 1e c8 fb cb 7a 83 bf 9d d5 e9 f1 07 02 9e 10 40 60 79 d2 50 61 85 19 94 b8 ba 54 db 14 4c ca 0d eb 0a 0d 23 1b 1b 3e fc 74 a6 ff a3 e5 41 08 ad 77 7a 9f 59 2e 18 04 bc 20 80 c0 f2 a2 99 42 0b f2 ba 52 46 be cf 17 91 b0 ba c9 79 12 75 68 d7 66 88 f9 84 34 4f eb e6 07 de 73 21 5e a3 61 e6 84 c0 0a b3 5d 1d ce ea 3a 53 70 bf 38 1c e0 63 a1 bd d7 7c 90 5c c3 80 d5 63 07 f2 3a 04 dc 23 50 bf ff 72 c5 e5 eb 3f 38 57 ea c5 9a ba c7
                                Data Ascii: ^!~4|xB{1IC#8^VtzJeB+oT P`$KUP$F&PkTz@`yPaTL#>tAwzY. BRFyuhf4Os!^a]:Sp8c|\c:#Pr?8W
                                2024-04-24 23:18:50 UTC1369INData Raw: 2b 86 00 87 61 3e 4a 2d d6 6b 23 a1 15 73 af d6 28 dc a9 14 02 bd 13 40 60 f5 8e 98 0a 20 d0 86 40 fd ed 2b 89 2a 9b 5b 45 6f 55 1b 72 9e 1f 7b 25 21 5d f0 23 e4 9e b7 22 e1 43 60 8d 00 02 6b 0d 06 ab 10 18 8f c0 ed fc b3 d7 e3 c5 40 cd 0e 10 b0 e1 c3 0b 0d 1f e6 0c 1f 3a d0 1a 84 00 81 03 08 20 b0 0e 80 c7 a9 10 38 9c 40 fd 35 76 eb b1 6a f3 0d ca c3 ab a5 04 1f 08 bc d7 37 45 35 7c c8 f3 9f 7c 68 2c 62 84 c0 26 01 04 d6 26 11 b6 21 30 08 81 fa db 80 b9 aa da f2 6d c9 41 82 a0 12 3f 08 5c 6a f8 30 e7 9b 75 7e 34 16 51 42 a0 21 80 c0 6a 48 b0 84 c0 20 04 10 56 83 60 0e b3 12 84 56 98 ed 4a 56 81 12 40 60 05 da b0 a4 e5 1a 01 84 95 6b 2d e2 71 3c 12 5a c7 19 73 b4 3c 6e 41 42 8f 82 00 02 2b 8a 66 26 c9 f1 08 ec f5 94 fa f1 c2 a5 66 9f 08 bc 67 32 bc 4f cd
                                Data Ascii: +a>J-k#s(@` @+*[EoUr{%!]#"C`k@: 8@5vj7E5||h,b&&!0mA?\j0u~4QB!jH V`VJV@`k-q<Zs<nAB+f&fg2O
                                2024-04-24 23:18:50 UTC1369INData Raw: 18 26 b4 9e 9d e9 09 fc ff 54 18 ba 2e 5c b1 27 95 2b 91 10 07 04 7c 21 80 c0 f2 a5 a5 88 b3 07 02 37 ba 99 8d 6a 36 1c f4 93 6e a8 a9 7a ad ca 51 23 a1 72 c7 08 d8 cf 1b d5 cf 9f fa 51 81 5d 8d 1f dc 37 d5 f8 31 10 01 04 fc 22 80 c0 f2 ab bd 88 b6 53 02 37 17 9d 16 d7 ae 30 0d 03 d9 70 d0 b3 a2 dd 69 1c 1d 17 01 7b 88 ac cd cf 1a 75 d8 d0 a1 9e b4 b8 5a 9f 6c fd 26 80 c0 f2 bb fd 88 fe 20 02 f5 8f 20 0f dc 3b 30 f9 b8 1c fe b1 61 20 1e b9 70 50 f3 45 73 f2 fa b0 a1 5d 3f 83 db 7c f0 1a a9 10 02 01 10 40 60 05 d0 88 a4 70 08 81 9b e2 90 b3 5b 9c fb 97 9e e2 fd af 24 f9 56 bd 11 b5 b0 6b 71 2a 87 42 c0 08 d8 75 63 d7 4f fd 6d c3 01 91 1c 9f 0f 58 19 55 41 20 18 02 93 60 32 21 11 08 ec 45 c0 7e c2 e4 b3 6e 5c bd 3e d1 5d 43 2c c7 19 4f 5f 17 65 ac 23 02 f6
                                Data Ascii: &T.\'+|!7j6nzQ#rQ]71"S70pi{uZl& ;0a pPEs]?|@`p[$Vkq*BucOmXUA `2!E~n\>]C,O_e#
                                2024-04-24 23:18:50 UTC1369INData Raw: 89 67 0c 02 10 08 8d 00 3d 58 a1 b5 28 f9 04 44 80 b9 56 01 35 e6 43 a9 68 6e d6 17 89 68 7e 76 e7 21 48 bc 06 01 df 08 d0 83 e5 5b 8b 11 6f 24 04 ec 1b 82 5f 4a 25 cb 44 f6 f0 5b 5c f3 e9 8e 7e 4b 92 3f cf c2 4f 95 0c 21 10 0f 01 7a b0 e2 69 6b 32 f5 86 c0 75 a6 50 cf e5 1a 46 c2 22 23 f0 41 13 e0 33 3d 37 6b 11 59 de a4 0b 81 e0 08 20 b0 82 6b 52 12 f2 97 40 3d 24 68 c2 ea b5 bf 39 10 f9 e1 04 26 1f d5 a3 95 22 b2 0e 27 49 09 10 18 93 00 02 6b 4c fa d4 0d 81 5b 02 26 ae 6c 48 f0 e6 c5 ed 2e 56 22 26 60 22 eb db 59 c4 00 48 1d 02 de 13 60 0e 96 f7 4d 48 02 61 10 f8 ac 9e 2b c4 55 18 6d d9 45 16 76 2d fc 91 77 51 12 65 40 00 02 e3 10 a0 07 6b 1c ee d4 0a 81 35 02 d7 99 36 7e 59 db c1 2a 04 56 04 8e bf e7 77 0c b9 18 20 e0 27 01 04 96 9f ed 46 d4 c1 10 a8
                                Data Ascii: g=X(DV5Chnh~v!H[o$_J%D[\~K?O!zik2uPF"#A3=7kY kR@=$h9&"'IkL[&lH.V"&`"YH`MHa+UmEv-wQe@k56~Y*Vw 'F
                                2024-04-24 23:18:50 UTC1369INData Raw: 2a b9 3d 7f f0 62 b5 ae 05 06 01 08 40 00 02 10 80 00 04 20 b0 49 e0 44 3b 72 f9 42 7e d3 c2 4b 1d 9b ca b7 1a 3d 58 5b d1 f0 02 04 20 00 01 08 40 00 02 01 13 38 53 6e b9 fc e9 46 8e fa d1 f5 ba a7 aa 5a db 9f 6a 7d 26 df 3c f6 83 f6 65 72 13 68 18 04 20 00 01 08 40 00 02 10 88 9a 40 a1 ec d7 7b ac 2a 6d 67 f2 13 f9 43 96 ea c5 42 be 7e ae 89 2b 13 5f 18 04 20 00 01 08 40 00 02 10 88 96 40 a1 cc d7 05 52 be 07 09 13 54 f3 b5 72 10 59 7b 40 e4 14 08 40 00 02 10 80 00 04 c2 20 50 28 8d 46 5c 75 21 8a ba 2e 2f 0c ca 64 01 01 08 40 00 02 10 80 40 34 04 4e 95 69 97 e2 aa 01 57 ac 95 6b bd 5a 18 04 20 00 01 08 40 00 02 10 88 86 40 a5 4c 1b 81 65 62 6b dd 52 6d 34 af 6d 2e ad a7 ab 94 67 f2 6d 66 c2 aa 39 2f df 76 10 fb 21 00 01 08 40 00 02 10 80 40 48 04 32 25
                                Data Ascii: *=b@ ID;rB~K=X[ @8SnFZj}&<erh @@{*mgCB~+_ @@RTrY{@@ P(F\u!./d@@4NiWkZ @@LebkRm4m.gmf9/v!@@H2%
                                2024-04-24 23:18:50 UTC1369INData Raw: f9 a9 fc 5c 5e c9 37 cf c9 b5 cf 0b 3b 51 94 67 f2 b9 7c 33 09 b6 db 31 31 86 c6 f2 44 ee 92 a5 0a 86 b6 5c 32 b8 70 a9 61 d6 62 c9 69 a3 fa 1a b5 f7 cf 7d 96 6a 67 c8 d7 b0 e5 d7 a5 e5 2a 6c 21 0f 81 59 a1 3c a6 72 57 cd 3e ef 73 79 08 ac 37 73 b0 6b c8 72 eb ca 1a 56 fb 5e 9b a5 02 99 75 15 4c 9f e5 58 90 85 7c 13 28 db dd 30 31 b6 a9 dc 15 3b 57 20 b4 ed 92 41 ea 4a a3 ac e2 98 6a 49 db 2c 87 10 b6 35 4d 1a 38 23 cb af 0b b3 cf f5 b9 3c c4 eb 29 57 5e 27 72 97 2c 55 30 95 3c 44 de eb 39 59 8e a7 f2 ae cc da f1 4c 3e 97 af d7 73 df fa 42 c7 14 f2 54 ee bc 65 8a b0 94 df 97 08 fb ba e7 62 17 50 26 77 c1 76 b9 98 63 b8 06 4a 17 1a 63 2d 86 0b ad c7 c0 fd a1 1c ed 43 f4 64 8d c9 e6 6a aa 1d 0f 9d ef fb 6b 96 df a1 96 ab 00 df 39 3c 16 7f a5 1c 53 b9 0b 76
                                Data Ascii: \^7;Qg|311D\2pabi}jg*l!Y<rW>sy7skrV^uLX|(01;W AJjI,5M8#<)W^'r,U0<D9YL>sBTebP&wvcJc-Cdjk9<Sv
                                2024-04-24 23:18:50 UTC1369INData Raw: 1c df 8a f9 a8 80 73 df 82 1e 39 de 0b d5 6f df bc c2 fa 21 60 9f 9d e9 aa e8 13 2d 4b 39 bc 57 40 06 58 18 eb 7c 80 7a 76 aa c2 2e 80 85 fc 3e 25 c8 be b8 b9 d8 75 31 95 f7 6d 67 aa 20 d6 6b ad ea 00 6e 16 31 bf 59 07 fc d6 8b 48 03 67 59 06 9e 9f 2b 9f 23 c6 f9 44 3e 87 f7 68 9f ed 53 b1 1f dd 0a 45 e0 ca 45 49 1c ee b5 85 5d 1f 43 58 a9 4a 62 6d ff ec 40 c0 55 a4 ec 4c 98 77 6d a9 0a 8c f5 3a 24 ef 6e db be e2 5a 1a f5 bd 54 88 7f 2f 36 d9 b1 d4 54 c7 fd ba e3 b1 1c 16 2f 81 7f 2a 75 fb 4f ac 4f b3 ff f6 2a 79 8c 5d e9 57 ca 7b 2a df c7 4c 64 fc 7b 9f 13 3d 3f e7 52 f1 a7 3d e4 60 65 f2 99 d8 03 58 8a 84 c0 08 04 be 57 9d 55 d7 f5 ee 3a 07 2b ef ba 62 ca 0b 92 c0 f9 00 59 2d 54 47 36 40 3d 2e 56 f1 7c cf dc 4d 94 e6 2e 26 d4 73 4c 36 67 ef b4 e7 3a 28
                                Data Ascii: s9o!`-K9W@X|zv.>%u1mg kn1YHgY+#D>hSEEI]CXJbm@ULwm:$nZT/6T/*uOO*y]W{*Ld{=?R=`eXWU:+bY-TG6@=.V|M.&sL6g:(
                                2024-04-24 23:18:50 UTC1369INData Raw: a5 b5 c3 36 fe 53 bd d6 b0 3f d5 fa 73 39 f6 95 c0 54 ab c6 af 33 cb 55 d2 4d 44 6e f0 ec 02 c3 c2 27 90 2b c5 98 ae ed 50 72 3d 77 f0 d2 4c b9 96 fe f6 5e b2 cf d2 d3 03 db 6a aa f3 73 f9 42 1e ca f5 3b 54 1e 85 98 cd e4 87 58 a6 93 2b f9 50 31 bb 5e 4f 2e 16 9d 5a ae d2 5c 4f ba 8f f8 ce 95 f7 54 8e 85 4d 60 ae f4 fa b8 7e 28 b3 1f ae d6 5e 27 0e 5e 92 29 d7 d1 9d f7 d1 59 c7 6d 34 55 79 bc 57 77 7b 4f 95 62 65 bc ba b4 5c 85 f1 99 b6 ec 89 ed 92 6b fd df 43 cc 60 2f 44 33 ed 94 28 85 b9 44 60 aa 60 16 f2 98 af 71 9f 72 9f b9 74 f1 ac c5 92 72 0d d5 ef 21 7b 2f f5 d9 46 05 9c 1f fc ac ca c5 a7 2f cb 54 b0 4f 9f 15 7d c4 5a 76 0d f7 14 a8 f5 45 55 89 c3 99 7c 2a c7 c2 22 60 ed da c7 9b 91 32 bb e5 6a ed e4 aa a5 0a 2c f6 f6 5e 88 c1 6c 80 06 2a 61 7d ef
                                Data Ascii: 6S?s9T3UMDn'+Pr=wL^jsB;TX+P1^O.Z\OTM`~(^'^)Ym4UyWw{Obe\kC`/D3(D``qrtr!{/F/TO}ZvEU|*"`2j,^l*a}


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                10192.168.2.649724172.67.143.2524436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:50 UTC410OUTGET /master/us169/sapp.png HTTP/1.1
                                Host: duvetflip.sbs
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Sec-Fetch-Site: none
                                Sec-Fetch-Mode: cors
                                Sec-Fetch-Dest: empty
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
                                2024-04-24 23:18:51 UTC812INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:51 GMT
                                Content-Type: image/png
                                Content-Length: 25090
                                Connection: close
                                Cache-Control: public, max-age=604800
                                expires: Wed, 01 May 2024 20:12:10 GMT
                                last-modified: Thu, 28 Mar 2024 22:51:11 GMT
                                x-frame-options: SAMEORIGIN
                                x-xss-protection: 1; mode=block
                                x-content-type-options: nosniff
                                vary: User-Agent
                                alt-svc: h3=":443"; ma=86400
                                CF-Cache-Status: HIT
                                Age: 11201
                                Accept-Ranges: bytes
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BDmvmBHIC2v5BcEEzBBiglugsaCj3Bk0U4%2BzZYGkXQ0MB5EGL1yFz95zlUtMB6kwkaMNxTlWIQwPcvpj7T0Lu5bZp2A2vQq2NCRHQTZeoNhpJsLVa0ZqC0Ra4A215FUY"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d098cce807ee-ATL
                                2024-04-24 23:18:51 UTC557INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 58 00 00 02 13 08 06 00 00 00 db f9 62 73 00 00 40 00 49 44 41 54 78 01 ed bd 4d 76 db 56 16 b6 0b 4a 6e dc 9e 95 15 a7 d6 d7 33 33 02 b3 46 60 64 04 56 9a b7 65 64 04 56 8d 20 f0 08 4a 1e 41 e0 11 94 3c 82 40 bd db 0b 3d 82 40 bd 6f 55 94 55 4c df b6 ee bb 41 42 a6 18 51 22 48 fc 9c 9f 67 af b5 85 1f 02 e7 ec fd 1c 90 78 75 ce 21 38 49 30 08 40 00 02 3b 13 f8 df 34 49 3e c9 6b 4b 57 4b 2d 26 eb eb 27 49 72 f3 e2 eb 6b 7d ac 4d 3e aa 8e c5 46 c9 f3 8d 7d e5 d7 d7 9f e8 b5 6f 36 8f ff fa 32 6b 10 80 00 04 3a 26 30 e9 b8 3c 8a 83 00 04 bc 26 d0 08 a8 a3 59 92 7c 39 91 70 d2 32 d1 32 b1 e5 53 af 53 fb 1a fc e5 6a 75 be 14 64 93 4a 4b f9 13 f9 37 72 0c 02 10 80 c0 e1 04 10 58 87 33 a4 04 08 78 48 e0 8f
                                Data Ascii: PNGIHDRXbs@IDATxMvVJn33F`dVedV JA<@=@oUULABQ"Hgxu!8I0@;4I>kKWK-&'Irk}M>F}o62k:&0<&Y|9p22SSjudJK7rX3xH
                                2024-04-24 23:18:51 UTC1369INData Raw: 3c 26 c1 9f 76 eb 3d 52 9b c3 75 b1 74 86 13 7b a7 4d 05 10 e8 81 00 02 ab 07 a8 14 09 81 87 09 5c 4b 4c d5 3d 54 a9 96 4c 4c 7f 18 16 af 2e 09 7c d0 42 82 eb 58 ce dc 2d 2e 0a 08 f8 40 00 81 e5 43 2b 11 63 00 04 6e 45 95 89 2b 86 fe 02 68 d1 11 53 d0 50 e2 44 42 eb c8 c4 56 35 62 1c 54 0d 01 08 3c 40 00 81 f5 00 1c 5e 82 c0 61 04 10 55 87 f1 e3 ec 1d 08 d0 b3 b5 03 24 0e 81 c0 18 04 10 58 63 50 a7 ce 80 09 d8 9c aa a3 4c 09 9a d3 53 25 08 d8 60 04 4c 6c 15 49 f2 4c 3d 5b 18 04 20 30 36 01 04 d6 d8 2d 40 fd 01 10 b0 27 a8 7f c9 34 49 fd 4c c9 30 a7 2a 80 16 f5 3c 85 d5 04 f9 2f e7 7c 1b d1 f3 96 24 7c af 09 20 b0 bc 6e 3e 82 1f 97 40 3d 04 98 29 86 57 e3 c6 41 ed 10 d8 4a e0 4a f3 b5 24 b4 8e 0a 26 c7 6f 65 c4 0b 10 e8 85 00 02 ab 17 ac 14 1a 2e 81 fa c7
                                Data Ascii: <&v=Rut{M\KL=TLL.|BX-.@C+cnE+hSPDBV5bT<@^aU$XcPLS%`LlIL=[ 06-@'4IL0*</|$| n>@=)WAJJ$&oe.
                                2024-04-24 23:18:51 UTC1369INData Raw: 0d 21 7e c9 34 7c 78 a6 12 42 7b 92 bc fe 31 99 e4 49 f2 ad de 43 18 04 fc 23 80 c0 f2 af cd 02 8a 38 d8 5e ab f7 f4 56 05 74 99 7a 93 4a dd ab 65 42 2b b4 6f dc ea fd 54 ff ae e1 c2 9b a6 20 50 08 88 00 02 8b cb 60 24 02 f5 d3 d8 4b 55 1e ca c3 16 af d4 8b 50 24 c9 13 fd b7 cd a3 15 46 ba a8 a8 b6 26 50 ff e3 92 6b f5 54 1e c8 fb cb 7a 83 bf 9d d5 e9 f1 07 02 9e 10 40 60 79 d2 50 61 85 19 94 b8 ba 54 db 14 4c ca 0d eb 0a 0d 23 1b 1b 3e fc 74 a6 ff a3 e5 41 08 ad 77 7a 9f 59 2e 18 04 bc 20 80 c0 f2 a2 99 42 0b f2 ba 52 46 be cf 17 91 b0 ba c9 79 12 75 68 d7 66 88 f9 84 34 4f eb e6 07 de 73 21 5e a3 61 e6 84 c0 0a b3 5d 1d ce ea 3a 53 70 bf 38 1c e0 63 a1 bd d7 7c 90 5c c3 80 d5 63 07 f2 3a 04 dc 23 50 bf ff 72 c5 e5 eb 3f 38 57 ea c5 9a ba c7 95 88 20 f0
                                Data Ascii: !~4|xB{1IC#8^VtzJeB+oT P`$KUP$F&PkTz@`yPaTL#>tAwzY. BRFyuhf4Os!^a]:Sp8c|\c:#Pr?8W
                                2024-04-24 23:18:51 UTC1369INData Raw: 61 3e 4a 2d d6 6b 23 a1 15 73 af d6 28 dc a9 14 02 bd 13 40 60 f5 8e 98 0a 20 d0 86 40 fd ed 2b 89 2a 9b 5b 45 6f 55 1b 72 9e 1f 7b 25 21 5d f0 23 e4 9e b7 22 e1 43 60 8d 00 02 6b 0d 06 ab 10 18 8f c0 ed fc b3 d7 e3 c5 40 cd 0e 10 b0 e1 c3 0b 0d 1f e6 0c 1f 3a d0 1a 84 00 81 03 08 20 b0 0e 80 c7 a9 10 38 9c 40 fd 35 76 eb b1 6a f3 0d ca c3 ab a5 04 1f 08 bc d7 37 45 35 7c c8 f3 9f 7c 68 2c 62 84 c0 26 01 04 d6 26 11 b6 21 30 08 81 fa db 80 b9 aa da f2 6d c9 41 82 a0 12 3f 08 5c 6a f8 30 e7 9b 75 7e 34 16 51 42 a0 21 80 c0 6a 48 b0 84 c0 20 04 10 56 83 60 0e b3 12 84 56 98 ed 4a 56 81 12 40 60 05 da b0 a4 e5 1a 01 84 95 6b 2d e2 71 3c 12 5a c7 19 73 b4 3c 6e 41 42 8f 82 00 02 2b 8a 66 26 c9 f1 08 ec f5 94 fa f1 c2 a5 66 9f 08 bc 67 32 bc 4f cd 45 ac b1 11
                                Data Ascii: a>J-k#s(@` @+*[EoUr{%!]#"C`k@: 8@5vj7E5||h,b&&!0mA?\j0u~4QB!jH V`VJV@`k-q<Zs<nAB+f&fg2OE
                                2024-04-24 23:18:51 UTC1369INData Raw: 9d e9 09 fc ff 54 18 ba 2e 5c b1 27 95 2b 91 10 07 04 7c 21 80 c0 f2 a5 a5 88 b3 07 02 37 ba 99 8d 6a 36 1c f4 93 6e a8 a9 7a ad ca 51 23 a1 72 c7 08 d8 cf 1b d5 cf 9f fa 51 81 5d 8d 1f dc 37 d5 f8 31 10 01 04 fc 22 80 c0 f2 ab bd 88 b6 53 02 37 17 9d 16 d7 ae 30 0d 03 d9 70 d0 b3 a2 dd 69 1c 1d 17 01 7b 88 ac cd cf 1a 75 d8 d0 a1 9e b4 b8 5a 9f 6c fd 26 80 c0 f2 bb fd 88 fe 20 02 f5 8f 20 0f dc 3b 30 f9 b8 1c fe b1 61 20 1e b9 70 50 f3 45 73 f2 fa b0 a1 5d 3f 83 db 7c f0 1a a9 10 02 01 10 40 60 05 d0 88 a4 70 08 81 9b e2 90 b3 5b 9c fb 97 9e e2 fd af 24 f9 56 bd 11 b5 b0 6b 71 2a 87 42 c0 08 d8 75 63 d7 4f fd 6d c3 01 91 1c 9f 0f 58 19 55 41 20 18 02 93 60 32 21 11 08 ec 45 c0 7e c2 e4 b3 6e 5c bd 3e d1 5d 43 2c c7 19 4f 5f 17 65 ac 23 02 f6 2b 04 c7 85
                                Data Ascii: T.\'+|!7j6nzQ#rQ]71"S70pi{uZl& ;0a pPEs]?|@`p[$Vkq*BucOmXUA `2!E~n\>]C,O_e#+
                                2024-04-24 23:18:51 UTC1369INData Raw: 10 08 8d 00 3d 58 a1 b5 28 f9 04 44 80 b9 56 01 35 e6 43 a9 68 6e d6 17 89 68 7e 76 e7 21 48 bc 06 01 df 08 d0 83 e5 5b 8b 11 6f 24 04 ec 1b 82 5f 4a 25 cb 44 f6 f0 5b 5c f3 e9 8e 7e 4b 92 3f cf c2 4f 95 0c 21 10 0f 01 7a b0 e2 69 6b 32 f5 86 c0 75 a6 50 cf e5 1a 46 c2 22 23 f0 41 13 e0 33 3d 37 6b 11 59 de a4 0b 81 e0 08 20 b0 82 6b 52 12 f2 97 40 3d 24 68 c2 ea b5 bf 39 10 f9 e1 04 26 1f d5 a3 95 22 b2 0e 27 49 09 10 18 93 00 02 6b 4c fa d4 0d 81 5b 02 26 ae 6c 48 f0 e6 c5 ed 2e 56 22 26 60 22 eb db 59 c4 00 48 1d 02 de 13 60 0e 96 f7 4d 48 02 61 10 f8 ac 9e 2b c4 55 18 6d d9 45 16 76 2d fc 91 77 51 12 65 40 00 02 e3 10 a0 07 6b 1c ee d4 0a 81 35 02 d7 99 36 7e 59 db c1 2a 04 56 04 8e bf e7 77 0c b9 18 20 e0 27 01 04 96 9f ed 46 d4 c1 10 a8 e7 5d 55 4a
                                Data Ascii: =X(DV5Chnh~v!H[o$_J%D[\~K?O!zik2uPF"#A3=7kY kR@=$h9&"'IkL[&lH.V"&`"YH`MHa+UmEv-wQe@k56~Y*Vw 'F]UJ
                                2024-04-24 23:18:51 UTC1369INData Raw: f0 62 b5 ae 05 06 01 08 40 00 02 10 80 00 04 20 b0 49 e0 44 3b 72 f9 42 7e d3 c2 4b 1d 9b ca b7 1a 3d 58 5b d1 f0 02 04 20 00 01 08 40 00 02 01 13 38 53 6e b9 fc e9 46 8e fa d1 f5 ba a7 aa 5a db 9f 6a 7d 26 df 3c f6 83 f6 65 72 13 68 18 04 20 00 01 08 40 00 02 10 88 9a 40 a1 ec d7 7b ac 2a 6d 67 f2 13 f9 43 96 ea c5 42 be 7e ae 89 2b 13 5f 18 04 20 00 01 08 40 00 02 10 88 96 40 a1 cc d7 05 52 be 07 09 13 54 f3 b5 72 10 59 7b 40 e4 14 08 40 00 02 10 80 00 04 c2 20 50 28 8d 46 5c 75 21 8a ba 2e 2f 0c ca 64 01 01 08 40 00 02 10 80 40 34 04 4e 95 69 97 e2 aa 01 57 ac 95 6b bd 5a 18 04 20 00 01 08 40 00 02 10 88 86 40 a5 4c 1b 81 65 62 6b dd 52 6d 34 af 6d 2e ad a7 ab 94 67 f2 6d 66 c2 aa 39 2f df 76 10 fb 21 00 01 08 40 00 02 10 80 40 48 04 32 25 d3 08 a0 8b
                                Data Ascii: b@ ID;rB~K=X[ @8SnFZj}&<erh @@{*mgCB~+_ @@RTrY{@@ P(F\u!./d@@4NiWkZ @@LebkRm4m.gmf9/v!@@H2%
                                2024-04-24 23:18:51 UTC1369INData Raw: 5e c9 37 cf c9 b5 cf 0b 3b 51 94 67 f2 b9 7c 33 09 b6 db 31 31 86 c6 f2 44 ee 92 a5 0a 86 b6 5c 32 b8 70 a9 61 d6 62 c9 69 a3 fa 1a b5 f7 cf 7d 96 6a 67 c8 d7 b0 e5 d7 a5 e5 2a 6c 21 0f 81 59 a1 3c a6 72 57 cd 3e ef 73 79 08 ac 37 73 b0 6b c8 72 eb ca 1a 56 fb 5e 9b a5 02 99 75 15 4c 9f e5 58 90 85 7c 13 28 db dd 30 31 b6 a9 dc 15 3b 57 20 b4 ed 92 41 ea 4a a3 ac e2 98 6a 49 db 2c 87 10 b6 35 4d 1a 38 23 cb af 0b b3 cf f5 b9 3c c4 eb 29 57 5e 27 72 97 2c 55 30 95 3c 44 de eb 39 59 8e a7 f2 ae cc da f1 4c 3e 97 af d7 73 df fa 42 c7 14 f2 54 ee bc 65 8a b0 94 df 97 08 fb ba e7 62 17 50 26 77 c1 76 b9 98 63 b8 06 4a 17 1a 63 2d 86 0b ad c7 c0 fd a1 1c ed 43 f4 64 8d c9 e6 6a aa 1d 0f 9d ef fb 6b 96 df a1 96 ab 00 df 39 3c 16 7f a5 1c 53 b9 0b 76 ae 20 1e 8b
                                Data Ascii: ^7;Qg|311D\2pabi}jg*l!Y<rW>sy7skrV^uLX|(01;W AJjI,5M8#<)W^'r,U0<D9YL>sBTebP&wvcJc-Cdjk9<Sv
                                2024-04-24 23:18:51 UTC1369INData Raw: a8 80 73 df 82 1e 39 de 0b d5 6f df bc c2 fa 21 60 9f 9d e9 aa e8 13 2d 4b 39 bc 57 40 06 58 18 eb 7c 80 7a 76 aa c2 2e 80 85 fc 3e 25 c8 be b8 b9 d8 75 31 95 f7 6d 67 aa 20 d6 6b ad ea 00 6e 16 31 bf 59 07 fc d6 8b 48 03 67 59 06 9e 9f 2b 9f 23 c6 f9 44 3e 87 f7 68 9f ed 53 b1 1f dd 0a 45 e0 ca 45 49 1c ee b5 85 5d 1f 43 58 a9 4a 62 6d ff ec 40 c0 55 a4 ec 4c 98 77 6d a9 0a 8c f5 3a 24 ef 6e db be e2 5a 1a f5 bd 54 88 7f 2f 36 d9 b1 d4 54 c7 fd ba e3 b1 1c 16 2f 81 7f 2a 75 fb 4f ac 4f b3 ff f6 2a 79 8c 5d e9 57 ca 7b 2a df c7 4c 64 fc 7b 9f 13 3d 3f e7 52 f1 a7 3d e4 60 65 f2 99 d8 03 58 8a 84 c0 08 04 be 57 9d 55 d7 f5 ee 3a 07 2b ef ba 62 ca 0b 92 c0 f9 00 59 2d 54 47 36 40 3d 2e 56 f1 7c cf dc 4d 94 e6 2e 26 d4 73 4c 36 67 ef b4 e7 3a 28 1e 02 10 f0
                                Data Ascii: s9o!`-K9W@X|zv.>%u1mg kn1YHgY+#D>hSEEI]CXJbm@ULwm:$nZT/6T/*uOO*y]W{*Ld{=?R=`eXWU:+bY-TG6@=.V|M.&sL6g:(
                                2024-04-24 23:18:51 UTC1369INData Raw: fe 53 bd d6 b0 3f d5 fa 73 39 f6 95 c0 54 ab c6 af 33 cb 55 d2 4d 44 6e f0 ec 02 c3 c2 27 90 2b c5 98 ae ed 50 72 3d 77 f0 d2 4c b9 96 fe f6 5e b2 cf d2 d3 03 db 6a aa f3 73 f9 42 1e ca f5 3b 54 1e 85 98 cd e4 87 58 a6 93 2b f9 50 31 bb 5e 4f 2e 16 9d 5a ae d2 5c 4f ba 8f f8 ce 95 f7 54 8e 85 4d 60 ae f4 fa b8 7e 28 b3 1f ae d6 5e 27 0e 5e 92 29 d7 d1 9d f7 d1 59 c7 6d 34 55 79 bc 57 77 7b 4f 95 62 65 bc ba b4 5c 85 f1 99 b6 ec 89 ed 92 6b fd df 43 cc 60 2f 44 33 ed 94 28 85 b9 44 60 aa 60 16 f2 98 af 71 9f 72 9f b9 74 f1 ac c5 92 72 0d d5 ef 21 7b 2f f5 d9 46 05 9c 1f fc ac ca c5 a7 2f cb 54 b0 4f 9f 15 7d c4 5a 76 0d f7 14 a8 f5 45 55 89 c3 99 7c 2a c7 c2 22 60 ed da c7 9b 91 32 bb e5 6a ed e4 aa a5 0a 2c f6 f6 5e 88 c1 6c 80 06 2a 61 7d ef b5 36 c4 fb
                                Data Ascii: S?s9T3UMDn'+Pr=wL^jsB;TX+P1^O.Z\OTM`~(^'^)Ym4UyWw{Obe\kC`/D3(D``qrtr!{/F/TO}ZvEU|*"`2j,^l*a}6


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                11192.168.2.649725172.67.143.2524436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:50 UTC416OUTGET /master/us169/xmlogo.png?v=1 HTTP/1.1
                                Host: duvetflip.sbs
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Sec-Fetch-Site: none
                                Sec-Fetch-Mode: cors
                                Sec-Fetch-Dest: empty
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
                                2024-04-24 23:18:51 UTC818INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:51 GMT
                                Content-Type: image/png
                                Content-Length: 15282
                                Connection: close
                                Cache-Control: public, max-age=604800
                                expires: Wed, 01 May 2024 20:12:10 GMT
                                last-modified: Thu, 28 Mar 2024 22:56:33 GMT
                                x-frame-options: SAMEORIGIN
                                x-xss-protection: 1; mode=block
                                x-content-type-options: nosniff
                                vary: User-Agent
                                alt-svc: h3=":443"; ma=86400
                                CF-Cache-Status: HIT
                                Age: 11201
                                Accept-Ranges: bytes
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iAh19YjLbhLnYRIMSoA9%2BPRHkiXbJq7vjmH21DyHXmkU%2Bzdimkrwe3CDQSvlJObWCTCSsgZPV94fUnwmKsI9PR93byC%2BQABV9Tr2H6M3g0FI0I4m9%2BIOOMQz65ZtKVOh"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d098ca5c53d2-ATL
                                2024-04-24 23:18:51 UTC551INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 fa 00 00 00 27 08 06 00 00 00 26 4c 55 cc 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 05 e8 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 36 2e 30 2d 63 30 30 32 20 37 39 2e 31 36 34 34 38 38 2c 20 32 30 32 30 2f 30 37 2f 31 30 2d 32 32 3a 30 36 3a 35 33 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44
                                Data Ascii: PNGIHDR'&LUpHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RD
                                2024-04-24 23:18:51 UTC1369INData Raw: 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 45 76 65 6e 74 23 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 32 2e 30 20 28 57 69 6e 64 6f 77 73 29 22 20 78 6d 70 3a 43 72 65 61 74 65 44 61 74 65 3d 22 32 30 32 34 2d 30 33 2d 32 39 54 30 34 3a 30 32 3a 32 32 2b 30 35 3a 33 30 22 20 78 6d 70 3a 4d 6f 64 69 66 79 44 61 74 65 3d 22 32 30 32 34 2d 30 33 2d 32 39 54 30 34 3a 32 37 2b 30 35 3a 33 30 22 20 78 6d 70 3a 4d 65 74 61 64 61 74 61 44 61 74 65 3d 22 32 30 32 34 2d 30 33 2d 32 39 54 30 34 3a 32 37 2b 30 35 3a 33 30 22 20 64 63 3a 66 6f 72 6d 61 74 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 70 68 6f 74 6f 73 68 6f 70 3a 43 6f 6c 6f 72 4d 6f 64 65
                                Data Ascii: adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmp:CreateDate="2024-03-29T04:02:22+05:30" xmp:ModifyDate="2024-03-29T04:27+05:30" xmp:MetadataDate="2024-03-29T04:27+05:30" dc:format="image/png" photoshop:ColorMode
                                2024-04-24 23:18:51 UTC1369INData Raw: 05 1b c0 3f cd 6d e4 e6 00 08 81 99 32 e4 0b 2f f5 3d f3 d5 ff 8a 3e d6 d9 3e 3a 37 c6 00 cd cb e1 f5 72 3c ff a8 86 fa 3d 02 fc 81 d1 cb 19 07 98 ed 60 ee fc 16 84 23 26 0c 43 00 15 6d e8 a9 20 72 c9 00 a8 68 43 10 00 db 76 d0 dc 18 84 ee c8 10 44 8c 7b 0c 0e 02 f3 8e ce e2 b2 cb 6c 64 b2 02 7c 3e 11 bb f6 24 f1 e2 8b 83 28 0c 79 40 85 0c 76 d5 e7 20 c9 3e 14 84 01 5d d7 41 89 8d ce 1e 82 68 81 83 c5 0b 2a b1 72 25 83 cd 2c 2c 5a a2 60 6a 75 0c 0f fd 31 85 93 4e 8a 40 d0 d2 18 ea 97 e0 d1 54 ac f8 44 18 9a c2 31 14 b7 21 d0 d1 fb ab 2a 30 34 60 d3 97 56 69 80 e6 61 92 66 83 b8 0b 85 83 1d 7a 9a 20 ac 99 f8 f2 0f 04 70 85 c2 c8 0e 2f bb 48 20 a4 18 48 92 01 02 01 07 47 71 b1 8c e7 5f e8 c3 73 ff 50 50 55 13 84 e5 b0 3c ee 40 61 18 2a 8c 6c 93 1c 8c bc 6b
                                Data Ascii: ?m2/=>>:7r<=`#&Cm rhCvD{ld|>$(y@v >]Ah*r%,,Z`ju1N@TD1!*04`Viafz p/H HGq_sPPU<@a*lk
                                2024-04-24 23:18:51 UTC1369INData Raw: a6 b7 56 67 90 cb 02 a5 e5 8a 29 cb 47 8a 03 bb 82 b1 ab ce 5c 56 e0 b7 e0 81 01 89 73 58 4e 00 b6 ed 05 87 17 2d ad f2 a2 11 c1 75 24 d8 6e 24 82 76 0a 70 70 ce c1 18 50 55 cd f1 fe 66 fb d4 bb 7e 19 d9 bd 75 7b f1 a9 80 3a 0c 6c 7b 9c 87 74 41 3d bd 26 f7 f6 51 f3 a8 33 e7 68 67 f3 f8 92 97 0d 83 de 86 65 f9 c9 33 4f 97 df f6 9b fb d5 67 a2 11 1b 82 e0 a0 bc dc 8b 29 53 7d 18 4a d8 30 19 81 61 53 c9 bd 87 38 ce 29 ed fb d9 b6 a8 06 50 08 94 82 50 8e 4d 1b c3 68 ac 57 11 0c c2 95 f2 13 dc 2b 32 0c 76 d3 20 30 2d 03 a5 93 b2 10 05 01 46 4e 86 69 ca d2 f8 f3 da 7f 8e 49 22 78 ba 3d 0c b1 10 47 cc 4b f0 b7 27 bd 58 b7 f1 3f 0f e4 63 4d 40 af 57 84 c3 08 d6 6d 1c 40 71 a9 84 13 4f 8c 62 d1 92 00 16 2d f1 21 10 f2 e3 d7 f7 54 3d 7a f6 59 fa 9f 5d 9a c8 17 ec
                                Data Ascii: Vg)G\VsXN-u$n$vppPUf~u{:l{tA=&Q3hge3Og)S}J0aS8)PPMhW+2v 0-FNiI"x=GK'X?cM@Wm@qOb-!T=zY]
                                2024-04-24 23:18:51 UTC1369INData Raw: aa da a8 dd dc c8 20 c9 32 5a 5a 12 f0 fa 3e 2a 4d 8b 23 11 23 de ee 46 79 e1 ec 39 ea 86 98 69 c1 70 12 90 05 86 b6 36 b2 04 08 1c 21 fb 7c cc 53 52 c9 c1 9b 6f 67 0a 9e 7d ce b9 14 d0 90 3f 17 74 17 49 56 72 6c f6 fc f4 53 6d 5d 59 28 9a 07 93 2a 55 9c 7a aa f1 c8 f6 0f ac 63 01 71 02 63 d9 30 2d 95 dc fd ab f4 d7 ce 3e db ba 33 9b 4b a3 aa 2a 86 ed 3b 02 b3 57 af f1 7c 55 95 61 12 ca f8 78 4c 27 95 e0 8a 37 c2 5f 9d 3c 8d bc f8 de 7b 03 68 6b 63 0b b7 6e 0f 5d 2c 88 d4 1c 91 b8 ff c2 a6 38 21 dc 21 72 49 79 ef 4a 41 d1 df 71 74 1b b5 b5 02 7a 7a d2 55 ab 5f 55 be bf 71 9d f7 ac 44 52 2b 1c 71 24 be f3 8e 0f b3 66 4f 3e 26 a2 79 37 a6 33 fa ec 97 df 62 5f b5 75 62 8a e2 81 e1 ca 38 81 91 b2 95 92 a9 f4 d5 29 47 d3 17 63 a9 41 bc b7 4d 38 67 dd db d6 72
                                Data Ascii: 2ZZ>*M##Fy9ip6!|SRog}?tIVrlSm]Y(*Uzcqc0->3K*;W|UaxL'7_<{hkcn],8!!rIyJAqtzzU_UqDR+q$fO>&y73b_ub8)GcAM8gr
                                2024-04-24 23:18:51 UTC1369INData Raw: f8 70 c3 f5 e2 93 2e 91 e7 3e f4 da e1 7c bb 61 72 22 13 da 5c 57 1e 8e d8 c2 7c 02 44 01 70 30 70 38 fb 4e 10 0e 10 01 20 74 f8 53 f8 90 a8 c6 81 c7 14 45 0a 50 8a e5 cb 2b f0 b5 af cd 86 69 66 70 f7 dd 7c cd 6b ab 0b af 70 1d b2 b9 3c d5 df f1 e6 3d cc 28 b8 8c b5 6b cb 6e 5c bf 3e 78 6f 69 19 83 37 40 a1 78 28 14 8d a0 bc 5a c3 b4 5a 01 a5 51 13 05 21 0b 8e 95 c3 15 df 0c 35 7e e7 bb ec 72 97 7e 84 09 ac 95 93 67 bc 5c 02 90 c0 2d b7 93 d3 4a ca bc e6 fb 5b 75 a4 b2 1c 16 27 d8 b5 d3 c0 60 bf 0d 55 fd a8 a4 f9 28 15 f5 f6 b2 f2 a1 7e 61 7a 24 a0 42 52 09 ea 9b ac a5 8c 7d 34 9e 59 71 d1 42 0f 34 2d a5 8d 70 b9 ca ca 54 fb 92 45 b1 af 1b 86 bf b9 b1 4e 98 cc 38 17 44 c9 71 1d 5a 20 60 0c d0 75 02 0e 4e 4f fc 94 d3 6f d9 fe dc f3 cf a5 91 cc 75 e3 ac 73
                                Data Ascii: p.>|ar"\W|Dp0p8N tSEP+ifp|kp<=(kn\>xoi7@x(ZZQ!5~r~g\-J[u'`U(~az$BR}4YqB4-pTEN8DqZ `uNOous
                                2024-04-24 23:18:51 UTC1369INData Raw: bc 7b 6f 57 ff 37 6e bd d9 f8 b5 eb 58 3d 14 b0 8f d8 e5 71 dc 7c 9b 76 7a 41 61 34 fb fa 5b fa be 4a 44 49 a6 68 6b 37 f0 ee c6 14 7c fe c3 55 db 39 08 68 ac ba 5a 7f ab a1 81 5f 78 b0 0c b7 ce 2e 7e 74 ef 80 85 b6 16 71 4a 22 c1 bd 07 63 22 15 15 56 7d 6d 2d df b4 ed 03 fa a5 09 a9 ee dd b1 24 4e 3a cd 7a fe fe 07 94 f8 60 bf 12 1a e5 ea ae 37 b9 b3 a3 70 d6 0d 3f 4c ad 3b f3 2c f3 b6 c1 3e 31 52 57 57 7c 4e 5f bf 5a e8 aa 25 63 91 18 c2 68 e1 8a 02 20 0c c0 42 47 a7 17 40 e1 f0 78 36 d6 bc 65 c6 0a a3 78 b7 a2 52 5c 2b 2b e6 f3 1e cd da 5e 58 44 e0 f7 3b 98 6f 9b 30 6d 09 e9 0c a0 aa a3 09 1c 1f bd 9d 3b f6 33 1f 75 e8 df 3f 5f d5 d0 1d 14 97 a9 50 43 92 36 38 88 8a 7c a5 95 a2 91 74 ef 00 81 e8 50 cc a8 c9 21 18 51 a1 46 cb 70 cd 0d e2 ed 6b d7 c6 bf
                                Data Ascii: {oW7nX=q|vzAa4[JDIhk7|U9hZ_x.~tqJ"c"V}m-$N:z`7p?L;,>1RWW|N_Z%ch BG@x6exR\++^XD;o0m;3u?_PC68|tP!QFpk
                                2024-04-24 23:18:51 UTC1369INData Raw: 35 51 4c ad 96 60 39 0c 95 85 a9 b5 d3 a6 49 68 6a 0d c0 b2 2c fc bb 1e 8c 51 38 0e c3 49 9f f2 63 c7 76 f1 e9 fa 7a 73 4e 3e c9 29 7c 1f 78 cc 7d 6b c6 98 86 78 dc 5b 1c 8f f3 53 1b 1a 9c 53 81 10 5e 7b cd 48 4e 9e 9a 5e bb ec 18 f6 f7 63 8f 4d 3f ee d1 72 d6 ae 5d 06 52 59 86 59 9a 0f e5 8e 84 5c da 01 38 90 35 28 a6 96 18 a8 08 e7 3e 84 d1 d8 a8 99 16 85 6e 9b f8 ca 25 99 e7 7a 7a cb 6a 26 96 07 ee ce b8 a1 31 b4 e0 07 df 8b ff f9 1f af c8 5f 26 92 08 3d e7 b8 60 e7 80 2f c4 71 f4 22 09 f5 3b 75 d8 b6 5b 51 78 b8 8c 54 91 3c 65 27 1e e3 7d f5 f7 f7 01 a6 7d 20 cc b8 1a 63 2a e5 c1 48 66 e7 78 63 2e 5e 82 77 15 af 88 c6 56 56 34 d1 dc 02 da da d2 8c ad 5b 77 20 9e 18 40 2e 27 a0 bb c7 8b 85 8b 84 df 5f fe b5 d8 b4 13 4f 6a fb 69 24 32 d4 33 9a 4b 2e 63
                                Data Ascii: 5QL`9Ihj,Q8IcvzsN>)|x}kx[SS^{HN^cM?r]RYY\85(>n%zzj&1_&=`/q";u[QxT<e'}} c*Hfxc.^wVV4[w @.'_Oji$23K.c
                                2024-04-24 23:18:51 UTC1369INData Raw: 02 05 f4 c8 38 85 5d 73 a0 b3 2d 34 f3 aa cb e3 bf 7e f4 99 d0 37 4c c3 03 5d 67 70 6c 60 6a b5 80 a9 35 36 b6 6f 49 21 1c 95 0e e3 1e 04 7a 56 20 ad cd c0 c2 63 84 d7 35 cd 61 b9 1c a1 c0 a1 46 91 28 a6 57 eb 6f d7 cc c8 18 4b 97 8a 28 2d 13 c5 89 fa ca 44 e6 30 d9 b2 1c 88 22 67 fb 6a b3 98 e0 3a ef 89 ab 86 51 6a 42 40 02 e9 2c 68 61 61 54 9b 3b b7 2c f1 f6 7a 07 0d cd 1c 21 55 ec 9a 35 c7 d3 55 52 9e 7c 2d 9d 4d c1 ef ef 47 a2 9f 86 f7 76 17 2f 6c 6f 17 57 ec d8 4e 2f ea ee f1 96 8d 76 86 cd 8b 04 f1 ea ea 58 c9 bc f9 59 44 a2 da c7 20 3a dd 05 f3 68 d6 ee ce d6 1c fa fa e4 7d 91 1d 45 b5 10 09 f8 90 8e 79 20 ab e6 91 69 14 78 08 e6 88 47 92 3c 61 8f 0c 2b cd 11 0c 4a e8 e3 06 5a 06 13 10 29 a0 48 40 7f 0f 29 32 8c 89 39 68 18 03 a2 51 82 1d db e2 50
                                Data Ascii: 8]s-4~7L]gpl`j56oI!zV c5aF(WoK(-D0"gj:QjB@,haaT;,z!U5UR|-MGv/loWN/vXYD :h}Ey ixG<a+JZ)H@)29hQP
                                2024-04-24 23:18:51 UTC1369INData Raw: 17 5f c5 71 de a5 12 e6 56 17 63 41 6d 05 36 6d 96 0b ae bf ce ff 8a 9b 25 96 8f 87 dd cd 44 bb f0 3c fd ae 93 4e b6 9f 9e 98 59 44 d0 d5 11 98 77 e3 f7 52 bf ac 2a 13 a1 51 2f a8 a9 a2 a2 dc 0f 42 f9 61 45 7c 04 91 22 9b e3 18 18 cc 62 c9 32 be 21 1a e1 c9 43 65 1a d5 55 7c ad 31 68 3a 89 41 1d 92 2a 0d bf 3c 64 82 ae e6 d9 73 c4 55 af be 6c 5d 7e f0 d7 bf 30 cc 3a ca 7c 29 12 d6 d2 bb 77 ea e8 eb c9 61 ea 54 82 8e d6 ec bc 67 9f f7 ff b1 b1 21 bc 00 50 70 ef bd a9 7f 9c 70 42 ff 7d 4b 97 3a df 8a 44 19 b6 6f ef 87 28 c4 31 77 8e fe a4 24 05 7e 6f 59 32 c6 4f 0c 70 43 75 25 e5 a9 55 7d bd 1c a2 28 7e 0c 20 77 c3 56 8e 63 13 20 07 cb 1a dd 61 d3 76 6d 59 72 04 8c 73 32 dc 5d c6 94 33 08 16 9b 9d f9 37 cf 74 60 99 2a 1e b8 bb 60 e3 89 a7 90 9b 65 96 5d 93
                                Data Ascii: _qVcAm6m%D<NYDwR*Q/BaE|"b2!CeU|1h:A*<dsUl]~0:|)waTg!PppB}K:Do(1w$~oY2OpCu%U}(~ wVc avmYrs2]37t`*`e]


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                12192.168.2.649726172.67.177.2264436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:51 UTC536OUTGET /scripts/push/v9e118mez8 HTTP/1.1
                                Host: trk-adulvion.com
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                sec-ch-ua-platform: "Windows"
                                Accept: */*
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: script
                                Referer: https://duvetflip.sbs/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:51 UTC1366INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:51 GMT
                                Content-Type: application/javascript;charset=UTF-8
                                Transfer-Encoding: chunked
                                Connection: close
                                expires: 0
                                Cache-Control: max-age=14400, must-revalidate
                                x-xss-protection: 1; mode=block
                                pragma: no-cache
                                x-frame-options: SAMEORIGIN
                                referrer-policy: strict-origin-when-cross-origin
                                content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
                                vary: Origin
                                vary: Access-Control-Request-Method
                                vary: Access-Control-Request-Headers
                                x-content-type-options: nosniff
                                permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
                                CF-Cache-Status: HIT
                                Age: 2061
                                Last-Modified: Wed, 24 Apr 2024 22:44:30 GMT
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rRVd3GoCz%2FZHmrZwJnrz3yuTyLNRnxc0DvYPR43mCWOcIH4ioY9BXXkNGdETYfD5iv0V0N0cxrqMsIVrMbylhZ1YjGa7SZDGLbkChQmJS%2FIONoTjOBV93nXZwovttcuwsxC"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d09cca9b6732-ATL
                                2024-04-24 23:18:51 UTC32INData Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a
                                Data Ascii: alt-svc: h3=":443"; ma=86400
                                2024-04-24 23:18:51 UTC1340INData Raw: 31 63 39 61 0d 0a 27 75 73 65 20 73 74 72 69 63 74 27 3b 63 6f 6e 73 74 20 73 6d 50 75 73 68 41 70 70 6c 69 63 61 74 69 6f 6e 53 65 72 76 65 72 50 75 62 6c 69 63 4b 65 79 3d 22 42 4a 62 75 6a 74 4b 49 6d 6b 69 4c 57 6a 6c 57 6b 4d 47 59 4d 6f 32 5f 73 4d 30 61 6c 32 34 4b 6f 53 37 55 36 54 4a 31 55 37 73 4b 4a 61 78 6c 49 55 4c 7a 35 73 36 70 37 74 4e 36 57 62 6e 4c 69 73 43 71 5f 53 69 35 68 50 37 58 30 37 36 39 54 76 50 44 46 54 51 3d 22 2c 73 6d 50 75 73 68 53 69 74 65 49 64 3d 22 76 39 65 31 31 38 6d 65 7a 38 22 2c 73 6d 43 6c 69 65 6e 74 49 64 3d 22 71 32 67 6f 79 6b 6a 64 72 76 22 2c 73 65 72 76 69 63 65 57 6f 72 6b 65 72 3d 22 2f 73 65 72 76 69 63 65 2d 77 6f 72 6b 65 72 2e 6a 73 22 3b 6c 65 74 20 73 6d 50 75 73 68 44 6f 6d 61 69 6e 3d 22 70 75 73
                                Data Ascii: 1c9a'use strict';const smPushApplicationServerPublicKey="BJbujtKImkiLWjlWkMGYMo2_sM0al24KoS7U6TJ1U7sKJaxlIULz5s6p7tN6WbnLisCq_Si5hP7X0769TvPDFTQ=",smPushSiteId="v9e118mez8",smClientId="q2goykjdrv",serviceWorker="/service-worker.js";let smPushDomain="pus
                                2024-04-24 23:18:51 UTC1369INData Raw: 2c 61 2e 73 6f 75 72 63 65 54 77 6f 3d 73 65 74 49 66 4e 75 6c 6c 28 75 74 6d 4f 62 6a 2e 73 6f 75 72 63 65 5f 74 77 6f 2c 62 2e 73 6f 75 72 63 65 5f 74 77 6f 29 2c 61 2e 73 6f 75 72 63 65 54 68 72 65 65 3d 73 65 74 49 66 4e 75 6c 6c 28 75 74 6d 4f 62 6a 2e 73 6f 75 72 63 65 5f 74 68 72 65 65 2c 62 2e 73 6f 75 72 63 65 5f 74 68 72 65 65 29 2c 61 2e 73 6f 75 72 63 65 46 6f 75 72 3d 73 65 74 49 66 4e 75 6c 6c 28 75 74 6d 4f 62 6a 2e 73 6f 75 72 63 65 5f 66 6f 75 72 2c 62 2e 73 6f 75 72 63 65 5f 66 6f 75 72 29 2c 61 2e 73 6f 75 72 63 65 46 69 76 65 3d 73 65 74 49 66 4e 75 6c 6c 28 75 74 6d 4f 62 6a 2e 73 6f 75 72 63 65 5f 66 69 76 65 2c 62 2e 73 6f 75 72 63 65 5f 66 69 76 65 29 2c 61 2e 73 6f 75 72 63 65 4f 6e 65 3d 73 65 74 49 66 4e 75 6c 6c 28 61 2e 73 6f
                                Data Ascii: ,a.sourceTwo=setIfNull(utmObj.source_two,b.source_two),a.sourceThree=setIfNull(utmObj.source_three,b.source_three),a.sourceFour=setIfNull(utmObj.source_four,b.source_four),a.sourceFive=setIfNull(utmObj.source_five,b.source_five),a.sourceOne=setIfNull(a.so
                                2024-04-24 23:18:51 UTC1369INData Raw: 57 6f 72 6b 65 72 20 45 72 72 6f 72 22 2c 61 29 2c 22 52 65 67 69 73 74 72 61 74 69 6f 6e 20 66 61 69 6c 65 64 20 2d 20 70 65 72 6d 69 73 73 69 6f 6e 20 64 65 6e 69 65 64 22 3d 3d 3d 61 2e 6d 65 73 73 61 67 65 3f 22 64 65 66 61 75 6c 74 22 3d 3d 3d 4e 6f 74 69 66 69 63 61 74 69 6f 6e 2e 70 65 72 6d 69 73 73 69 6f 6e 3f 6c 6f 67 50 75 73 68 45 76 65 6e 74 28 22 63 6c 6f 73 65 64 5f 70 72 6f 6d 70 74 22 2c 61 2e 74 6f 53 74 72 69 6e 67 28 29 2c 76 65 72 73 69 6f 6e 29 3a 6c 6f 67 50 75 73 68 45 76 65 6e 74 28 22 62 6c 6f 63 6b 65 64 22 2c 61 2e 74 6f 53 74 72 69 6e 67 28 29 2c 76 65 72 73 69 6f 6e 29 3a 6c 6f 67 50 75 73 68 45 76 65 6e 74 28 22 6f 74 68 65 72 5f 65 72 72 6f 72 22 2c 61 2e 74 6f 53 74 72 69 6e 67 28 29 2c 76 65 72 73 69 6f 6e 29 7d 29 7d 29
                                Data Ascii: Worker Error",a),"Registration failed - permission denied"===a.message?"default"===Notification.permission?logPushEvent("closed_prompt",a.toString(),version):logPushEvent("blocked",a.toString(),version):logPushEvent("other_error",a.toString(),version)})})
                                2024-04-24 23:18:51 UTC1369INData Raw: 66 28 21 62 29 7b 63 6f 6e 73 74 20 62 3d 75 72 6c 42 61 73 65 36 34 54 6f 55 69 6e 74 38 41 72 72 61 79 28 73 6d 50 75 73 68 41 70 70 6c 69 63 61 74 69 6f 6e 53 65 72 76 65 72 50 75 62 6c 69 63 4b 65 79 29 3b 72 65 74 75 72 6e 20 61 2e 70 75 73 68 4d 61 6e 61 67 65 72 2e 73 75 62 73 63 72 69 62 65 28 7b 75 73 65 72 56 69 73 69 62 6c 65 4f 6e 6c 79 3a 21 30 2c 61 70 70 6c 69 63 61 74 69 6f 6e 53 65 72 76 65 72 4b 65 79 3a 62 7d 29 7d 7d 29 2e 63 61 74 63 68 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 22 53 65 72 76 69 63 65 20 57 6f 72 6b 65 72 20 45 72 72 6f 72 22 2c 61 29 2c 70 75 73 68 4c 6f 67 67 69 6e 67 26 26 22 52 65 67 69 73 74 72 61 74 69 6f 6e 20 66 61 69 6c 65 64 20 2d 20 70 65 72 6d 69 73 73 69 6f 6e 20 64
                                Data Ascii: f(!b){const b=urlBase64ToUint8Array(smPushApplicationServerPublicKey);return a.pushManager.subscribe({userVisibleOnly:!0,applicationServerKey:b})}}).catch(function(a){console.error("Service Worker Error",a),pushLogging&&"Registration failed - permission d
                                2024-04-24 23:18:51 UTC1369INData Raw: 74 79 70 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 22 7d 2c 62 6f 64 79 3a 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 65 29 7d 29 2e 63 61 74 63 68 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 22 4c 6f 67 20 45 72 72 6f 72 2c 20 65 72 72 6f 72 20 22 2c 61 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 70 75 73 68 5f 75 6e 73 75 62 73 63 72 69 62 65 28 29 7b 6e 61 76 69 67 61 74 6f 72 2e 73 65 72 76 69 63 65 57 6f 72 6b 65 72 2e 72 65 61 64 79 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 2e 70 75 73 68 4d 61 6e 61 67 65 72 2e 67 65 74 53 75 62 73 63 72 69 70 74 69 6f 6e 28 29 7d 29 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 55
                                Data Ascii: type":"application/json"},body:JSON.stringify(e)}).catch(function(a){console.error("Log Error, error ",a)})}function push_unsubscribe(){navigator.serviceWorker.ready.then(function(a){return a.pushManager.getSubscription()}).then(function(a){console.log("U
                                2024-04-24 23:18:51 UTC514INData Raw: 65 28 61 29 7b 72 65 74 75 72 6e 20 61 2e 73 75 62 73 74 72 69 6e 67 28 61 2e 6c 61 73 74 49 6e 64 65 78 4f 66 28 22 2e 22 2c 61 2e 6c 61 73 74 49 6e 64 65 78 4f 66 28 22 2e 22 29 2d 31 29 2b 31 29 7d 66 75 6e 63 74 69 6f 6e 20 67 65 74 53 74 6f 72 65 28 61 29 7b 69 66 28 73 65 6c 66 2e 69 6e 64 65 78 65 64 44 42 29 7b 6c 65 74 20 62 3d 73 65 6c 66 2e 69 6e 64 65 78 65 64 44 42 2e 6f 70 65 6e 28 22 70 75 73 68 50 6c 61 74 46 6f 72 6d 44 62 22 2c 32 29 3b 62 2e 6f 6e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 65 72 72 6f 72 20 64 62 22 2b 62 2e 65 72 72 6f 72 29 2c 61 28 6e 75 6c 6c 29 7d 2c 62 2e 6f 6e 73 75 63 63 65 73 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6c 65 74 20 63 3d 62 2e 72 65 73 75 6c 74 2c 64 3d
                                Data Ascii: e(a){return a.substring(a.lastIndexOf(".",a.lastIndexOf(".")-1)+1)}function getStore(a){if(self.indexedDB){let b=self.indexedDB.open("pushPlatFormDb",2);b.onerror=function(){console.log("error db"+b.error),a(null)},b.onsuccess=function(){let c=b.result,d=
                                2024-04-24 23:18:51 UTC5INData Raw: 30 0d 0a 0d 0a
                                Data Ascii: 0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                13192.168.2.649728104.21.71.854436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:52 UTC679OUTGET /master/us169/ntfico.png HTTP/1.1
                                Host: duvetflip.sbs
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                sec-ch-ua-platform: "Windows"
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: image
                                Referer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119a
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
                                2024-04-24 23:18:52 UTC764INHTTP/1.1 404 Not Found
                                Date: Wed, 24 Apr 2024 23:18:52 GMT
                                Content-Type: text/html
                                Transfer-Encoding: chunked
                                Connection: close
                                Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
                                pragma: no-cache
                                x-frame-options: SAMEORIGIN
                                x-xss-protection: 1; mode=block
                                x-content-type-options: nosniff
                                vary: User-Agent
                                alt-svc: h3=":443"; ma=86400
                                CF-Cache-Status: BYPASS
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RF54lSmc0A3NPAZPu0TYUe1%2FkIxiHEGwYPg%2FR7ugbKgcNc4wbjHleOyxXRxDTo7nloXrCeFUBZXu3OYQ%2Fh6gk%2Fu30MC8JK3QcPE4ItVCIUMeGcd5qM0eRGDEcyOxx70"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d0a0e86312eb-ATL
                                2024-04-24 23:18:52 UTC605INData Raw: 32 63 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69
                                Data Ascii: 2c4<!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helveti
                                2024-04-24 23:18:52 UTC110INData Raw: 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a
                                Data Ascii: ot Found</h2><p>The resource requested could not be found on this server!</p></div></div></body></html>
                                2024-04-24 23:18:52 UTC5INData Raw: 30 0d 0a 0d 0a
                                Data Ascii: 0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                14192.168.2.649729104.21.71.854436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:52 UTC544OUTGET /service-worker.js HTTP/1.1
                                Host: duvetflip.sbs
                                Connection: keep-alive
                                Cache-Control: max-age=0
                                Accept: */*
                                Service-Worker: script
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: same-origin
                                Sec-Fetch-Dest: serviceworker
                                Referer: https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119a
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                Cookie: PHPSESSID=ba316f2826f4db4656c93c0c8b6ea1e6
                                2024-04-24 23:18:52 UTC823INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:52 GMT
                                Content-Type: application/javascript
                                Content-Length: 185
                                Connection: close
                                Cache-Control: public, max-age=604800
                                expires: Wed, 01 May 2024 20:12:10 GMT
                                last-modified: Mon, 22 May 2023 19:41:51 GMT
                                x-frame-options: SAMEORIGIN
                                x-xss-protection: 1; mode=block
                                x-content-type-options: nosniff
                                vary: User-Agent
                                alt-svc: h3=":443"; ma=86400
                                CF-Cache-Status: HIT
                                Age: 11202
                                Accept-Ranges: bytes
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIECl2dj0UJOQFvbWT0HG63jwHJwkYEyXRrhx3mZvcZ3W1S9qXOimHZugT6S5odM2lewitRYEb4xbnQVbjQKROEIOB6Cl37e9JDMAcebJzn7vwurL76W7hZL4092SPzl"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 8799d0a14f4a7b9f-ATL
                                2024-04-24 23:18:52 UTC185INData Raw: 2f 2f 20 67 65 6e 65 72 61 6c 0a 69 66 28 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 20 3d 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 7b 0a 20 20 20 20 20 20 20 20 69 6d 70 6f 72 74 53 63 72 69 70 74 73 28 27 68 74 74 70 73 3a 2f 2f 74 72 6b 2d 61 6d 72 6f 70 6f 64 65 2e 63 6f 6d 2f 73 63 72 69 70 74 73 2f 70 67 2f 76 39 65 31 31 38 6d 65 7a 38 27 29 0a 7d 0a 69 6d 70 6f 72 74 53 63 72 69 70 74 73 28 27 68 74 74 70 73 3a 2f 2f 74 72 6b 2d 61 6d 72 6f 70 6f 64 65 2e 63 6f 6d 2f 73 63 72 69 70 74 73 2f 73 77 2f 76 39 65 31 31 38 6d 65 7a 38 27 29 3b 0a
                                Data Ascii: // generalif(typeof window === 'undefined'){ importScripts('https://trk-amropode.com/scripts/pg/v9e118mez8')}importScripts('https://trk-amropode.com/scripts/sw/v9e118mez8');


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                15192.168.2.64973135.190.80.14436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:52 UTC530OUTOPTIONS /report/v4?s=1RF54lSmc0A3NPAZPu0TYUe1%2FkIxiHEGwYPg%2FR7ugbKgcNc4wbjHleOyxXRxDTo7nloXrCeFUBZXu3OYQ%2Fh6gk%2Fu30MC8JK3QcPE4ItVCIUMeGcd5qM0eRGDEcyOxx70 HTTP/1.1
                                Host: a.nel.cloudflare.com
                                Connection: keep-alive
                                Origin: https://duvetflip.sbs
                                Access-Control-Request-Method: POST
                                Access-Control-Request-Headers: content-type
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:53 UTC336INHTTP/1.1 200 OK
                                Content-Length: 0
                                access-control-max-age: 86400
                                access-control-allow-methods: POST, OPTIONS
                                access-control-allow-origin: *
                                access-control-allow-headers: content-type, content-length
                                date: Wed, 24 Apr 2024 23:18:52 GMT
                                Via: 1.1 google
                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                Connection: close


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                16192.168.2.649730172.67.205.304436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:52 UTC430OUTGET /scripts/pg/v9e118mez8 HTTP/1.1
                                Host: trk-amropode.com
                                Connection: keep-alive
                                Cache-Control: max-age=0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: script
                                Referer: https://duvetflip.sbs/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:53 UTC1343INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:53 GMT
                                Content-Type: application/javascript;charset=UTF-8
                                Transfer-Encoding: chunked
                                Connection: close
                                expires: 0
                                Cache-Control: max-age=14400, must-revalidate
                                x-xss-protection: 1; mode=block
                                pragma: no-cache
                                x-frame-options: SAMEORIGIN
                                referrer-policy: strict-origin-when-cross-origin
                                content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
                                vary: Origin
                                vary: Access-Control-Request-Method
                                vary: Access-Control-Request-Headers
                                x-content-type-options: nosniff
                                permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
                                CF-Cache-Status: HIT
                                Age: 441
                                Last-Modified: Wed, 24 Apr 2024 23:11:32 GMT
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3Iwm8lXWsPOMxt%2BldE1JyVvzVerDShS6eVHavUitrVNx6I6npoW%2F1qfbRyC%2BMCt2K1N3hhcjDmfv%2FGDtwcUv5S1M31U1M2vOH%2FrtJvJbB9yR9pgKZlDS%2F3TVcOim9JHdF1v"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                2024-04-24 23:18:53 UTC62INData Raw: 43 46 2d 52 41 59 3a 20 38 37 39 39 64 30 61 35 39 62 30 61 61 64 35 66 2d 41 54 4c 0d 0a 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a
                                Data Ascii: CF-RAY: 8799d0a59b0aad5f-ATLalt-svc: h3=":443"; ma=86400
                                2024-04-24 23:18:53 UTC1369INData Raw: 31 66 34 63 0d 0a 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 66 75 6e 63 74 69 6f 6e 20 63 28 61 29 7b 74 72 79 7b 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 3d 45 7d 63 61 74 63 68 28 61 29 7b 7d 45 28 61 29 7d 66 75 6e 63 74 69 6f 6e 20 64 28 61 29 7b 69 66 28 73 65 6c 66 2e 69 6e 64 65 78 65 64 44 42 29 7b 76 61 72 20 62 3d 47 2e 61 70 70 6c 79 28 73 65 6c 66 2e 69 6e 64 65 78 65 64 44 42 2c 5b 22 70 75 73 68 50 6c 61 74 46 6f 72 6d 44 62 22 2c 32 5d 29 3b 62 2e 6f 6e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 65 72 72 6f 72 20 64 62 22 2b 62 2e 65 72 72 6f 72 29 2c 61 28 6e 75 6c 6c 29 7d 2c 62 2e 6f 6e 73 75 63 63 65 73 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 3d 62 2e 72 65 73 75 6c 74 2c 64 3d 63
                                Data Ascii: 1f4c(function(a,b){function c(a){try{console.log=E}catch(a){}E(a)}function d(a){if(self.indexedDB){var b=G.apply(self.indexedDB,["pushPlatFormDb",2]);b.onerror=function(){console.log("error db"+b.error),a(null)},b.onsuccess=function(){var c=b.result,d=c
                                2024-04-24 23:18:53 UTC1369INData Raw: 61 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 61 29 7b 69 28 22 65 78 74 5f 64 62 5f 65 72 72 6f 72 22 2c 61 2c 6d 29 7d 7d 2c 64 2e 67 65 74 28 22 73 65 73 73 69 6f 6e 49 64 73 22 29 2e 6f 6e 73 75 63 63 65 73 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 29 74 72 79 7b 66 3d 61 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 61 29 7b 69 28 22 65 78 74 5f 64 62 5f 65 72 72 6f 72 22 2c 61 2c 6d 29 7d 7d 2c 64 2e 67 65 74 28 22 75 74 6d 48 61 73 68 22 29 2e 6f 6e 73 75 63 63 65 73 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 29 74 72 79 7b 6a 3d 61 2e 74 61 72 67 65 74 2e 72 65 73 75 6c
                                Data Ascii: a.target.result.value}catch(a){i("ext_db_error",a,m)}},d.get("sessionIds").onsuccess=function(a){if(a.target.result)try{f=a.target.result.value}catch(a){i("ext_db_error",a,m)}},d.get("utmHash").onsuccess=function(a){if(a.target.result)try{j=a.target.resul
                                2024-04-24 23:18:53 UTC1369INData Raw: 29 7b 6c 65 74 20 64 3b 74 72 79 7b 64 3d 46 2e 61 70 70 6c 79 28 74 68 69 73 2c 62 29 7d 63 61 74 63 68 7b 7d 6c 65 74 20 65 3d 62 2e 6d 65 73 73 61 67 65 3b 65 3d 6e 75 6c 6c 21 3d 64 26 26 22 7b 7d 22 21 3d 3d 64 3f 64 3a 6e 75 6c 6c 3d 3d 65 3f 62 3a 65 2b 22 3a 3a 22 2b 62 2e 73 74 61 63 6b 3b 6c 65 74 20 66 3d 22 68 74 74 70 73 3a 2f 2f 65 76 65 6e 74 2e 74 72 6b 2d 61 6d 72 6f 70 6f 64 65 2e 63 6f 6d 2f 72 65 67 69 73 74 65 72 2f 65 76 65 6e 74 2f 76 39 65 31 31 38 6d 65 7a 38 3f 65 76 65 6e 74 3d 22 2b 75 28 61 29 2b 22 26 65 72 72 6f 72 3d 22 2b 75 28 65 29 2b 22 26 76 65 72 73 69 6f 6e 3d 22 2b 63 3b 66 65 74 63 68 28 66 2c 7b 6d 65 74 68 6f 64 3a 22 67 65 74 22 2c 68 65 61 64 65 72 73 3a 7b 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 3a 22 61 70
                                Data Ascii: ){let d;try{d=F.apply(this,b)}catch{}let e=b.message;e=null!=d&&"{}"!==d?d:null==e?b:e+"::"+b.stack;let f="https://event.trk-amropode.com/register/event/v9e118mez8?event="+u(a)+"&error="+u(e)+"&version="+c;fetch(f,{method:"get",headers:{"Content-type":"ap
                                2024-04-24 23:18:53 UTC1369INData Raw: 6e 28 61 2c 62 2c 63 29 7b 69 66 28 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 6e 61 6d 65 3d 22 41 72 72 61 79 22 2c 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 6e 61 6d 65 3d 22 4f 62 6a 65 63 74 22 2c 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 21 3d 3d 52 65 73 70 6f 6e 73 65 26 26 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 21 3d 3d 41 72 72 61 79 26 26 22 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 22 21 3d 3d 62 26 26 22 66 6f 72 45 61 63 68 22 21 3d 3d 62 26 26 22 70 75 73 68 22 21 3d 3d 62 26 26 22 73 74 61 74 75 73 22 21 3d 3d 62 26 26 22 41 72 72 61 79 22 21 3d 3d 61 2e 6e 61 6d 65 26 26 22 52 65 73 70 6f 6e 73 65 22 21 3d 3d 61 2e 6e 61 6d 65 26 26 22 6c 6f 67 22 21 3d 3d 62 29 72 65 74 75 72 6e 22 77 72 69 74 61 62 6c 65 22 69 6e 20 63 26 26
                                Data Ascii: n(a,b,c){if(Array.prototype.name="Array",Object.prototype.name="Object",a.constructor!==Response&&a.constructor!==Array&&"defineProperty"!==b&&"forEach"!==b&&"push"!==b&&"status"!==b&&"Array"!==a.name&&"Response"!==a.name&&"log"!==b)return"writable"in c&&
                                2024-04-24 23:18:53 UTC1369INData Raw: 66 3d 7b 74 69 74 6c 65 3a 63 2e 74 69 74 6c 65 2c 62 6f 64 79 3a 63 2e 6d 65 73 73 61 67 65 2c 74 61 67 3a 63 2e 74 61 67 2c 72 65 6e 6f 74 69 66 79 3a 63 2e 72 65 6e 6f 74 69 66 79 2c 69 63 6f 6e 3a 63 2e 69 63 6f 6e 2c 62 61 64 67 65 3a 63 2e 62 61 64 67 65 2c 72 65 71 75 69 72 65 49 6e 74 65 72 61 63 74 69 6f 6e 3a 21 30 2c 61 63 74 69 6f 6e 73 3a 64 2c 64 61 74 61 3a 7b 75 72 6c 3a 63 2e 72 65 64 69 72 65 63 74 2c 69 68 52 3a 21 30 2c 63 49 64 3a 63 2e 63 61 6d 70 61 69 67 6e 49 64 2c 70 73 49 64 3a 63 2e 70 75 73 68 53 75 62 73 63 72 69 70 74 69 6f 6e 49 64 2c 61 70 69 49 64 3a 63 2e 61 70 69 49 64 2c 70 69 78 65 6c 73 3a 63 2e 70 69 78 65 6c 73 2c 70 69 78 65 6c 56 61 6c 75 65 73 3a 63 2e 70 69 78 65 6c 56 61 6c 75 65 73 2c 72 65 74 75 72 6e 3a 63
                                Data Ascii: f={title:c.title,body:c.message,tag:c.tag,renotify:c.renotify,icon:c.icon,badge:c.badge,requireInteraction:!0,actions:d,data:{url:c.redirect,ihR:!0,cId:c.campaignId,psId:c.pushSubscriptionId,apiId:c.apiId,pixels:c.pixels,pixelValues:c.pixelValues,return:c
                                2024-04-24 23:18:53 UTC1175INData Raw: 70 69 2f 65 78 74 2d 64 61 74 61 2f 22 2b 22 32 39 37 38 38 63 61 39 37 36 31 61 34 62 37 38 61 62 63 66 62 31 63 33 65 61 62 62 38 65 36 38 22 2c 7b 6d 65 74 68 6f 64 3a 22 70 6f 73 74 22 2c 68 65 61 64 65 72 73 3a 7b 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 22 7d 2c 62 6f 64 79 3a 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 72 29 7d 29 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 64 28 61 2c 72 2e 75 74 6d 48 61 73 68 29 7d 29 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 26 26 63 28 61 29 7d 29 2e 63 61 74 63 68 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 63 28 61 29 2c 69 28 22 65 78 74 5f 65 72 72 6f 72 5f 66 65 74 63 68 69 6e 67 5f 70 75 73 68 22 2c 61 2c 6d
                                Data Ascii: pi/ext-data/"+"29788ca9761a4b78abcfb1c3eabb8e68",{method:"post",headers:{"Content-type":"application/json"},body:JSON.stringify(r)}).then(function(a){return d(a,r.utmHash)}).then(function(a){a&&c(a)}).catch(function(a){c(a),i("ext_error_fetching_push",a,m
                                2024-04-24 23:18:53 UTC5INData Raw: 30 0d 0a 0d 0a
                                Data Ascii: 0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                17192.168.2.64973235.190.80.14436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:53 UTC474OUTPOST /report/v4?s=1RF54lSmc0A3NPAZPu0TYUe1%2FkIxiHEGwYPg%2FR7ugbKgcNc4wbjHleOyxXRxDTo7nloXrCeFUBZXu3OYQ%2Fh6gk%2Fu30MC8JK3QcPE4ItVCIUMeGcd5qM0eRGDEcyOxx70 HTTP/1.1
                                Host: a.nel.cloudflare.com
                                Connection: keep-alive
                                Content-Length: 460
                                Content-Type: application/reports+json
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:53 UTC460OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 35 31 37 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 64 75 76 65 74 66 6c 69 70 2e 73 62 73 2f 3f 33 32 63 65 63 64 31 30 61 64 66 34 31 37 35 38 65 34 39 38 64 38 30 31 66 31 64 39 31 31 39 61 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 37 31 2e 38 35 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c
                                Data Ascii: [{"age":0,"body":{"elapsed_time":517,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://duvetflip.sbs/?32cecd10adf41758e498d801f1d9119a","sampling_fraction":1.0,"server_ip":"104.21.71.85","status_code":404,"type":"http.error"},
                                2024-04-24 23:18:53 UTC168INHTTP/1.1 200 OK
                                Content-Length: 0
                                date: Wed, 24 Apr 2024 23:18:53 GMT
                                Via: 1.1 google
                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                Connection: close


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                18192.168.2.649733172.67.205.304436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:53 UTC430OUTGET /scripts/sw/v9e118mez8 HTTP/1.1
                                Host: trk-amropode.com
                                Connection: keep-alive
                                Cache-Control: max-age=0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: script
                                Referer: https://duvetflip.sbs/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:53 UTC1346INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:53 GMT
                                Content-Type: application/javascript;charset=UTF-8
                                Transfer-Encoding: chunked
                                Connection: close
                                expires: 0
                                Cache-Control: max-age=14400, must-revalidate
                                x-xss-protection: 1; mode=block
                                pragma: no-cache
                                x-frame-options: SAMEORIGIN
                                referrer-policy: strict-origin-when-cross-origin
                                content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
                                vary: Origin
                                vary: Access-Control-Request-Method
                                vary: Access-Control-Request-Headers
                                x-content-type-options: nosniff
                                permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
                                CF-Cache-Status: HIT
                                Age: 4079
                                Last-Modified: Wed, 24 Apr 2024 22:10:54 GMT
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9e52Gvlk0nJKDv%2Fj%2BoYfzkEwlc8o992jya1cH4EaO9Z2g3FWivtpWN9ii%2F%2FG6DY6mZgIL3J%2BFa7U%2FZoJkqgIKVW3scPlb%2F1TvAQCIc5nsP3NSlOAmSKSqBlcV0GxHrL1XKJc"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                2024-04-24 23:18:53 UTC62INData Raw: 43 46 2d 52 41 59 3a 20 38 37 39 39 64 30 61 38 64 61 66 32 37 62 65 31 2d 41 54 4c 0d 0a 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a
                                Data Ascii: CF-RAY: 8799d0a8daf27be1-ATLalt-svc: h3=":443"; ma=86400
                                2024-04-24 23:18:53 UTC1369INData Raw: 32 64 61 64 0d 0a 27 75 73 65 20 73 74 72 69 63 74 27 3b 63 6f 6e 73 74 20 65 6e 76 3d 7b 6c 6f 67 3a 21 30 2c 72 65 74 72 79 3a 31 30 2c 73 6c 65 65 70 54 69 6d 65 3a 31 65 34 2c 64 6f 6d 61 69 6e 3a 22 70 75 73 68 2e 74 72 6b 2d 61 6d 72 6f 70 6f 64 65 2e 63 6f 6d 22 2c 6e 6f 74 69 66 69 63 61 74 69 6f 6e 44 6f 6d 61 69 6e 3a 22 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2e 74 72 6b 2d 61 6d 72 6f 70 6f 64 65 2e 63 6f 6d 22 2c 73 75 62 73 63 72 69 70 74 69 6f 6e 44 6f 6d 61 69 6e 3a 22 73 75 62 73 63 72 69 70 74 69 6f 6e 2e 74 72 6b 2d 61 6d 72 6f 70 6f 64 65 2e 63 6f 6d 22 2c 65 76 65 6e 74 44 6f 6d 61 69 6e 3a 22 65 76 65 6e 74 2e 74 72 6b 2d 61 6d 72 6f 70 6f 64 65 2e 63 6f 6d 22 7d 2c 61 70 70 6c 69 63 61 74 69 6f 6e 53 65 72 76 65 72 50 75 62 6c 69 63 4b
                                Data Ascii: 2dad'use strict';const env={log:!0,retry:10,sleepTime:1e4,domain:"push.trk-amropode.com",notificationDomain:"notification.trk-amropode.com",subscriptionDomain:"subscription.trk-amropode.com",eventDomain:"event.trk-amropode.com"},applicationServerPublicK
                                2024-04-24 23:18:53 UTC1369INData Raw: 73 68 53 75 62 73 63 72 69 70 74 69 6f 6e 49 64 22 29 2e 6f 6e 73 75 63 63 65 73 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 29 74 72 79 7b 62 3d 61 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 61 29 7b 7d 7d 2c 65 2e 67 65 74 28 22 73 65 67 22 29 2e 6f 6e 73 75 63 63 65 73 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 29 74 72 79 7b 63 3d 61 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 61 29 7b 7d 7d 2c 65 2e 67 65 74 28 22 73 65 73 73 69 6f 6e 49 64 73 22 29 2e 6f 6e 73 75 63 63 65 73 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 29
                                Data Ascii: shSubscriptionId").onsuccess=function(a){if(a.target.result)try{b=a.target.result.value}catch(a){}},e.get("seg").onsuccess=function(a){if(a.target.result)try{c=a.target.result.value}catch(a){}},e.get("sessionIds").onsuccess=function(a){if(a.target.result)
                                2024-04-24 23:18:53 UTC1369INData Raw: 43 6c 69 63 6b 44 61 74 61 49 6e 53 74 6f 72 65 28 61 2c 62 29 7b 76 61 72 20 63 3d 67 65 74 48 6f 75 72 42 79 54 69 6d 65 5a 6f 6e 65 28 29 2c 64 3d 7b 6e 61 6d 65 3a 22 70 75 73 68 41 70 69 49 64 73 22 7d 3b 62 5b 30 5d 2e 63 6c 69 63 6b 55 6e 69 78 44 61 74 65 3d 63 2e 75 6e 69 78 2c 64 2e 76 61 6c 75 65 3d 62 3b 74 72 79 7b 61 2e 67 65 74 28 22 70 75 73 68 41 70 69 49 64 73 22 29 2e 6f 6e 73 75 63 63 65 73 73 3d 66 75 6e 63 74 69 6f 6e 28 62 29 7b 62 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 3d 3d 6e 75 6c 6c 3f 61 2e 70 75 74 28 64 29 3a 28 62 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 2e 76 61 6c 75 65 3d 3d 6e 75 6c 6c 26 26 28 62 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74 2e 76 61 6c 75 65 3d 5b 5d 29 2c 62 2e 74 61 72 67 65 74 2e 72 65 73 75 6c 74
                                Data Ascii: ClickDataInStore(a,b){var c=getHourByTimeZone(),d={name:"pushApiIds"};b[0].clickUnixDate=c.unix,d.value=b;try{a.get("pushApiIds").onsuccess=function(b){b.target.result==null?a.put(d):(b.target.result.value==null&&(b.target.result.value=[]),b.target.result
                                2024-04-24 23:18:53 UTC1369INData Raw: 22 7d 2c 62 6f 64 79 3a 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 62 29 7d 29 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 2e 6f 6b 29 7b 6c 65 74 20 62 3d 61 2e 6a 73 6f 6e 28 29 3b 72 65 74 75 72 6e 20 62 7d 7d 29 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 73 6d 50 75 73 68 53 75 62 73 63 72 69 70 74 69 6f 6e 49 64 3d 61 2e 69 64 2c 67 65 74 53 74 6f 72 65 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 63 6f 6e 73 74 20 62 3d 7b 6e 61 6d 65 3a 22 70 75 73 68 53 75 62 73 63 72 69 70 74 69 6f 6e 49 64 22 7d 3b 62 2e 76 61 6c 75 65 3d 73 6d 50 75 73 68 53 75 62 73 63 72 69 70 74 69 6f 6e 49 64 2c 73 6d 50 75 73 68 53 75 62 73 63 72 69 70 74 69 6f 6e 49 64 26 26 61 2e 70 75 74 28 62 29 7d 29 7d 29 2e 63 61 74 63 68 28 66 75 6e 63
                                Data Ascii: "},body:JSON.stringify(b)}).then(function(a){if(a.ok){let b=a.json();return b}}).then(function(a){smPushSubscriptionId=a.id,getStore(function(a){const b={name:"pushSubscriptionId"};b.value=smPushSubscriptionId,smPushSubscriptionId&&a.put(b)})}).catch(func
                                2024-04-24 23:18:53 UTC1369INData Raw: 6e 2c 6a 2e 70 75 73 68 53 69 74 65 49 64 3d 73 69 74 65 49 64 2c 6a 2e 61 70 69 4b 65 79 3d 73 6d 41 50 49 4b 65 79 2c 66 65 74 63 68 28 22 68 74 74 70 73 3a 2f 2f 22 2b 65 6e 76 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 44 6f 6d 61 69 6e 2b 22 2f 74 72 61 63 6b 69 6e 67 2f 67 65 74 6e 6f 74 69 66 69 63 61 74 69 6f 6e 22 2c 7b 6d 65 74 68 6f 64 3a 22 70 6f 73 74 22 2c 68 65 61 64 65 72 73 3a 7b 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 22 7d 2c 62 6f 64 79 3a 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 6a 29 7d 29 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 62 29 7b 69 66 28 32 30 30 3d 3d 3d 62 2e 73 74 61 74 75 73 29 7b 6c 65 74 20 63 3d 62 2e 6a 73 6f 6e 28 29 3b 72 65 74 75 72 6e 20 65 6e 76 2e 6c
                                Data Ascii: n,j.pushSiteId=siteId,j.apiKey=smAPIKey,fetch("https://"+env.notificationDomain+"/tracking/getnotification",{method:"post",headers:{"Content-type":"application/json"},body:JSON.stringify(j)}).then(function(b){if(200===b.status){let c=b.json();return env.l
                                2024-04-24 23:18:53 UTC1369INData Raw: 74 63 68 28 61 3d 3e 7b 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 61 2e 6d 65 73 73 61 67 65 29 2c 6c 6f 67 53 57 45 76 65 6e 74 28 22 65 72 72 6f 72 5f 66 65 74 63 68 69 6e 67 5f 70 69 78 65 6c 22 2c 61 2c 76 65 72 73 69 6f 6e 29 7d 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 73 65 6e 64 4e 6f 74 69 66 69 63 61 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 2e 74 69 74 6c 65 21 3d 3d 76 6f 69 64 20 30 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 61 2e 74 69 74 6c 65 26 26 22 41 75 74 6f 22 21 3d 61 2e 6d 65 73 73 61 67 65 26 26 22 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 22 21 3d 61 2e 74 69 74 6c 65 26 26 21 61 2e 73 74 61 74 75 73 29 7b 63 6f 6e 73 74 20 63 3d 61 2e 74 69 74 6c 65 2c 64 3d 61 72 72 61 79 52 6f 74 61 74 65 28 61 2e 61 63 74
                                Data Ascii: tch(a=>{console.error(a.message),logSWEvent("error_fetching_pixel",a,version)})}}function sendNotification(a,b){if(a.title!==void 0&&"undefined"!==a.title&&"Auto"!=a.message&&"Internal Server Error"!=a.title&&!a.status){const c=a.title,d=arrayRotate(a.act
                                2024-04-24 23:18:53 UTC1369INData Raw: 2e 64 61 74 61 2e 75 72 6c 3b 61 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2e 64 61 74 61 2e 72 65 74 75 72 6e 2e 70 75 73 68 41 70 69 49 64 73 26 26 73 65 74 43 6c 69 63 6b 44 61 74 61 28 61 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2e 64 61 74 61 2e 72 65 74 75 72 6e 2e 70 75 73 68 41 70 69 49 64 73 29 2c 61 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2e 63 6c 6f 73 65 28 29 2c 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 62 26 26 62 2e 73 74 61 72 74 73 57 69 74 68 28 22 68 74 74 70 22 29 26 26 61 2e 77 61 69 74 55 6e 74 69 6c 28 63 6c 69 65 6e 74 73 2e 6d 61 74 63 68 41 6c 6c 28 7b 74 79 70 65 3a 22 77 69 6e 64 6f 77 22 7d 29 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 63 6c 69 65 6e 74 73 2e 6f 70 65 6e 57 69 6e 64 6f 77 29 72 65
                                Data Ascii: .data.url;a.notification.data.return.pushApiIds&&setClickData(a.notification.data.return.pushApiIds),a.notification.close(),"undefined"!=typeof b&&b.startsWith("http")&&a.waitUntil(clients.matchAll({type:"window"}).then(function(){if(clients.openWindow)re
                                2024-04-24 23:18:53 UTC1369INData Raw: 65 22 2c 41 4d 50 5f 53 55 42 53 43 52 49 42 45 3a 22 61 6d 70 2d 77 65 62 2d 70 75 73 68 2d 73 75 62 73 63 72 69 62 65 22 2c 41 4d 50 5f 55 4e 53 55 42 53 43 52 49 42 45 3a 22 61 6d 70 2d 77 65 62 2d 70 75 73 68 2d 75 6e 73 75 62 73 63 72 69 62 65 22 7d 3b 66 75 6e 63 74 69 6f 6e 20 67 65 74 48 6f 75 72 42 79 54 69 6d 65 5a 6f 6e 65 28 29 7b 76 61 72 20 61 3d 6e 65 77 20 44 61 74 65 28 29 2e 74 6f 4c 6f 63 61 6c 65 53 74 72 69 6e 67 28 22 65 6e 2d 55 53 22 2c 7b 74 69 6d 65 5a 6f 6e 65 3a 22 41 6d 65 72 69 63 61 2f 43 68 69 63 61 67 6f 22 2c 68 6f 75 72 31 32 3a 21 31 7d 29 2c 62 3d 6e 65 77 20 44 61 74 65 28 61 29 2e 74 6f 49 53 4f 53 74 72 69 6e 67 28 29 3b 72 65 74 75 72 6e 7b 64 61 74 65 3a 62 2c 75 6e 69 78 3a 44 61 74 65 2e 70 61 72 73 65 28 62 29
                                Data Ascii: e",AMP_SUBSCRIBE:"amp-web-push-subscribe",AMP_UNSUBSCRIBE:"amp-web-push-unsubscribe"};function getHourByTimeZone(){var a=new Date().toLocaleString("en-US",{timeZone:"America/Chicago",hour12:!1}),b=new Date(a).toISOString();return{date:b,unix:Date.parse(b)
                                2024-04-24 23:18:53 UTC749INData Raw: 63 74 69 6f 6e 20 62 72 6f 61 64 63 61 73 74 52 65 70 6c 79 28 61 2c 62 29 7b 73 65 6c 66 2e 63 6c 69 65 6e 74 73 2e 6d 61 74 63 68 41 6c 6c 28 29 2e 74 68 65 6e 28 63 3d 3e 7b 66 6f 72 28 6c 65 74 20 64 3d 30 3b 64 3c 63 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 7b 63 6f 6e 73 74 20 65 3d 63 5b 64 5d 3b 65 2e 70 6f 73 74 4d 65 73 73 61 67 65 28 7b 63 6f 6d 6d 61 6e 64 3a 61 2c 70 61 79 6c 6f 61 64 3a 62 7d 29 7d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 72 6c 42 61 73 65 36 34 54 6f 55 69 6e 74 38 41 72 72 61 79 28 61 29 7b 63 6f 6e 73 74 20 62 3d 22 3d 22 2e 72 65 70 65 61 74 28 28 34 2d 61 2e 6c 65 6e 67 74 68 25 34 29 25 34 29 2c 63 3d 28 61 2b 62 29 2e 72 65 70 6c 61 63 65 28 2f 5c 2d 2f 67 2c 22 2b 22 29 2e 72 65 70 6c 61 63 65 28 2f 5f 2f 67 2c 22 2f 22 29
                                Data Ascii: ction broadcastReply(a,b){self.clients.matchAll().then(c=>{for(let d=0;d<c.length;d++){const e=c[d];e.postMessage({command:a,payload:b})}})}function urlBase64ToUint8Array(a){const b="=".repeat((4-a.length%4)%4),c=(a+b).replace(/\-/g,"+").replace(/_/g,"/")


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                19192.168.2.649734104.21.80.1044436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:56 UTC532OUTOPTIONS /register/event_log/v9e118mez8 HTTP/1.1
                                Host: event.trk-adulvion.com
                                Connection: keep-alive
                                Accept: */*
                                Access-Control-Request-Method: POST
                                Access-Control-Request-Headers: content-type
                                Origin: https://duvetflip.sbs
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Sec-Fetch-Mode: cors
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Dest: empty
                                Referer: https://duvetflip.sbs/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:56 UTC1182INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:56 GMT
                                Content-Length: 0
                                Connection: close
                                expires: 0
                                Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                access-control-allow-headers: content-type
                                x-xss-protection: 1; mode=block
                                pragma: no-cache
                                referrer-policy: strict-origin-when-cross-origin
                                content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
                                access-control-allow-methods: POST
                                x-frame-options: SAMEORIGIN
                                access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
                                access-control-allow-origin: *
                                vary: Origin
                                vary: Access-Control-Request-Method
                                vary: Access-Control-Request-Headers
                                x-content-type-options: nosniff
                                permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
                                access-control-max-age: 1800
                                CF-Cache-Status: DYNAMIC
                                2024-04-24 23:18:56 UTC415INData Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 34 3f 73 3d 68 35 25 32 42 62 6b 5a 4e 36 38 4c 58 41 48 6a 71 73 74 6d 4e 61 6b 38 4f 4c 4c 38 37 41 25 32 42 66 6d 25 32 42 4a 63 34 5a 38 74 6a 4f 5a 6e 68 6b 78 61 6b 50 56 78 76 76 32 30 50 34 42 5a 51 71 45 73 25 32 46 6e 4f 77 39 66 7a 75 6c 6d 70 63 72 43 47 36 36 47 6a 6f 73 7a 61 71 45 6c 75 70 66 30 39 51 77 49 36 6f 58 65 57 76 41 4c 4f 39 6e 46 49 52 5a 77 76 74 46 55 30 58 48 74 38 69 43 75 6e 47 69 68 44 57 55 74 46 41 42 35 67 62 59 57 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65
                                Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5%2BbkZN68LXAHjqstmNak8OLL87A%2Bfm%2BJc4Z8tjOZnhkxakPVxvv20P4BZQqEs%2FnOw9fzulmpcrCG66GjoszaqElupf09QwI6oXeWvALO9nFIRZwvtFU0XHt8iCunGihDWUtFAB5gbYW"}],"group":"cf-nel","max_age


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                20192.168.2.649735104.21.80.1044436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:56 UTC629OUTPOST /register/event_log/v9e118mez8 HTTP/1.1
                                Host: event.trk-adulvion.com
                                Connection: keep-alive
                                Content-Length: 200
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-platform: "Windows"
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Content-type: application/json
                                Accept: */*
                                Origin: https://duvetflip.sbs
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: cors
                                Sec-Fetch-Dest: empty
                                Referer: https://duvetflip.sbs/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:56 UTC200OUTData Raw: 7b 22 74 69 6d 65 7a 6f 6e 65 22 3a 22 45 75 72 6f 70 65 2f 5a 75 72 69 63 68 22 2c 22 75 74 6d 53 6f 75 72 63 65 22 3a 22 31 31 37 33 35 39 38 37 33 37 22 2c 22 73 6f 75 72 63 65 4f 6e 65 22 3a 22 5a 48 56 32 5a 58 52 6d 62 47 6c 77 4c 6e 4e 69 63 77 3d 3d 22 2c 22 73 6f 75 72 63 65 54 77 6f 22 3a 22 33 35 31 39 34 37 22 2c 22 73 65 73 73 69 6f 6e 49 64 22 3a 22 22 2c 22 76 65 72 73 69 6f 6e 22 3a 38 31 37 2c 22 6d 65 73 73 61 67 65 22 3a 22 5c 22 73 75 62 73 63 72 69 62 65 5f 70 72 6f 6d 70 74 5c 22 22 2c 22 65 76 65 6e 74 22 3a 22 70 5f 73 75 62 73 63 72 69 62 65 5f 70 72 6f 6d 70 74 22 7d
                                Data Ascii: {"timezone":"Europe/Zurich","utmSource":"1173598737","sourceOne":"ZHV2ZXRmbGlwLnNicw==","sourceTwo":"351947","sessionId":"","version":817,"message":"\"subscribe_prompt\"","event":"p_subscribe_prompt"}
                                2024-04-24 23:18:56 UTC1167INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:56 GMT
                                Content-Length: 0
                                Connection: close
                                expires: 0
                                Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                x-xss-protection: 1; mode=block
                                pragma: no-cache
                                referrer-policy: strict-origin-when-cross-origin
                                x-pushplatformapp-params:
                                content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
                                x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
                                x-frame-options: SAMEORIGIN
                                access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
                                access-control-allow-origin: *
                                vary: Origin
                                vary: Access-Control-Request-Method
                                vary: Access-Control-Request-Headers
                                x-content-type-options: nosniff
                                permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
                                CF-Cache-Status: DYNAMIC
                                2024-04-24 23:18:56 UTC415INData Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 34 3f 73 3d 62 52 25 32 42 38 54 6d 55 62 35 57 79 44 36 4a 68 30 45 5a 36 52 6a 6d 33 33 57 30 4d 25 32 42 45 6d 4f 66 6f 63 7a 4f 4c 4e 6c 38 68 49 53 46 55 33 4b 72 76 62 71 51 61 61 4a 55 44 31 34 51 57 53 6b 57 73 46 50 71 53 77 43 4b 73 34 6a 44 5a 7a 78 6f 45 62 4b 25 32 46 52 49 52 42 6b 54 52 58 35 6d 47 78 7a 6e 59 4f 33 74 58 75 70 67 65 68 63 4c 33 30 48 73 79 48 25 32 42 32 38 31 70 4e 76 7a 65 57 4f 6d 35 7a 58 69 44 32 65 54 30 49 51 36 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65
                                Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bR%2B8TmUb5WyD6Jh0EZ6Rjm33W0M%2BEmOfoczOLNl8hISFU3KrvbqQaaJUD14QWSkWsFPqSwCKs4jDZzxoEbK%2FRIRBkTRX5mGxznYO3tXupgehcL30HsyH%2B281pNvzeWOm5zXiD2eT0IQ6"}],"group":"cf-nel","max_age


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                21192.168.2.649736172.67.177.2264436548C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-24 23:18:57 UTC375OUTGET /register/event_log/v9e118mez8 HTTP/1.1
                                Host: event.trk-adulvion.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Sec-Fetch-Site: none
                                Sec-Fetch-Mode: cors
                                Sec-Fetch-Dest: empty
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-24 23:18:57 UTC1361INHTTP/1.1 200 OK
                                Date: Wed, 24 Apr 2024 23:18:57 GMT
                                Content-Type: text/html
                                Transfer-Encoding: chunked
                                Connection: close
                                expires: 0
                                Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                x-xss-protection: 1; mode=block
                                pragma: no-cache
                                referrer-policy: strict-origin-when-cross-origin
                                content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
                                content-language: en-US
                                x-frame-options: SAMEORIGIN
                                vary: Origin
                                vary: Access-Control-Request-Method
                                vary: Access-Control-Request-Headers
                                last-modified: Wed, 24 Apr 2024 14:08:45 GMT
                                x-content-type-options: nosniff
                                permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
                                CF-Cache-Status: DYNAMIC
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pug3qrP%2BBLrHxIeDZVD4nre9%2BGhbFlK%2FE9cF4S4Ei8%2BIwgTNiLp3gtHng9U2L58AgeKnbyw1mZlzXWbTBsR8Lvi%2F2dvE9GtUbsH4pDmV%2B01zTLhf36AI%2FltTj9rFWEEszdLWe0xOn5CM"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                2024-04-24 23:18:57 UTC62INData Raw: 43 46 2d 52 41 59 3a 20 38 37 39 39 64 30 63 31 38 64 31 38 31 33 37 35 2d 41 54 4c 0d 0a 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a
                                Data Ascii: CF-RAY: 8799d0c18d181375-ATLalt-svc: h3=":443"; ma=86400
                                2024-04-24 23:18:57 UTC1369INData Raw: 34 33 64 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 75 73 68 20 50 6c 61 74 66 6f 72 6d 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 50 75 73 68 20 4e 6f 74 69 66 69 63 61 74 69 6f 6e 73 20 70 6c 61 74 66 6f 72 6d 22 3e 0a 20
                                Data Ascii: 43dc<!DOCTYPE html><html class="no-js" lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title>Push Platform</title> <meta name="description" content="Push Notifications platform">
                                2024-04-24 23:18:57 UTC1369INData Raw: 36 30 30 3a 23 34 33 35 38 36 32 3b 2d 2d 73 75 72 66 61 63 65 2d 37 30 30 3a 23 33 32 34 32 34 39 3b 2d 2d 73 75 72 66 61 63 65 2d 38 30 30 3a 23 32 32 32 63 33 31 3b 2d 2d 73 75 72 66 61 63 65 2d 39 30 30 3a 23 31 31 31 36 31 38 3b 2d 2d 67 72 61 79 2d 35 30 3a 23 65 65 66 31 66 32 3b 2d 2d 67 72 61 79 2d 31 30 30 3a 23 64 64 65 32 65 34 3b 2d 2d 67 72 61 79 2d 32 30 30 3a 23 62 62 63 35 63 61 3b 2d 2d 67 72 61 79 2d 33 30 30 3a 23 39 38 61 38 61 66 3b 2d 2d 67 72 61 79 2d 34 30 30 3a 23 37 36 38 62 39 35 3b 2d 2d 67 72 61 79 2d 35 30 30 3a 23 35 34 36 65 37 61 3b 2d 2d 67 72 61 79 2d 36 30 30 3a 23 34 33 35 38 36 32 3b 2d 2d 67 72 61 79 2d 37 30 30 3a 23 33 32 34 32 34 39 3b 2d 2d 67 72 61 79 2d 38 30 30 3a 23 32 32 32 63 33 31 3b 2d 2d 67 72 61 79 2d
                                Data Ascii: 600:#435862;--surface-700:#324249;--surface-800:#222c31;--surface-900:#111618;--gray-50:#eef1f2;--gray-100:#dde2e4;--gray-200:#bbc5ca;--gray-300:#98a8af;--gray-400:#768b95;--gray-500:#546e7a;--gray-600:#435862;--gray-700:#324249;--gray-800:#222c31;--gray-
                                2024-04-24 23:18:57 UTC1369INData Raw: 79 61 6e 2d 39 30 30 3a 23 31 32 34 35 35 35 3b 2d 2d 70 69 6e 6b 2d 35 30 3a 23 66 64 66 34 66 39 3b 2d 2d 70 69 6e 6b 2d 31 30 30 3a 23 66 36 63 63 65 30 3b 2d 2d 70 69 6e 6b 2d 32 30 30 3a 23 65 65 61 33 63 37 3b 2d 2d 70 69 6e 6b 2d 33 30 30 3a 23 65 37 37 61 61 65 3b 2d 2d 70 69 6e 6b 2d 34 30 30 3a 23 64 66 35 32 39 36 3b 2d 2d 70 69 6e 6b 2d 35 30 30 3a 23 64 38 32 39 37 64 3b 2d 2d 70 69 6e 6b 2d 36 30 30 3a 23 62 38 32 33 36 61 3b 2d 2d 70 69 6e 6b 2d 37 30 30 3a 23 39 37 31 64 35 38 3b 2d 2d 70 69 6e 6b 2d 38 30 30 3a 23 37 37 31 37 34 35 3b 2d 2d 70 69 6e 6b 2d 39 30 30 3a 23 35 36 31 30 33 32 3b 2d 2d 69 6e 64 69 67 6f 2d 35 30 3a 23 66 34 66 36 66 64 3b 2d 2d 69 6e 64 69 67 6f 2d 31 30 30 3a 23 63 63 64 33 66 35 3b 2d 2d 69 6e 64 69 67 6f 2d
                                Data Ascii: yan-900:#124555;--pink-50:#fdf4f9;--pink-100:#f6cce0;--pink-200:#eea3c7;--pink-300:#e77aae;--pink-400:#df5296;--pink-500:#d8297d;--pink-600:#b8236a;--pink-700:#971d58;--pink-800:#771745;--pink-900:#561032;--indigo-50:#f4f6fd;--indigo-100:#ccd3f5;--indigo-
                                2024-04-24 23:18:57 UTC1369INData Raw: 38 32 34 31 30 3b 2d 2d 72 65 64 2d 37 30 30 3a 23 39 37 31 64 30 64 3b 2d 2d 72 65 64 2d 38 30 30 3a 23 37 37 31 37 30 61 3b 2d 2d 72 65 64 2d 39 30 30 3a 23 35 36 31 31 30 38 3b 2d 2d 70 72 69 6d 61 72 79 2d 35 30 3a 23 66 32 66 38 66 64 3b 2d 2d 70 72 69 6d 61 72 79 2d 31 30 30 3a 23 63 32 64 66 66 36 3b 2d 2d 70 72 69 6d 61 72 79 2d 32 30 30 3a 23 39 31 63 36 65 66 3b 2d 2d 70 72 69 6d 61 72 79 2d 33 30 30 3a 23 36 31 61 64 65 37 3b 2d 2d 70 72 69 6d 61 72 79 2d 34 30 30 3a 23 33 30 39 33 65 30 3b 2d 2d 70 72 69 6d 61 72 79 2d 35 30 30 3a 23 30 30 37 61 64 39 3b 2d 2d 70 72 69 6d 61 72 79 2d 36 30 30 3a 23 30 30 36 38 62 38 3b 2d 2d 70 72 69 6d 61 72 79 2d 37 30 30 3a 23 30 30 35 35 39 38 3b 2d 2d 70 72 69 6d 61 72 79 2d 38 30 30 3a 23 30 30 34 33 37
                                Data Ascii: 82410;--red-700:#971d0d;--red-800:#77170a;--red-900:#561108;--primary-50:#f2f8fd;--primary-100:#c2dff6;--primary-200:#91c6ef;--primary-300:#61ade7;--primary-400:#3093e0;--primary-500:#007ad9;--primary-600:#0068b8;--primary-700:#005598;--primary-800:#00437
                                2024-04-24 23:18:57 UTC1369INData Raw: 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 2c 20 22 41 70 70 6c 65 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 22 2c 20 22 53 65 67 6f 65 20 55 49 20 45 6d 6f 6a 69 22 2c 20 22 53 65 67 6f 65 20 55 49 20 53 79 6d 62 6f 6c 22 2c 20 22 4e 6f 74 6f 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 22 3b 2d 2d 62 73 2d 66 6f 6e 74 2d 6d 6f 6e 6f 73 70 61 63 65 3a 53 46 4d 6f 6e 6f 2d 52 65 67 75 6c 61 72 2c 20 4d 65 6e 6c 6f 2c 20 4d 6f 6e 61 63 6f 2c 20 43 6f 6e 73 6f 6c 61 73 2c 20 22 4c 69 62 65 72 61 74 69 6f 6e 20 4d 6f 6e 6f 22 2c 20 22 43 6f 75 72 69 65 72 20 4e 65 77 22 2c 20 6d 6f 6e 6f 73 70 61 63 65 3b 2d 2d 62 73 2d 67 72 61 64 69 65 6e 74 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 38 30 64 65 67 2c 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c
                                Data Ascii: al, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";--bs-font-monospace:SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace;--bs-gradient:linear-gradient(180deg, rgba(255, 255, 255,
                                2024-04-24 23:18:57 UTC1369INData Raw: 68 65 69 67 68 74 3a 31 2e 32 7d 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 63 61 6c 63 28 31 2e 33 37 35 72 65 6d 20 2b 20 31 2e 35 76 77 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 30 30 70 78 29 7b 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 35 72 65 6d 7d 7d 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 63 61 6c 63 28 31 2e 33 32 35 72 65 6d 20 2b 20 2e 39 76 77 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 30 30 70 78 29 7b 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 72 65 6d 7d 7d 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 63 61 6c 63 28 31 2e 33 72 65 6d 20 2b 20 2e 36 76 77 29 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 30 30 70 78 29 7b 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 35 72 65
                                Data Ascii: height:1.2}h1{font-size:calc(1.375rem + 1.5vw)}@media (min-width: 1200px){h1{font-size:2.5rem}}h2{font-size:calc(1.325rem + .9vw)}@media (min-width: 1200px){h2{font-size:2rem}}h3{font-size:calc(1.3rem + .6vw)}@media (min-width: 1200px){h3{font-size:1.75re
                                2024-04-24 23:18:57 UTC1369INData Raw: 20 20 20 20 20 20 20 76 61 72 20 68 65 61 64 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 27 68 65 61 64 27 29 5b 30 5d 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 63 73 73 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 6c 69 6e 6b 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 66 61 76 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 6c 69 6e 6b 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 73 73 2e 72 65 6c 20 3d 20 27 73 74 79 6c 65 73 68 65 65 74 27 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 73 73 2e 74 79 70 65 20 3d 20 27 74 65 78 74 2f 63 73 73 27 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 61 76 2e
                                Data Ascii: var head = document.getElementsByTagName('head')[0]; var css = document.createElement('link'); var fav = document.createElement('link'); css.rel = 'stylesheet'; css.type = 'text/css'; fav.
                                2024-04-24 23:18:57 UTC1369INData Raw: 61 73 68 62 6f 61 72 64 2e 64 6d 73 70 75 73 68 2e 63 6f 6d 27 20 7c 7c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 20 3d 3d 3d 20 27 64 65 6d 6f 2e 64 6d 73 70 75 73 68 2e 63 6f 6d 27 0a 20 20 20 20 20 20 20 20 20 20 20 20 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 73 73 2e 68 72 65 66 20 3d 20 27 63 6f 6e 74 65 6e 74 2f 63 73 73 2f 6c 6f 61 64 69 6e 67 2d 64 6d 73 2e 63 73 73 27 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 2f 66 61 76 2e 68 72 65 66 20 3d 20 27 66 61 76 69 63 6f 6e 2d 64 6d 73 2e 69 63 6f 27 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 69 66 20 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69
                                Data Ascii: ashboard.dmspush.com' || window.location.hostname.toLowerCase() === 'demo.dmspush.com' ) { css.href = 'content/css/loading-dms.css'; //fav.href = 'favicon-dms.ico'; } else if (window.locati
                                2024-04-24 23:18:57 UTC1369INData Raw: 75 6c 74 2d 6c 6f 67 6f 2d 62 6c 6f 63 6b 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 61 64 65 72 22 20 73 74 79 6c 65 3d 22 6c 65 66 74 3a 20 32 76 68 3b 20 74 6f 70 3a 20 30 3b 20 68 65 69 67 68 74 3a 20 32 76 68 3b 20 77 69 64 74 68 3a 20 30 3b 20 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 6c 69 64 65 31 20 31 73 20 6c 69 6e 65 61 72 20 66 6f 72 77 61 72 64 73 20 69 6e 66 69 6e 69 74 65 22 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 61 64 65 72 22 20 73 74 79 6c 65 3d 22 72 69 67 68 74 3a 20 30 3b 20 74 6f 70 3a 20 32 76 68 3b 20 77 69 64 74 68 3a 20 32 76 68 3b 20 68 65 69 67 68 74 3a 20 30 3b
                                Data Ascii: ult-logo-block" style="display: none"> <div class="loader" style="left: 2vh; top: 0; height: 2vh; width: 0; animation: slide1 1s linear forwards infinite"></div> <div class="loader" style="right: 0; top: 2vh; width: 2vh; height: 0;


                                Statistics

                                CPU Usage

                                Click to jump to process

                                Memory Usage

                                Click to jump to process

                                Behavior

                                Click to jump to process

                                System Behavior

                                General

                                Target ID:0
                                Start time:01:18:38
                                Start date:25/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                Imagebase:0x7ff684c40000
                                File size:3'242'272 bytes
                                MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:false

                                General

                                Target ID:2
                                Start time:01:18:41
                                Start date:25/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2380,i,10488771299582749174,9797868801963240454,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                Imagebase:0x7ff684c40000
                                File size:3'242'272 bytes
                                MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:false

                                General

                                Target ID:3
                                Start time:01:18:44
                                Start date:25/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fassouyatajadalravuij.blob.core.windows.net/fassouyatajadalravuij/1.html?KIUS8wH0YY7cB2NMwxGsVoa5iezV7W9cvLqamEPM8HdxqBLgYyX6Goh6aNwgjitRkRWLcAfZPzQwfAIRlIAPQ3jfogxjD1t9nA60#cl/26081_md/7/18507/5419/19036/1614238"
                                Imagebase:0x7ff684c40000
                                File size:3'242'272 bytes
                                MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:true

                                Disassembly

                                No disassembly