Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==

Overview

General Information

Sample URL:	https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==
Analysis ID:	1432136
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

HTML body contains low number of good links

Suspicious form URL found

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 3852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2472 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,4306642681312244959,14501220484676031705,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6380 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==

HTTP Parser: Number of links: 0

Source: https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==

HTTP Parser: Form action: download_faturamento.php

Source: https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==

HTTP Parser: <input type="password" .../> found

Source: https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==

HTTP Parser: No favicon

Source: https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==

HTTP Parser: No <meta name="author".. found

Source: https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.4:49760 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172

Source: global traffic	HTTP traffic detected: GET /download_faturamento.php?id=NjAxNg== HTTP/1.1Host: barela.sistemaitsseg.com.brConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/img/logo_itsseg_sistema.png HTTP/1.1Host: barela.sistemaitsseg.com.brConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _mbswebD=eyJpdiI6ImRaTmhkNlpGU041Q2hlWDdPR2xyRWc9PSIsInZhbHVlIjoiMFc4S3p0d2ZBNmcrbmJCcUlKSElRWlJ2akZDSG5tOGFBK3hyVXpGcTlJaVVoV2JVZ0kvNm9RcHUvbkl3UDdIS0pDS1p3eTJKakpPTTk2Rk0zRmtmUXkyODRLczg3Y0lXWkpSWStYNkQrSmpQRmJQdXE4aEZSRXc1ZXZzQ1pTb2giLCJtYWMiOiI4YjYxNmE5OTRhYmFmMGU1MDIzM2I0NWE0M2IzMDU2N2ZiNjEyZDdiZGVjOWMyMjliM2E5N2Y3MjRjOWNkODFlIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/5.15.1/css/all.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://barela.sistemaitsseg.com.brsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://barela.sistemaitsseg.com.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://barela.sistemaitsseg.com.brsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://barela.sistemaitsseg.com.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.5.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://barela.sistemaitsseg.com.brsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://barela.sistemaitsseg.com.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://barela.sistemaitsseg.com.brsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://barela.sistemaitsseg.com.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://barela.sistemaitsseg.com.brsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://barela.sistemaitsseg.com.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://barela.sistemaitsseg.com.brsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: barela.sistemaitsseg.com.brConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _mbswebD=eyJpdiI6ImRaTmhkNlpGU041Q2hlWDdPR2xyRWc9PSIsInZhbHVlIjoiMFc4S3p0d2ZBNmcrbmJCcUlKSElRWlJ2akZDSG5tOGFBK3hyVXpGcTlJaVVoV2JVZ0kvNm9RcHUvbkl3UDdIS0pDS1p3eTJKakpPTTk2Rk0zRmtmUXkyODRLczg3Y0lXWkpSWStYNkQrSmpQRmJQdXE4aEZSRXc1ZXZzQ1pTb2giLCJtYWMiOiI4YjYxNmE5OTRhYmFmMGU1MDIzM2I0NWE0M2IzMDU2N2ZiNjEyZDdiZGVjOWMyMjliM2E5N2Y3MjRjOWNkODFlIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /assets/img/logo_itsseg_sistema.png HTTP/1.1Host: barela.sistemaitsseg.com.brConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _mbswebD=eyJpdiI6ImRaTmhkNlpGU041Q2hlWDdPR2xyRWc9PSIsInZhbHVlIjoiMFc4S3p0d2ZBNmcrbmJCcUlKSElRWlJ2akZDSG5tOGFBK3hyVXpGcTlJaVVoV2JVZ0kvNm9RcHUvbkl3UDdIS0pDS1p3eTJKakpPTTk2Rk0zRmtmUXkyODRLczg3Y0lXWkpSWStYNkQrSmpQRmJQdXE4aEZSRXc1ZXZzQ1pTb2giLCJtYWMiOiI4YjYxNmE5OTRhYmFmMGU1MDIzM2I0NWE0M2IzMDU2N2ZiNjEyZDdiZGVjOWMyMjliM2E5N2Y3MjRjOWNkODFlIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: barela.sistemaitsseg.com.brConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _mbswebD=eyJpdiI6ImRaTmhkNlpGU041Q2hlWDdPR2xyRWc9PSIsInZhbHVlIjoiMFc4S3p0d2ZBNmcrbmJCcUlKSElRWlJ2akZDSG5tOGFBK3hyVXpGcTlJaVVoV2JVZ0kvNm9RcHUvbkl3UDdIS0pDS1p3eTJKakpPTTk2Rk0zRmtmUXkyODRLczg3Y0lXWkpSWStYNkQrSmpQRmJQdXE4aEZSRXc1ZXZzQ1pTb2giLCJtYWMiOiI4YjYxNmE5OTRhYmFmMGU1MDIzM2I0NWE0M2IzMDU2N2ZiNjEyZDdiZGVjOWMyMjliM2E5N2Y3MjRjOWNkODFlIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Y72UYATxxsAg21a&MD=W4ZoNTzP HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Y72UYATxxsAg21a&MD=W4ZoNTzP HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com

Source: global traffic	DNS traffic detected: DNS query: barela.sistemaitsseg.com.br
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: stackpath.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com

Source: chromecache_54.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_57.2.dr	String found in binary or memory: https://barela.sistemaitsseg.com.br/assets/img/logo_itsseg_sistema.png
Source: chromecache_57.2.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Source: chromecache_57.2.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Source: chromecache_57.2.dr	String found in binary or memory: https://code.jquery.com/jquery-3.5.1.min.js
Source: chromecache_49.2.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_49.2.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_53.2.dr, chromecache_50.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_53.2.dr, chromecache_50.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_53.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_57.2.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Source: chromecache_57.2.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.4:49760 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/19@12/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,4306642681312244959,14501220484676031705,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg=="
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,4306642681312244959,14501220484676031705,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Obfuscated Files or Information	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==	0%	Virustotal		Browse
https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://barela.sistemaitsseg.com.br/assets/img/logo_itsseg_sistema.png	0%	Avira URL Cloud	safe
https://barela.sistemaitsseg.com.br/favicon.ico	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
stackpath.bootstrapcdn.com	104.18.11.207	true	false		high
code.jquery.com	151.101.66.137	true	false		high
cdnjs.cloudflare.com	104.17.25.14	true	false		high
barela.sistemaitsseg.com.br	52.67.16.6	true	false		unknown
www.google.com	142.250.217.164	true	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js	false		high
https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==	false		unknown
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css	false		high
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js	false		high
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css	false		high
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2	false		high
https://code.jquery.com/jquery-3.5.1.min.js	false		high
https://barela.sistemaitsseg.com.br/assets/img/logo_itsseg_sistema.png	false	Avira URL Cloud: safe	unknown
https://barela.sistemaitsseg.com.br/favicon.ico	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://fontawesome.com	chromecache_49.2.dr	false		high
https://github.com/twbs/bootstrap/graphs/contributors)	chromecache_53.2.dr	false		high
https://github.com/twbs/bootstrap/blob/master/LICENSE)	chromecache_53.2.dr, chromecache_50.2.dr	false		high
http://opensource.org/licenses/MIT).	chromecache_54.2.dr	false		high
https://getbootstrap.com/)	chromecache_53.2.dr, chromecache_50.2.dr	false		high
https://fontawesome.com/license/free	chromecache_49.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
104.18.11.207	stackpath.bootstrapcdn.com	United States		13335	CLOUDFLARENETUS	false
142.250.217.164	www.google.com	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
151.101.66.137	code.jquery.com	United States		54113	FASTLYUS	false
52.67.16.6	barela.sistemaitsseg.com.br	United States		16509	AMAZON-02US	false
104.17.25.14	cdnjs.cloudflare.com	United States		13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.8
192.168.2.16
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1432136
Start date and time:	2024-04-26 15:14:39 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 6s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean1.win@17/19@12/10
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.189.131, 142.250.189.142, 74.125.196.84, 34.104.35.123, 142.250.64.138, 142.250.189.138, 142.250.217.202, 142.250.217.234, 172.217.2.202, 142.250.217.170, 192.178.50.74, 192.178.50.42, 172.217.165.202, 23.45.182.97, 192.229.211.108, 172.217.165.195, 192.178.50.78
Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 49

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (59158)
Category:	downloaded
Size (bytes):	59344
Entropy (8bit):	4.717034908797126
Encrypted:	false
SSDEEP:	768:OEh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bft6VSzl:OE0PxXE4YXJgndFTfy9lt5B
MD5:	B227B1617A1763C8BC056772F05482B4
SHA1:	C508528FEB9FD540454F838653CD4863B290DF2E
SHA-256:	AF1E6EDC875A382B338BB25BD7C5C3F474A7F1B36212002A5896DD06F2186325
SHA-512:	FB8CC22BD93EA8D1544795FE70A2FD10847E64E86D225A0D97D188292E7B57533236C62961C52B51E41CF6F35FCEC59F576F0868B2F78BDE8FF6C74DC9E46CB0
Malicious:	false
Reputation:	low
URL:	https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Preview:	/!. Font Awesome Free 5.15.1 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */..fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pu

Chrome Cache Entry: 50

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65324)
Category:	downloaded
Size (bytes):	155758
Entropy (8bit):	5.06621719317054
Encrypted:	false
SSDEEP:	1536:b/xImT+IcCQYYDnDEBi83NcuSEk/ekX/uKiq3SYiLENM6HN26F:b/Riz7G3q3SYiLENM6HN26F
MD5:	A15C2AC3234AA8F6064EF9C1F7383C37
SHA1:	6E10354828454898FDA80F55F3DECB347FD9ED21
SHA-256:	60B19E5DA6A9234FF9220668A5EC1125C157A268513256188EE80F2D2C8D8D36
SHA-512:	B435CF71A9AE66C59677A3AC285C87EA702A87F32367FE5893CF13E68F9A31FCA0A8D14F6A7D692F23C5027751CE63961CA4FE8D20F35A926FF24AE3EB1D4B30
Malicious:	false
Reputation:	low
URL:	https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Preview:	/!. Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors. * Copyright 2011-2019 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). /:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace},::after,::before{box-sizing:

Chrome Cache Entry: 51

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 80300, version 331.-31392
Category:	downloaded
Size (bytes):	80300
Entropy (8bit):	7.997228177449401
Encrypted:	true
SSDEEP:	1536:Tek2SzK4WGTQH1GlyGLj3SUwtyIWeOo4XyydPl2mN4fsxDFsbaLsND1Vv08:ak2gTQVGLL7IyDelE7dPZ35FeND19
MD5:	8E1ED89B6CCB8CE41FAF5CB672677105
SHA1:	9B592048B9062B00F0B2DD782D70A95B7DC69B83
SHA-256:	6B555920E358F8A25A422988B448615C33BCCCB4F932E8331CEBFC8E2A737FC7
SHA-512:	E2F6B4574CB1541DFF6852D0AF44FAAE80286110E8451841EADE4B53EBDF31150602640FE1BDFFF41459EA4AE884D14D115FBC93B30D199C87B88F5D07E4CD72
Malicious:	false
Reputation:	low
URL:	https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
Preview:	wOF2......9...........9R.K.`....................?FFTM....`..N.....`..@.6.$..0..4.. ..+...[2{..2.Q2...L4n.+..;.....E..t..;..J...qe......h.9..u.c..GR....u..C.!...\.Z......8.U.:a.......5/}.:...<;v..3ZE.4..chz....Y,.N#.:..!..~.RQk.b..>L..O..(.!.&.........^.J2D2D2..............n5z..)....%.L.<M...2..Q.K.y.....}...{...v.T...".......N.<..j.......e(..8G..,...\n..\n.\....#.H.i.n...,....F2...5cn5..W.\|.FI.....=.:.]ME...d.....-..........-........`.=...O......w..........UN..!Y.D.p.3..j8G.R...}.yY@.n.d.f....Tt\|.O.%..y...Y..........u.~..N.../.8....#r.6j.......hcXyS)....f.~F.Y......=.Q}C...SPA.....@.T...0.\..M..e.....O[VZic}...m..._Y.....n..{.)..[.4D...~94......'.<...1M."..O.....OK......g"..S.Wk.....PJ.H.........+F.GB..!d.180...{.!...n.....)..OKj.6...7&.k.....,..qu.....n;D...<....H]....3.......v...D.....F.F..... .....G..89$.........jj.A.J?.X......C.?..n...B....~b....)0Dm.k.'.Y....c.7<.K.....\|...F.I?o_.....]aAS/.!." ..E....Tod..........n.\.

Chrome Cache Entry: 52

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	32
Entropy (8bit):	4.413909765557392
Encrypted:	false
SSDEEP:	3:HwlDKthUjn:QlqCj
MD5:	F11D1B8A8430C952E6B429007F72595F
SHA1:	3B5AD1842AD3409DD0F929738E91C882A90FB854
SHA-256:	87D251DF6F7F8F2C3690842DBB30B6967D94167215914362FA664167603CB899
SHA-512:	9630C3FD9DAE2AC530B1EA5B616AA673F84E64264D8ECA2455C257452FDD5022BDF515DF9DF99BB015ED867EFC56188AFAE9CA314D6772BB9153EE292B9E2367
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAlY0B2Nk__WGBIFDc5BTHoSEAlgZGdKKFsduxIFDXhvEhk=?alt=proto
Preview:	CgkKBw3OQUx6GgAKCQoHDXhvEhkaAA==

Chrome Cache Entry: 53

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (57791)
Category:	downloaded
Size (bytes):	58072
Entropy (8bit):	5.247960089226309
Encrypted:	false
SSDEEP:	768:5NYyDyKAmHVaS3m3Dqp0NwCkXDtdFDLmTV+miDNJcJiQMRqyPiYtB6UvcCg8YGk:5NTKktDLmTF8yJL45XtHjoGk
MD5:	E1D98D47689E00F8ECBC5D9F61BDB42E
SHA1:	6778FED3CF095A318141A31F455C8F4663885BDE
SHA-256:	0A34A87842C539C1F4FEEC56BBA982FD596B73500046A6E6FE38A22260C6577B
SHA-512:	021E615983F30EC5477FD8B611E8C5045AC6D9900F9A9BB8649B56E0C7D282965A727F8CF501C3B7E1DDFF02F5B44924D5481BCEA7A926BE8A9E166314A07ED0
Malicious:	false
Reputation:	low
URL:	https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Preview:	/!. Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t=t\|\|self).bootstrap={},t.jQuery,t.Popper)}(this,function(t,g,u){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(o){for(var t=1;t<arguments.length;t++){var r=null!=arguments[t]?arguments[t]:{},e=Object.keys(r);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(r).filter(function(t){return Object.getOwnPropertyDescriptor

Chrome Cache Entry: 54

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (20831)
Category:	downloaded
Size (bytes):	21004
Entropy (8bit):	5.2169391810760875
Encrypted:	false
SSDEEP:	384:kmQkLrwVOyzirVyKnxRsIB9Db5HjiWn8xHOxvRVgD75zBY5vImg3FzGpL9ARdOgS:vLsgyziJp3Db5OxHOxvYD73Y5vQzyL9p
MD5:	56456DB9D72A4B380ED3CB63095E6022
SHA1:	6DBCE88AEE15B42F29083DF7A07513CF3B486BA0
SHA-256:	66F3A07E1FA9B64A686B66381E4458DBC8ABF3DBBFF954720C4EEC07B84411C2
SHA-512:	E56BD96B837B26ADD354D0A9E2B8DC04C95CEA94F7959EE05718ED23A224296FAE22D49AFAB160B45963BD99C2C501A3F12517E431EB68A13A327FF8B262B50A
Malicious:	false
Reputation:	low
URL:	https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Preview:	/. Copyright (C) Federico Zivolo 2019. Distributed under the MIT License (license terms are at http://opensource.org/licenses/MIT).. /(function(e,t){'object'==typeof exports&&'undefined'!=typeof module?module.exports=t():'function'==typeof define&&define.amd?define(t):e.Popper=t()})(this,function(){'use strict';function e(e){return e&&'[object Function]'==={}.toString.call(e)}function t(e,t){if(1!==e.nodeType)return[];var o=e.ownerDocument.defaultView,n=o.getComputedStyle(e,null);return t?n[t]:n}function o(e){return'HTML'===e.nodeName?e:e.parentNode\|\|e.host}function n(e){if(!e)return document.body;switch(e.nodeName){case'HTML':case'BODY':return e.ownerDocument.body;case'#document':return e.body;}var i=t(e),r=i.overflow,p=i.overflowX,s=i.overflowY;return /(auto\|scroll\|overlay)/.test(r+s+p)?e:n(o(e))}function r(e){return 11===e?pe:10===e?se:pe\|\|se}function p(e){if(!e)return document.documentElement;for(var o=r(10)?document.body:null,n=e.offsetParent\|\|null;n===o&&e.nextElementSibling;)n

Chrome Cache Entry: 55

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 240 x 111, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	6675
Entropy (8bit):	7.945967029827464
Encrypted:	false
SSDEEP:	96:+fEgtaZw14m0lc1/tpBpz2rEvY2VzeL1yXlAI+oR+9CoUk+G4nl4Zs+g4BLOp6cI:+cTk4m2E/ZYEvYoeL1yaW+Crnl4wWLgU
MD5:	6FEF0A201C06586939C4C23BCFB3989B
SHA1:	D16E05C244431F38D7F05C5A6E4DB95C6D56C4F2
SHA-256:	82C7A8847980D30F5FDAA8E7614F8E74E8F2C58675C91D981B91728E8C92966C
SHA-512:	FB1F75EAA33646CE4E167796B57B1B227F5F18FC7C5C6FD0246145307358F175455D1FFEFCEEB91EFD58297E83F4D07FCB8C1054D77E8E31F94E7D32FCF389BD
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......o......eM.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........&.?....tIME........?.....IDATx..y..U..?....lD.F...D.b..T@...........:......=n..#...(.(....:..@...J.JB...t...u..?~...W.]U].]...9}NR.}.V........~.....`0.....`0.....`0.....p0.:.8..B}.....]6.b....B..qm.~5....m$Z.u.k..%.2.u..........)`.......'....x..$F...8....a...Z.T....@..h...w...p...x...m.lH"....p..<.8.8.8..hQ..M...._!.....!It\...M......DF.L..5.....p.2B...0B6$....C.Y.y.....c..l..?........1B6t....%..p6.6...Dn.q....D.S.7.........u......qFu.y.F.?...7....m.v...x..~..N......j.@......E.....\|......n.....!......].T..&.....w..cf#p9.}.A!F.V.2...E.T...:}.-".\|.~M{......%.v.w.b2...7..QA..........ZE..v.w.2"....J07...v.....ZA..r.w1......q.....F...Z......]..\.\|.I....-....M...3.........J...`.;b88.E...*$..........f.6.K.s`........a.....u.... .9.3....^.#....3...).;n.y..[...r.c8.Z.C.D..k.y...N_L..\|...S.3....'.6N..E..6.....3j.o...v....c..

Chrome Cache Entry: 56

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 240 x 111, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	6675
Entropy (8bit):	7.945967029827464
Encrypted:	false
SSDEEP:	96:+fEgtaZw14m0lc1/tpBpz2rEvY2VzeL1yXlAI+oR+9CoUk+G4nl4Zs+g4BLOp6cI:+cTk4m2E/ZYEvYoeL1yaW+Crnl4wWLgU
MD5:	6FEF0A201C06586939C4C23BCFB3989B
SHA1:	D16E05C244431F38D7F05C5A6E4DB95C6D56C4F2
SHA-256:	82C7A8847980D30F5FDAA8E7614F8E74E8F2C58675C91D981B91728E8C92966C
SHA-512:	FB1F75EAA33646CE4E167796B57B1B227F5F18FC7C5C6FD0246145307358F175455D1FFEFCEEB91EFD58297E83F4D07FCB8C1054D77E8E31F94E7D32FCF389BD
Malicious:	false
Reputation:	low
URL:	https://barela.sistemaitsseg.com.br/assets/img/logo_itsseg_sistema.png
Preview:	.PNG........IHDR.......o......eM.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........&.?....tIME........?.....IDATx..y..U..?....lD.F...D.b..T@...........:......=n..#...(.(....:..@...J.JB...t...u..?~...W.]U].]...9}NR.}.V........~.....`0.....`0.....`0.....p0.:.8..B}.....]6.b....B..qm.~5....m$Z.u.k..%.2.u..........)`.......'....x..$F...8....a...Z.T....@..h...w...p...x...m.lH"....p..<.8.8.8..hQ..M...._!.....!It\...M......DF.L..5.....p.2B...0B6$....C.Y.y.....c..l..?........1B6t....%..p6.6...Dn.q....D.S.7.........u......qFu.y.F.?...7....m.v...x..~..N......j.@......E.....\|......n.....!......].T..&.....w..cf#p9.}.A!F.V.2...E.T...:}.-".\|.~M{......%.v.w.b2...7..QA..........ZE..v.w.2"....J07...v.....ZA..r.w1......q.....F...Z......]..\.\|.I....-....M...3.........J...`.;b88.E...*$..........f.6.K.s`........a.....u.... .9.3....^.#....3...).;n.y..[...r.c8.Z.C.D..k.y...N_L..\|...S.3....'.6N..E..6.....3j.o...v....c..

Chrome Cache Entry: 57

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text
Category:	downloaded
Size (bytes):	8813
Entropy (8bit):	4.594814181491514
Encrypted:	false
SSDEEP:	96:ZQxMmohkC3rwRtXcKeFu9u71Ehe7yFVsrABHOqOQ1RwMe2hM:ZQxLo2euiKe0dOyrsruHOq91mKhM
MD5:	7849D11775C88C9C05F5FEA4D89CC108
SHA1:	7BF02C219A14E7FC4330B8585D69577C9CE64807
SHA-256:	B66E2FEA15CCBFEDDB4E15F1BAFDA2690D4A8697D6CA3750F95501EA47A8D781
SHA-512:	3019FB5FEFEB6CC5FA762D62083448CD3BD2D9D72B7C4BDAF477E75C1D019F09EE48DA589A6FD229C2869EB389144FD20CB239C53FA658F8B8E6B1181CA0AB8E
Malicious:	false
Reputation:	low
URL:	https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg==
Preview:	<html lang="pt-BR">..<head>. <meta charset="utf-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta name="viewport" content="width=device-width, initial-scale=1">. <title>Baixar Anexo faturamento - It'sSeg</title>. <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">. <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css" integrity="sha512-+4zCK9k+qNFUR5X+cKL9EIR+ZOhtIloNl9GIKS57V1MyNsYpYcUrUeQc9vNfzsWfV28IaLL3i96P9sdNyeRssA==" crossorigin="anonymous" />. <style type="text/css">. .login-form {. width: 480px;. margin: 50px auto;. text-align: center;. }.. .login-form form {. margin-bottom: 15px;. background: #f7f7f7;. box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3);.

Chrome Cache Entry: 58

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65451)
Category:	downloaded
Size (bytes):	89476
Entropy (8bit):	5.2896589255084425
Encrypted:	false
SSDEEP:	1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1
MD5:	DC5E7F18C8D36AC1D3D4753A87C98D0A
SHA1:	C8E1C8B386DC5B7A9184C763C88D19A346EB3342
SHA-256:	F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
SHA-512:	6CB4F4426F559C06190DF97229C05A436820D21498350AC9F118A5625758435171418A022ED523BAE46E668F9F8EA871FEAB6AFF58AD2740B67A30F196D65516
Malicious:	false
Reputation:	low
URL:	https://code.jquery.com/jquery-3.5.1.min.js
Preview:	/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 26, 2024 15:15:26.855056047 CEST	49675	443	192.168.2.4	173.222.162.32
Apr 26, 2024 15:15:36.464368105 CEST	49675	443	192.168.2.4	173.222.162.32
Apr 26, 2024 15:15:38.767467022 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:38.767510891 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:38.767587900 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:38.768134117 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:38.768181086 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:38.768254995 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:38.768405914 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:38.768419027 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:38.768714905 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:38.768733978 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.241941929 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.246124029 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.251681089 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.251710892 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.251952887 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.251992941 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.252829075 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.252887964 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.253216982 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.253278017 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.339946985 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.340398073 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.350016117 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.350079060 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.350337029 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.350550890 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.401941061 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.401977062 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.448317051 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.492330074 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.808763027 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.808831930 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.808854103 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.808903933 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.808912992 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.808922052 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.808985949 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.809020996 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.809020996 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.809052944 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.809067965 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.809143066 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:39.809199095 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.810241938 CEST	49737	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:39.810271978 CEST	443	49737	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:40.099833012 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:40.144112110 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:40.223773003 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:40.223808050 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:40.223906994 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:40.224558115 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:40.224567890 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:40.231573105 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:40.231611967 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:40.231673002 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:40.231765032 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:40.231798887 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:40.231847048 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:40.232345104 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:40.232359886 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:40.232794046 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:40.232810974 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:40.233580112 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:40.233598948 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:40.233649969 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:40.233977079 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:40.234004021 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:40.234049082 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:40.234406948 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:40.234416962 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:40.234739065 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:40.234750032 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:40.235357046 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:40.235373020 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:40.235420942 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:40.235702991 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:40.235713959 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:40.339508057 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:40.339550018 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:40.339572906 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:40.339622974 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:40.339679003 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:40.339705944 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:40.339714050 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:40.339767933 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:40.341118097 CEST	49736	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:40.341151953 CEST	443	49736	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:40.502237082 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:40.502401114 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:40.504496098 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:40.510768890 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:40.528800964 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:40.562349081 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:40.562494040 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:40.594485044 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:40.594508886 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:40.594511986 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:40.594512939 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:40.768141985 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:40.771099091 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:41.675858974 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:41.675879002 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:41.676006079 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.676031113 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.676107883 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.676125050 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.676305056 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.676333904 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.676532030 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.676549911 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.676753044 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.676825047 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.677093029 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:41.677151918 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:41.677491903 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.677508116 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.677548885 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.677764893 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.677783012 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.677788019 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.677805901 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.677819014 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.677855968 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.678345919 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.678364038 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.678415060 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.680558920 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.680592060 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.680624962 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.698807001 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:41.698995113 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:41.722251892 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.722438097 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.722500086 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.722716093 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.722887993 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.723117113 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.723196030 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.723278046 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.723330021 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.723345995 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.723433971 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.723579884 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.723675966 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.723699093 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.723715067 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.723727942 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.723820925 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.723836899 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.723856926 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.723869085 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.765840054 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.815227032 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:41.815242052 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.815243959 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.815254927 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:41.815265894 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.815270901 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.859569073 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.859627008 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.859673023 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.859707117 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.859721899 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.859761953 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.859771967 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.859819889 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.859826088 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.859869003 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.859873056 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.859885931 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.859915972 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.859987974 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860030890 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.860035896 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860049009 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860095024 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.860105991 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860232115 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860275030 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.860280991 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860387087 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860413074 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860455036 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.860456944 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860492945 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860507965 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.860527992 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860569000 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860572100 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.860583067 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860625982 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.860632896 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.860969067 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.861011028 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.861011982 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.861023903 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.861066103 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.861072063 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.861653090 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.861876011 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.861917973 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.861926079 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.861975908 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.862010956 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.862020016 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.862025976 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.862067938 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.862075090 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.862521887 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862523079 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.862571955 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862571001 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.862591028 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.862603903 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862613916 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.862622023 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862670898 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.862670898 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862679958 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862724066 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.862726927 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862735033 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862768888 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862776041 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.862781048 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862798929 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.862818956 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.862823009 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.862854004 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.862860918 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.862941980 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.862981081 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.862987995 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.863219023 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.863248110 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.863257885 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.863266945 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.863306046 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.863310099 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.864564896 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.864603996 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.864617109 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.864625931 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.864677906 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.864684105 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.864960909 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.864990950 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.865000010 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.865010977 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.865052938 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.865056992 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.865160942 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.865191936 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.865204096 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.865212917 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.865252972 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.865259886 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.865319967 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.865334034 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.865358114 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.865362883 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.865391016 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.865397930 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.865447998 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.865474939 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.865484953 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.865489006 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.865528107 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.865662098 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.865698099 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.865705967 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.865712881 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.865755081 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.865760088 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.865978003 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.866157055 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.866193056 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.866194963 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.866203070 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.866255045 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.866261005 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.866522074 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.866564035 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.866570950 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.866645098 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.866686106 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.866687059 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.866698980 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.866736889 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.866879940 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.866949081 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.866991997 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867007017 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.867028952 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867073059 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.867082119 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867233038 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867273092 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.867280960 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867369890 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867397070 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867413998 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.867418051 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867490053 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867518902 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.867537975 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867537975 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.867552042 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867616892 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.867624044 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867660046 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.867667913 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.867711067 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.867719889 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.867748022 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.867786884 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.867937088 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867984056 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.867989063 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.867995024 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868046999 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.868052959 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868060112 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868139982 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868166924 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868179083 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.868185997 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868221998 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.868380070 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.868432999 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.868439913 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.868520021 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:41.868563890 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:41.868792057 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868837118 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.868843079 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868877888 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868889093 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868930101 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868931055 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.868942022 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.868983030 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.868995905 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.869033098 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.869034052 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.869041920 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.869083881 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.869785070 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.869860888 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.869900942 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.869908094 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.869914055 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.869947910 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.869956017 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.870003939 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.870701075 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.870798111 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.870841026 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.870845079 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.870851994 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.870902061 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.870908022 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.871669054 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.871711016 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.871717930 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.871722937 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.871782064 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.871783018 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.871803045 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.871848106 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.871856928 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.872612000 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.872701883 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.872745991 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.872745991 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.872756958 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.872793913 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.873550892 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.873634100 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.873677969 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.873680115 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.873691082 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.873728037 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.873733997 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.874552011 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.874604940 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.874610901 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.874672890 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.874718904 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.876436949 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.876487017 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.876501083 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.881165981 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.881226063 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.881241083 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.885917902 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.885976076 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.885989904 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.914028883 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.914041996 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.914063931 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.914072990 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.914078951 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.914087057 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.914113045 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.914143085 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.914154053 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:41.914177895 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:41.916399956 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:41.987699986 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.987773895 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.988317013 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.988362074 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.988362074 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.988373041 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.988404989 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.989288092 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.989442110 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.989453077 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.989492893 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.990017891 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.990082026 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.990133047 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.990189075 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.990590096 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.990648031 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.991380930 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.991430044 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.991488934 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.991538048 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.992244005 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.992290020 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.993170977 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.993201971 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.993223906 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.993233919 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.993267059 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.993283987 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.994151115 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.994204044 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.994995117 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.995050907 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.995052099 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.995063066 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.995100975 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.995935917 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.996000051 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.996934891 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.996974945 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.996999025 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.997009039 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:41.997020006 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:41.997046947 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.014040947 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.014096022 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.014111042 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.014134884 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.014259100 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:42.014259100 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:42.014278889 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.037872076 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.037884951 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.037925959 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.037945032 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.037960052 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.037981033 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.038050890 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:42.038074017 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.038222075 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:42.056252956 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.056273937 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.056315899 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.056334972 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.056349993 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:42.056377888 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.056408882 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:42.063604116 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.063625097 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.063798904 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:42.063817024 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.063839912 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.063994884 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:42.112977982 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:42.113040924 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.113329887 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:42.113375902 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.113389015 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:42.113435030 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.114411116 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:42.114466906 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.115134001 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:42.115183115 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.115859985 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:42.115907907 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.115919113 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:42.115993977 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:42.116031885 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.257683039 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.268198967 CEST	49739	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.268235922 CEST	443	49739	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:42.281124115 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:42.283540964 CEST	49741	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:42.283566952 CEST	443	49741	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:42.291093111 CEST	49742	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:42.291119099 CEST	443	49742	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:42.365560055 CEST	49740	443	192.168.2.4	104.18.11.207
Apr 26, 2024 15:15:42.365587950 CEST	443	49740	104.18.11.207	192.168.2.4
Apr 26, 2024 15:15:42.375109911 CEST	49743	443	192.168.2.4	151.101.66.137
Apr 26, 2024 15:15:42.375128031 CEST	443	49743	151.101.66.137	192.168.2.4
Apr 26, 2024 15:15:42.611296892 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:42.611335039 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:42.611392975 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:42.612010956 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:42.612025023 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:42.880541086 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:42.885612965 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:42.885632038 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:42.886007071 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:42.891063929 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:42.891122103 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:42.891518116 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:42.936121941 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.146722078 CEST	49747	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.146764040 CEST	443	49747	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.146841049 CEST	49747	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.148927927 CEST	49747	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.148948908 CEST	443	49747	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.182969093 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183011055 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183039904 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183060884 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.183064938 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183089972 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183106899 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.183131933 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183168888 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183181047 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.183187962 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183224916 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.183547974 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183609009 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183645010 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.183650970 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183662891 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.183705091 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.184458971 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.184508085 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.184549093 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.184557915 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.184588909 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.184631109 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.184638023 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.185441017 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.185489893 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.185497046 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.185573101 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.185611963 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.185619116 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.186381102 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.186428070 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.186433077 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.186443090 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.186485052 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.186491013 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.187321901 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.187370062 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.187380075 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.187416077 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.187465906 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.187474012 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.187510014 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.187551975 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.187557936 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.188380957 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.188426971 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.188426971 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.188438892 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.188483000 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.188491106 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.189424992 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.189476967 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.189483881 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.189548969 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.189577103 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.189594984 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.189600945 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.189644098 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.190376043 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.191291094 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.191350937 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.191356897 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.301984072 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.308238983 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.308254004 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.308322906 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.308336020 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.308381081 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.308444023 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.308451891 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.308502913 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.309103966 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.309112072 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.309159040 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.309906960 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.309915066 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.309967995 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.310082912 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.310090065 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.310138941 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.310147047 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.310161114 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.310211897 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.310396910 CEST	49745	443	192.168.2.4	104.17.25.14
Apr 26, 2024 15:15:43.310411930 CEST	443	49745	104.17.25.14	192.168.2.4
Apr 26, 2024 15:15:43.407102108 CEST	443	49747	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.407201052 CEST	49747	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.410983086 CEST	49747	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.411017895 CEST	443	49747	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.411336899 CEST	443	49747	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.589541912 CEST	49747	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.590164900 CEST	49748	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:43.590240955 CEST	443	49748	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:43.590338945 CEST	49748	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:43.590985060 CEST	49748	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:43.591007948 CEST	443	49748	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:43.650544882 CEST	49747	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.696115971 CEST	443	49747	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.776613951 CEST	443	49747	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.776704073 CEST	443	49747	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.776772022 CEST	49747	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.778089046 CEST	49747	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.778105021 CEST	443	49747	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.778115034 CEST	49747	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.778120995 CEST	443	49747	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.907525063 CEST	49749	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.907576084 CEST	443	49749	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:43.907695055 CEST	49749	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.908524036 CEST	49749	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:43.908539057 CEST	443	49749	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:44.064794064 CEST	443	49748	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:44.135580063 CEST	49748	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:44.162337065 CEST	443	49749	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:44.162415981 CEST	49749	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:46.785140038 CEST	49748	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:46.785190105 CEST	443	49748	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:46.785636902 CEST	49750	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:46.785696983 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:46.785773993 CEST	49750	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:46.785916090 CEST	443	49748	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:46.786138058 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:46.786179066 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:46.786236048 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:46.786339045 CEST	49750	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:46.786351919 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:46.786621094 CEST	49748	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:46.786720037 CEST	443	49748	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:46.786768913 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:46.786782026 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:46.786910057 CEST	49748	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:46.828119993 CEST	443	49748	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.096445084 CEST	49749	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:47.096477985 CEST	443	49749	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:47.096899033 CEST	443	49749	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:47.100162983 CEST	49749	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:47.148123980 CEST	443	49749	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:47.228037119 CEST	443	49749	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:47.228137970 CEST	443	49749	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:47.228190899 CEST	49749	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:47.249504089 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.250299931 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.250319958 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.251637936 CEST	49749	443	192.168.2.4	23.204.76.112
Apr 26, 2024 15:15:47.251661062 CEST	443	49749	23.204.76.112	192.168.2.4
Apr 26, 2024 15:15:47.251750946 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.251821041 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.252835989 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.252913952 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.253559113 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.253570080 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.256285906 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.256684065 CEST	49750	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.256700993 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.257700920 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.257761002 CEST	49750	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.258167982 CEST	49750	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.258229017 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.296130896 CEST	443	49748	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.296221018 CEST	443	49748	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.296272993 CEST	49748	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.338046074 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.382296085 CEST	49750	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.382327080 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.419298887 CEST	49748	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.419380903 CEST	443	49748	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.486337900 CEST	49750	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.528130054 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.707781076 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.707851887 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.707871914 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.707911968 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.707941055 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.707967043 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.707983971 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.708053112 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.708112001 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.709156036 CEST	49751	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.709176064 CEST	443	49751	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.723376989 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.723459005 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:47.723525047 CEST	49750	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.724270105 CEST	49750	443	192.168.2.4	52.67.16.6
Apr 26, 2024 15:15:47.724287033 CEST	443	49750	52.67.16.6	192.168.2.4
Apr 26, 2024 15:15:49.311712027 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:49.311749935 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:49.311949968 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:49.312952995 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:49.312967062 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:49.809350967 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:49.809433937 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:49.812994957 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:49.813005924 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:49.813436985 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:49.916532993 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:50.268642902 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:50.316121101 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.552072048 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:50.552143097 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:50.552278042 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:50.589267969 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.589297056 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.589306116 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.589319944 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.589329004 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.589334965 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.589366913 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:50.589397907 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.589411974 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:50.589505911 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.589514971 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.589605093 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.589631081 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:50.592509985 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:50.601598978 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:50.601614952 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:50.601680994 CEST	49755	443	192.168.2.4	13.85.23.86
Apr 26, 2024 15:15:50.601686954 CEST	443	49755	13.85.23.86	192.168.2.4
Apr 26, 2024 15:15:51.793746948 CEST	49738	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:15:51.793770075 CEST	443	49738	142.250.217.164	192.168.2.4
Apr 26, 2024 15:15:52.006019115 CEST	49723	80	192.168.2.4	199.232.214.172
Apr 26, 2024 15:15:52.141949892 CEST	80	49723	199.232.214.172	192.168.2.4
Apr 26, 2024 15:15:52.142000914 CEST	80	49723	199.232.214.172	192.168.2.4
Apr 26, 2024 15:15:52.142060041 CEST	49723	80	192.168.2.4	199.232.214.172
Apr 26, 2024 15:16:27.203270912 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:27.203305960 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:27.203392982 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:27.203947067 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:27.203962088 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:27.850383043 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:27.850470066 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:27.873460054 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:27.873488903 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:27.873735905 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:27.892016888 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:27.932157040 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:28.460052013 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:28.460081100 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:28.460098028 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:28.460134983 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:28.460148096 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:28.460175037 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:28.460196972 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:28.460196972 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:28.460206985 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:28.460218906 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:28.460241079 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:28.460254908 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:28.460273027 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:28.460331917 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:28.464695930 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:28.464695930 CEST	49760	443	192.168.2.4	20.114.59.183
Apr 26, 2024 15:16:28.464713097 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:28.464721918 CEST	443	49760	20.114.59.183	192.168.2.4
Apr 26, 2024 15:16:40.132245064 CEST	49762	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:16:40.132291079 CEST	443	49762	142.250.217.164	192.168.2.4
Apr 26, 2024 15:16:40.132385015 CEST	49762	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:16:40.132699966 CEST	49762	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:16:40.132709980 CEST	443	49762	142.250.217.164	192.168.2.4
Apr 26, 2024 15:16:40.477659941 CEST	443	49762	142.250.217.164	192.168.2.4
Apr 26, 2024 15:16:40.478084087 CEST	49762	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:16:40.478105068 CEST	443	49762	142.250.217.164	192.168.2.4
Apr 26, 2024 15:16:40.478864908 CEST	443	49762	142.250.217.164	192.168.2.4
Apr 26, 2024 15:16:40.480079889 CEST	49762	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:16:40.480191946 CEST	443	49762	142.250.217.164	192.168.2.4
Apr 26, 2024 15:16:40.526458979 CEST	49762	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:16:41.188978910 CEST	49724	80	192.168.2.4	199.232.214.172
Apr 26, 2024 15:16:41.320259094 CEST	80	49724	199.232.214.172	192.168.2.4
Apr 26, 2024 15:16:41.320277929 CEST	80	49724	199.232.214.172	192.168.2.4
Apr 26, 2024 15:16:41.320378065 CEST	49724	80	192.168.2.4	199.232.214.172
Apr 26, 2024 15:16:50.445997000 CEST	443	49762	142.250.217.164	192.168.2.4
Apr 26, 2024 15:16:50.446074009 CEST	443	49762	142.250.217.164	192.168.2.4
Apr 26, 2024 15:16:50.446268082 CEST	49762	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:16:51.794146061 CEST	49762	443	192.168.2.4	142.250.217.164
Apr 26, 2024 15:16:51.794179916 CEST	443	49762	142.250.217.164	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 26, 2024 15:15:35.538657904 CEST	53	54545	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:35.561113119 CEST	53	58877	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:38.289499044 CEST	61853	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:38.289664984 CEST	56240	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:38.479907990 CEST	53	49220	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:38.657964945 CEST	53	56240	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:38.766439915 CEST	53	61853	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:40.088803053 CEST	51746	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:40.089027882 CEST	58946	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:40.096925020 CEST	54346	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:40.097793102 CEST	51215	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:40.098789930 CEST	59681	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:40.099191904 CEST	55541	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:40.100819111 CEST	56537	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:40.101258039 CEST	64145	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:40.220782042 CEST	53	51746	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:40.220813990 CEST	53	58946	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:40.229298115 CEST	53	54346	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:40.230272055 CEST	53	51215	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:40.230345964 CEST	53	59681	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:40.231935024 CEST	53	55541	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:40.233360052 CEST	53	56537	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:40.234210014 CEST	53	64145	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:42.747991085 CEST	53	54770	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:43.677159071 CEST	61705	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:43.677902937 CEST	64560	53	192.168.2.4	1.1.1.1
Apr 26, 2024 15:15:44.004081011 CEST	53	64560	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:44.025094986 CEST	53	61705	1.1.1.1	192.168.2.4
Apr 26, 2024 15:15:52.757489920 CEST	138	138	192.168.2.4	192.168.2.255
Apr 26, 2024 15:15:57.375252008 CEST	53	54204	1.1.1.1	192.168.2.4
Apr 26, 2024 15:16:21.341659069 CEST	53	60222	1.1.1.1	192.168.2.4
Apr 26, 2024 15:16:35.536396027 CEST	53	56051	1.1.1.1	192.168.2.4
Apr 26, 2024 15:16:49.003817081 CEST	53	52711	1.1.1.1	192.168.2.4
Apr 26, 2024 15:17:23.707580090 CEST	53	51525	1.1.1.1	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Apr 26, 2024 15:15:38.289499044 CEST	192.168.2.4	1.1.1.1	0xac11	Standard query (0)	barela.sistemaitsseg.com.br	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:38.289664984 CEST	192.168.2.4	1.1.1.1	0xe6dd	Standard query (0)	barela.sistemaitsseg.com.br	65	IN (0x0001)	false
Apr 26, 2024 15:15:40.088803053 CEST	192.168.2.4	1.1.1.1	0xb0d5	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.089027882 CEST	192.168.2.4	1.1.1.1	0x29c0	Standard query (0)	www.google.com	65	IN (0x0001)	false
Apr 26, 2024 15:15:40.096925020 CEST	192.168.2.4	1.1.1.1	0xb659	Standard query (0)	stackpath.bootstrapcdn.com	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.097793102 CEST	192.168.2.4	1.1.1.1	0x73ba	Standard query (0)	stackpath.bootstrapcdn.com	65	IN (0x0001)	false
Apr 26, 2024 15:15:40.098789930 CEST	192.168.2.4	1.1.1.1	0x2a41	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.099191904 CEST	192.168.2.4	1.1.1.1	0xdc0e	Standard query (0)	cdnjs.cloudflare.com	65	IN (0x0001)	false
Apr 26, 2024 15:15:40.100819111 CEST	192.168.2.4	1.1.1.1	0x146d	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.101258039 CEST	192.168.2.4	1.1.1.1	0x8ddd	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Apr 26, 2024 15:15:43.677159071 CEST	192.168.2.4	1.1.1.1	0xaebb	Standard query (0)	barela.sistemaitsseg.com.br	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:43.677902937 CEST	192.168.2.4	1.1.1.1	0x94a0	Standard query (0)	barela.sistemaitsseg.com.br	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Apr 26, 2024 15:15:38.766439915 CEST	1.1.1.1	192.168.2.4	0xac11	No error (0)	barela.sistemaitsseg.com.br		52.67.16.6	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.220782042 CEST	1.1.1.1	192.168.2.4	0xb0d5	No error (0)	www.google.com		142.250.217.164	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.220813990 CEST	1.1.1.1	192.168.2.4	0x29c0	No error (0)	www.google.com			65	IN (0x0001)	false
Apr 26, 2024 15:15:40.229298115 CEST	1.1.1.1	192.168.2.4	0xb659	No error (0)	stackpath.bootstrapcdn.com		104.18.11.207	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.229298115 CEST	1.1.1.1	192.168.2.4	0xb659	No error (0)	stackpath.bootstrapcdn.com		104.18.10.207	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.230272055 CEST	1.1.1.1	192.168.2.4	0x73ba	No error (0)	stackpath.bootstrapcdn.com			65	IN (0x0001)	false
Apr 26, 2024 15:15:40.230345964 CEST	1.1.1.1	192.168.2.4	0x2a41	No error (0)	cdnjs.cloudflare.com		104.17.25.14	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.230345964 CEST	1.1.1.1	192.168.2.4	0x2a41	No error (0)	cdnjs.cloudflare.com		104.17.24.14	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.231935024 CEST	1.1.1.1	192.168.2.4	0xdc0e	No error (0)	cdnjs.cloudflare.com			65	IN (0x0001)	false
Apr 26, 2024 15:15:40.233360052 CEST	1.1.1.1	192.168.2.4	0x146d	No error (0)	code.jquery.com		151.101.66.137	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.233360052 CEST	1.1.1.1	192.168.2.4	0x146d	No error (0)	code.jquery.com		151.101.130.137	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.233360052 CEST	1.1.1.1	192.168.2.4	0x146d	No error (0)	code.jquery.com		151.101.2.137	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:40.233360052 CEST	1.1.1.1	192.168.2.4	0x146d	No error (0)	code.jquery.com		151.101.194.137	A (IP address)	IN (0x0001)	false
Apr 26, 2024 15:15:44.025094986 CEST	1.1.1.1	192.168.2.4	0xaebb	No error (0)	barela.sistemaitsseg.com.br		52.67.16.6	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

barela.sistemaitsseg.com.br

https:

cdnjs.cloudflare.com

stackpath.bootstrapcdn.com

code.jquery.com

fs.microsoft.com

slscr.update.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49737	52.67.16.6	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:39 UTC	706	OUT	GET /download_faturamento.php?id=NjAxNg== HTTP/1.1 Host: barela.sistemaitsseg.com.br Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-26 13:15:39 UTC	717	IN	HTTP/1.1 200 OK Server: nginx/1.23.4 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-Powered-By: PHP/8.1.21 Cache-Control: no-cache, private Date: Fri, 26 Apr 2024 13:15:39 GMT Set-Cookie: _mbswebD=eyJpdiI6ImRaTmhkNlpGU041Q2hlWDdPR2xyRWc9PSIsInZhbHVlIjoiMFc4S3p0d2ZBNmcrbmJCcUlKSElRWlJ2akZDSG5tOGFBK3hyVXpGcTlJaVVoV2JVZ0kvNm9RcHUvbkl3UDdIS0pDS1p3eTJKakpPTTk2Rk0zRmtmUXkyODRLczg3Y0lXWkpSWStYNkQrSmpQRmJQdXE4aEZSRXc1ZXZzQ1pTb2giLCJtYWMiOiI4YjYxNmE5OTRhYmFmMGU1MDIzM2I0NWE0M2IzMDU2N2ZiNjEyZDdiZGVjOWMyMjliM2E5N2Y3MjRjOWNkODFlIiwidGFnIjoiIn0%3D; expires=Fri, 26-Apr-2024 15:15:39 GMT; Max-Age=7200; path=/; httponly X-XSS-Protection: 1; mode=block
2024-04-26 13:15:39 UTC	8833	IN	Data Raw: 31 64 62 39 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 70 74 2d 42 52 22 3e 0a 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 42 61 69 78 61 72 20 41 6e 65 78 6f 20 66 61 74 75 72 61 6d 65 6e 74 6f 20 2d 20 49 74 27 73 53 65 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b Data Ascii: 1db9<html lang="pt-BR"><head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Baixar Anexo faturamento - It'sSeg</title> <link

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49736	52.67.16.6	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:40 UTC	1030	OUT	GET /assets/img/logo_itsseg_sistema.png HTTP/1.1 Host: barela.sistemaitsseg.com.br Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg== Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: _mbswebD=eyJpdiI6ImRaTmhkNlpGU041Q2hlWDdPR2xyRWc9PSIsInZhbHVlIjoiMFc4S3p0d2ZBNmcrbmJCcUlKSElRWlJ2akZDSG5tOGFBK3hyVXpGcTlJaVVoV2JVZ0kvNm9RcHUvbkl3UDdIS0pDS1p3eTJKakpPTTk2Rk0zRmtmUXkyODRLczg3Y0lXWkpSWStYNkQrSmpQRmJQdXE4aEZSRXc1ZXZzQ1pTb2giLCJtYWMiOiI4YjYxNmE5OTRhYmFmMGU1MDIzM2I0NWE0M2IzMDU2N2ZiNjEyZDdiZGVjOWMyMjliM2E5N2Y3MjRjOWNkODFlIiwidGFnIjoiIn0%3D
2024-04-26 13:15:40 UTC	268	IN	HTTP/1.1 200 OK Server: nginx/1.23.4 Date: Fri, 26 Apr 2024 13:15:40 GMT Content-Type: image/png Content-Length: 6675 Last-Modified: Sun, 21 May 2023 23:59:45 GMT Connection: close ETag: "646ab071-1a13" X-XSS-Protection: 1; mode=block Accept-Ranges: bytes
2024-04-26 13:15:40 UTC	6675	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 f0 00 00 00 6f 08 06 00 00 00 d2 65 4d 04 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 09 70 48 59 73 00 00 17 11 00 00 17 11 01 ca 26 f3 3f 00 00 00 07 74 49 4d 45 07 e4 0a 02 11 01 15 c8 9a 3f f3 00 00 19 02 49 44 41 54 78 da ed 9d 79 b4 1c 55 9d c7 3f b7 fa f5 f2 b6 bc 6c 44 c8 46 08 bb a0 44 08 62 04 1c 54 40 05 c1 05 c7 d1 19 1d 19 e7 8c cb b8 8f 3a 1e 19 c6 d1 19 1d 3d 6e e3 06 23 2e 88 8e 28 0a 28 0c a3 88 88 3a c0 b8 40 04 89 ac 4a c8 4a 42 92 97 e4 bd 74 bf a5 fb 75 f7 9d 3f 7e d5 ef d5 ab 57 d5 Data Ascii: PNGIHDRoeMgAMAa cHRMz&u0`:pQ<bKGDpHYs&?tIME?IDATxyU?lDFDbT@:=n#.((:@JJBtu?~W

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49741	104.17.25.14	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:41 UTC	632	OUT	GET /ajax/libs/font-awesome/5.15.1/css/all.min.css HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://barela.sistemaitsseg.com.br sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: style Referer: https://barela.sistemaitsseg.com.br/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-26 13:15:41 UTC	945	IN	HTTP/1.1 200 OK Date: Fri, 26 Apr 2024 13:15:41 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5f7b5b5f-e7d0" Last-Modified: Mon, 05 Oct 2020 17:43:59 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 36850 Expires: Wed, 16 Apr 2025 13:15:41 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bcGBkqktjxQp4Mzn%2FguFNlcNd1q%2FSJkEw7wEN%2BSgTOEUZTBCoSBgr%2FM5nLZGBVbnXVtdKWNEPnNSl8FGMYIOinjKFzlu1tQxd8SfVfAYgI2wkbIdqtqmiMvvMrnoYBPOyoth5oX"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 87a6d7d2295aa66b-MIA alt-svc: h3=":443"; ma=86400
2024-04-26 13:15:41 UTC	424	IN	Data Raw: 37 63 30 31 0d 0a 2f 2a 21 0a 20 2a 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 46 72 65 65 20 35 2e 31 35 2e 31 20 62 79 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 0a 20 2a 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 66 72 65 65 20 28 49 63 6f 6e 73 3a 20 43 43 20 42 59 20 34 2e 30 2c 20 46 6f 6e 74 73 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 6f 64 65 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 2f 0a 2e 66 61 2c 2e 66 61 62 2c 2e 66 61 64 2c 2e 66 61 6c 2c 2e 66 61 72 2c 2e 66 61 73 7b 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 67 72 61 79 73 63 61 6c 65 3b Data Ascii: 7c01/! Font Awesome Free 5.15.1 by @fontawesome - https://fontawesome.com * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) */.fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 35 65 6d 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 2d 2e 30 36 36 37 65 6d 7d 2e 66 61 2d 78 73 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 35 65 6d 7d 2e 66 61 2d 73 6d 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 37 35 65 6d 7d 2e 66 61 2d 31 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 2e 66 61 2d 32 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 65 6d 7d 2e 66 61 2d 33 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 65 6d 7d 2e 66 61 2d 34 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 34 65 6d 7d 2e 66 61 2d 35 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 35 65 6d 7d 2e 66 61 2d 36 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 36 65 6d 7d 2e 66 61 2d 37 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 37 65 6d 7d 2e 66 61 2d 38 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 38 65 6d 7d 2e 66 61 2d 39 78 7b 66 6f 6e 74 2d Data Ascii: 5em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 6f 66 74 2e 42 61 73 69 63 49 6d 61 67 65 28 72 6f 74 61 74 69 6f 6e 3d 31 29 22 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 30 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 30 64 65 67 29 7d 2e 66 61 2d 72 6f 74 61 74 65 2d 31 38 30 7b 2d 6d 73 2d 66 69 6c 74 65 72 3a 22 70 72 6f 67 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 42 61 73 69 63 49 6d 61 67 65 28 72 6f 74 61 74 69 6f 6e 3d 32 29 22 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 30 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 30 64 65 67 29 7d 2e 66 61 2d 72 6f 74 61 74 65 2d 32 37 30 7b 2d 6d 73 2d 66 69 6c 74 65 72 3a 22 70 Data Ascii: oft.BasicImage(rotation=1)";-webkit-transform:rotate(90deg);transform:rotate(90deg)}.fa-rotate-180{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=2)";-webkit-transform:rotate(180deg);transform:rotate(180deg)}.fa-rotate-270{-ms-filter:"p
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 36 39 22 7d 2e 66 61 2d 61 63 71 75 69 73 69 74 69 6f 6e 73 2d 69 6e 63 6f 72 70 6f 72 61 74 65 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 61 66 22 7d 2e 66 61 2d 61 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 34 31 22 7d 2e 66 61 2d 61 64 64 72 65 73 73 2d 62 6f 6f 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 62 39 22 7d 2e 66 61 2d 61 64 64 72 65 73 73 2d 63 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 62 62 22 7d 2e 66 61 2d 61 64 6a 75 73 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 32 22 7d 2e 66 61 2d 61 64 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 37 30 22 7d 2e 66 61 2d 61 64 76 65 72 73 61 Data Ascii: content:"\f369"}.fa-acquisitions-incorporated:before{content:"\f6af"}.fa-ad:before{content:"\f641"}.fa-address-book:before{content:"\f2b9"}.fa-address-card:before{content:"\f2bb"}.fa-adjust:before{content:"\f042"}.fa-adn:before{content:"\f170"}.fa-adversa
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 22 5c 66 33 36 65 22 7d 2e 66 61 2d 61 6e 67 75 6c 61 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 32 30 22 7d 2e 66 61 2d 61 6e 6b 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 34 34 22 7d 2e 66 61 2d 61 70 70 2d 73 74 6f 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 36 66 22 7d 2e 66 61 2d 61 70 70 2d 73 74 6f 72 65 2d 69 6f 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 37 30 22 7d 2e 66 61 2d 61 70 70 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 37 31 22 7d 2e 66 61 2d 61 70 70 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 37 39 22 7d 2e 66 61 2d 61 70 70 6c 65 2d 61 6c 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 64 31 22 Data Ascii: "\f36e"}.fa-angular:before{content:"\f420"}.fa-ankh:before{content:"\f644"}.fa-app-store:before{content:"\f36f"}.fa-app-store-ios:before{content:"\f370"}.fa-apper:before{content:"\f371"}.fa-apple:before{content:"\f179"}.fa-apple-alt:before{content:"\f5d1"
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 39 65 22 7d 2e 66 61 2d 61 75 74 6f 70 72 65 66 69 78 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 31 63 22 7d 2e 66 61 2d 61 76 69 61 6e 65 78 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 37 34 22 7d 2e 66 61 2d 61 76 69 61 74 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 32 31 22 7d 2e 66 61 2d 61 77 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 35 39 22 7d 2e 66 61 2d 61 77 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 37 35 22 7d 2e 66 61 2d 62 61 62 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 37 63 22 7d 2e 66 61 2d 62 61 62 79 2d 63 61 72 72 69 61 67 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 Data Ascii: content:"\f29e"}.fa-autoprefixer:before{content:"\f41c"}.fa-avianex:before{content:"\f374"}.fa-aviato:before{content:"\f421"}.fa-award:before{content:"\f559"}.fa-aws:before{content:"\f375"}.fa-baby:before{content:"\f77c"}.fa-baby-carriage:before{content:"
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 72 76 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 35 62 22 7d 2e 66 61 2d 62 69 62 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 36 34 37 22 7d 2e 66 61 2d 62 69 63 79 63 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 30 36 22 7d 2e 66 61 2d 62 69 6b 69 6e 67 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 38 34 61 22 7d 2e 66 61 2d 62 69 6d 6f 62 6a 65 63 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 33 37 38 22 7d 2e 66 61 2d 62 69 6e 6f 63 75 6c 61 72 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 65 35 22 7d 2e 66 61 2d 62 69 6f 68 61 7a 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 38 30 22 7d 2e 66 61 2d 62 69 72 74 68 64 61 79 2d 63 Data Ascii: rve:before{content:"\f55b"}.fa-bible:before{content:"\f647"}.fa-bicycle:before{content:"\f206"}.fa-biking:before{content:"\f84a"}.fa-bimobject:before{content:"\f378"}.fa-binoculars:before{content:"\f1e5"}.fa-biohazard:before{content:"\f780"}.fa-birthday-c
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 39 65 22 7d 2e 66 61 2d 62 6f 78 2d 74 69 73 73 75 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 62 22 7d 2e 66 61 2d 62 6f 78 65 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 36 38 22 7d 2e 66 61 2d 62 72 61 69 6c 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 61 31 22 7d 2e 66 61 2d 62 72 61 69 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 64 63 22 7d 2e 66 61 2d 62 72 65 61 64 2d 73 6c 69 63 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 65 63 22 7d 2e 66 61 2d 62 72 69 65 66 63 61 73 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 62 31 22 7d 2e 66 61 2d 62 72 69 65 66 63 61 73 65 2d 6d 65 64 Data Ascii: before{content:"\f49e"}.fa-box-tissue:before{content:"\e05b"}.fa-boxes:before{content:"\f468"}.fa-braille:before{content:"\f2a1"}.fa-brain:before{content:"\f5dc"}.fa-bread-slice:before{content:"\f7ec"}.fa-briefcase:before{content:"\f0b1"}.fa-briefcase-med
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 22 5c 66 37 38 35 22 7d 2e 66 61 2d 63 61 6e 64 79 2d 63 61 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 37 38 36 22 7d 2e 66 61 2d 63 61 6e 6e 61 62 69 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 35 66 22 7d 2e 66 61 2d 63 61 70 73 75 6c 65 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 34 36 62 22 7d 2e 66 61 2d 63 61 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 62 39 22 7d 2e 66 61 2d 63 61 72 2d 61 6c 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 64 65 22 7d 2e 66 61 2d 63 61 72 2d 62 61 74 74 65 72 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 64 66 22 7d 2e 66 61 2d 63 61 72 2d 63 72 61 73 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 Data Ascii: "\f785"}.fa-candy-cane:before{content:"\f786"}.fa-cannabis:before{content:"\f55f"}.fa-capsules:before{content:"\f46b"}.fa-car:before{content:"\f1b9"}.fa-car-alt:before{content:"\f5de"}.fa-car-battery:before{content:"\f5df"}.fa-car-crash:before{content:"\f
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 30 22 7d 2e 66 61 2d 63 68 61 6c 6b 62 6f 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 31 62 22 7d 2e 66 61 2d 63 68 61 6c 6b 62 6f 61 72 64 2d 74 65 61 63 68 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 31 63 22 7d 2e 66 61 2d 63 68 61 72 67 69 6e 67 2d 73 74 61 74 69 6f 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 35 65 37 22 7d 2e 66 61 2d 63 68 61 72 74 2d 61 72 65 61 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 66 65 22 7d 2e 66 61 2d 63 68 61 72 74 2d 62 61 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 30 22 7d 2e 66 61 2d 63 68 61 72 74 2d 6c 69 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 30 31 22 7d 2e 66 61 2d 63 68 61 72 74 2d 70 Data Ascii: 0"}.fa-chalkboard:before{content:"\f51b"}.fa-chalkboard-teacher:before{content:"\f51c"}.fa-charging-station:before{content:"\f5e7"}.fa-chart-area:before{content:"\f1fe"}.fa-chart-bar:before{content:"\f080"}.fa-chart-line:before{content:"\f201"}.fa-chart-p

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49740	104.18.11.207	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:41 UTC	630	OUT	GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1 Host: stackpath.bootstrapcdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://barela.sistemaitsseg.com.br sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: style Referer: https://barela.sistemaitsseg.com.br/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-26 13:15:41 UTC	919	IN	HTTP/1.1 200 OK Date: Fri, 26 Apr 2024 13:15:41 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close CDN-PullZone: 252412 CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74 CDN-RequestCountryCode: US Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31919000 ETag: W/"a15c2ac3234aa8f6064ef9c1f7383c37" Last-Modified: Mon, 25 Jan 2021 22:04:08 GMT CDN-CachedAt: 03/18/2024 12:53:29 CDN-ProxyVer: 1.04 CDN-RequestPullCode: 200 CDN-RequestPullSuccess: True CDN-EdgeStorageId: 878 timing-allow-origin: * cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff CDN-Status: 200 CDN-RequestId: 85ddfd4835ec218e05b5320e1d5d15cd CDN-Cache: HIT CF-Cache-Status: MISS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 87a6d7d228ef9071-MIA alt-svc: h3=":443"; ma=86400
2024-04-26 13:15:41 UTC	450	IN	Data Raw: 37 63 31 63 0d 0a 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 33 2e 31 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 39 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 39 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 3a 72 6f 6f 74 7b 2d 2d 62 6c 75 65 3a 23 30 30 37 62 66 66 3b 2d 2d 69 6e 64 69 67 6f 3a 23 36 36 31 Data Ascii: 7c1c/! Bootstrap v4.3.1 (https://getbootstrap.com/) * Copyright 2011-2019 The Bootstrap Authors * Copyright 2011-2019 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */:root{--blue:#007bff;--indigo:#661
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 3b 2d 2d 73 65 63 6f 6e 64 61 72 79 3a 23 36 63 37 35 37 64 3b 2d 2d 73 75 63 63 65 73 73 3a 23 32 38 61 37 34 35 3b 2d 2d 69 6e 66 6f 3a 23 31 37 61 32 62 38 3b 2d 2d 77 61 72 6e 69 6e 67 3a 23 66 66 63 31 30 37 3b 2d 2d 64 61 6e 67 65 72 3a 23 64 63 33 35 34 35 3b 2d 2d 6c 69 67 68 74 3a 23 66 38 66 39 66 61 3b 2d 2d 64 61 72 6b 3a 23 33 34 33 61 34 30 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 78 73 3a 30 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 73 6d 3a 35 37 36 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 6d 64 3a 37 36 38 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 6c 67 3a 39 39 32 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 78 6c 3a 31 32 30 30 70 78 3b 2d 2d 66 6f 6e 74 2d 66 61 6d 69 6c 79 2d 73 61 6e 73 2d 73 65 72 69 66 3a 2d 61 70 Data Ascii: ;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-ap
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 6e 65 20 64 6f 74 74 65 64 3b 63 75 72 73 6f 72 3a 68 65 6c 70 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 30 3b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 2d 73 6b 69 70 2d 69 6e 6b 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 2d 73 6b 69 70 2d 69 6e 6b 3a 6e 6f 6e 65 7d 61 64 64 72 65 73 73 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 64 6c 2c 6f 6c 2c 75 6c 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 7d 6f 6c 20 6f 6c 2c 6f 6c 20 75 6c 2c 75 6c 20 6f 6c 2c 75 6c 20 75 6c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 7d 64 74 7b Data Ascii: ne dotted;cursor:help;border-bottom:0;-webkit-text-decoration-skip-ink:none;text-decoration-skip-ink:none}address{margin-bottom:1rem;font-style:normal;line-height:inherit}dl,ol,ul{margin-top:0;margin-bottom:1rem}ol ol,ol ul,ul ol,ul ul{margin-bottom:0}dt{
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 35 70 78 20 61 75 74 6f 20 2d 77 65 62 6b 69 74 2d 66 6f 63 75 73 2d 72 69 6e 67 2d 63 6f 6c 6f 72 7d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 6f 70 74 67 72 6f 75 70 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 7b 6f 76 65 72 66 6c 6f 77 3a 76 69 73 69 62 6c 65 7d 62 75 74 74 6f 6e 2c 73 65 6c 65 63 74 7b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 6e 6f 6e 65 7d 73 65 6c 65 63 74 7b 77 6f 72 64 2d 77 72 61 70 3a 6e 6f 72 6d 61 6c 7d 5b 74 79 70 65 3d 62 75 74 74 6f 6e 5d 2c 5b 74 79 70 65 3d 72 65 73 65 74 5d 2c 5b Data Ascii: 5px auto -webkit-focus-ring-color}button,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:inherit;line-height:inherit}button,input{overflow:visible}button,select{text-transform:none}select{word-wrap:normal}[type=button],[type=reset],[
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 72 7d 74 65 6d 70 6c 61 74 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 5b 68 69 64 64 65 6e 5d 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 68 31 2c 2e 68 32 2c 2e 68 33 2c 2e 68 34 2c 2e 68 35 2c 2e 68 36 2c 68 31 2c 68 32 2c 68 33 2c 68 34 2c 68 35 2c 68 36 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 35 72 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d 2e 68 31 2c 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 35 72 65 6d 7d 2e 68 32 2c 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 72 65 6d 7d 2e 68 33 2c 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 35 72 65 6d 7d 2e 68 34 2c 68 34 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 35 72 65 6d 7d 2e 68 35 2c 68 35 7b 66 6f 6e Data Ascii: r}template{display:none}[hidden]{display:none!important}.h1,.h2,.h3,.h4,.h5,.h6,h1,h2,h3,h4,h5,h6{margin-bottom:.5rem;font-weight:500;line-height:1.2}.h1,h1{font-size:2.5rem}.h2,h2{font-size:2rem}.h3,h3{font-size:1.75rem}.h4,h4{font-size:1.5rem}.h5,h5{fon
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 67 68 74 3a 31 7d 2e 66 69 67 75 72 65 2d 63 61 70 74 69 6f 6e 7b 66 6f 6e 74 2d 73 69 7a 65 3a 39 30 25 3b 63 6f 6c 6f 72 3a 23 36 63 37 35 37 64 7d 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 38 37 2e 35 25 3b 63 6f 6c 6f 72 3a 23 65 38 33 65 38 63 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 77 6f 72 64 7d 61 3e 63 6f 64 65 7b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 7d 6b 62 64 7b 70 61 64 64 69 6e 67 3a 2e 32 72 65 6d 20 2e 34 72 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 38 37 2e 35 25 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 31 32 35 32 39 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 2e 32 72 65 6d 7d 6b 62 64 20 6b 62 64 7b 70 61 64 64 69 6e 67 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 30 Data Ascii: ght:1}.figure-caption{font-size:90%;color:#6c757d}code{font-size:87.5%;color:#e83e8c;word-break:break-word}a>code{color:inherit}kbd{padding:.2rem .4rem;font-size:87.5%;color:#fff;background-color:#212529;border-radius:.2rem}kbd kbd{padding:0;font-size:100
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 2c 2e 63 6f 6c 2d 6d 64 2d 33 2c 2e 63 6f 6c 2d 6d 64 2d 34 2c 2e 63 6f 6c 2d 6d 64 2d 35 2c 2e 63 6f 6c 2d 6d 64 2d 36 2c 2e 63 6f 6c 2d 6d 64 2d 37 2c 2e 63 6f 6c 2d 6d 64 2d 38 2c 2e 63 6f 6c 2d 6d 64 2d 39 2c 2e 63 6f 6c 2d 6d 64 2d 61 75 74 6f 2c 2e 63 6f 6c 2d 73 6d 2c 2e 63 6f 6c 2d 73 6d 2d 31 2c 2e 63 6f 6c 2d 73 6d 2d 31 30 2c 2e 63 6f 6c 2d 73 6d 2d 31 31 2c 2e 63 6f 6c 2d 73 6d 2d 31 32 2c 2e 63 6f 6c 2d 73 6d 2d 32 2c 2e 63 6f 6c 2d 73 6d 2d 33 2c 2e 63 6f 6c 2d 73 6d 2d 34 2c 2e 63 6f 6c 2d 73 6d 2d 35 2c 2e 63 6f 6c 2d 73 6d 2d 36 2c 2e 63 6f 6c 2d 73 6d 2d 37 2c 2e 63 6f 6c 2d 73 6d 2d 38 2c 2e 63 6f 6c 2d 73 6d 2d 39 2c 2e 63 6f 6c 2d 73 6d 2d 61 75 74 6f 2c 2e 63 6f 6c 2d 78 6c 2c 2e 63 6f 6c 2d 78 6c 2d 31 2c 2e 63 6f 6c 2d 78 6c 2d 31 Data Ascii: ,.col-md-3,.col-md-4,.col-md-5,.col-md-6,.col-md-7,.col-md-8,.col-md-9,.col-md-auto,.col-sm,.col-sm-1,.col-sm-10,.col-sm-11,.col-sm-12,.col-sm-2,.col-sm-3,.col-sm-4,.col-sm-5,.col-sm-6,.col-sm-7,.col-sm-8,.col-sm-9,.col-sm-auto,.col-xl,.col-xl-1,.col-xl-1
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 77 69 64 74 68 3a 31 30 30 25 7d 2e 6f 72 64 65 72 2d 66 69 72 73 74 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 2d 31 3b 6f 72 64 65 72 3a 2d 31 7d 2e 6f 72 64 65 72 2d 6c 61 73 74 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 31 33 3b 6f 72 64 65 72 3a 31 33 7d 2e 6f 72 64 65 72 2d 30 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 30 3b 6f 72 64 65 72 3a 30 7d 2e 6f 72 64 65 72 2d 31 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 31 3b 6f 72 64 65 72 3a 31 7d 2e 6f 72 64 65 72 2d 32 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 32 3b 6f 72 64 65 72 3a 32 7d 2e 6f 72 64 65 72 2d 33 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 33 3b 6f 72 64 65 72 3a 33 7d 2e 6f 72 64 65 72 2d 34 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 34 3b 6f 72 64 Data Ascii: width:100%}.order-first{-ms-flex-order:-1;order:-1}.order-last{-ms-flex-order:13;order:13}.order-0{-ms-flex-order:0;order:0}.order-1{-ms-flex-order:1;order:1}.order-2{-ms-flex-order:2;order:2}.order-3{-ms-flex-order:3;order:3}.order-4{-ms-flex-order:4;ord
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 30 20 30 20 34 31 2e 36 36 36 36 36 37 25 3b 66 6c 65 78 3a 30 20 30 20 34 31 2e 36 36 36 36 36 37 25 3b 6d 61 78 2d 77 69 64 74 68 3a 34 31 2e 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 73 6d 2d 36 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 35 30 25 3b 66 6c 65 78 3a 30 20 30 20 35 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 35 30 25 7d 2e 63 6f 6c 2d 73 6d 2d 37 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 35 38 2e 33 33 33 33 33 33 25 3b 66 6c 65 78 3a 30 20 30 20 35 38 2e 33 33 33 33 33 33 25 3b 6d 61 78 2d 77 69 64 74 68 3a 35 38 2e 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 73 6d 2d 38 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 36 36 2e 36 36 36 36 36 37 25 3b 66 6c 65 78 3a 30 20 30 20 36 36 2e 36 36 36 36 36 37 25 3b 6d 61 78 2d 77 69 64 74 68 3a 36 36 2e 36 36 36 Data Ascii: 0 0 41.666667%;flex:0 0 41.666667%;max-width:41.666667%}.col-sm-6{-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.col-sm-7{-ms-flex:0 0 58.333333%;flex:0 0 58.333333%;max-width:58.333333%}.col-sm-8{-ms-flex:0 0 66.666667%;flex:0 0 66.666667%;max-width:66.666
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 74 2d 73 6d 2d 38 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 36 36 2e 36 36 36 36 36 37 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 39 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 37 35 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 31 30 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 33 2e 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 31 31 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 39 31 2e 36 36 36 36 36 37 25 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 37 36 38 70 78 29 7b 2e 63 6f 6c 2d 6d 64 7b 2d 6d 73 2d 66 6c 65 78 2d 70 72 65 66 65 72 72 65 64 2d 73 69 7a 65 3a 30 3b 66 6c 65 78 2d 62 61 73 69 73 3a 30 3b 2d 6d 73 2d 66 6c 65 78 2d 70 6f 73 69 74 69 76 65 3a 31 3b 66 6c 65 78 2d 67 72 6f 77 3a 31 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 2e 63 Data Ascii: t-sm-8{margin-left:66.666667%}.offset-sm-9{margin-left:75%}.offset-sm-10{margin-left:83.333333%}.offset-sm-11{margin-left:91.666667%}}@media (min-width:768px){.col-md{-ms-flex-preferred-size:0;flex-basis:0;-ms-flex-positive:1;flex-grow:1;max-width:100%}.c

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49743	151.101.66.137	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:41 UTC	587	OUT	GET /jquery-3.5.1.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://barela.sistemaitsseg.com.br sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://barela.sistemaitsseg.com.br/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-26 13:15:41 UTC	569	IN	HTTP/1.1 200 OK Connection: close Content-Length: 89476 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: "28feccc0-15d84" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Age: 1666461 Date: Fri, 26 Apr 2024 13:15:41 GMT X-Served-By: cache-lga21981-LGA, cache-pdk-kpdk1780108-PDK X-Cache: HIT, HIT X-Cache-Hits: 1303, 0 X-Timer: S1714137342.792324,VS0,VE1 Vary: Accept-Encoding
2024-04-26 13:15:41 UTC	1378	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 35 2e 31 20 7c 20 28 63 29 20 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 Data Ascii: /! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery
2024-04-26 13:15:41 UTC	1378	IN	Data Raw: 65 3f 73 2e 63 61 6c 6c 28 74 68 69 73 29 3a 65 3c 30 3f 74 68 69 73 5b 65 2b 74 68 69 73 2e 6c 65 6e 67 74 68 5d 3a 74 68 69 73 5b 65 5d 7d 2c 70 75 73 68 53 74 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 53 2e 6d 65 72 67 65 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 2c 65 29 3b 72 65 74 75 72 6e 20 74 2e 70 72 65 76 4f 62 6a 65 63 74 3d 74 68 69 73 2c 74 7d 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 53 2e 65 61 63 68 28 74 68 69 73 2c 65 29 7d 2c 6d 61 70 3a 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 53 2e 6d 61 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 6e 2e 63 61 6c 6c 28 65 2c 74 2c Data Ascii: e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=S.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return S.each(this,e)},map:function(n){return this.pushStack(S.map(this,function(e,t){return n.call(e,t,
2024-04-26 13:15:41 UTC	1378	IN	Data Raw: 65 63 74 20 4f 62 6a 65 63 74 5d 22 21 3d 3d 6f 2e 63 61 6c 6c 28 65 29 29 26 26 28 21 28 74 3d 72 28 65 29 29 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 6e 3d 76 2e 63 61 6c 6c 28 74 2c 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 29 26 26 61 2e 63 61 6c 6c 28 6e 29 3d 3d 3d 6c 29 7d 2c 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3b 66 6f 72 28 74 20 69 6e 20 65 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 30 7d 2c 67 6c 6f 62 61 6c 45 76 61 6c 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 62 28 65 2c 7b 6e 6f 6e 63 65 3a 74 26 26 74 2e 6e 6f 6e 63 65 7d 2c 6e 29 7d 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 Data Ascii: ect Object]"!==o.call(e))&&(!(t=r(e))\|\|"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){b(e,{nonce:t&&t.nonce},n)},each:function(e,t){var
2024-04-26 13:15:41 UTC	1378	IN	Data Raw: 2e 73 6c 69 63 65 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 2c 72 3d 65 2e 6c 65 6e 67 74 68 3b 6e 3c 72 3b 6e 2b 2b 29 69 66 28 65 5b 6e 5d 3d 3d 3d 74 29 72 65 74 75 72 6e 20 6e 3b 72 65 74 75 72 6e 2d 31 7d 2c 52 3d 22 63 68 65 63 6b 65 64 7c 73 65 6c 65 63 74 65 64 7c 61 73 79 6e 63 7c 61 75 74 6f 66 6f 63 75 73 7c 61 75 74 6f 70 6c 61 79 7c 63 6f 6e 74 72 6f 6c 73 7c 64 65 66 65 72 7c 64 69 73 61 62 6c 65 64 7c 68 69 64 64 65 6e 7c 69 73 6d 61 70 7c 6c 6f 6f 70 7c 6d 75 6c 74 69 70 6c 65 7c 6f 70 65 6e 7c 72 65 61 64 6f 6e 6c 79 7c 72 65 71 75 69 72 65 64 7c 73 63 6f 70 65 64 22 2c 4d 3d 22 5b 5c 5c 78 32 30 5c 5c 74 5c 5c 72 5c 5c 6e 5c 5c 66 5d 22 2c 49 3d 22 28 3f 3a 5c 5c 5c 5c 5b 5c 5c 64 61 2d 66 41 2d Data Ascii: .slice,P=function(e,t){for(var n=0,r=e.length;n<r;n++)if(e[n]===t)return n;return-1},R="checked\|selected\|async\|autofocus\|autoplay\|controls\|defer\|disabled\|hidden\|ismap\|loop\|multiple\|open\|readonly\|required\|scoped",M="[\\x20\\t\\r\\n\\f]",I="(?:\\\\[\\da-fA-
2024-04-26 13:15:41 UTC	1378	IN	Data Raw: 5c 5c 64 61 2d 66 41 2d 46 5d 7b 31 2c 36 7d 22 2b 4d 2b 22 3f 7c 5c 5c 5c 5c 28 5b 5e 5c 5c 72 5c 5c 6e 5c 5c 66 5d 29 22 2c 22 67 22 29 2c 6e 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 22 30 78 22 2b 65 2e 73 6c 69 63 65 28 31 29 2d 36 35 35 33 36 3b 72 65 74 75 72 6e 20 74 7c 7c 28 6e 3c 30 3f 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6e 2b 36 35 35 33 36 29 3a 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6e 3e 3e 31 30 7c 35 35 32 39 36 2c 31 30 32 33 26 6e 7c 35 36 33 32 30 29 29 7d 2c 72 65 3d 2f 28 5b 5c 30 2d 5c 78 31 66 5c 78 37 66 5d 7c 5e 2d 3f 5c 64 29 7c 5e 2d 24 7c 5b 5e 5c 30 2d 5c 78 31 66 5c 78 37 66 2d 5c 75 46 46 46 46 5c 77 2d 5d 2f 67 2c 69 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c Data Ascii: \\da-fA-F]{1,6}"+M+"?\|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t\|\|(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10\|55296,1023&n\|56320))},re=/([\0-\x1f\x7f]\|^-?\d)\|^-$\|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,
2024-04-26 13:15:41 UTC	1378	IN	Data Raw: 64 65 29 7c 7c 65 29 3d 3d 3d 65 26 26 64 2e 73 63 6f 70 65 7c 7c 28 28 73 3d 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 29 29 3f 73 3d 73 2e 72 65 70 6c 61 63 65 28 72 65 2c 69 65 29 3a 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 73 3d 53 29 29 2c 6f 3d 28 6c 3d 68 28 74 29 29 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 6f 2d 2d 29 6c 5b 6f 5d 3d 28 73 3f 22 23 22 2b 73 3a 22 3a 73 63 6f 70 65 22 29 2b 22 20 22 2b 78 65 28 6c 5b 6f 5d 29 3b 63 3d 6c 2e 6a 6f 69 6e 28 22 2c 22 29 7d 74 72 79 7b 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 6e 2c 66 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 63 29 29 2c 6e 7d 63 61 74 63 68 28 65 29 7b 4e 28 74 2c 21 30 29 7d 66 69 6e 61 6c 6c 79 7b 73 3d 3d 3d 53 26 26 65 2e 72 65 6d Data Ascii: de)\|\|e)===e&&d.scope\|\|((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){N(t,!0)}finally{s===S&&e.rem
2024-04-26 13:15:41 UTC	1378	IN	Data Raw: 6f 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 65 5b 6e 3d 72 5b 69 5d 5d 26 26 28 65 5b 6e 5d 3d 21 28 74 5b 6e 5d 3d 65 5b 6e 5d 29 29 7d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 79 65 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 26 26 65 7d 66 6f 72 28 65 20 69 6e 20 64 3d 73 65 2e 73 75 70 70 6f 72 74 3d 7b 7d 2c 69 3d 73 65 2e 69 73 58 4d 4c 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 6e 61 6d 65 73 70 61 63 65 55 52 49 2c 6e 3d 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 3b 72 65 74 75 72 6e 21 59 2e 74 65 73 74 28 74 7c 7c Data Ascii: o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e.namespaceURI,n=(e.ownerDocument\|\|e).documentElement;return!Y.test(t\|\|
2024-04-26 13:15:41 UTC	1378	IN	Data Raw: 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 26 26 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 3b 72 65 74 75 72 6e 20 74 26 26 74 2e 76 61 6c 75 65 3d 3d 3d 6e 7d 7d 2c 62 2e 66 69 6e 64 2e 49 44 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 26 26 45 29 7b 76 61 72 20 6e 2c 72 2c 69 2c 6f 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 3b 69 66 28 6f 29 7b 69 66 28 28 6e 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 29 26 26 6e 2e 76 61 6c 75 65 3d Data Ascii: function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value=
2024-04-26 13:15:41 UTC	1378	IN	Data Raw: 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 63 68 65 63 6b 65 64 22 29 2e 6c 65 6e 67 74 68 7c 7c 76 2e 70 75 73 68 28 22 3a 63 68 65 63 6b 65 64 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 61 23 22 2b 53 2b 22 2b 2a 22 29 2e 6c 65 6e 67 74 68 7c 7c 76 2e 70 75 73 68 28 22 2e 23 2e 2b 5b 2b 7e 5d 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5c 5c 5c 66 22 29 2c 76 2e 70 75 73 68 28 22 5b 5c 5c 72 5c 5c 6e 5c 5c 66 5d 22 29 7d 29 2c 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 69 6e 6e 65 72 48 54 4d 4c 3d 22 3c 61 20 68 72 65 66 3d 27 27 20 64 69 73 61 62 6c 65 64 3d 27 64 69 73 61 62 6c 65 64 27 3e 3c 2f 61 3e 3c 73 65 6c 65 63 74 20 64 69 73 61 62 6c 65 64 3d 27 64 69 73 61 62 Data Ascii: ,e.querySelectorAll(":checked").length\|\|v.push(":checked"),e.querySelectorAll("a#"+S+"+*").length\|\|v.push(".#.+[+~]"),e.querySelectorAll("\\\f"),v.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="<a href='' disabled='disabled'></a><select disabled='disab
2024-04-26 13:15:41 UTC	1378	IN	Data Raw: 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 3b 72 65 74 75 72 6e 20 6e 7c 7c 28 31 26 28 6e 3d 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 3d 3d 28 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 74 29 3f 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 74 29 3a 31 29 7c 7c 21 64 2e 73 6f 72 74 44 65 74 61 63 68 65 64 26 26 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 65 29 3d 3d 3d 6e 3f 65 3d 3d 43 7c 7c 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 70 26 26 79 28 70 2c 65 29 3f 2d 31 3a 74 3d 3d 43 7c 7c 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 70 26 26 79 28 70 2c 74 29 3f 31 3a 75 3f 50 28 75 2c 65 29 2d 50 28 75 2c 74 29 3a 30 3a 34 26 6e 3f 2d 31 3a 31 Data Ascii: ocumentPosition;return n\|\|(1&(n=(e.ownerDocument\|\|e)==(t.ownerDocument\|\|t)?e.compareDocumentPosition(t):1)\|\|!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C\|\|e.ownerDocument==p&&y(p,e)?-1:t==C\|\|t.ownerDocument==p&&y(p,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49739	104.18.11.207	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:41 UTC	614	OUT	GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1 Host: stackpath.bootstrapcdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://barela.sistemaitsseg.com.br sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://barela.sistemaitsseg.com.br/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-26 13:15:41 UTC	933	IN	HTTP/1.1 200 OK Date: Fri, 26 Apr 2024 13:15:41 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close CDN-PullZone: 252412 CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74 CDN-RequestCountryCode: US Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31919000 ETag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e" Last-Modified: Mon, 25 Jan 2021 22:04:08 GMT CDN-CachedAt: 03/18/2024 12:49:09 CDN-ProxyVer: 1.04 CDN-RequestPullCode: 200 CDN-RequestPullSuccess: True CDN-EdgeStorageId: 975 timing-allow-origin: * cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff CDN-Status: 200 CDN-RequestId: 8050d9405edfb8d72aff7cc3a527d0c4 CDN-Cache: HIT CF-Cache-Status: MISS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 87a6d7d22caf8dd9-MIA alt-svc: h3=":443"; ma=86400
2024-04-26 13:15:41 UTC	436	IN	Data Raw: 37 63 30 66 0d 0a 2f 2a 21 0a 20 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 33 2e 31 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 39 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 67 72 61 70 68 73 2f 63 6f 6e 74 72 69 62 75 74 6f 72 73 29 0a 20 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 Data Ascii: 7c0f/! Bootstrap v4.3.1 (https://getbootstrap.com/) * Copyright 2011-2019 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */!function(
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 6a 73 22 5d 2c 65 29 3a 65 28 28 74 3d 74 7c 7c 73 65 6c 66 29 2e 62 6f 6f 74 73 74 72 61 70 3d 7b 7d 2c 74 2e 6a 51 75 65 72 79 2c 74 2e 50 6f 70 70 65 72 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 67 2c 75 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 69 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 65 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 7b 76 61 72 20 69 3d 65 5b 6e 5d 3b 69 2e 65 6e 75 6d 65 72 61 62 6c 65 3d 69 2e 65 6e 75 6d 65 72 61 62 6c 65 7c 7c 21 31 2c 69 2e 63 6f 6e 66 69 67 75 72 61 62 6c 65 3d 21 30 2c 22 76 61 6c 75 65 22 69 6e 20 69 26 26 28 69 2e 77 72 69 74 61 62 6c 65 3d 21 30 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 69 2e 6b 65 79 2c 69 29 7d 7d Data Ascii: js"],e):e((t=t\|\|self).bootstrap={},t.jQuery,t.Popper)}(this,function(t,g,u){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 74 69 6f 6e 28 74 29 7b 69 66 28 21 74 29 72 65 74 75 72 6e 20 30 3b 76 61 72 20 65 3d 67 28 74 29 2e 63 73 73 28 22 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 22 29 2c 6e 3d 67 28 74 29 2e 63 73 73 28 22 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 22 29 2c 69 3d 70 61 72 73 65 46 6c 6f 61 74 28 65 29 2c 6f 3d 70 61 72 73 65 46 6c 6f 61 74 28 6e 29 3b 72 65 74 75 72 6e 20 69 7c 7c 6f 3f 28 65 3d 65 2e 73 70 6c 69 74 28 22 2c 22 29 5b 30 5d 2c 6e 3d 6e 2e 73 70 6c 69 74 28 22 2c 22 29 5b 30 5d 2c 31 65 33 2a 28 70 61 72 73 65 46 6c 6f 61 74 28 65 29 2b 70 61 72 73 65 46 6c 6f 61 74 28 6e 29 29 29 3a 30 7d 2c 72 65 66 6c 6f 77 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 2e 6f 66 66 73 65 74 48 65 69 67 68 74 7d 2c 74 72 Data Ascii: tion(t){if(!t)return 0;var e=g(t).css("transition-duration"),n=g(t).css("transition-delay"),i=parseFloat(e),o=parseFloat(n);return i\|\|o?(e=e.split(",")[0],n=n.split(",")[0],1e3*(parseFloat(e)+parseFloat(n))):0},reflow:function(t){return t.offsetHeight},tr
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 65 6d 65 6e 74 3d 74 7d 76 61 72 20 74 3d 69 2e 70 72 6f 74 6f 74 79 70 65 3b 72 65 74 75 72 6e 20 74 2e 63 6c 6f 73 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3b 74 26 26 28 65 3d 74 68 69 73 2e 5f 67 65 74 52 6f 6f 74 45 6c 65 6d 65 6e 74 28 74 29 29 2c 74 68 69 73 2e 5f 74 72 69 67 67 65 72 43 6c 6f 73 65 45 76 65 6e 74 28 65 29 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 28 29 7c 7c 74 68 69 73 2e 5f 72 65 6d 6f 76 65 45 6c 65 6d 65 6e 74 28 65 29 7d 2c 74 2e 64 69 73 70 6f 73 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 67 2e 72 65 6d 6f 76 65 44 61 74 61 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2c 72 29 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 7d 2c 74 2e 5f 67 65 74 52 Data Ascii: ement=t}var t=i.prototype;return t.close=function(t){var e=this._element;t&&(e=this._getRootElement(t)),this._triggerCloseEvent(e).isDefaultPrevented()\|\|this._removeElement(e)},t.dispose=function(){g.removeData(this._element,r),this._element=null},t._getR
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 75 73 22 2c 44 3d 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 5e 3d 22 62 75 74 74 6f 6e 22 5d 27 2c 77 3d 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 62 75 74 74 6f 6e 73 22 5d 27 2c 41 3d 27 69 6e 70 75 74 3a 6e 6f 74 28 5b 74 79 70 65 3d 22 68 69 64 64 65 6e 22 5d 29 27 2c 4e 3d 22 2e 61 63 74 69 76 65 22 2c 4f 3d 22 2e 62 74 6e 22 2c 6b 3d 7b 43 4c 49 43 4b 5f 44 41 54 41 5f 41 50 49 3a 22 63 6c 69 63 6b 22 2b 45 2b 43 2c 46 4f 43 55 53 5f 42 4c 55 52 5f 44 41 54 41 5f 41 50 49 3a 22 66 6f 63 75 73 22 2b 45 2b 43 2b 22 20 62 6c 75 72 22 2b 45 2b 43 7d 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 6e 28 74 29 7b 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 74 7d 76 61 72 20 74 3d 6e 2e 70 72 6f 74 6f 74 79 70 65 3b 72 65 74 75 72 6e 20 Data Ascii: us",D='[data-toggle^="button"]',w='[data-toggle="buttons"]',A='input:not([type="hidden"])',N=".active",O=".btn",k={CLICK_DATA_API:"click"+E+C,FOCUS_BLUR_DATA_API:"focus"+E+C+" blur"+E+C},P=function(){function n(t){this._element=t}var t=n.prototype;return
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 5e 66 6f 63 75 73 28 69 6e 29 3f 24 2f 2e 74 65 73 74 28 74 2e 74 79 70 65 29 29 7d 29 2c 67 2e 66 6e 5b 76 5d 3d 50 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2c 67 2e 66 6e 5b 76 5d 2e 43 6f 6e 73 74 72 75 63 74 6f 72 3d 50 2c 67 2e 66 6e 5b 76 5d 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 67 2e 66 6e 5b 76 5d 3d 54 2c 50 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 7d 3b 76 61 72 20 4c 3d 22 63 61 72 6f 75 73 65 6c 22 2c 6a 3d 22 62 73 2e 63 61 72 6f 75 73 65 6c 22 2c 48 3d 22 2e 22 2b 6a 2c 52 3d 22 2e 64 61 74 61 2d 61 70 69 22 2c 78 3d 67 2e 66 6e 5b 4c 5d 2c 46 3d 7b 69 6e 74 65 72 76 61 6c 3a 35 65 33 2c 6b 65 79 62 6f 61 72 64 3a 21 30 2c 73 6c 69 64 65 3a 21 31 2c 70 61 75 73 65 3a 22 Data Ascii: ^focus(in)?$/.test(t.type))}),g.fn[v]=P._jQueryInterface,g.fn[v].Constructor=P,g.fn[v].noConflict=function(){return g.fn[v]=T,P._jQueryInterface};var L="carousel",j="bs.carousel",H="."+j,R=".data-api",x=g.fn[L],F={interval:5e3,keyboard:!0,slide:!1,pause:"
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 74 2c 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 3d 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 6f 74 29 2c 74 68 69 73 2e 5f 74 6f 75 63 68 53 75 70 70 6f 72 74 65 64 3d 22 6f 6e 74 6f 75 63 68 73 74 61 72 74 22 69 6e 20 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 7c 7c 30 3c 6e 61 76 69 67 61 74 6f 72 2e 6d 61 78 54 6f 75 63 68 50 6f 69 6e 74 73 2c 74 68 69 73 2e 5f 70 6f 69 6e 74 65 72 45 76 65 6e 74 3d 42 6f 6f 6c 65 61 6e 28 77 69 6e 64 6f 77 2e 50 6f 69 6e 74 65 72 45 76 65 6e 74 7c 7c 77 69 6e 64 6f 77 2e 4d 53 50 6f 69 6e 74 65 72 45 76 65 6e 74 29 2c 74 68 69 73 2e 5f 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e Data Ascii: ,this._element=t,this._indicatorsElement=this._element.querySelector(ot),this._touchSupported="ontouchstart"in document.documentElement\|\|0<navigator.maxTouchPoints,this._pointerEvent=Boolean(window.PointerEvent\|\|window.MSPointerEvent),this._addEventListen
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 44 61 74 61 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2c 6a 29 2c 74 68 69 73 2e 5f 69 74 65 6d 73 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 69 6e 74 65 72 76 61 6c 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 69 73 50 61 75 73 65 64 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 69 73 53 6c 69 64 69 6e 67 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 7d 2c 74 2e 5f 67 65 74 43 6f 6e 66 69 67 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 3d 6c 28 7b 7d 2c 46 2c 74 29 2c 5f 2e 74 79 70 65 43 68 65 63 6b 43 6f 6e 66 69 67 28 4c Data Ascii: Data(this._element,j),this._items=null,this._config=null,this._element=null,this._interval=null,this._isPaused=null,this._isSliding=null,this._activeElement=null,this._indicatorsElement=null},t._getConfig=function(t){return t=l({},F,t),_.typeCheckConfig(L
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 72 6e 20 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 7d 29 2c 74 68 69 73 2e 5f 70 6f 69 6e 74 65 72 45 76 65 6e 74 3f 28 67 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 6f 6e 28 51 2e 50 4f 49 4e 54 45 52 44 4f 57 4e 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 28 74 29 7d 29 2c 67 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 6f 6e 28 51 2e 50 4f 49 4e 54 45 52 55 50 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 69 28 74 29 7d 29 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 4a 29 29 3a 28 67 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 6f 6e 28 51 2e 54 4f 55 43 48 53 54 41 52 54 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 28 74 29 7d 29 2c 67 Data Ascii: rn t.preventDefault()}),this._pointerEvent?(g(this._element).on(Q.POINTERDOWN,function(t){return e(t)}),g(this._element).on(Q.POINTERUP,function(t){return i(t)}),this._element.classList.add(J)):(g(this._element).on(Q.TOUCHSTART,function(t){return e(t)}),g
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 5a 29 29 3b 67 28 65 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 56 29 3b 76 61 72 20 6e 3d 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 2e 63 68 69 6c 64 72 65 6e 5b 74 68 69 73 2e 5f 67 65 74 49 74 65 6d 49 6e 64 65 78 28 74 29 5d 3b 6e 26 26 67 28 6e 29 2e 61 64 64 43 6c 61 73 73 28 56 29 7d 7d 2c 74 2e 5f 73 6c 69 64 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 6e 2c 69 2c 6f 2c 72 3d 74 68 69 73 2c 73 3d 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 74 74 29 2c 61 3d 74 68 69 73 2e 5f 67 65 74 49 74 65 6d 49 6e 64 65 Data Ascii: ].slice.call(this._indicatorsElement.querySelectorAll(Z));g(e).removeClass(V);var n=this._indicatorsElement.children[this._getItemIndex(t)];n&&g(n).addClass(V)}},t._slide=function(t,e){var n,i,o,r=this,s=this._element.querySelector(tt),a=this._getItemInde

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49742	104.17.25.14	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:41 UTC	617	OUT	GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://barela.sistemaitsseg.com.br sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://barela.sistemaitsseg.com.br/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-26 13:15:41 UTC	963	IN	HTTP/1.1 200 OK Date: Fri, 26 Apr 2024 13:15:41 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb03fa9-520c" Last-Modified: Mon, 04 May 2020 16:15:37 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 28549 Expires: Wed, 16 Apr 2025 13:15:41 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCogLVRjd9KnMrdMl4kCAmYs98oqx9bHheevIiz9jD8RZAVkzIpnynnY7VlHHWikBmCdkQ2zlqyJBK%2BzRq%2BmQBcLSGJbIdqd1vBNXM%2F%2FUfgpG0pqal%2FaNblNC2FiCbO0lV%2Bl2wsU"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 87a6d7d2286dda73-MIA alt-svc: h3=":443"; ma=86400
2024-04-26 13:15:41 UTC	406	IN	Data Raw: 35 32 30 63 0d 0a 2f 2a 0a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 46 65 64 65 72 69 63 6f 20 5a 69 76 6f 6c 6f 20 32 30 31 39 0a 20 44 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 28 6c 69 63 65 6e 73 65 20 74 65 72 6d 73 20 61 72 65 20 61 74 20 68 74 74 70 3a 2f 2f 6f 70 65 6e 73 6f 75 72 63 65 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 73 2f 4d 49 54 29 2e 0a 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 27 6f 62 6a 65 63 74 27 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 27 75 6e 64 65 66 69 6e 65 64 27 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 27 66 75 6e 63 74 69 6f 6e 27 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 Data Ascii: 520c/* Copyright (C) Federico Zivolo 2019 Distributed under the MIT License (license terms are at http://opensource.org/licenses/MIT). */(function(e,t){'object'==typeof exports&&'undefined'!=typeof module?module.exports=t():'function'==typeof define&
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 31 21 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 29 72 65 74 75 72 6e 5b 5d 3b 76 61 72 20 6f 3d 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2e 64 65 66 61 75 6c 74 56 69 65 77 2c 6e 3d 6f 2e 67 65 74 43 6f 6d 70 75 74 65 64 53 74 79 6c 65 28 65 2c 6e 75 6c 6c 29 3b 72 65 74 75 72 6e 20 74 3f 6e 5b 74 5d 3a 6e 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 65 29 7b 72 65 74 75 72 6e 27 48 54 4d 4c 27 3d 3d 3d 65 2e 6e 6f 64 65 4e 61 6d 65 3f 65 3a 65 2e 70 61 72 65 6e 74 4e 6f 64 65 7c 7c 65 2e 68 6f 73 74 7d 66 75 6e 63 74 69 6f 6e 20 6e 28 65 29 7b 69 66 28 21 65 29 72 65 74 75 72 6e 20 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 3b 73 77 69 74 63 68 28 65 2e 6e 6f 64 65 4e 61 6d 65 29 7b 63 61 73 65 27 48 54 4d 4c 27 3a 63 61 73 65 27 42 4f 44 59 27 3a 72 65 74 75 72 6e 20 Data Ascii: 1!==e.nodeType)return[];var o=e.ownerDocument.defaultView,n=o.getComputedStyle(e,null);return t?n[t]:n}function o(e){return'HTML'===e.nodeName?e:e.parentNode\|\|e.host}function n(e){if(!e)return document.body;switch(e.nodeName){case'HTML':case'BODY':return
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 6c 65 6e 67 74 68 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3a 27 74 6f 70 27 2c 6f 3d 27 74 6f 70 27 3d 3d 3d 74 3f 27 73 63 72 6f 6c 6c 54 6f 70 27 3a 27 73 63 72 6f 6c 6c 4c 65 66 74 27 2c 6e 3d 65 2e 6e 6f 64 65 4e 61 6d 65 3b 69 66 28 27 42 4f 44 59 27 3d 3d 3d 6e 7c 7c 27 48 54 4d 4c 27 3d 3d 3d 6e 29 7b 76 61 72 20 69 3d 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 72 3d 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2e 73 63 72 6f 6c 6c 69 6e 67 45 6c 65 6d 65 6e 74 7c 7c 69 3b 72 65 74 75 72 6e 20 72 5b 6f 5d 7d 72 65 74 75 72 6e 20 65 5b 6f 5d 7d 66 75 6e 63 74 69 6f 6e 20 66 28 65 2c 74 29 7b 76 61 72 20 6f 3d 32 3c 61 72 67 75 6d Data Ascii: length&&void 0!==arguments[1]?arguments[1]:'top',o='top'===t?'scrollTop':'scrollLeft',n=e.nodeName;if('BODY'===n\|\|'HTML'===n){var i=e.ownerDocument.documentElement,r=e.ownerDocument.scrollingElement\|\|i;return r[o]}return e[o]}function f(e,t){var o=2<argum
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 6f 6d 2d 70 2e 74 6f 70 2c 66 3d 65 2e 6f 66 66 73 65 74 57 69 64 74 68 2d 64 2c 68 3d 65 2e 6f 66 66 73 65 74 48 65 69 67 68 74 2d 61 3b 69 66 28 66 7c 7c 68 29 7b 76 61 72 20 75 3d 74 28 65 29 3b 66 2d 3d 6d 28 75 2c 27 78 27 29 2c 68 2d 3d 6d 28 75 2c 27 79 27 29 2c 70 2e 77 69 64 74 68 2d 3d 66 2c 70 2e 68 65 69 67 68 74 2d 3d 68 7d 72 65 74 75 72 6e 20 67 28 70 29 7d 66 75 6e 63 74 69 6f 6e 20 62 28 65 2c 6f 29 7b 76 61 72 20 69 3d 32 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 32 5d 26 26 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 70 3d 72 28 31 30 29 2c 73 3d 27 48 54 4d 4c 27 3d 3d 3d 6f 2e 6e 6f 64 65 4e 61 6d 65 2c 64 3d 75 28 65 29 2c 61 3d 75 28 6f 29 2c 6c 3d 6e 28 65 29 2c 6d Data Ascii: om-p.top,f=e.offsetWidth-d,h=e.offsetHeight-a;if(f\|\|h){var u=t(e);f-=m(u,'x'),h-=m(u,'y'),p.width-=f,p.height-=h}return g(p)}function b(e,o){var i=2<arguments.length&&void 0!==arguments[2]&&arguments[2],p=r(10),s='HTML'===o.nodeName,d=u(e),a=u(o),l=n(e),m
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 34 5d 26 26 61 72 67 75 6d 65 6e 74 73 5b 34 5d 2c 73 3d 7b 74 6f 70 3a 30 2c 6c 65 66 74 3a 30 7d 2c 64 3d 70 3f 45 28 65 29 3a 61 28 65 2c 74 29 3b 69 66 28 27 76 69 65 77 70 6f 72 74 27 3d 3d 3d 72 29 73 3d 77 28 64 2c 70 29 3b 65 6c 73 65 7b 76 61 72 20 6c 3b 27 73 63 72 6f 6c 6c 50 61 72 65 6e 74 27 3d 3d 3d 72 3f 28 6c 3d 6e 28 6f 28 74 29 29 2c 27 42 4f 44 59 27 3d 3d 3d 6c 2e 6e 6f 64 65 4e 61 6d 65 26 26 28 6c 3d 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 29 29 3a 27 77 69 6e 64 6f 77 27 3d 3d 3d 72 3f 6c 3d 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 Data Ascii: ments.length&&void 0!==arguments[4]&&arguments[4],s={top:0,left:0},d=p?E(e):a(e,t);if('viewport'===r)s=w(d,p);else{var l;'scrollParent'===r?(l=n(o(t)),'BODY'===l.nodeName&&(l=e.ownerDocument.documentElement)):'window'===r?l=e.ownerDocument.documentElement
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 65 72 44 6f 63 75 6d 65 6e 74 2e 64 65 66 61 75 6c 74 56 69 65 77 2c 6f 3d 74 2e 67 65 74 43 6f 6d 70 75 74 65 64 53 74 79 6c 65 28 65 29 2c 6e 3d 70 61 72 73 65 46 6c 6f 61 74 28 6f 2e 6d 61 72 67 69 6e 54 6f 70 7c 7c 30 29 2b 70 61 72 73 65 46 6c 6f 61 74 28 6f 2e 6d 61 72 67 69 6e 42 6f 74 74 6f 6d 7c 7c 30 29 2c 69 3d 70 61 72 73 65 46 6c 6f 61 74 28 6f 2e 6d 61 72 67 69 6e 4c 65 66 74 7c 7c 30 29 2b 70 61 72 73 65 46 6c 6f 61 74 28 6f 2e 6d 61 72 67 69 6e 52 69 67 68 74 7c 7c 30 29 2c 72 3d 7b 77 69 64 74 68 3a 65 2e 6f 66 66 73 65 74 57 69 64 74 68 2b 69 2c 68 65 69 67 68 74 3a 65 2e 6f 66 66 73 65 74 48 65 69 67 68 74 2b 6e 7d 3b 72 65 74 75 72 6e 20 72 7d 66 75 6e 63 74 69 6f 6e 20 54 28 65 29 7b 76 61 72 20 74 3d 7b 6c 65 66 74 3a 27 72 69 67 68 Data Ascii: erDocument.defaultView,o=t.getComputedStyle(e),n=parseFloat(o.marginTop\|\|0)+parseFloat(o.marginBottom\|\|0),i=parseFloat(o.marginLeft\|\|0)+parseFloat(o.marginRight\|\|0),r={width:e.offsetWidth+i,height:e.offsetHeight+n};return r}function T(e){var t={left:'righ
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 29 2c 65 2e 70 6c 61 63 65 6d 65 6e 74 3d 4f 28 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 70 6c 61 63 65 6d 65 6e 74 2c 65 2e 6f 66 66 73 65 74 73 2e 72 65 66 65 72 65 6e 63 65 2c 74 68 69 73 2e 70 6f 70 70 65 72 2c 74 68 69 73 2e 72 65 66 65 72 65 6e 63 65 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 6d 6f 64 69 66 69 65 72 73 2e 66 6c 69 70 2e 62 6f 75 6e 64 61 72 69 65 73 45 6c 65 6d 65 6e 74 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 6d 6f 64 69 66 69 65 72 73 2e 66 6c 69 70 2e 70 61 64 64 69 6e 67 29 2c 65 2e 6f 72 69 67 69 6e 61 6c 50 6c 61 63 65 6d 65 6e 74 3d 65 2e 70 6c 61 63 65 6d 65 6e 74 2c 65 2e 70 6f 73 69 74 69 6f 6e 46 69 78 65 64 3d 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 70 6f 73 69 74 69 6f 6e 46 69 78 65 64 2c 65 2e 6f 66 66 73 65 74 73 2e 70 Data Ascii: ),e.placement=O(this.options.placement,e.offsets.reference,this.popper,this.reference,this.options.modifiers.flip.boundariesElement,this.options.modifiers.flip.padding),e.originalPlacement=e.placement,e.positionFixed=this.options.positionFixed,e.offsets.p
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 65 77 3a 65 3b 70 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 74 2c 6f 2c 7b 70 61 73 73 69 76 65 3a 21 30 7d 29 2c 72 7c 7c 4d 28 6e 28 70 2e 70 61 72 65 6e 74 4e 6f 64 65 29 2c 74 2c 6f 2c 69 29 2c 69 2e 70 75 73 68 28 70 29 7d 66 75 6e 63 74 69 6f 6e 20 46 28 65 2c 74 2c 6f 2c 69 29 7b 6f 2e 75 70 64 61 74 65 42 6f 75 6e 64 3d 69 2c 41 28 65 29 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 72 65 73 69 7a 65 27 2c 6f 2e 75 70 64 61 74 65 42 6f 75 6e 64 2c 7b 70 61 73 73 69 76 65 3a 21 30 7d 29 3b 76 61 72 20 72 3d 6e 28 65 29 3b 72 65 74 75 72 6e 20 4d 28 72 2c 27 73 63 72 6f 6c 6c 27 2c 6f 2e 75 70 64 61 74 65 42 6f 75 6e 64 2c 6f 2e 73 63 72 6f 6c 6c 50 61 72 65 6e 74 73 29 2c 6f 2e 73 63 72 6f 6c 6c 45 6c 65 6d 65 6e 74 3d 72 2c Data Ascii: ew:e;p.addEventListener(t,o,{passive:!0}),r\|\|M(n(p.parentNode),t,o,i),i.push(p)}function F(e,t,o,i){o.updateBound=i,A(e).addEventListener('resize',o.updateBound,{passive:!0});var r=n(e);return M(r,'scroll',o.updateBound,o.scrollParents),o.scrollElement=r,
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 6d 28 6e 2e 74 6f 70 29 2c 62 6f 74 74 6f 6d 3a 6d 28 6e 2e 62 6f 74 74 6f 6d 29 2c 72 69 67 68 74 3a 66 28 6e 2e 72 69 67 68 74 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 4b 28 65 2c 74 2c 6f 29 7b 76 61 72 20 6e 3d 43 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6f 3d 65 2e 6e 61 6d 65 3b 72 65 74 75 72 6e 20 6f 3d 3d 3d 74 7d 29 2c 69 3d 21 21 6e 26 26 65 2e 73 6f 6d 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 6e 61 6d 65 3d 3d 3d 6f 26 26 65 2e 65 6e 61 62 6c 65 64 26 26 65 2e 6f 72 64 65 72 3c 6e 2e 6f 72 64 65 72 7d 29 3b 69 66 28 21 69 29 7b 76 61 72 20 72 3d 27 60 27 2b 74 2b 27 60 27 3b 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 27 60 27 2b 6f 2b 27 60 27 2b 27 20 6d 6f 64 69 66 69 65 72 20 69 73 20 72 65 71 75 69 72 65 Data Ascii: m(n.top),bottom:m(n.bottom),right:f(n.right)}}function K(e,t,o){var n=C(e,function(e){var o=e.name;return o===t}),i=!!n&&e.some(function(e){return e.name===o&&e.enabled&&e.order<n.order});if(!i){var r='`'+t+'`';console.warn('`'+o+'`'+' modifier is require
2024-04-26 13:15:41 UTC	1369	IN	Data Raw: 3b 72 65 74 75 72 6e 20 61 3d 61 2e 6d 61 70 28 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 76 61 72 20 69 3d 28 31 3d 3d 3d 6e 3f 21 72 3a 72 29 3f 27 68 65 69 67 68 74 27 3a 27 77 69 64 74 68 27 2c 70 3d 21 31 3b 72 65 74 75 72 6e 20 65 2e 72 65 64 75 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 27 27 3d 3d 3d 65 5b 65 2e 6c 65 6e 67 74 68 2d 31 5d 26 26 2d 31 21 3d 3d 5b 27 2b 27 2c 27 2d 27 5d 2e 69 6e 64 65 78 4f 66 28 74 29 3f 28 65 5b 65 2e 6c 65 6e 67 74 68 2d 31 5d 3d 74 2c 70 3d 21 30 2c 65 29 3a 70 3f 28 65 5b 65 2e 6c 65 6e 67 74 68 2d 31 5d 2b 3d 74 2c 70 3d 21 31 2c 65 29 3a 65 2e 63 6f 6e 63 61 74 28 74 29 7d 2c 5b 5d 29 2e 6d 61 70 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 5f 28 65 2c 69 2c 74 2c 6f Data Ascii: ;return a=a.map(function(e,n){var i=(1===n?!r:r)?'height':'width',p=!1;return e.reduce(function(e,t){return''===e[e.length-1]&&-1!==['+','-'].indexOf(t)?(e[e.length-1]=t,p=!0,e):p?(e[e.length-1]+=t,p=!1,e):e.concat(t)},[]).map(function(e){return _(e,i,t,o

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49745	104.17.25.14	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:42 UTC	666	OUT	GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2 HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://barela.sistemaitsseg.com.br sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-26 13:15:43 UTC	980	IN	HTTP/1.1 200 OK Date: Fri, 26 Apr 2024 13:15:43 GMT Content-Type: application/octet-stream; charset=utf-8 Content-Length: 80300 Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: "5f7b5b5f-139ac" Last-Modified: Mon, 05 Oct 2020 17:43:59 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 245667 Expires: Wed, 16 Apr 2025 13:15:43 GMT Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXqY8Btvgqn9%2FNSLap1avGjeg3NJtIGN7zKGEoekBrHPPZ8RXch4k72OgDEUL7IybKBHQphBx3hGMVA%2B%2FuLfr2Ugr%2FY9giQdffuVmAod8yiRSkhdzY5dX7bEdEnCjax1yDn%2BLKor"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 87a6d7da6966743d-MIA alt-svc: h3=":443"; ma=86400
2024-04-26 13:15:43 UTC	389	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 01 39 ac 00 0d 00 00 00 03 1e ec 00 01 39 52 01 4b 85 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 1e 06 60 00 99 4e 11 08 0a 8a f4 60 88 ce 40 01 36 02 24 03 9f 30 0b 9f 34 00 04 20 05 8a 2b 07 e2 2e 5b 32 7b 92 01 32 ef a7 51 32 be ad 0a 4c 34 6e e4 2b a6 9b 3b 05 ba 0d a0 e6 45 aa 8c 74 ae 84 3b de dd 4a e4 d4 10 71 65 ff ff ff ff bf ef 68 88 39 a5 b3 75 b6 63 c7 e9 47 52 fa d1 01 85 75 0c d8 43 92 21 db 9d 13 a5 5c 86 5a a9 96 06 1f d1 bd d0 38 95 55 c1 3a 61 83 ba a5 15 09 eb dd 83 35 2f 7d d9 af 3a 15 e3 91 0e 3c 3b 76 89 9d 33 5a 45 a2 34 e6 b1 94 f0 63 68 7a f0 c5 14 1f 59 2c 16 4e 23 c6 3a 96 80 21 f8 1c 7e 89 52 51 6b c5 62 96 a0 3e 4c c3 c0 4f c6 95 14 28 92 21 1a 26 14 fd 08 7f Data Ascii: wOF299RK`?FFTM`N`@6$04 +.[2{2Q2L4n+;Et;Jqeh9ucGRuC!\Z8U:a5/}:<;v3ZE4chzY,N#:!~RQkb>LO(!&
2024-04-26 13:15:43 UTC	1369	IN	Data Raw: 48 fc 69 0a 6e 09 0a 9e 2c 0f f8 0a f8 46 32 f6 cf cb 35 63 6e 35 a0 c6 57 94 7c ba 46 49 f1 1d c9 b8 fd e9 3d 97 3a e2 af 5d 4d 45 cc f6 1b 64 8c df bd f7 b2 ee 2d a0 da 8a 1f f2 cf de cb ba e2 7f e8 2d da 0b d8 c6 10 eb 9f 98 0a ed 60 d9 3d 90 fb d0 4f 1e be 96 b5 f7 bb 77 99 ad 9a 9b da b9 94 e7 88 2e cb 14 55 4e f2 1c 21 59 94 44 e3 70 c8 33 12 f2 6a 38 47 a1 52 fb fd cf 7d de 79 59 40 bf 6e 0b 64 11 66 09 84 a9 03 54 74 7c cf 99 4f e8 be 2a 25 05 c2 79 c9 12 09 59 84 d4 95 d3 ff 00 02 01 07 ec d2 75 c9 7e 84 1e 4e eb 0e f8 2f 04 38 c4 cf ed df 23 72 f0 36 6a 03 e3 e6 c0 c8 d1 b3 8f 68 63 58 79 53 29 f3 d9 03 eb 66 e5 ac 7e 46 f5 59 81 0e e5 7f a1 9f 3d 93 51 7d 43 e0 b6 0e d9 53 50 41 14 c5 8d 82 ee 84 ed 40 05 54 d0 0d 2e 30 b3 5c a3 01 4d b1 a5 65 Data Ascii: Hin,F25cn5W\|FI=:]MEd--`=Ow.UN!YDp3j8GR}yY@ndfTt\|O*%yYu~N/8#r6jhcXyS)f~FY=Q}CSPA@T.0\Me
2024-04-26 13:15:43 UTC	1369	IN	Data Raw: eb 6e 88 0e 9f 7e ec c2 7b 7d 7e 53 32 d3 95 a5 c6 58 39 43 a5 3a 21 3b 9f 95 e9 c1 88 07 fd c9 c9 f5 d9 62 d0 de 57 78 96 1d bf cd 97 bc bd fd be 03 3b a2 8b 7b d5 a5 e0 f5 a8 fa 67 71 d4 bd dd 9b ea ea 2c dc 2d 36 84 9a ff 61 78 75 10 1a ea dc f2 2c e6 4d 32 78 3d 8b 1e eb 32 9e 86 ff f6 a0 e0 f9 e8 30 bb 17 fb 8b 5f 8f 4b 97 29 5b 37 5d ff fa bb bc e3 f7 b7 17 8c 51 9c a4 da 5e dd ff d7 93 ac 1c 5f 0d 7b f1 c0 51 d2 d1 b3 e1 92 1b 1e 78 c9 eb bc 0b 0e 03 8f 85 4f c6 37 28 02 12 0a 1a 16 35 2d 03 3b 7e a1 e0 11 90 d0 30 f1 ce e5 cd a9 b9 c9 de 0b 1f 7d e1 47 f2 7a b6 1e 5e fc 2f 25 af a4 ae 6d 68 ea ec c6 9d 07 3f ab 68 18 59 db 3a 38 db ff 71 7a fb f1 da 39 bb 7e c7 7b de 2f f3 16 2e de 67 d1 4e bb 0c 8f 9f 3c 7d f1 b2 d5 9b f7 bd df fe 2a 0a 62 63 74 Data Ascii: n~{}~S2X9C:!;bWx;{gq,-6axu,M2x=20_K)[7]Q^_{QxO7(5-;~0}Gz^/%mh?hY:8qz9~{/.gN<}*bct
2024-04-26 13:15:43 UTC	1369	IN	Data Raw: 8e 1a 2e f2 8d 53 ce 1d 8d bd 43 b6 17 a5 cc dd b4 cb 32 29 fe 5d f1 5e 76 48 15 61 05 27 65 23 ad 35 86 b2 94 41 3c 9a b9 2c b5 2e d6 0b ef 8f 0a 95 90 13 cc 9c ae 9a 9d 59 e9 0b fc 6d 66 a4 3a e8 90 ea 69 3f af 64 aa 04 28 9e 18 94 ca f0 52 6d 6a d6 0b ab 59 56 94 06 f6 59 a6 dc 6a eb d5 39 d8 04 38 5d 46 0a ac d4 c7 ba 6b a0 6a cf c0 6a d2 a2 ee 26 99 2f bb 4f 06 1b dc 26 90 b2 81 86 e3 6f 4a fb 3a 3e 5d 8b 38 b9 b0 53 bb ee 70 6a 68 18 af cf 86 71 b1 d0 46 93 3a 76 cc ff 86 7f f0 77 30 a6 3d 3c 9d 7f 1c 12 c5 5b ef bf e4 b9 26 77 3a bf 42 a8 8d 7b 53 82 0a 4a e6 d0 7e 79 8e bb 5f 28 7b f9 25 5c b2 a4 5b 2d 76 f3 c3 79 2a e6 b4 df 62 3e 58 03 f6 f4 34 d7 d9 91 73 fa 3a 1e 41 c1 98 bb 1f e1 f0 41 7f 49 4a e0 aa b0 57 03 31 0d 2d 55 43 b8 b6 58 20 cf 56 Data Ascii: .SC2)]^vHa'e#5A<,.Ymf:i?d(RmjYVYj98]Fkjj&/O&oJ:>]8SpjhqF:vw0=<[&w:B{SJ~y_({%\[-vy*b>X4s:AAIJW1-UCX V
2024-04-26 13:15:43 UTC	1369	IN	Data Raw: 19 bd 56 27 4f 5a 82 e0 57 fe 14 fd ac 27 a6 4d 53 2a f2 5d d3 ad c2 c2 6f 9b 23 f2 f8 42 52 fc c6 8f 05 37 0f 4c a7 28 03 a7 59 80 02 e7 0a 24 38 eb 25 14 78 57 51 cc 9c b5 69 e6 84 c6 35 09 18 44 5c 0f 3d c9 6c 46 5f f1 3d b2 2a 04 2a be ec 45 8e 94 33 21 95 96 e3 32 a3 77 26 32 a7 d1 96 dc 63 4a ef ab c0 10 00 87 af 1d fb 7c 78 9c 31 97 b9 b2 33 63 2c b1 9b a9 8d a1 b9 34 cd a5 97 5c cc 46 d6 93 c9 94 89 58 26 69 9a 4c 65 f0 32 c8 e6 8c ae 22 80 25 ef 15 2e e4 75 82 f5 75 50 d6 36 b8 ad d9 15 7a a9 a3 65 3e 5a eb ec c9 e6 33 87 52 ab 07 1e 1e 1b 28 66 c5 bd d1 79 b8 ce 3f 46 5a 32 a8 6b d4 b6 a2 21 6f 95 6b 9a 7f 49 59 ed 76 e7 a6 2a 47 db 9d ed c3 cc 8f 28 85 bc 3d 97 74 5c ae d2 d2 24 19 55 94 e5 4f 9b d6 de a9 fc 06 27 cf e2 ac 5e e2 37 c9 74 e3 bc Data Ascii: V'OZW'MS]o#BR7L(Y$8%xWQi5D\=lF_=E3!2w&2cJ\|x13c,4\FX&iLe2"%.uuP6ze>Z3R(fy?FZ2k!okIYvG(=t\$UO'^7t
2024-04-26 13:15:43 UTC	1369	IN	Data Raw: b2 8d 09 21 2c 27 bf cd 33 6a 3d 34 6b 08 25 44 4a fe c4 9f 0c 13 fc 27 53 f7 ec 2c d5 97 55 db de 18 71 91 41 4f 6a 68 87 2e be cb f1 3e 49 0a 92 3a d5 84 1b 0e a2 e1 e5 db 2f bf 8d 08 cb c3 fe 52 37 b8 58 07 82 83 c9 c9 be 2a 49 b9 89 18 4f 36 5d e1 e1 68 49 8b 04 f4 5d 88 4b 3a 20 f9 0e 0b 75 19 34 08 cb 63 85 b5 ab 58 c1 10 36 21 b5 05 82 b0 3d a0 ee 81 60 7b 26 48 56 71 0f a8 56 80 93 18 16 1a c3 cd 10 f7 bb a6 63 2d 32 52 a1 7d 7f 99 fc 44 dd 33 46 f6 c4 54 1d 0f ca 0b 42 fa 0c 11 b8 21 54 80 50 62 2c 60 a6 e7 3a 07 cd 95 2c 99 81 8c cd 02 d7 99 fa aa c8 59 01 b8 15 c1 b9 08 09 5a 63 91 c2 2a 1d c0 c6 2b f2 85 95 69 eb c6 db 12 3b de bb 17 b6 11 c8 b0 8b 11 0d 76 74 da fd b4 91 6e 53 2c 64 b6 41 da 50 02 51 76 49 20 5a d2 e4 61 5c 41 04 d8 a1 55 36 Data Ascii: !,'3j=4k%DJ'S,UqAOjh.>I:/R7XIO6]hI]K: u4cX6!=`{&HVqVc-2R}D3FTB!TPb,`:,YZc+i;vtnS,dAPQvI Za\AU6
2024-04-26 13:15:43 UTC	1369	IN	Data Raw: 0f 34 f4 43 73 6c 0d 8d 86 0a 3d 67 c0 70 2e 93 22 b3 31 33 f0 d2 d3 0f a7 c9 fc db 27 b1 8f a7 6c 50 41 28 ec 66 0d 44 65 f3 b1 f1 7b e0 23 8a 05 3b 3a a0 52 0d f9 b4 87 f9 20 1a d6 02 0f 61 8e c4 07 34 63 b3 dd 04 4d aa e3 79 f0 88 1a 9a 26 b3 42 e0 ca f1 76 5a 44 4d 68 a6 e8 d5 28 de db e8 a6 75 1a 6c 3e c9 4c c4 00 9b 13 76 3a ef 59 c2 eb ef 18 57 1e 2e 4d 9a e1 ec 6c 76 9c c9 4c f3 d7 0a 0e 85 f1 03 a2 e5 53 d4 7e 0e 7a e0 69 80 74 75 2d b5 e4 7d 4c da 44 a2 9d ad 65 db 36 1d 9e 4e df 8c 08 7d e5 6b b9 a7 87 a7 9c b4 b3 8d 48 29 e0 16 47 44 16 6e d1 de d3 8a f1 49 52 41 22 45 89 70 a9 4e 6d ff cb 4f 0d 9e ca 8e cc 78 1e d4 54 4c 3f 60 29 f4 d0 00 bb e4 6c 84 19 63 64 42 a8 f3 1a 90 d6 d1 10 cb 89 91 9f 26 fa 83 4b d8 a6 b8 1f ca 24 ef 07 52 36 3b bd Data Ascii: 4Csl=gp."13'lPA(fDe{#;:R a4cMy&BvZDMh(ul>Lv:YW.MlvLS~zitu-}LDe6N}kH)GDnIRA"EpNmOxTL?`)lcdB&K$R6;
2024-04-26 13:15:43 UTC	1369	IN	Data Raw: 5d ce 5a 19 8e 4b 4a 27 16 6c fc 51 4d cd 06 8f d4 28 93 93 e3 cc c0 e5 9c cc 4d 53 31 36 d1 7d c6 b8 32 91 10 b3 c9 03 72 1c b2 69 a2 3f 42 d5 2e 33 5e 74 3b a7 58 05 65 29 f2 77 3a 3b ba 60 d3 1c af 1c 2b b7 34 1b 1b 5b c8 43 3e 32 cf f5 57 47 af 0f d7 48 17 0c 53 e9 c5 8a a3 7e 68 70 b8 37 c1 b5 b5 34 7c 79 f8 93 7c 90 3d 1b 32 9d 3d c1 5d 6b 2a 08 c6 42 f0 09 0d 44 b1 2f d3 18 8f 42 d0 02 f1 3d 53 84 6d 29 8f dc c1 dd 4e 8b f4 f8 e0 bb fd 13 50 8a 34 5d 5d bd 83 8f 6c ba 8b 20 98 19 4c 68 84 32 d3 f7 78 2c d3 e6 ea 11 11 69 95 ba 3e e1 a5 b4 ff f9 11 ae 30 e6 57 e2 aa cc 30 81 ca 68 d9 26 a5 ea d6 7c 7a 39 b0 46 6f 75 a2 76 9c ef 38 39 28 02 f2 eb f0 98 ee 44 bf 18 3c d6 3b bd b0 38 b0 0a 43 a0 a1 bf 24 8b c4 a2 3d 34 c5 e6 ea 95 02 0c 5f 18 71 de 3e Data Ascii: ]ZKJ'lQM(MS16}2ri?B.3^t;Xe)w:;`+4[C>2WGHS~hp74\|y\|=2=]k*BD/B=Sm)NP4]]l Lh2x,i>0W0h&\|z9Fouv89(D<;8C$=4_q>
2024-04-26 13:15:43 UTC	1369	IN	Data Raw: df 9f cd 88 38 8f 9b 89 93 fc 44 fd 3b 0b 88 d4 af 09 a8 10 6c 60 95 8e 09 51 56 91 5c c8 4f d7 1d 17 67 35 c2 eb af 11 40 39 cb c1 d7 0b 95 9b 27 83 8b 5a a2 f2 ac 45 90 a6 b2 5e be 74 d5 37 3c d2 df 3b 34 c8 8f bd 71 ed f8 d1 ab 57 66 cb da 91 ad ae cc 5f f8 be 5e 9c 41 9b 72 35 c1 ef fd 0d 66 86 94 b9 17 6a 12 d1 26 27 41 5e db a3 2f 9b 34 2b 52 58 3a 8b 77 75 ef 8d c9 18 a1 4d 20 ad ea a7 c1 13 f5 c8 af 58 3a 0c ce 96 3c d2 ba 35 a7 ab f4 ae c6 aa 7a 87 00 21 27 50 c5 85 7f 08 f3 9d d4 29 a7 ab 13 f3 03 53 f4 74 d8 6e e7 8d 87 d6 36 90 60 75 53 ba a1 42 20 7a 3d 6c 03 2f 66 7b bc cd 72 7d 37 44 68 00 93 02 10 c3 b8 21 cb f9 4e 57 53 cd a7 5e 49 e9 2a 28 93 a8 09 73 e9 d7 14 4c cb 69 9c bc 53 a6 0e 3f 34 99 3c 9c e2 c1 5d 99 1a 8c 07 55 2a e0 c2 30 46 Data Ascii: 8D;l`QV\Og5@9'ZE^t7<;4qWf_^Ar5fj&'A^/4+RX:wuM X:<5z!'P)Stn6`uSB z=l/f{r}7Dh!NWS^I(sLiS?4<]U0F
2024-04-26 13:15:43 UTC	1369	IN	Data Raw: 75 90 4c a2 9e c7 2d cf 70 9f 4e f2 76 77 7d 27 0f fc 46 91 90 d4 6d e2 1d ea 9a d4 b8 88 b1 a7 5f b6 59 00 8e 8b 06 4a 0c 24 18 04 57 a1 cf 69 5b df ef b5 72 34 77 9d d0 6c 71 9d 26 c1 9e 6e d9 9e 29 bc 4f 6d 94 61 36 6f 30 5b ac 45 c0 22 72 49 6e 52 d7 32 2e 44 10 81 4f e0 bc e4 0b e5 b1 ed ef 0d 30 bf e1 a8 e5 41 71 06 1d b3 dd cf 95 c1 00 2d 73 16 7a f2 76 3c 28 2f d3 38 79 61 2c 06 5f 99 eb 7f 7a 3b 5e ec 57 f1 c9 0b 5a 39 5a 4e 78 a0 81 6f 6c 47 92 65 32 5a e3 f7 6e f4 8d b2 ab cf 91 77 ba 1e d4 b5 f0 4c 1a a6 9e 01 bc 4a 8a df 10 8f 96 40 5f 2b 03 e9 1f bc b3 10 79 4c 0e f4 ab 04 00 42 be 8a 5e d2 8e 6e f2 f3 e5 d1 cf 84 09 10 e5 86 d6 c7 e5 ae 92 71 57 75 3c bd 2e 9a 3d 8a 6f 41 34 2b 71 a9 3f 00 fc 35 f1 d5 cd a3 67 ba b7 ec 79 76 41 72 8f fb 16 Data Ascii: uL-pNvw}'Fm_YJ$Wi[r4wlq&n)Oma6o0[E"rInR2.DO0Aq-szv<(/8ya,_z;^WZ9ZNxolGe2ZnwLJ@_+yLB^nqWu<.=oA4+q?5gyvAr

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.4	49747	23.204.76.112	443

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:43 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-26 13:15:43 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (chd/0758) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus-z1 Cache-Control: public, max-age=64082 Date: Fri, 26 Apr 2024 13:15:43 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.4	49748	52.67.16.6	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:46 UTC	1007	OUT	GET /favicon.ico HTTP/1.1 Host: barela.sistemaitsseg.com.br Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg== Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: _mbswebD=eyJpdiI6ImRaTmhkNlpGU041Q2hlWDdPR2xyRWc9PSIsInZhbHVlIjoiMFc4S3p0d2ZBNmcrbmJCcUlKSElRWlJ2akZDSG5tOGFBK3hyVXpGcTlJaVVoV2JVZ0kvNm9RcHUvbkl3UDdIS0pDS1p3eTJKakpPTTk2Rk0zRmtmUXkyODRLczg3Y0lXWkpSWStYNkQrSmpQRmJQdXE4aEZSRXc1ZXZzQ1pTb2giLCJtYWMiOiI4YjYxNmE5OTRhYmFmMGU1MDIzM2I0NWE0M2IzMDU2N2ZiNjEyZDdiZGVjOWMyMjliM2E5N2Y3MjRjOWNkODFlIiwidGFnIjoiIn0%3D
2024-04-26 13:15:47 UTC	265	IN	HTTP/1.1 200 OK Server: nginx/1.23.4 Date: Fri, 26 Apr 2024 13:15:47 GMT Content-Type: image/x-icon Content-Length: 0 Last-Modified: Sun, 21 May 2023 23:59:45 GMT Connection: close ETag: "646ab071-0" X-XSS-Protection: 1; mode=block Accept-Ranges: bytes

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.4	49749	23.204.76.112	443

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:47 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-26 13:15:47 UTC	530	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0DZ+oYgAAAABSxwJpMgMuSLkfS640ajfFQVRBRURHRTEyMTkAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm Cache-Control: public, max-age=64072 Date: Fri, 26 Apr 2024 13:15:47 GMT Content-Length: 55 Connection: close X-CID: 2
2024-04-26 13:15:47 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.4	49751	52.67.16.6	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:47 UTC	746	OUT	GET /assets/img/logo_itsseg_sistema.png HTTP/1.1 Host: barela.sistemaitsseg.com.br Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: _mbswebD=eyJpdiI6ImRaTmhkNlpGU041Q2hlWDdPR2xyRWc9PSIsInZhbHVlIjoiMFc4S3p0d2ZBNmcrbmJCcUlKSElRWlJ2akZDSG5tOGFBK3hyVXpGcTlJaVVoV2JVZ0kvNm9RcHUvbkl3UDdIS0pDS1p3eTJKakpPTTk2Rk0zRmtmUXkyODRLczg3Y0lXWkpSWStYNkQrSmpQRmJQdXE4aEZSRXc1ZXZzQ1pTb2giLCJtYWMiOiI4YjYxNmE5OTRhYmFmMGU1MDIzM2I0NWE0M2IzMDU2N2ZiNjEyZDdiZGVjOWMyMjliM2E5N2Y3MjRjOWNkODFlIiwidGFnIjoiIn0%3D
2024-04-26 13:15:47 UTC	268	IN	HTTP/1.1 200 OK Server: nginx/1.23.4 Date: Fri, 26 Apr 2024 13:15:47 GMT Content-Type: image/png Content-Length: 6675 Last-Modified: Sun, 21 May 2023 23:59:45 GMT Connection: close ETag: "646ab071-1a13" X-XSS-Protection: 1; mode=block Accept-Ranges: bytes
2024-04-26 13:15:47 UTC	6675	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 f0 00 00 00 6f 08 06 00 00 00 d2 65 4d 04 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 09 70 48 59 73 00 00 17 11 00 00 17 11 01 ca 26 f3 3f 00 00 00 07 74 49 4d 45 07 e4 0a 02 11 01 15 c8 9a 3f f3 00 00 19 02 49 44 41 54 78 da ed 9d 79 b4 1c 55 9d c7 3f b7 fa f5 f2 b6 bc 6c 44 c8 46 08 bb a0 44 08 62 04 1c 54 40 05 c1 05 c7 d1 19 1d 19 e7 8c cb b8 8f 3a 1e 19 c6 d1 19 1d 3d 6e e3 06 23 2e 88 8e 28 0a 28 0c a3 88 88 3a c0 b8 40 04 89 ac 4a c8 4a 42 92 97 e4 bd 74 bf a5 fb 75 f7 9d 3f 7e d5 ef d5 ab 57 d5 Data Ascii: PNGIHDRoeMgAMAa cHRMz&u0`:pQ<bKGDpHYs&?tIME?IDATxyU?lDFDbT@:=n#.((:@JJBtu?~W

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.4	49750	52.67.16.6	443	2472	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:47 UTC	723	OUT	GET /favicon.ico HTTP/1.1 Host: barela.sistemaitsseg.com.br Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: _mbswebD=eyJpdiI6ImRaTmhkNlpGU041Q2hlWDdPR2xyRWc9PSIsInZhbHVlIjoiMFc4S3p0d2ZBNmcrbmJCcUlKSElRWlJ2akZDSG5tOGFBK3hyVXpGcTlJaVVoV2JVZ0kvNm9RcHUvbkl3UDdIS0pDS1p3eTJKakpPTTk2Rk0zRmtmUXkyODRLczg3Y0lXWkpSWStYNkQrSmpQRmJQdXE4aEZSRXc1ZXZzQ1pTb2giLCJtYWMiOiI4YjYxNmE5OTRhYmFmMGU1MDIzM2I0NWE0M2IzMDU2N2ZiNjEyZDdiZGVjOWMyMjliM2E5N2Y3MjRjOWNkODFlIiwidGFnIjoiIn0%3D
2024-04-26 13:15:47 UTC	265	IN	HTTP/1.1 200 OK Server: nginx/1.23.4 Date: Fri, 26 Apr 2024 13:15:47 GMT Content-Type: image/x-icon Content-Length: 0 Last-Modified: Sun, 21 May 2023 23:59:45 GMT Connection: close ETag: "646ab071-0" X-XSS-Protection: 1; mode=block Accept-Ranges: bytes

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.4	49755	13.85.23.86	443

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:15:50 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Y72UYATxxsAg21a&MD=W4ZoNTzP HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-04-26 13:15:50 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: afb4d271-6704-4321-a4ea-5f5d559526fd MS-RequestId: 185a9dbd-1428-4006-a8af-83ddb24e5f37 MS-CV: KjFJoGb32Ee8/b2T.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Fri, 26 Apr 2024 13:15:50 GMT Connection: close Content-Length: 24490
2024-04-26 13:15:50 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-04-26 13:15:50 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.4	49760	20.114.59.183	443

Timestamp	Bytes transferred	Direction	Data
2024-04-26 13:16:27 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Y72UYATxxsAg21a&MD=W4ZoNTzP HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-04-26 13:16:28 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "Mx1RoJH/qEwpWfKllx7sbsl28AuERz5IYdcsvtTJcgM=_2160" MS-CorrelationId: 53d2d881-38b7-498b-9630-8687c4dffc4d MS-RequestId: 93410841-0d70-4a5f-bf95-11eee0bd69ef MS-CV: 0FHBj6QkUEWvGDOj.0 X-Microsoft-SLSClientCache: 2160 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Fri, 26 Apr 2024 13:16:27 GMT Connection: close Content-Length: 25457
2024-04-26 13:16:28 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 51 22 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 db 8e 00 00 14 00 00 00 00 00 10 00 51 22 00 00 20 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 f3 43 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 0d 92 6f db e5 21 f3 43 43 4b ed 5a 09 38 55 5b df 3f 93 99 90 29 99 e7 29 ec 73 cc 4a 66 32 cf 84 32 64 c8 31 c7 11 52 38 87 90 42 66 09 99 87 32 0f 19 0a 09 51 a6 a8 08 29 53 86 4a 52 84 50 df 46 83 ba dd 7b df fb 7e ef 7d ee 7d bf ef 9e e7 d9 67 ef 35 ee b5 fe eb 3f ff b6 96 81 a2 0a 04 fc 31 40 21 5b 3f a5 ed 1b 04 0e 85 42 a0 10 04 64 12 6c a5 de aa a1 d8 ea f3 58 01 f2 f5 67 0b 5e 9b bd e8 a0 90 1d bf 40 88 9d eb 49 b4 87 9b ab 8b 9d 2b 46 c8 c7 c5 19 92 Data Ascii: MSCFQ"DQ" AdCenvironment.cabo!CCKZ8U[?))sJf22d1R8Bf2Q)SJRPF{~}}g5?1@![?BdlXg^@I+F
2024-04-26 13:16:28 UTC	9633	IN	Data Raw: 21 6f b3 eb a6 cc f5 31 be cf 05 e2 a9 fe fa 57 6d 19 30 b3 c2 c5 66 c9 6a df f5 e7 f0 78 bd c7 a8 9e 25 e3 f9 bc ed 6b 54 57 08 2b 51 82 44 12 fb b9 53 8c cc f4 60 12 8a 76 cc 40 40 41 9b dc 5c 17 ff 5c f9 5e 17 35 98 24 56 4b 74 ef 42 10 c8 af bf 7f c6 7f f2 37 7d 5a 3f 1c f2 99 79 4a 91 52 00 af 38 0f 17 f5 2f 79 81 65 d9 a9 b5 6b e4 c7 ce f6 ca 7a 00 6f 4b 30 44 24 22 3c cf ed 03 a5 96 8f 59 29 bc b6 fd 04 e1 70 9f 32 4a 27 fd 55 af 2f fe b6 e5 8e 33 bb 62 5f 9a db 57 40 e9 f1 ce 99 66 90 8c ff 6a 62 7f dd c5 4a 0b 91 26 e2 39 ec 19 4a 71 63 9d 7b 21 6d c3 9c a3 a2 3c fa 7f 7d 96 6a 90 78 a6 6d d2 e1 9c f9 1d fc 38 d8 94 f4 c6 a5 0a 96 86 a4 bd 9e 1a ae 04 42 83 b8 b5 80 9b 22 38 20 b5 25 e5 64 ec f7 f4 bf 7e 63 59 25 0f 7a 2e 39 57 76 a2 71 aa 06 8a Data Ascii: !o1Wm0fjx%kTW+QDS`v@@A\\^5$VKtB7}Z?yJR8/yekzoK0D$"<Y)p2J'U/3b_W@fjbJ&9Jqc{!m<}jxm8B"8 %d~cY%z.9Wvq

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 3852, Parent PID: 5064

General

Target ID:	0
Start time:	15:15:29
Start date:	26/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2472, Parent PID: 3852

General

Target ID:	2
Start time:	15:15:34
Start date:	26/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,4306642681312244959,14501220484676031705,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6380, Parent PID: 5064

General

Target ID:	3
Start time:	15:15:37
Start date:	26/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://barela.sistemaitsseg.com.br/download_faturamento.php?id=NjAxNg=="
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly