Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s

Overview

General Information

Sample URL:https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s
Analysis ID:756170
Infos:

Detection

HTMLPhisher
Score:72
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Misleading page title found
Yara detected HtmlPhish10
Antivirus detection for URL or domain
Queries the volume information (name, serial number etc) of a device
Yara signature match
Found iframes
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
No HTML title found
Detected potential crypto function
HTML body contains low number of good links

Classification

Process Tree

  • System is w10x64
  • cmd.exe (PID: 6032 cmdline: C:\Windows\system32\cmd.exe /c wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s" > cmdline.out 2>&1 MD5: F3BDBE3BB6F734E357235F4D5898582D)
    • conhost.exe (PID: 6012 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • wget.exe (PID: 5988 cmdline: wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s" MD5: 3DADB6E2ECE9C4B3E1E322E617658B60)
  • chrome.exe (PID: 5132 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\download\index.html@url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s.html MD5: 0FEC2748F363150DC54C1CAFFB1A9408)
    • chrome.exe (PID: 2288 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1616,i,5292400896411780733,13825633785752334259,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 MD5: 0FEC2748F363150DC54C1CAFFB1A9408)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
29025.1.pages.csvSUSP_obfuscated_JS_obfuscatorioDetects JS obfuscation done by the js obfuscator (often malicious)@imp0rtp3
  • 0x497d8:$c8: while(!![])
  • 0xb1f4c:$c8: while(!![])
  • 0x497f9:$d1: parseInt(_0xc8185d(0x1ee))/0x1+parseInt(_0xc8185d(0x1f9))/0x2*(-parseInt(_0xc8185d(0x207))/0x3)+parseInt(_0xc8185d(0x206))/0x4+-parseInt(_0xc8185d(0x1ef))/0x5*(parseInt(_0xc8185d(0x1fe))/0x6)+-
  • 0x49818:$d1: parseInt(_0xc8185d(0x1f9))/0x2*(-parseInt(_0xc8185d(0x207))/0x3)+parseInt(_0xc8185d(0x206))/0x4+-parseInt(_0xc8185d(0x1ef))/0x5*(parseInt(_0xc8185d(0x1fe))/0x6)+-parseInt(_0xc8185d(0x1fa))/0x7*(
  • 0x49839:$d1: parseInt(_0xc8185d(0x207))/0x3)+parseInt(_0xc8185d(0x206))/0x4+-parseInt(_0xc8185d(0x1ef))/0x5*(parseInt(_0xc8185d(0x1fe))/0x6)+-parseInt(_0xc8185d(0x1fa))/0x7*(parseInt(_0xc8185d(0x200))/0x8)+-
  • 0x49859:$d1: parseInt(_0xc8185d(0x206))/0x4+-parseInt(_0xc8185d(0x1ef))/0x5*(parseInt(_0xc8185d(0x1fe))/0x6)+-parseInt(_0xc8185d(0x1fa))/0x7*(parseInt(_0xc8185d(0x200))/0x8)+-parseInt(_0xc8185d(0x201))/0x9*(-
  • 0x49879:$d1: parseInt(_0xc8185d(0x1ef))/0x5*(parseInt(_0xc8185d(0x1fe))/0x6)+-parseInt(_0xc8185d(0x1fa))/0x7*(parseInt(_0xc8185d(0x200))/0x8)+-parseInt(_0xc8185d(0x201))/0x9*(-parseInt(_0xc8185d(0x1fb))/0xa)+
  • 0xb1f6a:$d1: parseInt(_0x5d57ec(0x1d9))/0x1+parseInt(_0x5d57ec(0x1c7))/0x2*(-parseInt(_0x5d57ec(0x1f1))/0x3)+-parseInt(_0x5d57ec(0x1dd))/0x4*(parseInt(_0x5d57ec(0x1cb))/0x5)+parseInt(_0x5d57ec(0x1ca))/0x6*(-
  • 0xb1f89:$d1: parseInt(_0x5d57ec(0x1c7))/0x2*(-parseInt(_0x5d57ec(0x1f1))/0x3)+-parseInt(_0x5d57ec(0x1dd))/0x4*(parseInt(_0x5d57ec(0x1cb))/0x5)+parseInt(_0x5d57ec(0x1ca))/0x6*(-parseInt(_0x5d57ec(0x1da))/0x7)+
  • 0xb1faa:$d1: parseInt(_0x5d57ec(0x1f1))/0x3)+-parseInt(_0x5d57ec(0x1dd))/0x4*(parseInt(_0x5d57ec(0x1cb))/0x5)+parseInt(_0x5d57ec(0x1ca))/0x6*(-parseInt(_0x5d57ec(0x1da))/0x7)+parseInt(_0x5d57ec(0x1fd))/0x8*(-
  • 0xb1fcb:$d1: parseInt(_0x5d57ec(0x1dd))/0x4*(parseInt(_0x5d57ec(0x1cb))/0x5)+parseInt(_0x5d57ec(0x1ca))/0x6*(-parseInt(_0x5d57ec(0x1da))/0x7)+parseInt(_0x5d57ec(0x1fd))/0x8*(-parseInt(_0x5d57ec(0x1d1))/0x9)+-
  • 0xb1feb:$d1: parseInt(_0x5d57ec(0x1cb))/0x5)+parseInt(_0x5d57ec(0x1ca))/0x6*(-parseInt(_0x5d57ec(0x1da))/0x7)+parseInt(_0x5d57ec(0x1fd))/0x8*(-parseInt(_0x5d57ec(0x1d1))/0x9)+-parseInt(_0x5d57ec(0x1e1))/0xa+-
  • 0xb200b:$d1: parseInt(_0x5d57ec(0x1ca))/0x6*(-parseInt(_0x5d57ec(0x1da))/0x7)+parseInt(_0x5d57ec(0x1fd))/0x8*(-parseInt(_0x5d57ec(0x1d1))/0x9)+-parseInt(_0x5d57ec(0x1e1))/0xa+-parseInt(_0x5d57ec(0x1c6))/0xb*(-
29025.1.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

    Sigma Signatures

    No Sigma rule has matched

    Snort Signatures

    No Snort rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1sSlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering
    Antivirus detection for URL or domain
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#SlashNext: Label: Credential Stealing type: Phishing & Social Engineering

    Phishing

    barindex
    Misleading page title found
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#Page Title: Microsoft | Login
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#Page Title: Microsoft | Login
    Yara detected HtmlPhish10
    Source: Yara matchFile source: 29025.1.pages.csv, type: HTML
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#HTTP Parser: Iframe src: https://honapalestine.com
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#HTTP Parser: Iframe src: https://honapalestine.com
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#HTTP Parser: HTML title missing
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#HTTP Parser: HTML title missing
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#HTTP Parser: Number of links: 0
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#HTTP Parser: Number of links: 0
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#HTTP Parser: No <meta name="author".. found
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#HTTP Parser: No <meta name="author".. found
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#HTTP Parser: No <meta name="copyright".. found
    Source: https://holly-lavender-rattlesnake.glitch.me/vild.html#HTTP Parser: No <meta name="copyright".. found
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\GoogleUpdaterJump to behavior
    Source: unknownHTTPS traffic detected: 192.185.138.191:443 -> 192.168.2.3:49703 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 139.162.167.121:443 -> 192.168.2.3:49740 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 139.162.167.121:443 -> 192.168.2.3:49739 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 13.107.219.60:443 -> 192.168.2.3:49746 version: TLS 1.2
    Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
    Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
    Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
    Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
    Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
    Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
    Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
    Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
    Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
    Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
    Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 29 Nov 2022 18:04:56 GMTContent-Length: 3672Connection: closeCache-Control: max-age=0
    Source: wget.exe, 00000002.00000002.238077693.0000000002BED000.00000004.00000800.00020000.00000000.sdmp, wget.exe, 00000002.00000003.237700765.0000000002BE6000.00000004.00000800.00020000.00000000.sdmp, wget.exe, 00000002.00000003.237761279.0000000002BE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl
    Source: wget.exe, 00000002.00000002.238077693.0000000002BED000.00000004.00000800.00020000.00000000.sdmp, wget.exe, 00000002.00000003.237700765.0000000002BE6000.00000004.00000800.00020000.00000000.sdmp, wget.exe, 00000002.00000003.237761279.0000000002BE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
    Source: wget.exe, 00000002.00000003.237761279.0000000002BE9000.00000004.00000800.00020000.00000000.sdmp, cmdline.out.0.drString found in binary or memory: https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvd
    Source: index.html@url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s.2.drString found in binary or memory: https://holly-lavender-rattlesnake.glitch.me/vild.html#
    Source: unknownHTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CONSENT=PENDING+904; AEC=AakniGO7HqlHWlnoY-P22_SwwnNSfVGxlF1NgK5nuj5WLe313NyJi16g7z4; SOCS=CAISHAgCEhJnd3NfMjAyMjA4MDgtMF9SQzEaAmVuIAEaBgiAvOuXBg; NID=511=nUT82hOv6CVwMNqDg-sTtCMJJ6SQ1v_cCpfCpf5nt8EolEbal01GWFyjG01tqWQgh9ciRU880J6nLd2gdbhAJs44PsHAZaVQAFIbrqe2FmFgjrAAK7W9Z8u5LDvwsuZRng98jP6E23SJ4fsPIs326YmnuCwa92dRRCcB6MNeI_o
    Source: unknownDNS traffic detected: queries for: b6dj2ueylkg.juraganrc.com
    Source: global trafficHTTP traffic detected: GET /?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like GeckoAccept: */*Accept-Encoding: identityHost: b6dj2ueylkg.juraganrc.comConnection: Keep-Alive
    Source: global trafficHTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-104.0.5112.81Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /vild.html HTTP/1.1Host: holly-lavender-rattlesnake.glitch.meConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://holly-lavender-rattlesnake.glitch.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://holly-lavender-rattlesnake.glitch.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/index.php?/ HTTP/1.1Host: honapalestine.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://holly-lavender-rattlesnake.glitch.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/assets/e189e3b3/css/bootstrap.css HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/css/site.css HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/assets/493c98da/jquery.js HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/assets/df38217b/yii.js HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/assets/e189e3b3/js/bootstrap.js HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/logo-en.png HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/listenlive.png HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/icons.png HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/css/FrutigerLTArabic-55Roman.ttf HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"Origin: https://honapalestine.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://honapalestine.com/1/frontend/web/css/site.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/playstore.png HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/appstore.png HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/bg.jpg HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/searchenglishbgar.png HTTP/1.1Host: honapalestine.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://honapalestine.com/1/frontend/web/index.php?/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: holly-lavender-rattlesnake.glitch.meConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://holly-lavender-rattlesnake.glitch.me/vild.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/listenlive.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: honapalestine.com
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/logo-en.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: honapalestine.com
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/icons.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: honapalestine.com
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/playstore.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: honapalestine.com
    Source: global trafficHTTP traffic detected: GET /1/frontend/web/images/appstore.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: honapalestine.com
    Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: aadcdn.msauth.net
    Source: unknownHTTPS traffic detected: 192.185.138.191:443 -> 192.168.2.3:49703 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 139.162.167.121:443 -> 192.168.2.3:49740 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 139.162.167.121:443 -> 192.168.2.3:49739 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 13.107.219.60:443 -> 192.168.2.3:49746 version: TLS 1.2
    Source: 29025.1.pages.csv, type: HTMLMatched rule: SUSP_obfuscated_JS_obfuscatorio date = 2021-08-25, author = @imp0rtp3, description = Detects JS obfuscation done by the js obfuscator (often malicious), score = , reference = https://obfuscator.io
    Source: C:\Windows\SysWOW64\wget.exeCode function: 2_2_02BE00802_2_02BE0080
    Source: C:\Windows\SysWOW64\wget.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: unknownProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s" > cmdline.out 2>&1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wget.exe wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s"
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\download\index.html@url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s.html
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1616,i,5292400896411780733,13825633785752334259,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wget.exe wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s" Jump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1616,i,5292400896411780733,13825633785752334259,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8Jump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6012:120:WilError_01
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\GoogleUpdaterJump to behavior
    Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\user\Desktop\cmdline.outJump to behavior
    Source: classification engineClassification label: mal72.phis.win@30/2@8/10
    Source: C:\Windows\SysWOW64\wget.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
    Source: C:\Windows\SysWOW64\wget.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\GoogleUpdaterJump to behavior
    Source: unknownProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c wget -t 2 -v -t 60 -p "c:\users\user\desktop\download" --no-check-certificate --content-disposition --user-agent="mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; as; rv:11.0) like gecko" "https://b6dj2ueylkg.juraganrc.com/?url=ahr0chm6ly9ob2xses1syxzlbmrlci1yyxr0bgvzbmfrzs5nbgl0y2gubwuvdmlszc5odg1s" > cmdline.out 2>&1
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wget.exe wget -t 2 -v -t 60 -p "c:\users\user\desktop\download" --no-check-certificate --content-disposition --user-agent="mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; as; rv:11.0) like gecko" "https://b6dj2ueylkg.juraganrc.com/?url=ahr0chm6ly9ob2xses1syxzlbmrlci1yyxr0bgvzbmfrzs5nbgl0y2gubwuvdmlszc5odg1s"
    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wget.exe wget -t 2 -v -t 60 -p "c:\users\user\desktop\download" --no-check-certificate --content-disposition --user-agent="mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; as; rv:11.0) like gecko" "https://b6dj2ueylkg.juraganrc.com/?url=ahr0chm6ly9ob2xses1syxzlbmrlci1yyxr0bgvzbmfrzs5nbgl0y2gubwuvdmlszc5odg1s" Jump to behavior
    Source: C:\Windows\SysWOW64\wget.exeQueries volume information: C:\Users\user\Desktop\download VolumeInformationJump to behavior
    Source: C:\Windows\SysWOW64\wget.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

    Mitre Att&ck Matrix

    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
    1
    Drive-by Compromise    		1
    Command and Scripting Interpreter    		Path Interception1
    Process Injection    		3
    Masquerading    		OS Credential Dumping12
    System Information Discovery    		Remote Services1
    Archive Collected Data    		Exfiltration Over Other Network Medium11
    Encrypted Channel    		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
    Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
    Process Injection    		LSASS Memory1
    Remote System Discovery    		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth4
    Non-Application Layer Protocol    		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
    Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration5
    Application Layer Protocol    		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
    Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled Transfer3
    Ingress Tool Transfer    		SIM Card SwapCarrier Billing Fraud

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s0%VirustotalBrowse
    https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s0%Avira URL Cloudsafe
    https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s100%SlashNextCredential Stealing type: Phishing & Social Engineering

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://holly-lavender-rattlesnake.glitch.me/vild.html#100%SlashNextCredential Stealing type: Phishing & Social Engineering
    https://honapalestine.com/1/frontend/web/css/FrutigerLTArabic-55Roman.ttf0%Avira URL Cloudsafe
    https://honapalestine.com/0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/images/playstore.png0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/images/icons.png0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/index.php?/2%VirustotalBrowse
    https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvd0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/images/appstore.png0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/assets/e189e3b3/js/bootstrap.js0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/images/listenlive.png0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/css/site.css0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/images/searchenglishbgar.png0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/assets/df38217b/yii.js0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/assets/493c98da/jquery.js0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/images/logo-en.png0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/images/bg.jpg0%Avira URL Cloudsafe
    https://honapalestine.com/1/frontend/web/assets/e189e3b3/css/bootstrap.css0%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    accounts.google.com
    		172.217.168.45
    		truefalse
      		high
      holly-lavender-rattlesnake.glitch.me
      		44.199.49.219
      		truefalse
        		high
        honapalestine.com
        		139.162.167.121
        		truefalse
          		unknown
          b6dj2ueylkg.juraganrc.com
          		192.185.138.191
          		truefalse
            		unknown
            www.google.com
            		172.217.168.36
            		truefalse
              		high
              clients.l.google.com
              		142.250.203.110
              		truefalse
                		high
                part-0032.t-0009.fbs1-t-msedge.net
                		13.107.219.60
                		truefalse
                  		unknown
                  clients2.google.com
                  		unknown
                  		unknownfalse
                    		high

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://holly-lavender-rattlesnake.glitch.me/vild.html#false
                    • SlashNext: Credential Stealing type: Phishing & Social Engineering
                    		high
                    https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1strue
                      		unknown
                      https://honapalestine.com/1/frontend/web/index.php?/falseunknown
                      https://holly-lavender-rattlesnake.glitch.me/favicon.icofalse
                        		high
                        https://honapalestine.com/1/frontend/web/css/FrutigerLTArabic-55Roman.ttffalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://honapalestine.com/1/frontend/web/images/icons.pngfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://honapalestine.com/false
                        • Avira URL Cloud: safe
                        		unknown
                        https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standardfalse
                          		high
                          https://honapalestine.com/1/frontend/web/images/playstore.pngfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1false
                            		high
                            https://honapalestine.com/1/frontend/web/images/appstore.pngfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://honapalestine.com/1/frontend/web/assets/e189e3b3/js/bootstrap.jsfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://holly-lavender-rattlesnake.glitch.me/vild.htmlfalse
                              		high
                              https://honapalestine.com/1/frontend/web/index.php?/falseunknown
                              https://honapalestine.com/1/frontend/web/images/listenlive.pngfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://honapalestine.com/1/frontend/web/css/site.cssfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://honapalestine.com/1/frontend/web/assets/df38217b/yii.jsfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://honapalestine.com/1/frontend/web/images/searchenglishbgar.pngfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://honapalestine.com/1/frontend/web/assets/493c98da/jquery.jsfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://honapalestine.com/1/frontend/web/images/logo-en.pngfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://honapalestine.com/1/frontend/web/images/bg.jpgfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://honapalestine.com/1/frontend/web/assets/e189e3b3/css/bootstrap.cssfalse
                              • Avira URL Cloud: safe
                              		unknown

                              URLs from Memory and Binaries

                              NameSourceMaliciousAntivirus DetectionReputation
                              https://holly-lavender-rattlesnake.glitch.me/vild.html#index.html@url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s.2.drfalse
                              • SlashNext: Credential Stealing type: Phishing & Social Engineering
                              		high
                              https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdwget.exe, 00000002.00000003.237761279.0000000002BE9000.00000004.00000800.00020000.00000000.sdmp, cmdline.out.0.drfalse
                              • Avira URL Cloud: safe
                              		unknown

                              World Map of Contacted IPs

                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs

                              Public IPs

                              IPDomainCountryFlagASNASN NameMalicious
                              13.107.219.60
                              		part-0032.t-0009.fbs1-t-msedge.netUnited States
                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                              142.250.203.110
                              		clients.l.google.comUnited States
                              		15169GOOGLEUSfalse
                              139.162.167.121
                              		honapalestine.comNetherlands
                              		63949LINODE-APLinodeLLCUSfalse
                              44.199.49.219
                              		holly-lavender-rattlesnake.glitch.meUnited States
                              		14618AMAZON-AESUSfalse
                              172.217.168.45
                              		accounts.google.comUnited States
                              		15169GOOGLEUSfalse
                              192.185.138.191
                              		b6dj2ueylkg.juraganrc.comUnited States
                              		46606UNIFIEDLAYER-AS-1USfalse
                              172.217.168.36
                              		www.google.comUnited States
                              		15169GOOGLEUSfalse
                              239.255.255.250
                              		unknownReserved
                              		unknownunknownfalse

                              Private

                              IP
                              192.168.2.1
                              127.0.0.1

                              General Information

                              Joe Sandbox Version:36.0.0 Rainbow Opal
                              Analysis ID:756170
                              Start date and time:2022-11-29 19:03:59 +01:00
                              Joe Sandbox Product:CloudBasic
                              Overall analysis duration:0h 4m 41s
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:urldownload.jbs
                              Sample URL:https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s
                              Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
                              Number of analysed new started processes analysed:16
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • HCA enabled
                              • EGA enabled
                              • HDC enabled
                              • AMSI enabled
                              Analysis Mode:default
                              Analysis stop reason:Timeout
                              Detection:MAL
                              Classification:mal72.phis.win@30/2@8/10
                              EGA Information:Failed
                              HDC Information:Failed
                              HCA Information:
                              • Successful, ratio: 100%
                              • Number of executed functions: 0
                              • Number of non-executed functions: 1

                              Warnings

                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                              • Excluded IPs from analysis (whitelisted): 172.217.168.67, 34.104.35.123, 216.58.215.234, 172.217.168.74, 142.250.203.106, 172.217.168.10
                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, ajax.googleapis.com, aadcdnoriginwus2.azureedge.net, update.googleapis.com, clientservices.googleapis.com, aadcdnoriginwus2.afd.azureedge.net, aadcdn.msauth.net, firstparty-azurefd-prod.trafficmanager.net, global-entry-afdthirdparty-fallback.trafficmanager.net
                              • Execution Graph export aborted for target wget.exe, PID 5988 because there are no executed function
                              • Not all processes where analyzed, report is missing behavior information
                              • Report size getting too big, too many NtQueryValueKey calls found.
                              • Report size getting too big, too many NtWriteVirtualMemory calls found.

                              Simulations

                              Behavior and APIs

                              No simulations

                              Joe Sandbox View / Context

                              IPs

                              No context

                              Domains

                              No context

                              ASNs

                              No context

                              JA3 Fingerprints

                              No context

                              Dropped Files

                              No context

                              Created / dropped Files

                              C:\Users\user\Desktop\cmdline.out

                              Download File
                              Process:C:\Windows\SysWOW64\cmd.exe
                              File Type:ASCII text, with CRLF line terminators
                              Category:modified
                              Size (bytes):793
                              Entropy (8bit):5.549472422410998
                              Encrypted:false
                              SSDEEP:12:HFL27Rjjg1rRT1De5RhKkk1DbBKj9B27RjjgMvCrfiBKj9B27RjjgD8:9ORferJxePgJ1pW9BORfz6jEW9BORff
                              MD5:03186240F0270BA8CCC373860E489805
                              SHA1:6960D9433CEDFE2B3977D8BD451C927A2199E16C
                              SHA-256:AE86B4EA6F9CF6366E3337D79ED12A9D7BEA0BD9C38067500F5223AF1CECAF44
                              SHA-512:03B62CE1693AD364054984E955BF9DF506BE9517CF78FEC22242F49783EB2269A3475FF880ADA2B648FA6AE30B1C60027740FF732DD444B899AC7AB13A89E4FB
                              Malicious:false
                              Reputation:low
                              Preview:--2022-11-29 19:04:46-- https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s..Resolving b6dj2ueylkg.juraganrc.com (b6dj2ueylkg.juraganrc.com)... 192.185.138.191..Connecting to b6dj2ueylkg.juraganrc.com (b6dj2ueylkg.juraganrc.com)|192.185.138.191|:443... connected...HTTP request sent, awaiting response... 200 OK..Length: unspecified [text/html]..Saving to: 'C:/Users/user/Desktop/download/index.html@url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s'.... 0K 56.9K=0.007s....2022-11-29 19:04:47 (56.9 KB/s) - 'C:/Users/user/Desktop/download/index.html@url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s' saved [392]....

                              C:\Users\user\Desktop\download\index.html@url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s

                              Download File
                              Process:C:\Windows\SysWOW64\wget.exe
                              File Type:HTML document, ASCII text, with CRLF line terminators
                              Category:dropped
                              Size (bytes):392
                              Entropy (8bit):5.101991386762123
                              Encrypted:false
                              SSDEEP:6:vW4QW3tSUOj8yrUi4ePORzQZgwEABm2E3PORzQZgwuGbxBHRWVMwdwoRXfGb:OPgkTIyrUipORUZdc9ORUZqG9OMl0Gb
                              MD5:848A7C7C382B42DD1206F4979DE6C2E1
                              SHA1:78F46B14C6909877657AA18AAFDF2681965E0AC1
                              SHA-256:37E7C3DF45AB788C21033FB290A17EFBA5C439CCA4E01F1B0A787967AA1FC491
                              SHA-512:AFD4805012E8B1431D005408E4A7751D4DC59350F74B48D3DB57D336DE4A731881C9BE25EAC62E03B63E760405EED52808765A438F8ED4BAC52548E1DBF74870
                              Malicious:false
                              Reputation:low
                              Preview:..<!DOCTYPE html>..<html>..<head>.. <title>Loading.......</title>..</head>..<meta HTTP-Equiv='refresh' content='0; URL=https://holly-lavender-rattlesnake.glitch.me/vild.html#'>..<script type='text/javascript'>..loc = 'https://holly-lavender-rattlesnake.glitch.me/vild.html#'..self.location.replace(loc);..window.location = loc;..</script>........<body onload="Fired()">....</body>..</html>

                              Static File Info

                              No static file info

                              Network Behavior

                              Network Port Distribution

                              TCP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              Nov 29, 2022 19:04:48.526634932 CET49703443192.168.2.3192.185.138.191
                              Nov 29, 2022 19:04:48.526681900 CET44349703192.185.138.191192.168.2.3
                              Nov 29, 2022 19:04:48.526793003 CET49703443192.168.2.3192.185.138.191
                              Nov 29, 2022 19:04:48.529531956 CET49703443192.168.2.3192.185.138.191
                              Nov 29, 2022 19:04:48.529563904 CET44349703192.185.138.191192.168.2.3
                              Nov 29, 2022 19:04:48.801815987 CET44349703192.185.138.191192.168.2.3
                              Nov 29, 2022 19:04:48.802047968 CET49703443192.168.2.3192.185.138.191
                              Nov 29, 2022 19:04:48.806216955 CET49703443192.168.2.3192.185.138.191
                              Nov 29, 2022 19:04:48.806251049 CET44349703192.185.138.191192.168.2.3
                              Nov 29, 2022 19:04:48.807008982 CET44349703192.185.138.191192.168.2.3
                              Nov 29, 2022 19:04:48.809533119 CET49703443192.168.2.3192.185.138.191
                              Nov 29, 2022 19:04:48.809571028 CET44349703192.185.138.191192.168.2.3
                              Nov 29, 2022 19:04:49.070445061 CET44349703192.185.138.191192.168.2.3
                              Nov 29, 2022 19:04:49.070576906 CET44349703192.185.138.191192.168.2.3
                              Nov 29, 2022 19:04:49.070683002 CET49703443192.168.2.3192.185.138.191
                              Nov 29, 2022 19:04:49.353719950 CET49703443192.168.2.3192.185.138.191
                              Nov 29, 2022 19:04:53.489209890 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:53.489234924 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:53.489310980 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:53.490328074 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:53.490351915 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:53.490845919 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.490919113 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.490988016 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.491210938 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.491234064 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.494088888 CET49707443192.168.2.3172.217.168.45
                              Nov 29, 2022 19:04:53.494132996 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.494204044 CET49707443192.168.2.3172.217.168.45
                              Nov 29, 2022 19:04:53.494549990 CET49707443192.168.2.3172.217.168.45
                              Nov 29, 2022 19:04:53.494580030 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.627681017 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.628238916 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.628318071 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.629087925 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.629179955 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.630342960 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.630393028 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.630527973 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.673816919 CET49707443192.168.2.3172.217.168.45
                              Nov 29, 2022 19:04:53.673877954 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.678003073 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.678102970 CET49707443192.168.2.3172.217.168.45
                              Nov 29, 2022 19:04:53.903798103 CET49707443192.168.2.3172.217.168.45
                              Nov 29, 2022 19:04:53.903861046 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.903980017 CET49707443192.168.2.3172.217.168.45
                              Nov 29, 2022 19:04:53.903996944 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.904203892 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.904273987 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.904310942 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.904351950 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.904366016 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.904644012 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.941519976 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.941620111 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.941679955 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.941788912 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.941862106 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.947391033 CET49706443192.168.2.3142.250.203.110
                              Nov 29, 2022 19:04:53.947439909 CET44349706142.250.203.110192.168.2.3
                              Nov 29, 2022 19:04:53.960284948 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.960395098 CET49707443192.168.2.3172.217.168.45
                              Nov 29, 2022 19:04:53.960426092 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.960661888 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:53.960736036 CET49707443192.168.2.3172.217.168.45
                              Nov 29, 2022 19:04:53.962016106 CET49707443192.168.2.3172.217.168.45
                              Nov 29, 2022 19:04:53.962044001 CET44349707172.217.168.45192.168.2.3
                              Nov 29, 2022 19:04:54.012840986 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.013361931 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.013425112 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.015105963 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.015279055 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.019273043 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.019309044 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.019433022 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.019473076 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.019490004 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.107942104 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.107981920 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.207972050 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362062931 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362123966 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362142086 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362178087 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362194061 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362206936 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362303019 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362303019 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362303019 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362303019 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362303972 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362364054 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362406969 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362456083 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362456083 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362521887 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362539053 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362592936 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362615108 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362628937 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362658024 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362715006 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362721920 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362749100 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362775087 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.362796068 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.362823009 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.507010937 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507220030 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.507230997 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507260084 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507327080 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.507404089 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507479906 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.507482052 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507525921 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507556915 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507587910 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.507611990 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507633924 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.507664919 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.507725954 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507801056 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.507816076 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507859945 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507872105 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.507888079 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.507936001 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.507958889 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.652869940 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.653011084 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.653093100 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.653093100 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.653142929 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.653206110 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.653296947 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.653379917 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.653397083 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.653537035 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.653600931 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.653609991 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.653641939 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.653681993 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.653877020 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.653940916 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.654000044 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.654021025 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.654045105 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.654274940 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.654340029 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.654361010 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.654376984 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.654421091 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.654735088 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.654805899 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.654829979 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.654846907 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.654890060 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.663117886 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.799426079 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.799515963 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.799664974 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.799664974 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.799701929 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.799774885 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.799865007 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.799907923 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.799968958 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.799978971 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.799998045 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.800030947 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.800317049 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.800394058 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.800436974 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.800448895 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.800488949 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.800827026 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.800889969 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.800908089 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.800915956 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.800956964 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.801026106 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.801141024 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.801182032 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.801220894 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.801229954 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.801244974 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.801273108 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.801584959 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.801630020 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.801668882 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.801677942 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.801716089 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.801728010 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.802083015 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.802123070 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.802179098 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.802189112 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.802217007 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.802244902 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.802398920 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.802483082 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.802484989 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.802509069 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.802556038 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.802562952 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:54.802618980 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.808857918 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.811461926 CET49705443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:54.811482906 CET4434970544.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:55.139622927 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.139681101 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.139760971 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.140266895 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.140289068 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.180141926 CET49711443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.180237055 CET44349711139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.180368900 CET49711443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.180655956 CET49711443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.180679083 CET44349711139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.230895042 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.231323957 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.231383085 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.232539892 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.232644081 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.234443903 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.234457016 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.234556913 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.234584093 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.234595060 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.236107111 CET44349711139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.236557007 CET49711443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.236574888 CET44349711139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.238138914 CET44349711139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.238203049 CET49711443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.240109921 CET49711443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.240115881 CET44349711139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.240201950 CET44349711139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.240312099 CET49711443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.240323067 CET44349711139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.257391930 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.257425070 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.257514000 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.257559061 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.257632971 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.257658958 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.257658958 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.257713079 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.261023045 CET44349711139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.261115074 CET49711443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.408901930 CET49711443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.408940077 CET44349711139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.413729906 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.413769007 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.413888931 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.414377928 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.414397955 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.416402102 CET49710443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:55.416446924 CET4434971013.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:55.466609001 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.478455067 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.478487015 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.479437113 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.480240107 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.480262041 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.480386972 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.480555058 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.480564117 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.648097992 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.648143053 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.648253918 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.648297071 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.665494919 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.665694952 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.665713072 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.665743113 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.665816069 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.665894032 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.665982962 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.666007042 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.683208942 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.683373928 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.683399916 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.683459997 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.695852995 CET49712443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.695904016 CET44349712139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.704691887 CET49714443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.704746008 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.704830885 CET49714443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.705116987 CET49714443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.705151081 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.705924988 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.705997944 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.706079006 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.706286907 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.706314087 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.706988096 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.707020044 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.707103014 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.707545996 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.707597017 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.707653999 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.707787991 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.707813978 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.707964897 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.707981110 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.708470106 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.708530903 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.708640099 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.708858967 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.708894968 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.708956003 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.710112095 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.710148096 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.710453033 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.710467100 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.797398090 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.798624992 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.815578938 CET49714443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.815618992 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.815850973 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.815905094 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.817436934 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.817555904 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.818068981 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.818083048 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.818109989 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.818213940 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.818222046 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.818238020 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.818520069 CET49714443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.818548918 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.818625927 CET49714443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.818636894 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.818908930 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.830902100 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.831330061 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.831367016 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.832165003 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.832653046 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.832675934 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.832796097 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.832807064 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.832856894 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.836450100 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.836544991 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.836572886 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.837055922 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.837131977 CET49714443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.837168932 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.837207079 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.837249041 CET49714443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.839828968 CET49714443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.839862108 CET44349714139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.843162060 CET49720443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.843231916 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.843324900 CET49720443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.843502045 CET49720443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.843533039 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.853878021 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.853950977 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.853970051 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.854007006 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.854034901 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.854043961 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.854084969 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.854098082 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.854157925 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.854176998 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.855710983 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.855844021 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.855870008 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871089935 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871279955 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871347904 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.871376991 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871401072 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871449947 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.871503115 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871516943 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.871530056 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871598959 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.871604919 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871618986 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871721983 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871728897 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.871745110 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871817112 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.871853113 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.871989012 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.872992992 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.873109102 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.873387098 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.873404026 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.873486042 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.888253927 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.888449907 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.888609886 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.888705969 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.888746023 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.888819933 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.888899088 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.888968945 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.889028072 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.889097929 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.889158964 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.889235020 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.889262915 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.889305115 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.889318943 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.889369965 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.889698982 CET49716443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.889734030 CET44349716139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.889942884 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.890043020 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.890062094 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.890139103 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.890150070 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.890216112 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.890217066 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.890238047 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.890278101 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.890309095 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.890343904 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.890413046 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.890471935 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.890543938 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.902146101 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.907717943 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.907902002 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.907915115 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908077002 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908092976 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908102036 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908143044 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908149958 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908179998 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908217907 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908233881 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908247948 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908281088 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908314943 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908363104 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908432007 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908484936 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908555984 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908588886 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908653975 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908710003 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908775091 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908816099 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908901930 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.908926964 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.908992052 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.909027100 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.909104109 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.909126043 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.909188986 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.912404060 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.912457943 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.913094997 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.913350105 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.913372993 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.913413048 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.913589001 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.913630962 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.914041042 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.914150000 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.914495945 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.914509058 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.914623022 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.914633036 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.914648056 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.914684057 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.914783955 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.915124893 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.915147066 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.915285110 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.915322065 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.915338039 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.916169882 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.916264057 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.916601896 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.916615963 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.916707993 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.916717052 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.916786909 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.920665979 CET49721443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.920725107 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.920815945 CET49721443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.921096087 CET49721443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.921123028 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.921251059 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.926198006 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.926261902 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.926292896 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.926351070 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.926446915 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.926501036 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.926971912 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.927041054 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.927066088 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.927114964 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.927148104 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.927203894 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.927228928 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.927273989 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.927303076 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.927356005 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.927380085 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.927427053 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.927552938 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.927872896 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.927920103 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.930612087 CET49715443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.930632114 CET44349715139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.932960033 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.933058977 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.933084965 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.933114052 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.933217049 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.933248043 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.933290958 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.933296919 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.933335066 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.933339119 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.933368921 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.933419943 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.935043097 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.935137033 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.935157061 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.940099001 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.940138102 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.940206051 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.940459013 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.940473080 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.947037935 CET49719443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.947065115 CET44349719139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.950514078 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.950608969 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.950660944 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.950692892 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.950767994 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.950787067 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.950922966 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.951013088 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.951030016 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.951770067 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.951898098 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.951989889 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.952007055 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.952025890 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.952092886 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.952117920 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.952205896 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.952287912 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.952609062 CET49723443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.952651978 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.952723026 CET49723443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.953283072 CET49720443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.953315973 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.953771114 CET49723443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.953792095 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.953892946 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.954463959 CET49720443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.954488993 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.954663992 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.954758883 CET49720443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.954772949 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.965845108 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.966319084 CET49721443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.966348886 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.966819048 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.967674971 CET49721443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.967698097 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.967792988 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.967818022 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.967951059 CET49721443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.967963934 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.967991114 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.967998028 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.968069077 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.968167067 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.968338966 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.968362093 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.968425989 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.968558073 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.968688011 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.968878984 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.969191074 CET49718443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.969224930 CET44349718139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.969364882 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.969528913 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.969659090 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.969685078 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.969713926 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.969743967 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.969786882 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.974451065 CET49724443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.974515915 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.974627018 CET49724443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.974889994 CET49724443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.974915028 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.975187063 CET49717443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.975209951 CET44349717139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.979846001 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.979882002 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.980340958 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.980715036 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.980730057 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.983952045 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.983984947 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.984061956 CET49720443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.984077930 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:55.984134912 CET49720443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.986251116 CET49720443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:55.986285925 CET44349720139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.000447989 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.000526905 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.000667095 CET49721443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.000715971 CET49721443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.007221937 CET49721443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.007272959 CET44349721139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.017858028 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.017946959 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.018023968 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.018249989 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.018280029 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.036559105 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.036873102 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.036896944 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.037770987 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.038312912 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.038331032 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.038448095 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.045350075 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.045367956 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.047945976 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.048338890 CET49723443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.048373938 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.049034119 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.050060987 CET49723443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.050090075 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.050179958 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.050451040 CET49723443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.050467014 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.050601006 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.050849915 CET49724443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.050867081 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.051415920 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.051836014 CET49724443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.051850080 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.051930904 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.051948071 CET49724443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.051954031 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.063829899 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.063879967 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.063946009 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.063966036 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.068455935 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.068485975 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.068547010 CET49723443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.068571091 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.068586111 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.068628073 CET49723443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.070414066 CET49723443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.070436954 CET44349723139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.080995083 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.081078053 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.081302881 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.081327915 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.081499100 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.083374023 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.083492041 CET49724443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.083524942 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.083584070 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.083630085 CET49724443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.084969044 CET49724443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.085005045 CET44349724139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.089653015 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.090015888 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.090095043 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.091944933 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.092107058 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.092569113 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.092585087 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.092705965 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.092803955 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.092833996 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.096215010 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.096518040 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.096549988 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.096996069 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.098571062 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.098675966 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.098743916 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.098805904 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.098931074 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.098948956 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.099005938 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.099040031 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.099077940 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.099256039 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.099329948 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.099514008 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.099579096 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.099733114 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.099791050 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.099966049 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.100040913 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.100167036 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.100177050 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.117150068 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.117249966 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.117341042 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.117415905 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.117584944 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.117677927 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.117820978 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.117903948 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.118057013 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.118150949 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.118331909 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.118408918 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.118486881 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.118550062 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.118561029 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.118602037 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.118650913 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.118791103 CET49722443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.118807077 CET44349722139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.119297028 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.119400978 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.119431973 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.128740072 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.128793955 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.128890991 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.128914118 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.137379885 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.137530088 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.137626886 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.137658119 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.137671947 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.137692928 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.137701988 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.137723923 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.137753010 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.137778044 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.145903111 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.145987034 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.146015882 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.146066904 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.146132946 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.146145105 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.146187067 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.146215916 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.146271944 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.146796942 CET49725443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.146821022 CET44349725139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155066013 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155158997 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.155170918 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155188084 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155236959 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155239105 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.155251980 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155281067 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.155316114 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155361891 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.155373096 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155420065 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.155433893 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155483961 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155489922 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.155499935 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.155553102 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.172148943 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.172271967 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.172353029 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.172454119 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.214142084 CET49726443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:56.214175940 CET44349726139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:56.246772051 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.246822119 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.246906042 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.247219086 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.247248888 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.541332006 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.541821957 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.541867018 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.542561054 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.543165922 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.543188095 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.543315887 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.543339014 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.543346882 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.607533932 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.648341894 CET49732443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:04:56.648407936 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:04:56.648511887 CET49732443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:04:56.648863077 CET49732443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:04:56.648895025 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:04:56.717255116 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:04:56.718554974 CET49732443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:04:56.718628883 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:04:56.719918966 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:04:56.720016003 CET49732443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:04:56.735306025 CET49732443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:04:56.735336065 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:04:56.735536098 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:04:56.901077986 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.901180983 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.901264906 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.901298046 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.901334047 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.901351929 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.901385069 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.903187990 CET49729443192.168.2.344.199.49.219
                              Nov 29, 2022 19:04:56.903215885 CET4434972944.199.49.219192.168.2.3
                              Nov 29, 2022 19:04:56.942909002 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:04:56.943092108 CET49732443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:04:58.246495962 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.246582985 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.246630907 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.246651888 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.246673107 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.246717930 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.251900911 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.251939058 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.252027035 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.252043962 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.328181982 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.328332901 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.334801912 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.334929943 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.393647909 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.393693924 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.394356012 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.394448996 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.397495985 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.397524118 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.402118921 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.402147055 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.403100967 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.403181076 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.412221909 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.412242889 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.415822983 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.415874958 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.415895939 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.415921926 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.415924072 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.415975094 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.416038990 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.416089058 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.419300079 CET49740443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.419328928 CET44349740139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.421471119 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.421550035 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.421643019 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.422236919 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.422281027 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.430576086 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.430643082 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.430661917 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.430694103 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.430769920 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.431163073 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.447599888 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.447751999 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.448240042 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.448297977 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.448972940 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.464999914 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.465225935 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.465249062 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.465277910 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.465337038 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.465431929 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.465461969 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.465492010 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.465538025 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.467603922 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.472671032 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.472882032 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.492624044 CET49739443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.492671013 CET44349739139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.492954969 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.493029118 CET44349742139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.493120909 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.493310928 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.493345976 CET44349742139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.496229887 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.496272087 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.498019934 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.498049021 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.516917944 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.517002106 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.517031908 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.517057896 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.517071962 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.517112017 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.517119884 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.517170906 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.517173052 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.517235041 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.543189049 CET44349742139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.544049025 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.565449953 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.565479994 CET44349742139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.567203999 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.567224979 CET44349742139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.567290068 CET49741443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.567347050 CET44349741139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.567579031 CET49743443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.567621946 CET44349743139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.567707062 CET49743443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.567886114 CET49743443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.567898989 CET44349743139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.585551023 CET44349742139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.585598946 CET44349742139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.585633039 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.585669041 CET44349742139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.585697889 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.585707903 CET44349742139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.585710049 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.585762024 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.589765072 CET49742443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.589797974 CET44349742139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.611677885 CET44349743139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.611758947 CET49743443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.612109900 CET49743443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.612122059 CET44349743139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.614073992 CET49743443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.614089012 CET44349743139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.645517111 CET44349743139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.645545959 CET44349743139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.645612001 CET49743443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.645621061 CET44349743139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:58.645648003 CET49743443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.645668030 CET49743443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.676290989 CET49743443192.168.2.3139.162.167.121
                              Nov 29, 2022 19:04:58.676336050 CET44349743139.162.167.121192.168.2.3
                              Nov 29, 2022 19:04:59.273714066 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.273807049 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:59.273910999 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.274219990 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.274251938 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:59.344767094 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:59.344886065 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.357068062 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.357121944 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:59.357758999 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:59.357896090 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.359119892 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.359144926 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:59.379836082 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:59.379898071 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:59.379936934 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:59.380163908 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.380163908 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.380224943 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:04:59.380306005 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.400732994 CET49746443192.168.2.313.107.219.60
                              Nov 29, 2022 19:04:59.400825024 CET4434974613.107.219.60192.168.2.3
                              Nov 29, 2022 19:05:06.694870949 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:05:06.695060015 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:05:06.695131063 CET49732443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:05:08.583127975 CET49732443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:05:08.583183050 CET44349732172.217.168.36192.168.2.3
                              Nov 29, 2022 19:05:56.701833010 CET49765443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:05:56.701905966 CET44349765172.217.168.36192.168.2.3
                              Nov 29, 2022 19:05:56.701996088 CET49765443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:05:56.702291012 CET49765443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:05:56.702316999 CET44349765172.217.168.36192.168.2.3
                              Nov 29, 2022 19:05:56.763627052 CET44349765172.217.168.36192.168.2.3
                              Nov 29, 2022 19:05:56.764225960 CET49765443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:05:56.764277935 CET44349765172.217.168.36192.168.2.3
                              Nov 29, 2022 19:05:56.765324116 CET44349765172.217.168.36192.168.2.3
                              Nov 29, 2022 19:05:56.766244888 CET49765443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:05:56.766304970 CET44349765172.217.168.36192.168.2.3
                              Nov 29, 2022 19:05:56.766411066 CET44349765172.217.168.36192.168.2.3
                              Nov 29, 2022 19:05:56.806715965 CET49765443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:06:06.774329901 CET44349765172.217.168.36192.168.2.3
                              Nov 29, 2022 19:06:06.774503946 CET44349765172.217.168.36192.168.2.3
                              Nov 29, 2022 19:06:06.774657011 CET49765443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:06:51.789136887 CET49765443192.168.2.3172.217.168.36
                              Nov 29, 2022 19:06:51.789191008 CET44349765172.217.168.36192.168.2.3

                              UDP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              Nov 29, 2022 19:04:48.389060020 CET5784053192.168.2.38.8.8.8
                              Nov 29, 2022 19:04:48.513338089 CET53578408.8.8.8192.168.2.3
                              Nov 29, 2022 19:04:53.459043980 CET5238753192.168.2.38.8.8.8
                              Nov 29, 2022 19:04:53.460686922 CET5692453192.168.2.38.8.8.8
                              Nov 29, 2022 19:04:53.461493969 CET6062553192.168.2.38.8.8.8
                              Nov 29, 2022 19:04:53.485054016 CET53523878.8.8.8192.168.2.3
                              Nov 29, 2022 19:04:53.488692045 CET53569248.8.8.8192.168.2.3
                              Nov 29, 2022 19:04:53.488954067 CET53606258.8.8.8192.168.2.3
                              Nov 29, 2022 19:04:54.949067116 CET5295553192.168.2.38.8.8.8
                              Nov 29, 2022 19:04:55.149802923 CET53529558.8.8.8192.168.2.3
                              Nov 29, 2022 19:04:56.629014015 CET5563853192.168.2.38.8.8.8
                              Nov 29, 2022 19:04:56.646708012 CET53556388.8.8.8192.168.2.3
                              Nov 29, 2022 19:04:57.853391886 CET6532053192.168.2.38.8.8.8
                              Nov 29, 2022 19:04:58.239686012 CET53653208.8.8.8192.168.2.3
                              Nov 29, 2022 19:05:56.679845095 CET5362353192.168.2.38.8.8.8
                              Nov 29, 2022 19:05:56.699873924 CET53536238.8.8.8192.168.2.3

                              DNS Queries

                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                              Nov 29, 2022 19:04:48.389060020 CET192.168.2.38.8.8.80xbb75Standard query (0)b6dj2ueylkg.juraganrc.comA (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:53.459043980 CET192.168.2.38.8.8.80x3fddStandard query (0)holly-lavender-rattlesnake.glitch.meA (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:53.460686922 CET192.168.2.38.8.8.80xe2Standard query (0)clients2.google.comA (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:53.461493969 CET192.168.2.38.8.8.80x7497Standard query (0)accounts.google.comA (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:54.949067116 CET192.168.2.38.8.8.80xe743Standard query (0)honapalestine.comA (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:56.629014015 CET192.168.2.38.8.8.80x4d99Standard query (0)www.google.comA (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:57.853391886 CET192.168.2.38.8.8.80xb355Standard query (0)honapalestine.comA (IP address)IN (0x0001)false
                              Nov 29, 2022 19:05:56.679845095 CET192.168.2.38.8.8.80xfdcbStandard query (0)www.google.comA (IP address)IN (0x0001)false

                              DNS Answers

                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                              Nov 29, 2022 19:04:48.513338089 CET8.8.8.8192.168.2.30xbb75No error (0)b6dj2ueylkg.juraganrc.com192.185.138.191A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:53.485054016 CET8.8.8.8192.168.2.30x3fddNo error (0)holly-lavender-rattlesnake.glitch.me44.199.49.219A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:53.485054016 CET8.8.8.8192.168.2.30x3fddNo error (0)holly-lavender-rattlesnake.glitch.me44.196.165.201A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:53.485054016 CET8.8.8.8192.168.2.30x3fddNo error (0)holly-lavender-rattlesnake.glitch.me54.209.182.143A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:53.485054016 CET8.8.8.8192.168.2.30x3fddNo error (0)holly-lavender-rattlesnake.glitch.me52.4.141.177A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:53.488692045 CET8.8.8.8192.168.2.30xe2No error (0)clients2.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)false
                              Nov 29, 2022 19:04:53.488692045 CET8.8.8.8192.168.2.30xe2No error (0)clients.l.google.com142.250.203.110A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:53.488954067 CET8.8.8.8192.168.2.30x7497No error (0)accounts.google.com172.217.168.45A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:55.109987974 CET8.8.8.8192.168.2.30x388fNo error (0)dual.part-0032.t-0009.t-msedge.netglobal-entry-afdthirdparty-fallback.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                              Nov 29, 2022 19:04:55.109987974 CET8.8.8.8192.168.2.30x388fNo error (0)dual.part-0032.t-0009.fbs1-t-msedge.netpart-0032.t-0009.fbs1-t-msedge.netCNAME (Canonical name)IN (0x0001)false
                              Nov 29, 2022 19:04:55.109987974 CET8.8.8.8192.168.2.30x388fNo error (0)part-0032.t-0009.fbs1-t-msedge.net13.107.219.60A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:55.109987974 CET8.8.8.8192.168.2.30x388fNo error (0)part-0032.t-0009.fbs1-t-msedge.net13.107.227.60A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:55.149802923 CET8.8.8.8192.168.2.30xe743No error (0)honapalestine.com139.162.167.121A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:56.646708012 CET8.8.8.8192.168.2.30x4d99No error (0)www.google.com172.217.168.36A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:58.239686012 CET8.8.8.8192.168.2.30xb355No error (0)honapalestine.com139.162.167.121A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:59.261404991 CET8.8.8.8192.168.2.30xc690No error (0)dual.part-0032.t-0009.t-msedge.netglobal-entry-afdthirdparty-fallback.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                              Nov 29, 2022 19:04:59.261404991 CET8.8.8.8192.168.2.30xc690No error (0)dual.part-0032.t-0009.fbs1-t-msedge.netpart-0032.t-0009.fbs1-t-msedge.netCNAME (Canonical name)IN (0x0001)false
                              Nov 29, 2022 19:04:59.261404991 CET8.8.8.8192.168.2.30xc690No error (0)part-0032.t-0009.fbs1-t-msedge.net13.107.219.60A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:04:59.261404991 CET8.8.8.8192.168.2.30xc690No error (0)part-0032.t-0009.fbs1-t-msedge.net13.107.227.60A (IP address)IN (0x0001)false
                              Nov 29, 2022 19:05:56.699873924 CET8.8.8.8192.168.2.30xfdcbNo error (0)www.google.com172.217.168.36A (IP address)IN (0x0001)false

                              HTTP Request Dependency Graph

                              • b6dj2ueylkg.juraganrc.com
                              • accounts.google.com
                              • clients2.google.com
                              • holly-lavender-rattlesnake.glitch.me
                              • https:
                                • aadcdn.msauth.net
                                • honapalestine.com

                              HTTPS Proxied Packets

                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              0192.168.2.349703192.185.138.191443C:\Windows\SysWOW64\wget.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:48 UTC0OUTGET /?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s HTTP/1.1
                              User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko
                              Accept: */*
                              Accept-Encoding: identity
                              Host: b6dj2ueylkg.juraganrc.com
                              Connection: Keep-Alive
                              2022-11-29 18:04:49 UTC0INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:48 GMT
                              Server: Apache
                              Upgrade: h2,h2c
                              Connection: Upgrade, close
                              Vary: Accept-Encoding
                              Transfer-Encoding: chunked
                              Content-Type: text/html; charset=UTF-8
                              2022-11-29 18:04:49 UTC0INData Raw: 31 38 38 0d 0a 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 2e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 48 54 54 50 2d 45 71 75 69 76 3d 27 72 65 66 72 65 73 68 27 20 63 6f 6e 74 65 6e 74 3d 27 30 3b 20 55 52 4c 3d 68 74 74 70 73 3a 2f 2f 68 6f 6c 6c 79 2d 6c 61 76 65 6e 64 65 72 2d 72 61 74 74 6c 65 73 6e 61 6b 65 2e 67 6c 69 74 63 68 2e 6d 65 2f 76 69 6c 64 2e 68 74 6d 6c 23 27 3e 0d 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 0d 0a 6c 6f 63 20 3d 20 27 68 74 74 70 73 3a 2f 2f 68 6f 6c 6c 79 2d 6c 61 76 65 6e 64 65 72 2d 72 61 74 74 6c 65
                              Data Ascii: 188<!DOCTYPE html><html><head> <title>Loading.......</title></head><meta HTTP-Equiv='refresh' content='0; URL=https://holly-lavender-rattlesnake.glitch.me/vild.html#'><script type='text/javascript'>loc = 'https://holly-lavender-rattle


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              1192.168.2.349707172.217.168.45443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:53 UTC0OUTPOST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1
                              Host: accounts.google.com
                              Connection: keep-alive
                              Content-Length: 1
                              Origin: https://www.google.com
                              Content-Type: application/x-www-form-urlencoded
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: empty
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              Cookie: CONSENT=PENDING+904; AEC=AakniGO7HqlHWlnoY-P22_SwwnNSfVGxlF1NgK5nuj5WLe313NyJi16g7z4; SOCS=CAISHAgCEhJnd3NfMjAyMjA4MDgtMF9SQzEaAmVuIAEaBgiAvOuXBg; NID=511=nUT82hOv6CVwMNqDg-sTtCMJJ6SQ1v_cCpfCpf5nt8EolEbal01GWFyjG01tqWQgh9ciRU880J6nLd2gdbhAJs44PsHAZaVQAFIbrqe2FmFgjrAAK7W9Z8u5LDvwsuZRng98jP6E23SJ4fsPIs326YmnuCwa92dRRCcB6MNeI_o
                              2022-11-29 18:04:53 UTC1OUTData Raw: 20
                              Data Ascii:
                              2022-11-29 18:04:53 UTC3INHTTP/1.1 200 OK
                              Content-Type: application/json; charset=utf-8
                              Access-Control-Allow-Origin: https://www.google.com
                              Access-Control-Allow-Credentials: true
                              X-Content-Type-Options: nosniff
                              Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                              Pragma: no-cache
                              Expires: Mon, 01 Jan 1990 00:00:00 GMT
                              Date: Tue, 29 Nov 2022 18:04:53 GMT
                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                              Content-Security-Policy: script-src 'report-sample' 'nonce-XLIUGJsqZvNP-z1zXhR3xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityListAccountsHttp/cspreport;worker-src 'self'
                              Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdentityListAccountsHttp/cspreport/allowlist
                              Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/IdentityListAccountsHttp/cspreport
                              Cross-Origin-Opener-Policy: same-origin; report-to="IdentityListAccountsHttp"
                              Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                              Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
                              Report-To: {"group":"IdentityListAccountsHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external"}]}
                              Server: ESF
                              X-XSS-Protection: 0
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                              Accept-Ranges: none
                              Vary: Accept-Encoding
                              Connection: close
                              Transfer-Encoding: chunked
                              2022-11-29 18:04:53 UTC5INData Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a
                              Data Ascii: 11["gaia.l.a.r",[]]
                              2022-11-29 18:04:53 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              10192.168.2.349719139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC670OUTGET /1/frontend/web/assets/df38217b/yii.js HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC741INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:55 GMT
                              Server: Apache
                              Last-Modified: Sat, 12 Nov 2022 19:09:21 GMT
                              Accept-Ranges: bytes
                              Content-Length: 11269
                              Connection: close
                              Content-Type: application/javascript
                              2022-11-29 18:04:55 UTC741INData Raw: 2f 2a 2a 0a 20 2a 20 59 69 69 20 4a 61 76 61 53 63 72 69 70 74 20 6d 6f 64 75 6c 65 2e 0a 20 2a 0a 20 2a 20 40 6c 69 6e 6b 20 68 74 74 70 3a 2f 2f 77 77 77 2e 79 69 69 66 72 61 6d 65 77 6f 72 6b 2e 63 6f 6d 2f 0a 20 2a 20 40 63 6f 70 79 72 69 67 68 74 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 30 38 20 59 69 69 20 53 6f 66 74 77 61 72 65 20 4c 4c 43 0a 20 2a 20 40 6c 69 63 65 6e 73 65 20 68 74 74 70 3a 2f 2f 77 77 77 2e 79 69 69 66 72 61 6d 65 77 6f 72 6b 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 0a 20 2a 20 40 61 75 74 68 6f 72 20 51 69 61 6e 67 20 58 75 65 20 3c 71 69 61 6e 67 2e 78 75 65 40 67 6d 61 69 6c 2e 63 6f 6d 3e 0a 20 2a 20 40 73 69 6e 63 65 20 32 2e 30 0a 20 2a 2f 0a 0a 2f 2a 2a 0a 20 2a 20 79 69 69 20 69 73 20 74 68 65 20 72 6f 6f 74 20
                              Data Ascii: /** * Yii JavaScript module. * * @link http://www.yiiframework.com/ * @copyright Copyright (c) 2008 Yii Software LLC * @license http://www.yiiframework.com/license/ * @author Qiang Xue <qiang.xue@gmail.com> * @since 2.0 *//** * yii is the root
                              2022-11-29 18:04:55 UTC749INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 7d 2c 0a 0a 20 20 20 20 20 20 20 20 69 6e 69 74 3a 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 69 74 43 73 72 66 48 61 6e 64 6c 65 72 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 69 74 52 65 64 69 72 65 63 74 48 61 6e 64 6c 65 72 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 69 74 53 63 72 69 70 74 46 69 6c 74 65 72 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 69 74 44 61 74 61 4d 65 74 68 6f 64 73 28 29 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 7d 3b 0a 0a 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 69 6e
                              Data Ascii: } }); } }, init: function () { initCsrfHandler(); initRedirectHandler(); initScriptFilter(); initDataMethods(); } }; function in


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              11192.168.2.349718139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC670OUTGET /1/frontend/web/assets/e189e3b3/js/bootstrap.js HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC752INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:55 GMT
                              Server: Apache
                              Last-Modified: Sat, 12 Nov 2022 19:09:21 GMT
                              Accept-Ranges: bytes
                              Content-Length: 67155
                              Connection: close
                              Content-Type: application/javascript
                              2022-11-29 18:04:55 UTC753INData Raw: 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 31 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 34 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 0a 0a 69 66 20 28 74 79 70 65 6f 66 20 6a 51 75 65 72 79 20 3d 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a 20 20 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 27 42 6f 6f 74 73 74 72 61 70 5c 27 73 20 4a 61 76 61 53 63 72 69 70 74 20 72 65 71 75 69
                              Data Ascii: /*! * Bootstrap v3.3.1 (http://getbootstrap.com) * Copyright 2011-2014 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */if (typeof jQuery === 'undefined') { throw new Error('Bootstrap\'s JavaScript requi
                              2022-11-29 18:04:55 UTC768INData Raw: 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 3a 20 63 61 72 6f 75 73 65 6c 2e 6a 73 20 76 33 2e 33 2e 31 0a 20 2a 20 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 6a 61 76 61 73 63 72 69 70 74 2f 23 63 61 72 6f 75 73 65 6c 0a 20 2a 20 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 3d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 34 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77
                              Data Ascii: ================ * Bootstrap: carousel.js v3.3.1 * http://getbootstrap.com/javascript/#carousel * ======================================================================== * Copyright 2011-2014 Twitter, Inc. * Licensed under MIT (https://github.com/tw
                              2022-11-29 18:04:55 UTC776INData Raw: 73 28 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2c 20 74 68 69 73 2e 24 74 72 69 67 67 65 72 29 0a 20 20 20 20 7d 0a 0a 20 20 20 20 69 66 20 28 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 74 6f 67 67 6c 65 29 20 74 68 69 73 2e 74 6f 67 67 6c 65 28 29 0a 20 20 7d 0a 0a 20 20 43 6f 6c 6c 61 70 73 65 2e 56 45 52 53 49 4f 4e 20 20 3d 20 27 33 2e 33 2e 31 27 0a 0a 20 20 43 6f 6c 6c 61 70 73 65 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 44 55 52 41 54 49 4f 4e 20 3d 20 33 35 30 0a 0a 20 20 43 6f 6c 6c 61 70 73 65 2e 44 45 46 41 55 4c 54 53 20 3d 20 7b 0a 20 20 20 20 74 6f 67 67 6c 65 3a 20 74 72 75 65 2c 0a 20 20 20 20 74 72 69 67 67 65 72 3a 20 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 63 6f 6c 6c 61 70 73 65 22 5d 27 0a 20 20 7d 0a 0a 20 20 43 6f 6c 6c 61 70 73 65 2e 70
                              Data Ascii: s(this.$element, this.$trigger) } if (this.options.toggle) this.toggle() } Collapse.VERSION = '3.3.1' Collapse.TRANSITION_DURATION = 350 Collapse.DEFAULTS = { toggle: true, trigger: '[data-toggle="collapse"]' } Collapse.p
                              2022-11-29 18:04:55 UTC784INData Raw: 29 0a 0a 20 20 20 20 20 20 69 66 20 28 65 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 28 29 29 20 72 65 74 75 72 6e 0a 0a 20 20 20 20 20 20 24 74 68 69 73 2e 61 74 74 72 28 27 61 72 69 61 2d 65 78 70 61 6e 64 65 64 27 2c 20 27 66 61 6c 73 65 27 29 0a 20 20 20 20 20 20 24 70 61 72 65 6e 74 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 6f 70 65 6e 27 29 2e 74 72 69 67 67 65 72 28 27 68 69 64 64 65 6e 2e 62 73 2e 64 72 6f 70 64 6f 77 6e 27 2c 20 72 65 6c 61 74 65 64 54 61 72 67 65 74 29 0a 20 20 20 20 7d 29 0a 20 20 7d 0a 0a 20 20 66 75 6e 63 74 69 6f 6e 20 67 65 74 50 61 72 65 6e 74 28 24 74 68 69 73 29 20 7b 0a 20 20 20 20 76 61 72 20 73 65 6c 65 63 74 6f 72 20 3d 20 24 74 68 69 73 2e 61 74 74 72 28 27 64 61 74 61 2d 74 61 72 67 65 74 27 29 0a 0a
                              Data Ascii: ) if (e.isDefaultPrevented()) return $this.attr('aria-expanded', 'false') $parent.removeClass('open').trigger('hidden.bs.dropdown', relatedTarget) }) } function getParent($this) { var selector = $this.attr('data-target')
                              2022-11-29 18:04:55 UTC816INData Raw: 79 70 65 2e 61 64 6a 75 73 74 42 61 63 6b 64 72 6f 70 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 74 68 69 73 2e 24 62 61 63 6b 64 72 6f 70 0a 20 20 20 20 20 20 2e 63 73 73 28 27 68 65 69 67 68 74 27 2c 20 30 29 0a 20 20 20 20 20 20 2e 63 73 73 28 27 68 65 69 67 68 74 27 2c 20 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 5b 30 5d 2e 73 63 72 6f 6c 6c 48 65 69 67 68 74 29 0a 20 20 7d 0a 0a 20 20 4d 6f 64 61 6c 2e 70 72 6f 74 6f 74 79 70 65 2e 61 64 6a 75 73 74 44 69 61 6c 6f 67 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 76 61 72 20 6d 6f 64 61 6c 49 73 4f 76 65 72 66 6c 6f 77 69 6e 67 20 3d 20 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 5b 30 5d 2e 73 63 72 6f 6c 6c 48 65 69 67 68 74 20 3e 20 64 6f 63 75 6d 65 6e 74 2e 64 6f 63
                              Data Ascii: ype.adjustBackdrop = function () { this.$backdrop .css('height', 0) .css('height', this.$element[0].scrollHeight) } Modal.prototype.adjustDialog = function () { var modalIsOverflowing = this.$element[0].scrollHeight > document.doc
                              2022-11-29 18:04:55 UTC824INData Raw: 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 70 6c 61 63 65 6d 65 6e 74 2e 63 61 6c 6c 28 74 68 69 73 2c 20 24 74 69 70 5b 30 5d 2c 20 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 5b 30 5d 29 20 3a 0a 20 20 20 20 20 20 20 20 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 70 6c 61 63 65 6d 65 6e 74 0a 0a 20 20 20 20 20 20 76 61 72 20 61 75 74 6f 54 6f 6b 65 6e 20 3d 20 2f 5c 73 3f 61 75 74 6f 3f 5c 73 3f 2f 69 0a 20 20 20 20 20 20 76 61 72 20 61 75 74 6f 50 6c 61 63 65 20 3d 20 61 75 74 6f 54 6f 6b 65 6e 2e 74 65 73 74 28 70 6c 61 63 65 6d 65 6e 74 29 0a 20 20 20 20 20 20 69 66 20 28 61 75 74 6f 50 6c 61 63 65 29 20 70 6c 61 63 65 6d 65 6e 74 20 3d 20 70 6c 61 63 65 6d 65 6e 74 2e 72 65 70 6c 61 63 65 28 61 75 74 6f 54 6f 6b 65 6e 2c 20 27 27 29 20 7c 7c 20 27 74 6f 70 27 0a 0a
                              Data Ascii: his.options.placement.call(this, $tip[0], this.$element[0]) : this.options.placement var autoToken = /\s?auto?\s?/i var autoPlace = autoToken.test(placement) if (autoPlace) placement = placement.replace(autoToken, '') || 'top'
                              2022-11-29 18:04:55 UTC832INData Raw: 6c 74 61 0a 20 20 7d 0a 0a 20 20 54 6f 6f 6c 74 69 70 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 54 69 74 6c 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 76 61 72 20 74 69 74 6c 65 0a 20 20 20 20 76 61 72 20 24 65 20 3d 20 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 0a 20 20 20 20 76 61 72 20 6f 20 20 3d 20 74 68 69 73 2e 6f 70 74 69 6f 6e 73 0a 0a 20 20 20 20 74 69 74 6c 65 20 3d 20 24 65 2e 61 74 74 72 28 27 64 61 74 61 2d 6f 72 69 67 69 6e 61 6c 2d 74 69 74 6c 65 27 29 0a 20 20 20 20 20 20 7c 7c 20 28 74 79 70 65 6f 66 20 6f 2e 74 69 74 6c 65 20 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 20 3f 20 6f 2e 74 69 74 6c 65 2e 63 61 6c 6c 28 24 65 5b 30 5d 29 20 3a 20 20 6f 2e 74 69 74 6c 65 29 0a 0a 20 20 20 20 72 65 74 75 72 6e 20 74 69 74 6c 65
                              Data Ascii: lta } Tooltip.prototype.getTitle = function () { var title var $e = this.$element var o = this.options title = $e.attr('data-original-title') || (typeof o.title == 'function' ? o.title.call($e[0]) : o.title) return title
                              2022-11-29 18:04:55 UTC840INData Raw: 2c 20 62 29 20 7b 20 72 65 74 75 72 6e 20 61 5b 30 5d 20 2d 20 62 5b 30 5d 20 7d 29 0a 20 20 20 20 20 20 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 20 20 73 65 6c 66 2e 6f 66 66 73 65 74 73 2e 70 75 73 68 28 74 68 69 73 5b 30 5d 29 0a 20 20 20 20 20 20 20 20 73 65 6c 66 2e 74 61 72 67 65 74 73 2e 70 75 73 68 28 74 68 69 73 5b 31 5d 29 0a 20 20 20 20 20 20 7d 29 0a 20 20 7d 0a 0a 20 20 53 63 72 6f 6c 6c 53 70 79 2e 70 72 6f 74 6f 74 79 70 65 2e 70 72 6f 63 65 73 73 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 76 61 72 20 73 63 72 6f 6c 6c 54 6f 70 20 20 20 20 3d 20 74 68 69 73 2e 24 73 63 72 6f 6c 6c 45 6c 65 6d 65 6e 74 2e 73 63 72 6f 6c 6c 54 6f 70 28 29 20 2b 20 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e
                              Data Ascii: , b) { return a[0] - b[0] }) .each(function () { self.offsets.push(this[0]) self.targets.push(this[1]) }) } ScrollSpy.prototype.process = function () { var scrollTop = this.$scrollElement.scrollTop() + this.options.
                              2022-11-29 18:04:55 UTC848INData Raw: 67 68 74 20 2d 20 6f 66 66 73 65 74 42 6f 74 74 6f 6d 29 20 3f 20 66 61 6c 73 65 20 3a 20 27 62 6f 74 74 6f 6d 27 0a 20 20 20 20 7d 0a 0a 20 20 20 20 76 61 72 20 69 6e 69 74 69 61 6c 69 7a 69 6e 67 20 20 20 3d 20 74 68 69 73 2e 61 66 66 69 78 65 64 20 3d 3d 20 6e 75 6c 6c 0a 20 20 20 20 76 61 72 20 63 6f 6c 6c 69 64 65 72 54 6f 70 20 20 20 20 3d 20 69 6e 69 74 69 61 6c 69 7a 69 6e 67 20 3f 20 73 63 72 6f 6c 6c 54 6f 70 20 3a 20 70 6f 73 69 74 69 6f 6e 2e 74 6f 70 0a 20 20 20 20 76 61 72 20 63 6f 6c 6c 69 64 65 72 48 65 69 67 68 74 20 3d 20 69 6e 69 74 69 61 6c 69 7a 69 6e 67 20 3f 20 74 61 72 67 65 74 48 65 69 67 68 74 20 3a 20 68 65 69 67 68 74 0a 0a 20 20 20 20 69 66 20 28 6f 66 66 73 65 74 54 6f 70 20 21 3d 20 6e 75 6c 6c 20 26 26 20 63 6f 6c 6c 69 64
                              Data Ascii: ght - offsetBottom) ? false : 'bottom' } var initializing = this.affixed == null var colliderTop = initializing ? scrollTop : position.top var colliderHeight = initializing ? targetHeight : height if (offsetTop != null && collid


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              12192.168.2.349717139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC671OUTGET /1/frontend/web/images/logo-en.png HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC760INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:55 GMT
                              Server: Apache
                              Last-Modified: Sun, 07 Feb 2021 16:47:20 GMT
                              Accept-Ranges: bytes
                              Content-Length: 46230
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:55 UTC760INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 f8 00 00 02 16 08 06 00 00 00 22 6c f9 11 00 00 0c 66 69 43 43 50 49 43 43 20 50 72 6f 66 69 6c 65 00 00 48 89 95 97 07 5c 53 57 17 c0 ef 1b 99 24 ac 40 04 64 84 bd 44 d9 04 90 11 c2 8a 20 20 53 10 95 90 04 12 46 8c 09 41 c5 8d 96 2a 58 07 2a a2 38 2a 5a 04 b1 68 b5 02 52 07 22 d6 59 14 b7 75 14 07 2a 95 5a ac e2 42 e5 bb 21 01 ad fd c6 ef 3b fc ee 7b ff 9c 7b ee b9 e7 1c ee 7d ef 5d 00 74 ba f8 32 59 1e aa 0b 40 be b4 40 1e 1f 11 c2 9a 9c 9a c6 22 75 03 04 d0 e0 1f 1b 78 f1 05 0a 19 27 2e 2e 1a 40 19 be ff 5d 5e 5d 83 d6 50 2e bb a8 7c fd b3 ff bf 8a be 50 a4 10 00 80 a4 43 ce 14 2a 04 f9 90 5b 01 c0 8b 05 32 79 01 00 c4 50 a8 b7 9e 55 20 53 b1 18 b2 81 1c 06 08 79 9e 8a b3 d5 bc 5a c5 99 6a de 39
                              Data Ascii: PNGIHDR"lfiCCPICC ProfileH\SW$@dD SFA*X*8*ZhR"Yu*ZB!;{{}]t2Y@@"ux'..@]^]P.|PC*[2yPU SyZj9
                              2022-11-29 18:04:55 UTC792INData Raw: 21 ec 45 e0 67 c6 d0 e7 0a fa 5c ba 8f 0b 53 65 66 cc 33 de 51 11 b9 32 19 57 52 77 f2 c3 d9 81 91 1f 45 5e 3e fa cd 52 9a d9 19 73 f6 d4 5a 02 14 f8 d6 0e 0d 1d 4b 1d 81 28 df 5e ea b9 97 53 d7 b5 75 3b 24 8b 53 15 ef c6 e4 d9 e2 ba bb f0 03 12 48 2d 01 59 28 6b cb c1 e5 c9 b8 92 af 9e 05 63 5e 7e 16 46 99 7d 74 80 00 05 be 03 83 44 17 53 40 40 ea da 57 24 df be 91 82 ce 74 d1 85 06 4a 7e 8a b0 af 73 b1 ae 2e 68 71 97 b4 13 28 20 b2 bd e5 21 cb 13 72 33 51 47 1f a9 4a b2 f2 ad 94 d3 a4 91 00 09 18 21 40 81 6f 04 3b 1b cd 14 01 6f 11 69 39 52 df 1e 39 e8 69 37 1f 17 32 92 8a 53 41 d9 cb 2c cd 2f 48 fb b8 b2 7f f1 10 18 da aa d4 b6 cb 30 21 35 23 c2 77 78 17 84 fe 01 b0 83 e0 a7 91 00 09 68 25 40 81 af 15 37 1b cb 1c 81 3a 16 6e aa a3 c6 7d da 4d 2a e3 48
                              Data Ascii: !Eg\Sef3Q2WRwE^>RsZK(^Su;$SH-Y(kc^~F}tDS@@W$tJ~s.hq( !r3QGJ!@o;oi9R9i72SA,/H0!5#wxh%@7:n}M*H
                              2022-11-29 18:04:55 UTC800INData Raw: c3 fd 76 d1 aa ef 79 35 cc 1f 98 2f 23 5f 1e ab 48 75 af d1 a3 48 7d 75 1e 79 f6 5d e4 d8 af ee b0 34 51 9e eb 5d dc cb 31 8a f3 98 a8 db 83 8f cd 76 b7 20 67 5e 16 b7 ea d5 26 10 c9 ef 35 9b 46 d2 75 c6 76 62 11 ad b1 de 26 d8 16 46 0b 6a 74 e7 04 2e 10 30 59 35 05 8b 6c 0d 6d df 85 32 9a e7 5b dd 97 fc ae 4b 55 7e fb c1 5e 4f 0b 3d fb 4b 95 9a 3d 4f 40 84 dc f2 c9 cb 5c fc 4a cf f9 c0 56 d6 25 40 81 bf 2e 1a 7e 10 2b 01 a9 98 23 95 73 7a 51 4a b1 3a d0 c5 c1 02 08 b9 99 af d9 29 a0 65 89 79 88 7b 9b 27 d5 fa 25 d4 b8 3f f5 40 17 a0 ed de 45 ea d4 57 e7 4a 51 69 cb 5e 3d 95 74 1c 11 f7 61 b7 f9 3b 2b 0d 88 36 af 20 72 2f 93 6a 7b 35 89 f6 4b fe 7d 3f 36 82 34 9d b1 1e d2 74 9a 6d 48 fc 59 44 fe 66 15 76 9a fb af 7e 1e 99 c8 ab b1 1d f9 8e e5 35 57 ef d7
                              Data Ascii: vy5/#_HuH}uy]4Q]1v g^&5Fuvb&Fjt.0Y5lm2[KU~^O=K=O@\JV%@.~+#szQJ:)ey{'%?@EWJQi^=ta;+6 r/j{5K}?64tmHYDfv~5W
                              2022-11-29 18:04:55 UTC807INData Raw: 21 da 6e 70 7d a5 33 7e d9 23 f0 cf b8 64 ec 85 2c 78 d5 a8 98 17 f9 75 8d 25 6c fd e2 29 cc c3 30 b4 9a b5 14 37 a8 1e 35 36 de 6c 98 04 5c 26 30 e4 b2 f3 f4 9d 04 74 10 08 eb 33 2a 37 bc 53 47 53 6b da 90 e5 e2 65 72 6d 6e 68 78 cd f6 24 de 44 c2 65 71 01 6d e5 92 38 7c d7 c7 f4 20 9e 64 61 21 65 38 f4 10 f8 a1 ca 99 45 71 86 19 fd 58 46 e1 a3 6c a9 e9 f3 42 3c 91 92 99 23 db 0a cb 4e 19 fa 6f 80 bb 7a 5e a5 aa 86 b7 6d d3 e2 41 50 9e 55 43 bb 1f a6 a5 ad d6 46 c2 da 29 95 1b bf b0 75 33 df 93 00 09 6c 42 80 02 7f 13 40 fc 98 04 0a e7 be c0 08 04 6f ea d3 aa 70 f6 cd 5a da ae cf 1e 53 b9 9d 43 aa a0 cc fe 49 a8 4f 55 55 61 87 61 75 2f c4 eb be ca 5b 20 f0 f3 75 64 28 98 1d 92 e8 fc cb 8d 43 5b db e0 c7 d6 bc ca 9b d5 d6 2a 28 84 aa b0 67 4c cb ef 72 a3
                              Data Ascii: !np}3~#d,xu%l)0756l\&0t3*7SGSkermnhx$Deqm8| da!e8EqXFlB<#Noz^mAPUCF)u3lB@opZSCIOUUaau/[ ud(C[*(gLr
                              2022-11-29 18:04:55 UTC851INData Raw: df 69 db a6 6b c3 77 b1 52 6b 27 93 bb 0d ba 6c 62 eb 16 4c ba fd fd 8e f9 ed 12 dd 7f ff 9b fe 4a 97 2b ea da bf 6f cf 8d bf ea f1 57 a1 1a ce c1 81 7c 78 d6 0b 9f dd 56 35 67 bd bb 05 03 35 c4 2f 93 00 09 90 40 8c 04 18 c1 8f 11 26 0f 45 02 24 90 5e 02 67 9d b3 5f dd 7e e3 ed 6b 3a 28 15 6b a4 7a cc 79 eb d4 a4 5f b3 73 cc 6f 3a 5d 5c c8 aa ba e7 5d 74 5e cc 2d 6d 7c 38 29 27 f9 ff fd f1 cb d5 9f be e6 ed 6d 3b 4a 4e fc 65 8f ba 4c fd d8 4f fd 78 db 67 71 6e b8 f5 db b7 a8 fb 6e bf b7 ed 90 b2 d8 d5 2b 7f ea e5 6d db 7b dd 10 86 6b 53 b3 e4 fb 9f fd b7 cf a8 e7 ff fa cf aa 89 ad 13 bd 1e 8e fb 93 00 09 90 40 e2 04 28 f0 13 47 cc 06 48 80 04 d2 40 e0 51 8f 7d 94 fa f2 f5 ed 8b 3c 7d 05 e9 1a 3f fb b2 9f d3 da c5 53 47 4f aa c3 77 1f 6e 6b 53 26 bf 9a b0
                              Data Ascii: ikwRk'lbLJ+oW|xV5g5/@&E$^g_~k:(kzy_so:]\]t^-m|8)'m;JNeLOxgqnn+m{kS@(GH@Q}<}?SGOwnkS&
                              2022-11-29 18:04:55 UTC859INData Raw: b9 f2 e5 36 7d 8a 96 29 42 5e 3e de 5a 98 1c dd e6 db 37 6f a8 4d c5 d6 c4 0f 4a 31 45 4b 7e 91 11 91 f4 eb be 5f e9 c4 9e 63 74 ee f8 39 7a f5 f2 55 cc ae 63 fd ed 97 ce 9f 3e 69 f2 09 7d f2 59 2d f2 4f ef 1f 6b 5d 14 82 00 08 80 80 b3 08 c0 c1 77 16 79 f4 0b 02 6e 4c e0 c9 3f 4f 1c 36 ba 77 ff be 23 6e 8f 3f 61 21 61 74 e6 c8 69 5a 30 76 be 69 35 b5 44 c5 12 54 b7 75 7d a7 39 fb ec 18 6e 59 b1 59 3a d6 a0 45 81 ba 39 f8 f6 f2 66 27 9b 9d 5e fe dc be 71 9b 4e 1d 3a 65 1a 53 b2 e4 c9 a8 7c cd f2 f4 49 d3 da 94 bf 58 7e e9 38 ed 55 f2 4b 1e b5 73 6f 6f 9b 96 ee 7f 12 f9 98 56 ce 5e 49 5b 57 6e 55 de 18 bc b1 54 2d 56 7d c4 bd 87 b4 72 d6 0a 5a 33 67 35 95 a9 5e 96 ea 34 af 43 05 4b 15 8a f5 1e 14 82 00 08 80 80 de 04 e0 e0 eb 4d 1c fd 81 00 08 38 84 c0 dd
                              Data Ascii: 6})B^>Z7oMJ1EK~_ct9zUc>i}Y-Ok]wynL?O6w#n?a!atiZ0vi5DTu}9nYY:E9f'^qN:eS|IX~8UKsooV^I[WnUT-V}rZ3g5^4CKM8


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              13192.168.2.349720139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC815OUTGET /1/frontend/web/images/listenlive.png HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC865INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:55 GMT
                              Server: Apache
                              Last-Modified: Thu, 19 Mar 2015 05:44:44 GMT
                              Accept-Ranges: bytes
                              Content-Length: 1683
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:55 UTC865INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 74 00 00 00 14 08 06 00 00 00 5c 6e 19 7d 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 22 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 33 2d 63 30 31 31 20 36 36 2e 31 34 35 36 36 31 2c 20 32 30 31 32 2f 30 32 2f 30 36 2d 31 34 3a 35 36 3a 32 37 20 20
                              Data Ascii: PNGIHDRt\n}tEXtSoftwareAdobe ImageReadyqe<"iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              14192.168.2.349721139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC831OUTGET /1/frontend/web/images/icons.png HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC867INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:55 GMT
                              Server: Apache
                              Last-Modified: Thu, 19 Mar 2015 05:44:42 GMT
                              Accept-Ranges: bytes
                              Content-Length: 1934
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:55 UTC867INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 5e 00 00 00 14 08 06 00 00 00 04 11 8a 64 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 22 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 33 2d 63 30 31 31 20 36 36 2e 31 34 35 36 36 31 2c 20 32 30 31 32 2f 30 32 2f 30 36 2d 31 34 3a 35 36 3a 32 37 20 20
                              Data Ascii: PNGIHDR^dtEXtSoftwareAdobe ImageReadyqe<"iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              15192.168.2.349722139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:56 UTC869OUTGET /1/frontend/web/css/FrutigerLTArabic-55Roman.ttf HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              Origin: https://honapalestine.com
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: font
                              Referer: https://honapalestine.com/1/frontend/web/css/site.css
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:56 UTC870INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:56 GMT
                              Server: Apache
                              Last-Modified: Fri, 20 Mar 2015 08:10:18 GMT
                              Accept-Ranges: bytes
                              Content-Length: 141480
                              Connection: close
                              Content-Type: font/ttf
                              2022-11-29 18:04:56 UTC871INData Raw: 00 01 00 00 00 16 01 00 00 04 00 60 44 53 49 47 fe 39 04 63 00 02 13 44 00 00 15 64 47 44 45 46 17 d0 19 3c 00 01 f4 e4 00 00 00 70 47 50 4f 53 48 51 18 c9 00 01 f5 54 00 00 0f 94 47 53 55 42 bc 4a 24 c6 00 02 04 e8 00 00 0e 32 4c 49 4e 4f fd f6 25 23 00 02 13 1c 00 00 00 28 4c 54 53 48 90 26 84 fe 00 00 3e 28 00 00 02 33 4f 53 2f 32 3b 22 c8 d7 00 00 01 e8 00 00 00 60 56 44 4d 58 f1 b6 dc 63 00 00 40 5c 00 00 0b ba 63 6d 61 70 f1 6c 0f cd 00 00 2c 5c 00 00 0d 6a 63 76 74 20 02 05 12 68 00 00 4e 00 00 00 00 22 66 70 67 6d 06 59 9c 37 00 00 4c 8c 00 00 01 73 67 61 73 70 00 17 00 09 00 00 02 48 00 00 00 10 67 6c 79 66 d3 bb 0d 22 00 00 56 e0 00 01 85 40 68 65 61 64 ef cd 34 d8 00 00 01 6c 00 00 00 36 68 68 65 61 14 88 06 2a 00 00 01 a4 00 00 00 24 68 6d 74
                              Data Ascii: `DSIG9cDdGDEF<pGPOSHQTGSUBJ$2LINO%#(LTSH&>(3OS/2;"`VDMXc@\cmapl,\jcvt hN"fpgmY7LsgaspHglyf"V@head4l6hhea*$hmt
                              2022-11-29 18:04:56 UTC881INData Raw: 75 00 66 00 69 00 20 00 73 00 74 00 79 00 6c 00 65 00 20 00 74 00 68 00 61 00 74 00 20 00 72 00 65 00 66 00 65 00 72 00 73 00 20 00 74 00 6f 00 20 00 68 00 61 00 6e 00 64 00 77 00 72 00 69 00 74 00 69 00 6e 00 67 00 20 00 73 00 74 00 72 00 75 00 63 00 74 00 75 00 72 00 65 00 73 00 20 00 61 00 6e 00 64 00 20 00 73 00 6c 00 69 00 67 00 68 00 74 00 20 00 6d 00 6f 00 64 00 75 00 6c 00 61 00 74 00 69 00 6f 00 6e 00 20 00 74 00 6f 00 20 00 61 00 63 00 68 00 69 00 65 00 76 00 65 00 20 00 61 00 20 00 6d 00 6f 00 72 00 65 00 20 00 69 00 6e 00 66 00 6f 00 72 00 6d 00 61 00 6c 00 20 00 61 00 6e 00 64 00 20 00 66 00 72 00 69 00 65 00 6e 00 64 00 6c 00 79 00 20 00 76 00 65 00 72 00 73 00 69 00 6f 00 6e 00 20 00 6f 00 66 00 20 00 74 00 68 00 65 00 20 00 6f 00 74 00 68
                              Data Ascii: ufi style that refers to handwriting structures and slight modulation to achieve a more informal and friendly version of the oth
                              2022-11-29 18:04:56 UTC888INData Raw: a1 01 51 a2 01 51 51 01 01 01 01 33 51 a1 a1 51 01 be 01 51 01 16 01 01 01 01 01 e9 01 2e 2e 6c 01 83 69 5c 56 56 56 56 56 56 6c a2 a2 a2 a2 01 01 01 01 51 a1 a1 a1 a1 a1 51 51 51 51 01 7a 01 01 55 62 50 94 3e 3e 42 ac b3 01 0a 69 3f 01 01 01 01 51 61 01 45 56 2f d2 f4 4c 38 a1 01 01 50 01 01 01 18 57 57 60 2e 2e 69 0a 25 01 01 59 59 ab ab 01 53 01 01 d9 01 b3 01 01 01 01 01 ab 59 32 2e 01 2e 01 01 01 01 01 01 69 69 69 5c 5c 5c 01 b3 af b1 b1 01 b3 b1 b0 01 b3 01 60 01 01 43 57 01 be 01 01 a1 a1 01 59 13 84 82 37 3a 37 01 53 52 60 7b f5 ff fa ff 01 fe eb eb f7 01 01 01 01 11 25 01 25 01 5b 58 25 01 01 95 01 01 25 03 34 01 01 38 b9 64 34 95 01 38 34 95 01 38 15 01 01 01 15 01 01 01 15 01 01 01 c8 5d 01 01 95 0b 01 0b 30 21 2c 2d 30 21 2c 2d 31 30 19 2e 31
                              Data Ascii: QQQ3QQQ..li\VVVVVVlQQQQQzUbP>>Bi?QaEV/L8PWW`..i%YYSY2..iii\\\`CWY7:7SR`{%%[X%%48d4848]0!,-0!,-10.1
                              2022-11-29 18:04:56 UTC896INData Raw: 00 18 00 0e 00 28 00 0e 00 38 00 0e 00 48 00 0e 00 58 00 0e 00 68 00 0e 00 78 00 0e 00 88 00 0e 00 98 00 0e 00 0a 5d b8 00 1c 10 b9 00 34 00 02 f4 41 15 00 07 00 34 00 17 00 34 00 27 00 34 00 37 00 34 00 47 00 34 00 57 00 34 00 67 00 34 00 77 00 34 00 87 00 34 00 97 00 34 00 0a 5d 41 05 00 a6 00 34 00 b6 00 34 00 02 5d b8 00 00 10 b9 00 4e 00 02 f4 41 05 00 a9 00 4e 00 b9 00 4e 00 02 5d 41 15 00 08 00 4e 00 18 00 4e 00 28 00 4e 00 38 00 4e 00 48 00 4e 00 58 00 4e 00 68 00 4e 00 78 00 4e 00 88 00 4e 00 98 00 4e 00 0a 5d 30 31 01 32 3e 04 35 3c 01 2e 03 23 22 0e 04 15 14 1e 04 01 22 2e 02 35 3e 03 33 32 1e 02 15 14 0e 02 03 33 01 23 25 32 3e 04 35 34 2e 02 23 22 0e 04 15 14 1e 04 01 22 2e 02 35 3e 03 17 32 1e 02 15 14 0e 02 02 14 1e 2b 1c 10 08 02 05 0f 1c
                              Data Ascii: (8HXhx]4A44'474G4W4g4w444]A44]NANN]ANN(N8NHNXNhNxNNN]012>5<.#"".5>323#%2>54.#"".5>2+
                              2022-11-29 18:04:56 UTC907INData Raw: 00 0d 2f 1b b9 00 0d 00 0d 3e 59 b8 00 00 45 58 b8 00 18 2f 1b b9 00 18 00 05 3e 59 b9 00 00 00 01 f4 b8 00 0d 10 b9 00 0b 00 01 f4 30 31 25 33 32 3e 02 35 34 2e 02 2b 01 27 21 32 04 16 12 15 14 02 06 04 23 21 01 77 d7 84 cc 8b 48 50 8d bf 6f ef cd 01 a6 9f 01 15 cf 77 6a c6 fe e6 b0 fe 5a b4 41 85 cb 8a 7d c5 88 48 b5 60 b5 fe fb a5 b4 fe ef b6 5c 00 00 00 01 00 c1 00 00 03 e1 05 96 00 0b 00 55 bb 00 03 00 04 00 00 00 04 2b b8 00 03 10 b8 00 07 d0 00 b8 00 00 45 58 b8 00 00 2f 1b b9 00 00 00 0d 3e 59 b8 00 00 45 58 b8 00 0a 2f 1b b9 00 0a 00 05 3e 59 bb 00 05 00 01 00 06 00 04 2b b8 00 00 10 b9 00 02 00 01 f4 b8 00 0a 10 b9 00 08 00 01 f4 30 31 13 21 15 21 11 21 15 21 11 21 15 21 c1 03 20 fd ac 02 1f fd e1 02 54 fc e0 05 96 b5 fe 5e b4 fe 29 b4 00 00 00
                              Data Ascii: />YEX/>Y01%32>54.+'!2#!wHPowjZA}H`\U+EX/>YEX/>Y+01!!!!!! T^)
                              2022-11-29 18:04:56 UTC914INData Raw: 00 14 00 04 f4 ba 00 1e 00 32 00 0f 11 12 39 b8 00 27 10 b8 00 29 d0 b8 00 29 2f b8 00 27 10 b8 00 3e d0 b8 00 3e 2f ba 00 3f 00 27 00 14 11 12 39 b8 00 27 10 b8 00 40 d0 b8 00 40 2f b8 00 14 10 b8 00 43 dc 00 b8 00 00 45 58 b8 00 40 2f 1b b9 00 40 00 0b 3e 59 b8 00 00 45 58 b8 00 39 2f 1b b9 00 39 00 0b 3e 59 b8 00 00 45 58 b8 00 18 2f 1b b9 00 18 00 07 3e 59 b8 00 00 45 58 b8 00 2d 2f 1b b9 00 2d 00 05 3e 59 b9 00 00 00 02 f4 41 15 00 07 00 00 00 17 00 00 00 27 00 00 00 37 00 00 00 47 00 00 00 57 00 00 00 67 00 00 00 77 00 00 00 87 00 00 00 97 00 00 00 0a 5d 41 05 00 a6 00 00 00 b6 00 00 00 02 5d b8 00 39 10 b9 00 0a 00 02 f4 41 05 00 a9 00 0a 00 b9 00 0a 00 02 5d 41 15 00 08 00 0a 00 18 00 0a 00 28 00 0a 00 38 00 0a 00 48 00 0a 00 58 00 0a 00 68 00 0a
                              Data Ascii: 29'))/'>>/?'9'@@/CEX@/@>YEX9/9>YEX/>YEX-/->YA'7GWgw]A]9A]A(8HXh
                              2022-11-29 18:04:56 UTC922INData Raw: 59 26 24 23 3a 29 26 26 26 39 25 17 2d 10 23 79 63 a1 72 3e 4d 8b c4 78 3e 40 46 26 03 64 17 16 42 6e 8c 4b 45 8c 70 46 1f 1c ac 1c 0f 62 04 0a 27 27 47 33 48 2d 15 15 16 46 0e 11 14 14 36 29 27 0a 06 27 a2 10 61 8e b5 64 77 c9 91 52 0d 0c 10 00 00 ff ff 00 5e ff e7 04 14 05 cd 02 26 00 48 00 00 00 07 00 8d 01 1d 00 00 ff ff 00 5e ff e7 04 14 05 cd 02 26 00 48 00 00 00 07 00 43 01 1d 00 00 ff ff 00 5e ff e7 04 14 05 cd 02 26 00 48 00 00 00 07 00 d6 01 1d 00 00 ff ff 00 5e ff e7 04 14 05 81 02 26 00 48 00 00 00 07 00 8e 01 1d 00 00 ff ff 00 96 00 00 02 2b 05 cd 02 26 00 d5 00 00 00 06 00 8d 00 00 00 00 ff ff 00 0e 00 00 01 a4 05 cd 02 26 00 d5 00 00 00 06 00 43 00 00 00 00 ff ff ff f4 00 00 02 46 05 cd 02 26 00 d5 00 00 00 06 00 d6 00 00 00 00 ff ff 00 14
                              Data Ascii: Y&$#:)&&&9%-#ycr>Mx>@F&dBnKEpFb''G3H-F6)''adwR^&H^&HC^&H^&H+&&CF&
                              2022-11-29 18:04:56 UTC930INData Raw: 87 00 2c 00 97 00 2c 00 0a 5d 41 05 00 a6 00 2c 00 b6 00 2c 00 02 5d 30 31 01 14 06 23 22 2e 02 23 22 07 06 07 06 14 17 1e 01 15 17 11 14 06 07 06 07 06 07 06 23 22 2e 02 35 34 3e 02 33 32 1e 02 33 32 37 36 37 3e 01 27 26 34 35 11 34 26 3e 03 33 32 1e 02 03 5c 33 23 18 21 19 15 0c 1e 0f 0e 03 02 01 01 01 02 01 01 01 19 16 37 34 65 18 32 29 1a 0d 15 1b 0e 19 1f 17 11 0b 1a 0e 0d 03 02 01 01 01 04 08 19 39 61 4b 1b 39 2f 1f 05 d7 25 29 1b 21 1c 29 2a 32 1a 30 17 17 1d 06 50 fb e9 24 51 2d 58 54 50 39 37 0d 1a 28 1b 0f 1a 15 0c 1b 20 1b 2d 2b 3a 1c 33 19 19 1d 05 04 23 31 7d 81 7d 61 3b 0c 1c 2c 00 00 00 00 02 00 2f 03 1b 02 b4 05 ae 00 0f 00 3a 01 1a b8 00 3b 2f b8 00 0c 2f b8 00 3b 10 b8 00 27 d0 b8 00 27 2f b9 00 05 00 03 f4 41 0f 00 06 00 05 00 16 00 05
                              Data Ascii: ,,]A,,]01#".#"#".54>3232767>'&454&>32\3#!74e2)9aK9/%)!)*20P$Q-XTP97( -+:3#1}}a;,/:;//;''/A
                              2022-11-29 18:04:56 UTC938INData Raw: 14 0e 02 27 32 3e 04 35 3c 01 2e 03 23 22 0e 04 15 14 1e 04 13 33 01 23 13 22 2e 02 35 3e 03 17 32 1e 02 15 14 0e 02 01 39 1e 2b 1c 10 08 02 05 0f 1c 2d 22 1f 2b 1d 0f 08 01 01 08 0f 1d 2b 05 ad 58 76 48 1e 01 1a 44 77 5e 5d 77 45 1a 1e 47 76 58 1e 2a 1c 10 08 02 01 06 0e 1d 2d 21 20 2b 1c 0f 08 01 01 08 0f 1c 2b fd 6b 58 76 47 1e 1a 44 78 5d 5d 77 45 1b 1e 48 76 58 1e 2b 1c 10 08 02 05 0f 1c 2d 22 1f 2b 1c 10 07 02 02 07 10 1c 2b 24 93 fc 89 93 99 58 76 47 1e 01 19 44 77 5e 5d 77 45 1b 1e 48 76 03 0a 1c 2d 3a 3b 37 15 17 39 3c 38 2c 1b 1c 2d 39 3c 38 15 14 38 3b 3a 2d 1c fc dd 46 73 93 4e 52 95 71 42 43 72 94 51 4e 93 73 46 90 1b 2d 3a 3b 38 15 17 3a 3b 38 2c 1a 1b 2d 39 3b 39 15 15 38 3b 3a 2d 1b 90 46 73 93 4e 52 95 71 42 43 72 94 51 4e 93 73 46 90 1b
                              Data Ascii: '2>5<.#"3#".5>29+-"++XvHDw^]wEGvX*-! ++kXvGDx]]wEHvX+-"++$XvGDw^]wEHv-:;79<8,-9<88;:-FsNRqBCrQNsF-:;8:;8,-9;98;:-FsNRqBCrQNsF
                              2022-11-29 18:04:56 UTC946INData Raw: 37 00 1b 00 47 00 1b 00 57 00 1b 00 67 00 1b 00 77 00 1b 00 87 00 1b 00 97 00 1b 00 0a 5d 41 05 00 a6 00 1b 00 b6 00 1b 00 02 5d b8 00 23 10 b8 00 33 d0 b8 00 27 10 b8 00 37 d0 b8 00 2b 10 b8 00 3b d0 b8 00 2f 10 b8 00 3f d0 b8 00 43 10 b8 00 4c d0 b8 00 47 10 b8 00 50 d0 b8 00 55 10 b8 00 5e d0 b8 00 59 10 b8 00 62 d0 30 31 13 34 33 32 16 15 14 23 22 25 34 33 32 15 14 23 22 01 34 33 32 15 14 23 22 11 34 33 32 15 14 23 22 01 34 33 32 15 14 23 22 11 34 33 32 15 14 23 22 01 34 33 32 15 14 23 22 11 34 33 32 15 14 23 22 13 34 33 32 15 14 23 22 25 34 36 33 32 15 14 23 22 26 01 34 33 32 15 14 23 22 25 34 36 33 32 15 14 23 22 26 39 2f 19 1b 34 2f 02 65 2f 31 31 2f fe cc 32 31 31 32 32 31 31 32 01 0d 31 2f 2f 31 31 2f 2f 31 fd e9 2f 34 34 2f 2f 34 34 2f 73 2d 33
                              Data Ascii: 7GWgw]A]#3'7+;/?CLGPU^Yb01432#"%432#"432#"432#"432#"432#"432#"432#"432#"%4632#"&432#"%4632#"&9/4/e/11/211221121//11//1/44//44/s-3
                              2022-11-29 18:04:56 UTC954INData Raw: 00 03 f4 ba 00 28 00 0d 00 10 11 12 39 b8 00 2b dc 00 b8 00 00 45 58 b8 00 0e 2f 1b b9 00 0e 00 0d 3e 59 b8 00 00 45 58 b8 00 00 2f 1b b9 00 00 00 05 3e 59 bb 00 15 00 01 00 21 00 04 2b b8 00 00 10 b9 00 09 00 01 f4 ba 00 10 00 00 00 0e 11 12 39 b8 00 28 d0 b8 00 29 d0 30 31 31 22 26 3d 01 34 3e 02 3b 01 3e 01 37 11 33 11 3e 03 33 32 1e 02 15 11 03 34 2e 02 23 22 0e 04 07 21 24 24 0b 14 1a 0f f1 0e 2e 20 b4 2a 5e 69 74 3f 73 a3 69 31 b4 2b 4a 64 39 3e 72 64 55 44 32 0e 02 ff 18 1d 45 13 17 0c 04 2e 6d 3b 04 13 fc e8 2b 4a 36 1e 4c 86 b4 69 fe a1 01 4b 61 82 4f 21 2b 4a 61 6d 72 35 00 00 00 00 02 ff b8 00 00 06 6a 05 9d 00 25 00 33 00 85 b8 00 34 2f b8 00 26 2f b8 00 34 10 b8 00 0d d0 b8 00 0d 2f b9 00 10 00 03 f4 b8 00 26 10 b9 00 1a 00 03 f4 ba 00 32 00
                              Data Ascii: (9+EX/>YEX/>Y!+9()011"&=4>;>73>324.#"!$$. *^it?si1+Jd9>rdUD2E.m;+J6LiKaO!+Jamr5j%34/&/4/&2
                              2022-11-29 18:04:56 UTC962INData Raw: 00 0a 00 01 00 26 00 04 2b b8 00 1d 10 b9 00 13 00 01 f4 ba 00 23 00 1d 00 13 11 12 39 30 31 01 0e 03 15 14 1e 02 33 32 36 3f 01 14 1e 02 3b 01 32 16 1d 01 14 0e 02 2b 01 22 2e 02 27 0e 01 23 22 2e 02 35 34 3e 04 37 35 33 02 68 64 a4 76 41 25 3c 4a 26 47 77 30 b3 09 1d 34 2b 46 24 24 0b 14 1a 0f 73 43 5d 3d 21 08 4a 86 45 3c 7a 63 3f 3e 65 82 89 84 36 b3 02 a0 13 34 45 56 36 2c 3c 24 10 24 20 10 28 36 20 0e 18 1d 45 13 17 0c 04 19 29 37 1e 2d 26 22 49 72 50 4b 77 5e 46 35 26 0f 6a 00 00 02 00 93 fe 55 03 b1 03 26 00 14 00 36 00 be b8 00 37 2f b8 00 05 2f b8 00 37 10 b8 00 1f d0 b8 00 1f 2f b9 00 10 00 03 f4 41 0f 00 06 00 10 00 16 00 10 00 26 00 10 00 36 00 10 00 46 00 10 00 56 00 10 00 66 00 10 00 07 5d 41 05 00 75 00 10 00 85 00 10 00 02 5d b8 00 05 10
                              Data Ascii: &+#901326?;2+".'#".54>753hdvA%<J&Gw04+F$$sC]=!JE<zc?>e64EV6,<$$ (6 E)7-&"IrPKw^F5&jU&67//7/A&6FVf]Au]
                              2022-11-29 18:04:56 UTC970INData Raw: 9f fe 1a ff ff 00 00 00 00 02 fd 03 45 02 06 01 6f 00 00 ff ff 00 00 00 00 04 2e 03 ab 02 06 01 73 00 00 00 01 ff b8 00 00 01 85 00 b4 00 13 00 22 ba 00 00 00 0b 00 03 2b 00 b8 00 00 45 58 b8 00 05 2f 1b b9 00 05 00 05 3e 59 b9 00 0f 00 01 f4 30 31 25 14 0e 02 23 21 22 2e 02 3d 01 34 36 33 21 32 16 15 01 85 0b 14 1a 0f fe c3 0f 1a 14 0b 24 24 01 3d 24 24 3a 13 17 0c 04 04 0c 17 13 45 1d 18 18 1d 00 00 00 01 ff b8 00 00 00 f6 00 b4 00 13 00 24 bb 00 00 00 04 00 0b 00 04 2b 00 b8 00 00 45 58 b8 00 05 2f 1b b9 00 05 00 05 3e 59 b9 00 0f 00 01 f4 30 31 37 14 0e 02 2b 01 22 2e 02 3d 01 34 36 3b 01 32 16 15 f6 0b 14 1a 0f ae 0f 1a 14 0b 24 24 ae 24 24 3a 13 17 0c 04 04 0c 17 13 45 1d 18 18 1d 00 00 00 00 01 ff b8 00 00 01 f7 00 b4 00 13 00 22 ba 00 00 00 0b 00
                              Data Ascii: Eo.s"+EX/>Y01%#!".=463!2$$=$$:E$+EX/>Y017+".=46;2$$$$:E"
                              2022-11-29 18:04:56 UTC978INData Raw: 27 26 23 22 07 06 07 1e 01 33 32 36 37 36 01 14 07 06 23 22 27 06 23 22 27 26 23 22 07 06 23 22 35 34 33 32 36 37 36 37 36 33 32 17 16 33 32 37 36 33 32 15 14 06 07 16 17 32 35 34 01 07 05 37 01 06 15 14 33 32 37 01 14 23 22 27 06 23 22 35 34 3f 01 06 33 32 37 27 37 17 16 33 32 2f 01 37 16 01 0e 01 07 06 07 06 33 32 37 13 26 27 26 23 22 15 14 17 16 33 32 25 26 23 22 07 16 33 32 08 23 20 20 20 5d 91 17 31 1a 31 1d 08 2d 55 0e 50 16 0e 25 26 86 04 2b 42 31 4c 3a 32 32 35 36 49 3c 35 33 34 26 25 66 67 22 22 cf b9 c4 2f 3d 38 35 54 82 fe ee 2a 46 1f 08 0a 13 1d 5a 01 0e e8 6a 1f 1a 08 18 0c 2b 35 2f 2b 19 08 14 3f 1b 0f 01 02 12 23 18 5a 2f 33 20 59 62 26 5d 67 91 c7 5e 77 04 2d 23 12 18 20 10 1b 28 55 1b 3b 0f 22 22 0a 16 0c 31 1f 27 0a 45 14 25 25 20 06 07
                              Data Ascii: '&#"32676#"'#"'&#"#"543267676323276322547327#"'#"54?327'732/7327&'&#"32%&#"32# ]11-UP%&+B1L:2256I<534&%fg""/=85T*FZj+5/+?#Z/3 Yb&]g^w-# (U;""1'E%%
                              2022-11-29 18:04:56 UTC985INData Raw: 16 0b 14 39 43 49 23 34 5a 43 27 03 04 85 02 10 22 37 27 22 41 38 2d 0e 08 89 79 78 a9 69 30 07 0e 13 0c 00 02 00 28 ff de 03 f3 05 6e 00 1f 00 3d 00 b3 b8 00 3e 2f b8 00 20 2f 41 05 00 7a 00 20 00 8a 00 20 00 02 5d 41 0f 00 09 00 20 00 19 00 20 00 29 00 20 00 39 00 20 00 49 00 20 00 59 00 20 00 69 00 20 00 07 5d b9 00 07 00 03 f4 b8 00 3e 10 b8 00 19 d0 b8 00 19 2f b9 00 2e 00 03 f4 41 0f 00 06 00 2e 00 16 00 2e 00 26 00 2e 00 36 00 2e 00 46 00 2e 00 56 00 2e 00 66 00 2e 00 07 5d 41 05 00 75 00 2e 00 85 00 2e 00 02 5d b8 00 07 10 b8 00 3f dc 00 bb 00 33 00 01 00 14 00 04 2b bb 00 00 00 01 00 27 00 04 2b b8 00 14 10 b8 00 0c d0 b8 00 0c 2f b8 00 33 10 b8 00 39 d0 b8 00 39 2f 30 31 01 32 1e 04 15 14 0e 02 23 22 2e 02 27 0e 01 23 22 2e 02 35 34 3e 04 01 34
                              Data Ascii: 9CI#4ZC'"7'"A8-yxi0(n=>/ /Az ]A ) 9 I Y i ]>/.A..&.6.F.V.f.]Au..]?3+'+/399/012#".'#".54>4
                              2022-11-29 18:04:56 UTC993INData Raw: 00 24 2f b8 00 12 2f b8 00 24 10 b8 00 00 d0 b8 00 00 2f b9 00 0a 00 04 f4 41 0d 00 06 00 0a 00 16 00 0a 00 26 00 0a 00 36 00 0a 00 46 00 0a 00 56 00 0a 00 06 5d 41 05 00 65 00 0a 00 75 00 0a 00 02 5d 41 05 00 6a 00 12 00 7a 00 12 00 02 5d 41 0d 00 09 00 12 00 19 00 12 00 29 00 12 00 39 00 12 00 49 00 12 00 59 00 12 00 06 5d b8 00 12 10 b9 00 1c 00 04 f4 b8 00 25 dc 00 bb 00 05 00 01 00 0f 00 04 2b b8 00 05 10 b8 00 17 d0 b8 00 0f 10 b8 00 21 d0 30 31 11 34 3e 02 33 32 1e 02 15 14 0e 02 23 22 26 25 34 3e 02 33 32 1e 02 15 14 0e 02 23 22 26 11 1c 27 16 16 27 1d 11 11 1d 27 16 2d 3d 01 1d 11 1c 27 16 16 27 1d 11 11 1d 27 16 2d 3d 04 6c 16 27 1d 11 11 1d 27 16 16 27 1c 11 3d 2d 16 27 1d 11 11 1d 27 16 16 27 1c 11 3d 00 00 00 03 00 00 04 02 01 f2 05 e3 00 11
                              Data Ascii: $//$/A&6FV]Aeu]Ajz]A)9IY]%+!014>32#"&%4>32#"&'''-='''-=l'''=-'''=
                              2022-11-29 18:04:56 UTC1001INData Raw: f8 00 e2 00 10 ff 68 00 e2 00 11 fe f8 00 e2 00 1d ff 44 00 e2 00 1e ff 44 00 e2 00 24 ff 8f 00 e2 00 44 ff 68 00 e2 00 48 ff 68 00 e2 00 4c ff b4 00 e2 00 52 ff 37 00 e2 00 53 ff 77 00 e2 00 54 ff 50 00 e2 00 58 ff 5e 00 e2 00 59 ff 9c 00 e2 00 62 ff 8f 00 e2 00 63 ff 8f 00 e2 00 69 ff 68 00 e2 00 6a ff 68 00 e2 00 6b ff 68 00 e2 00 6c ff 68 00 e2 00 6d ff 68 00 e2 00 6e ff 68 00 e2 00 70 ff 68 00 e2 00 71 ff 68 00 e2 00 72 ff 68 00 e2 00 73 ff 68 00 e2 00 79 ff 37 00 e2 00 7a ff 37 00 e2 00 7b ff 37 00 e2 00 7c ff 37 00 e2 00 7d ff 37 00 e2 00 7e ff 5e 00 e2 00 7f ff 5e 00 e2 00 80 ff 5e 00 e2 00 81 ff 5e 00 e2 00 ac ff 8f 00 e2 00 ad ff 8f 00 e2 00 c6 ff 8f 00 e2 00 c8 ff 8f 00 e8 00 0f ff 68 00 e8 00 11 ff 68 00 00 00 01 00 00 00 0c 00 00 00 28 00 30
                              Data Ascii: hDD$DhHhLR7SwTPX^Ybcihjhkhlhmhnhphqhrhshy7z7{7|7}7~^^^^hh(0
                              2022-11-29 18:04:56 UTC1009INData Raw: 36 38 36 33 35 37 30 44 33 44 44 31 44 46 37 43 35 35 41 00 00 00 01 00 01 00 01 00 00 00 01 00 00 15 50 00 00 00 14 00 00 00 00 00 00 15 48 30 82 15 44 06 09 2a 86 48 86 f7 0d 01 07 02 a0 82 15 35 30 82 15 31 02 01 01 31 0e 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 30 60 06 0a 2b 06 01 04 01 82 37 02 01 04 a0 52 30 50 30 2c 06 0a 2b 06 01 04 01 82 37 02 01 1c a2 1e 80 1c 00 3c 00 3c 00 3c 00 4f 00 62 00 73 00 6f 00 6c 00 65 00 74 00 65 00 3e 00 3e 00 3e 30 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 10 6d 68 4c 16 82 0b 3f dc 1c b3 05 50 12 a4 e2 4b a0 82 10 ee 30 82 03 7a 30 82 02 62 a0 03 02 01 02 02 10 38 25 d7 fa f8 61 af 9e f4 90 e7 26 b5 d6 5a d5 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 53 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 17 30
                              Data Ascii: 6863570D3DD1DF7C55APH0D*H50110*H0`+7R0P0,+7<<<Obsolete>>>0 0*HmhL?PK0z0b8%a&Z0*H0S10UUS10


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              16192.168.2.349723139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:56 UTC869OUTGET /1/frontend/web/images/playstore.png HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:56 UTC878INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:56 GMT
                              Server: Apache
                              Last-Modified: Thu, 19 Mar 2015 13:45:28 GMT
                              Accept-Ranges: bytes
                              Content-Length: 1932
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:56 UTC879INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 5f 00 00 00 17 08 06 00 00 00 6d 47 93 f4 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 22 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 33 2d 63 30 31 31 20 36 36 2e 31 34 35 36 36 31 2c 20 32 30 31 32 2f 30 32 2f 30 36 2d 31 34 3a 35 36 3a 32 37 20 20
                              Data Ascii: PNGIHDR_mGtEXtSoftwareAdobe ImageReadyqe<"iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              17192.168.2.349724139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:56 UTC870OUTGET /1/frontend/web/images/appstore.png HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:56 UTC904INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:56 GMT
                              Server: Apache
                              Last-Modified: Thu, 19 Mar 2015 13:45:32 GMT
                              Accept-Ranges: bytes
                              Content-Length: 1886
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:56 UTC904INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 5a 00 00 00 16 08 06 00 00 00 40 32 8b 15 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 22 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 33 2d 63 30 31 31 20 36 36 2e 31 34 35 36 36 31 2c 20 32 30 31 32 2f 30 32 2f 30 36 2d 31 34 3a 35 36 3a 32 37 20 20
                              Data Ascii: PNGIHDRZ@2tEXtSoftwareAdobe ImageReadyqe<"iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              18192.168.2.349726139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:56 UTC906OUTGET /1/frontend/web/images/bg.jpg HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:56 UTC1014INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:56 GMT
                              Server: Apache
                              Last-Modified: Thu, 19 Mar 2015 05:44:20 GMT
                              Accept-Ranges: bytes
                              Content-Length: 95466
                              Connection: close
                              Content-Type: image/jpeg
                              2022-11-29 18:04:56 UTC1014INData Raw: ff d8 ff e1 00 18 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 00 00 00 00 00 00 00 00 ff ec 00 11 44 75 63 6b 79 00 01 00 04 00 00 00 3c 00 00 ff e1 03 6f 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 33 2d 63 30 31 31 20 36 36 2e 31 34 35 36 36 31 2c 20 32 30 31 32 2f 30 32 2f 30 36 2d 31 34 3a 35 36 3a 32 37 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d
                              Data Ascii: ExifII*Ducky<ohttp://ns.adobe.com/xap/1.0/<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xm
                              2022-11-29 18:04:56 UTC1030INData Raw: 6e b2 fc 2f 1e e7 cd 8b 79 c1 6f e6 03 f0 65 b4 fd be c9 f2 a7 e1 d5 a2 bf 79 9b f9 eb 07 fe 52 df 61 75 be bf bf 7e 63 3b fa ff 00 55 a2 1e eb c4 96 24 f0 ed 70 ff 00 73 ad f5 fd dd 2f 9e 14 bd 1b 34 43 93 c7 b0 0d 96 44 f7 3e 57 46 bd ba 6d e2 b3 ba 59 f0 b5 b2 b4 c2 81 08 00 29 90 74 e8 94 73 a2 80 69 f7 26 29 c0 35 48 54 88 0d 85 6b 10 8f 99 b4 51 ca 5c 2a 2a 40 0e d3 96 51 27 02 21 fb 7e 0a b1 2b 6a 90 8a db 4d b0 a6 d1 39 58 1b 38 57 bb ab 23 d1 5e a3 9c 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 24 00 e7 44 14 ce e7 c4 7e 6b 0d bb 7e 97 9a aa 58 ac 20 20 20 20 20 20 20 20 cf 21 e6 3a 6a b9 af 96 a9 47 45 31 08 cb 07 b5 56 a6 3b 96 39 56 43 bd 13 e0
                              Data Ascii: n/yoeyRau~c;U$ps/4CD>WFmY)tsi&)5HTkQ\**@Q'!~+jM9X8W#^@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@$D~k~X !:jGE1V;9VC
                              2022-11-29 18:04:56 UTC1038INData Raw: 9f b5 6b 76 bf 4a 62 1b a5 fc bf 6a 8c d4 e1 54 af 84 27 2f 29 dc 59 ca a5 de 4b e1 69 ad b1 19 72 61 26 78 3b 64 28 bd 92 fc 26 69 4a ee a7 70 02 b6 97 42 33 aa 8d 77 99 f0 5d 6a e9 d9 58 8b 99 30 d0 fc 56 b7 69 85 24 aa 8d bc 68 12 47 d4 e7 4d 5c 6a b3 bb 6b 16 c5 a8 4b dc 2a 7d bb 49 1a 15 5b df 3c 61 6f c5 5c e5 df b7 8f 01 5e 04 fe 6c 14 76 ef 8d 66 3e 4e bd 79 e5 e7 f5 5c 8e 81 48 3a 02 21 d0 83 4f ee e5 fb 51 50 03 b0 f8 6a b7 fc b7 d7 0c fd 3f b6 59 8a c5 a2 55 59 3a e6 25 1c 10 a7 5d ac b9 46 d3 31 c2 e4 b9 cb a8 a1 a2 25 c2 e8 0a 07 11 29 43 55 31 15 ea 39 af 8d 13 2c 90 07 d2 41 fb 97 77 8d 63 97 ce c9 99 8f 4e 32 6d 5b 1d 8e ad ed c4 46 39 4e 33 12 8b 8d 33 f6 16 56 97 28 b1 47 26 f8 c6 07 19 05 80 3d 7b d6 5d 9b e2 2f a6 bc bc d9 ce 52 2e 57
                              Data Ascii: kvJbjT'/)YKira&x;d(&iJpB3w]jX0Vi$hGM\jkK*}I[<ao\^lvf>Ny\H:!OQPj?YUY:%]F1%)CU19,AwcN2m[F9N33V(G&={]/R.W
                              2022-11-29 18:04:56 UTC1046INData Raw: 45 59 79 5c d8 56 4c 2b 63 67 53 d0 2e 4e ff 00 d9 9a f1 3c b5 d3 af 3c d7 8f 66 e9 3c e5 99 48 b9 27 55 e4 6d 6d e6 ba e2 b6 38 c8 54 59 da b7 4a 52 70 00 07 e6 a7 5c da 6c e1 05 ce 9f e3 e2 a2 8d 15 51 28 b9 91 00 9d 02 db 4e bb 3c b3 db 64 a4 08 f0 ed 56 b3 08 47 78 00 36 5d 57 d9 38 3d 58 9e a3 e6 13 de 1e a8 fa b0 76 70 a3 de 27 d5 0b ef d9 54 8c 18 cb a7 cd 53 7d f1 38 5b 5d 73 50 e3 5b 6d 91 79 07 96 9a 7c 55 7a f6 b5 3b c9 0a 78 dc 63 11 6d a7 6d 92 94 88 72 da 4b a2 9d 3a b5 c6 6f 93 6d f6 f1 11 b9 b7 1d 83 74 5c 01 27 c6 8a bb f9 e1 3a ff 00 2a ed ab 92 00 94 a4 e1 dc 07 27 2a 9b eb b7 ca da dd 54 72 21 38 4c 89 c5 a7 a9 3d af 95 9f 66 b6 5e 57 d6 e6 70 a6 5a 2c ea f1 05 54 bb 14 83 a1 dc a9 43 ae c8 31 72 bd d3 8b 43 8d de a5 9f cb 1f c4 ac f6
                              Data Ascii: EYy\VL+cgS.N<<f<H'Umm8TYJRp\lQ(N<dVGx6]W8=Xvp'TS}8[]sP[my|Uz;xcmmrK:omt\':*'*Tr!8L=f^WpZ,TC1rC
                              2022-11-29 18:04:56 UTC1068INData Raw: f7 a5 a8 92 a3 65 f4 55 11 b8 81 a0 05 fa 1f 9a 66 26 6b 6a f9 d0 65 4c a5 26 8d 40 31 27 01 bb 95 fd 2e 33 f0 a4 db 9f e5 86 8b e8 84 45 1c 68 9b 33 e5 19 25 fa f4 59 cb f1 1b 6d ad bc d5 dc c8 4e 16 d4 24 06 1a 44 0c cb 51 d3 a2 b6 fa e3 0a 69 73 2a 12 e4 cb 51 49 60 70 4f fc 15 72 b4 d3 f9 57 2e 5f 20 c9 c4 00 1d 8c 54 7b 27 d2 24 39 f5 c6 50 17 56 44 65 20 09 8f f1 53 36 9f 27 e3 bf 0b a5 7f 1e 33 31 ac 4b 66 a2 64 17 77 ee 53 6c f8 52 6b 7e 5f ab af a8 bf 2a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 ab 91 61 8c 76 c4 b4 a5 d7 b0 2c bb 7b 3d 67 1e 56 d6 65 8a 30 da 18 2f 3f 18 6f 92 cf a0 a8 df c1 3c aa 8c e5 10 da 2c a6 d6 2f 66 53 84 f7 16 25 5f 5d b2 ad 98 5b 1a f1 e6 2f dc b6 d7 4f b5 6d 4c 08 8d 03 2d 24 91 52
                              Data Ascii: eUf&kjeL&@1'.3Eh3%YmN$DQis*QI`pOrW._ T{'$9PVDe S6'31KfdwSlRk~_* av,{=gVe0/?o<,/fS%_][/OmL-$R
                              2022-11-29 18:04:56 UTC1076INData Raw: da b0 3a c9 13 9e 50 b6 ad f2 cf 40 89 97 0e 88 b0 8b 04 32 ae 74 83 32 74 23 28 99 b3 b1 80 11 30 39 12 d1 0b 55 47 8a 40 73 37 73 d4 0c 78 33 22 de ed 11 06 20 83 f1 c7 da 8a 54 a3 1d c1 a6 c7 b9 11 6b 27 27 8a 60 1e bf a7 b0 74 46 9a 6f 9f 2f 2c f3 63 eb 42 15 91 28 c8 90 65 d8 72 ad eb c3 a3 d3 83 8b c9 95 91 99 93 3e e3 90 9b 6b 83 6d 70 c1 cf bc c7 91 39 02 fb a3 b4 37 4f 92 d7 49 c3 5d 35 e1 a7 8a ff 00 b7 e3 9d a2 44 bc 65 dd 9d 55 36 f3 54 db cd 55 c8 89 8f 23 60 b6 c8 ff 00 31 7c 0c 3e 14 eb e1 6d 7c 2e bb 8d c8 a7 87 19 ce 56 1f 5b fd 39 19 18 9c 87 18 f0 51 2f 2a 4d a5 bf e1 38 f0 ee 14 1b 4f 22 70 3b 77 17 91 61 85 1e dc f8 47 bc ce 30 cb 03 ee 26 70 02 f9 6d 99 c1 12 39 18 c8 ca bd f5 fa 69 7d 7e 93 17 72 ac e5 8e 2f 1a fb 27 22 58 c8 cc f4
                              Data Ascii: :P@2t2t#(09UG@s7sx3" Tk''`tFo/,cB(er>kmp97OI]5DeU6TU#`1|>m|.V[9Q/*M8O"p;waG0&pm9i}~r/'"X
                              2022-11-29 18:04:56 UTC1084INData Raw: 47 b4 05 32 56 5b 6d 32 cf 6d d3 e3 83 2b 49 13 fe 40 ee 40 55 b7 0d 26 b3 6f 0c 7f bf be d1 92 18 48 6d 83 b0 67 73 f1 65 9e d7 2d 3f 1c 8e 91 19 35 97 5d b6 24 ed 80 88 6d 7a 3f 99 54 fe 24 68 87 b7 70 c3 cb 63 93 82 49 27 f1 4c d5 2f 66 ce 8e 17 10 4b 70 ac 38 d0 b9 fc d3 28 f7 ae 0f 6f e1 c4 bc 6b 00 e5 8e 5d 33 53 f9 36 4b f6 5c 47 73 4c 49 ed 20 12 99 a8 f7 bf 6f 2e 54 54 79 9c 9a 44 6b 8c 62 62 63 b8 17 63 1c 80 c4 75 56 cf 11 d1 36 b8 95 28 dd 4f 16 fa f8 d1 be 30 12 67 00 48 e4 e3 52 64 98 b7 94 59 76 99 c3 3d f2 9c b9 6d c8 9d 96 f1 e3 98 42 20 79 a3 d1 d8 c5 5a 78 e1 7d 7c 71 e5 3b 78 3c 49 d2 0d 77 7a 72 90 0e 64 37 16 cf d3 16 05 44 da a2 6f 65 e6 34 fb 6d fe dd 1a e5 5d 31 90 99 88 8d 96 cc e4 bf 70 3b 42 8d f3 f2 cf b3 5d b3 9a ec 3d b7 81
                              Data Ascii: G2V[m2m+I@@U&oHmgse-?5]$mz?T$hpcI'L/fKp8(ok]3S6K\GsLI o.TTyDkbbccuV6(O0gHRdYv=mB yZx}|q;x<Iwzrd7Doe4m]1p;B]=
                              2022-11-29 18:04:56 UTC1091INData Raw: 70 3a d1 cf 9f 3d 30 82 70 b4 57 16 8c 88 32 d4 b8 6f 93 7e 2a f3 6c 4e 15 b3 29 71 ea ae d9 79 a5 b6 21 9c 96 cf 70 53 d7 a4 da f3 51 be d6 35 d9 69 84 ab 87 1b cf 00 5a ce a0 0e e2 ba 76 df 16 4d 39 fb 65 35 ce 7d 99 f9 bc ca cd 87 8d 5f 4c cd ba f7 2e 6f d9 ef 99 f4 9f ea d3 af ae e3 da bc 38 fb 75 e2 44 c6 c7 03 a3 15 e6 7e 2a ed bd b1 09 7b 3f 22 77 6e 36 47 52 40 62 9f 86 e5 3f 9e 48 8c fd af 93 4c 8d 92 30 35 9c 10 1d f3 e2 14 6d d3 75 e5 33 ba 5e 19 ad e2 c5 c4 18 44 93 e5 07 47 fb 56 76 34 9b a3 3e 3c ff 00 6d 10 6b 3b 04 a4 22 22 41 79 4b 05 db 29 8b 84 cd a6 5e a5 17 44 40 09 03 13 2c 80 41 75 b6 9b 62 39 b6 d5 2a f9 62 52 90 30 94 20 03 89 48 37 6a 99 b9 74 67 a7 99 55 44 d6 6a 94 ce e3 90 c4 64 f7 95 4d 77 93 e1 7d b4 b7 9c b5 5d 3a 84 09 b6
                              Data Ascii: p:=0pW2o~*lN)qy!pSQ5iZvM9e5}_L.o8uD~*{?"wn6GR@b?HL05mu3^DGVv4><mk;""AyK)^D@,Aub9*bR0 H7jtgUDjdMw}]:
                              2022-11-29 18:04:56 UTC1099INData Raw: e3 4e e8 8b e3 b6 58 0e e0 c9 88 ee c2 d7 6d 74 93 3f 0b 59 1e b5 86 35 89 4a 61 b1 9f e2 b9 27 3e 18 ce 5e 57 2f 91 38 f1 fd 4f 46 56 00 c4 11 19 13 91 d3 0b ab 4d 25 b8 cb 6d 67 2f 2b de 39 16 0a 2b 85 94 fa 26 63 7c 9f 46 0e ba bf 5f 49 9b 65 cb 4d 23 17 b7 1b 2e a6 e2 22 25 17 c6 43 8c 76 6a b7 ee c4 b1 7b 5b 67 5d d1 e3 18 88 4a 10 00 09 c8 c9 c1 f8 1c ac 25 9e ca fc bd 7f 6f 8d b6 7b 6f 1e 55 74 94 89 07 18 f3 05 c9 db 64 de e5 8e d6 7b 57 a5 e7 d9 96 70 35 fb d7 37 19 64 f1 39 15 5b fb 9b 66 22 e0 90 41 3d a0 6a bb 75 b3 11 d1 ad 98 75 ec c3 47 74 72 25 17 1a 74 d5 38 11 31 94 66 23 5c 44 6a 0e 49 1d 4b 29 cf 1c f9 4b e7 bd c4 dd 67 26 51 95 46 ca c3 3b 16 22 4b d0 ea c4 d7 cf 2d 23 47 b7 cf 90 6a da 63 b2 42 32 da 07 4c e0 61 67 db 26 4a f4 08 91
                              Data Ascii: NXmt?Y5Ja'>^W/8OFVM%mg/+9+&c|F_IeM#."%Cvj{[g]J%o{oUtd{Wp57d9[f"A=juuGtr%t81f#\DjIK)Kg&QF;"K-#GjcB2Lag&J
                              2022-11-29 18:04:56 UTC1107INData Raw: ed fa db d9 f0 8b a5 6c 1e ed ed 67 11 aa d3 d4 66 2c b2 fc 1d 9f 71 4f 4d 92 1e ef ed dd 29 b3 e3 28 a8 fc 1b fd c3 f1 ed f6 7f bb 70 24 58 d3 31 e3 30 13 f0 6f f6 7e 3d be dc 3e e7 ed fb b1 c6 9b f4 3b 99 4f e1 df ed 3e 9b 7d a3 3f 70 e1 4f 27 8f 61 6d 7c e4 24 ea da 7c c3 d2 fd a2 3d c3 83 d3 8b 23 e3 39 29 fc 5b 7d a7 d3 6f b7 3f dc 38 20 9f fe a6 9d b3 97 8a 7e 2d bf ea 3d 6f db 77 b5 f2 38 bc 91 61 1c 7a aa 35 ed da 24 37 12 ef db 9e 8b 1e ed 76 d7 1c da cb b2 59 f3 5f 41 57 26 ba aa 35 4a 6d 6b 0f 4d a0 d1 27 b3 21 70 6d a5 b7 3f 0e 5d b5 b6 e5 4f a9 ee 16 09 35 84 6d fa b4 18 f0 d5 5b 1a 4f 84 e3 58 a1 b9 05 cc 8c 88 23 f5 f6 f7 2d 38 5f 85 56 53 e5 8c 9f 12 c4 bf 82 b4 d9 32 b9 21 51 ab 90 6e 98 2d 54 8c 09 ed 1a 30 f0 53 33 99 8f b3 9e 30 f9 3b
                              Data Ascii: lgf,qOM)(p$X10o~=>;O>}?pO'am|$|=#9)[}o?8 ~-=ow8az5$7vY_AW&5JmkM'!pm?]O5m[OX#-8_VS2!Qn-T0S30;
                              2022-11-29 18:04:56 UTC1115INData Raw: a6 24 64 e5 fa e2 bb 4c 61 23 28 c4 c6 2c 09 dc 48 e8 cb 5d 31 98 be b8 62 f6 83 61 fd cb 8d 28 9f 72 df bf 1c 7f 96 9d 9f 1f e5 45 1c ce 47 17 fb 72 1e 9e 27 64 c8 87 6b 92 5c fc 82 be dd 73 6e ee 53 75 97 77 68 af 95 ce e2 cb 8f 6c 8f af 51 f5 21 69 c9 63 89 44 f7 26 d7 5d 36 cc f1 4b 8d 6e 58 ab 13 88 de d3 94 7f 98 c7 0b 6b 8b c2 e8 88 46 c9 16 12 27 24 b0 2a 73 84 b3 f3 4c 25 74 7c a6 26 10 db 9e d0 56 9d 79 c2 75 6e f7 19 0b 39 7c 79 c0 89 01 02 09 8f 79 3a ac 3a 66 35 b2 a9 a4 e2 bb ee b6 fa 50 e3 dd 1c ca b9 59 38 f5 1f 5e 19 3a 35 cd b3 fc 1a 4f 2c 7c 6f 78 b6 42 30 9c 40 84 4c ce 58 49 88 1d ba e5 6d bf eb cf 2b 5d 14 7b 7f b8 57 c6 97 26 72 07 7d 92 78 81 f1 ed 57 ed ea bb 62 7d 27 6d 72 f5 45 b7 5d c1 b6 c2 f2 12 ad e2 34 d4 15 cb 89 36 93 f9
                              Data Ascii: $dLa#(,H]1ba(rEGr'dk\snSuwhlQ!icD&]6KnXkF'$*sL%t|&Vyun9|yy::f5PY8^:5O,|oxB0@LXIm+]{W&r}xWb}'mrE]46
                              2022-11-29 18:04:56 UTC1123INData Raw: 70 4a b5 c8 e4 49 06 4d f0 29 47 4d 76 98 99 86 77 f8 a8 cc 13 8c 44 fa e9 aa 8b 70 3a 04 01 23 41 a7 82 0a 64 67 06 ea 1f 0c af 39 4a 71 b6 6f 90 ab 75 42 d8 c9 f2 74 1d 15 2c 03 6c e4 0e d1 8e e5 3e a2 b8 42 c3 13 39 6b d0 15 6b 60 cb c8 0f 76 d7 18 88 75 a6 be 07 21 3b 36 88 c7 3d 4e 02 9b 20 ef d2 e6 43 27 b5 40 e4 e9 a6 71 dc 65 b4 cb b1 4c da c1 01 c7 00 83 bf 78 53 ec 39 39 98 0f 2e 81 4c 99 15 c4 fa 93 ec ed 56 bc 0d 1e a4 a1 5e c2 ec 5b af 55 9e 33 47 a3 ed de e7 2a af 16 4f 68 db 0d 9b 40 63 20 ef af c5 73 f6 f4 e6 62 2b 66 5e 95 9f dc 1c 79 47 64 23 36 d0 cc 10 e0 b7 e0 b9 a7 ea df 35 59 a3 e7 ac 9b ce 66 60 10 70 08 0c 7e c5 e8 49 f4 d1 77 0e 98 43 d4 21 98 e8 a9 d9 b6 70 2d 16 47 40 32 d9 54 c0 8d c2 40 63 2d d8 ad a8 a8 db 3a ce e8 87 0d da
                              Data Ascii: pJIM)GMvwDp:#Adg9JqouBt,l>B9kk`vu!;6=N C'@qeLxS99.LV^[U3G*Oh@c sb+f^yGd#65Yf`p~IwC!p-G@2T@c-:


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              19192.168.2.349725139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:56 UTC961OUTGET /1/frontend/web/images/searchenglishbgar.png HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:56 UTC1022INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:56 GMT
                              Server: Apache
                              Last-Modified: Tue, 23 Feb 2021 17:40:44 GMT
                              Accept-Ranges: bytes
                              Content-Length: 22665
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:56 UTC1022INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 ea 00 00 00 29 10 06 00 00 00 33 14 d0 d6 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 0a 4f 69 43 43 50 50 68 6f 74 6f 73 68 6f 70 20 49 43 43 20 70 72 6f 66 69 6c 65 00 00 78 da 9d 53 67 54 53 e9 16 3d f7 de f4 42 4b 88 80 94 4b 6f 52 15 08 20 52 42 8b 80 14 91 26 2a 21 09 10 4a 88 21 a1 d9 15 51 c1 11 45 45 04 1b c8 a0 88 03 8e 8e 80 8c 15 51 2c 0c 8a 0a d8 07 e4 21 a2 8e 83 a3 88 8a ca fb e1 7b a3 6b d6 bc f7 e6 cd fe b5 d7 3e e7 ac f3 9d b3 cf 07 c0 08 0c 96 48 33 51 35 80 0c a9 42 1e 11 e0 83 c7 c4 c6 e1 e4 2e 40 81 0a 24 70 00 10 08 b3 64 21 73 fd 23 01 00 f8 7e 3c 3c 2b 22 c0 07 be 00 01 78 d3 0b 08 00 c0 4d 9b c0 30 1c 87 ff 0f ea 42 99 5c 01 80 84 01 c0 74 91 38 4b
                              Data Ascii: PNGIHDR)3pHYsOiCCPPhotoshop ICC profilexSgTS=BKKoR RB&*!J!QEEQ,!{k>H3Q5B.@$pd!s#~<<+"xM0B\t8K
                              2022-11-29 18:04:56 UTC1054INData Raw: 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                              Data Ascii:
                              2022-11-29 18:04:56 UTC1061INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                              Data Ascii:


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              2192.168.2.349706142.250.203.110443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:53 UTC1OUTGET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1
                              Host: clients2.google.com
                              Connection: keep-alive
                              X-Goog-Update-Interactivity: fg
                              X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda
                              X-Goog-Update-Updater: chromecrx-104.0.5112.81
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: empty
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:53 UTC2INHTTP/1.1 200 OK
                              Content-Security-Policy: script-src 'report-sample' 'nonce-uSVNpS922XygHqHY-1WQFQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
                              Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                              Pragma: no-cache
                              Expires: Mon, 01 Jan 1990 00:00:00 GMT
                              Date: Tue, 29 Nov 2022 18:04:53 GMT
                              Content-Type: text/xml; charset=UTF-8
                              X-Daynum: 5811
                              X-Daystart: 36293
                              X-Content-Type-Options: nosniff
                              X-Frame-Options: SAMEORIGIN
                              X-XSS-Protection: 1; mode=block
                              Server: GSE
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                              Accept-Ranges: none
                              Vary: Accept-Encoding
                              Connection: close
                              Transfer-Encoding: chunked
                              2022-11-29 18:04:53 UTC3INData Raw: 32 63 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 35 38 31 31 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 33 36 32 39 33 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22
                              Data Ascii: 2c9<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="5811" elapsed_seconds="36293"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
                              2022-11-29 18:04:53 UTC3INData Raw: 6d 78 76 59 6e 4d 76 4e 7a 49 30 51 55 46 58 4e 56 39 7a 54 32 52 76 64 55 77 79 4d 45 52 45 53 45 5a 47 56 6d 4a 6e 51 51 2f 31 2e 30 2e 30 2e 36 5f 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 2e 63 72 78 22 20 66 70 3d 22 31 2e 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69
                              Data Ascii: mxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx" fp="1.81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" si
                              2022-11-29 18:04:53 UTC3INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              20192.168.2.34972944.199.49.219443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:56 UTC1130OUTGET /favicon.ico HTTP/1.1
                              Host: holly-lavender-rattlesnake.glitch.me
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://holly-lavender-rattlesnake.glitch.me/vild.html
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:56 UTC1131INHTTP/1.1 404 Not Found
                              Date: Tue, 29 Nov 2022 18:04:56 GMT
                              Content-Length: 3672
                              Connection: close
                              Cache-Control: max-age=0
                              2022-11-29 18:04:56 UTC1131INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 57 65 6c 6c 2c 20 79 6f 75 20 66 6f 75 6e 64 20 61 20 67 6c 69 74 63 68 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 6c 6f 75 64 2e 77 65 62 74 79
                              Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta charset="utf-8"> <title>Well, you found a glitch.</title> <meta name="viewport" content="initial-scale=1, width=device-width"> <link rel="stylesheet" type="text/css" href="https://cloud.webty


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              21192.168.2.349740139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:58 UTC1134OUTGET /1/frontend/web/images/listenlive.png HTTP/1.1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                              Host: honapalestine.com
                              2022-11-29 18:04:58 UTC1135INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:58 GMT
                              Server: Apache
                              Last-Modified: Thu, 19 Mar 2015 05:44:44 GMT
                              Accept-Ranges: bytes
                              Content-Length: 1683
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:58 UTC1135INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 74 00 00 00 14 08 06 00 00 00 5c 6e 19 7d 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 22 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 33 2d 63 30 31 31 20 36 36 2e 31 34 35 36 36 31 2c 20 32 30 31 32 2f 30 32 2f 30 36 2d 31 34 3a 35 36 3a 32 37 20 20
                              Data Ascii: PNGIHDRt\n}tEXtSoftwareAdobe ImageReadyqe<"iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              22192.168.2.349739139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:58 UTC1135OUTGET /1/frontend/web/images/logo-en.png HTTP/1.1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                              Host: honapalestine.com
                              2022-11-29 18:04:58 UTC1137INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:58 GMT
                              Server: Apache
                              Last-Modified: Sun, 07 Feb 2021 16:47:20 GMT
                              Accept-Ranges: bytes
                              Content-Length: 46230
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:58 UTC1137INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 f8 00 00 02 16 08 06 00 00 00 22 6c f9 11 00 00 0c 66 69 43 43 50 49 43 43 20 50 72 6f 66 69 6c 65 00 00 48 89 95 97 07 5c 53 57 17 c0 ef 1b 99 24 ac 40 04 64 84 bd 44 d9 04 90 11 c2 8a 20 20 53 10 95 90 04 12 46 8c 09 41 c5 8d 96 2a 58 07 2a a2 38 2a 5a 04 b1 68 b5 02 52 07 22 d6 59 14 b7 75 14 07 2a 95 5a ac e2 42 e5 bb 21 01 ad fd c6 ef 3b fc ee 7b ff 9c 7b ee b9 e7 1c ee 7d ef 5d 00 74 ba f8 32 59 1e aa 0b 40 be b4 40 1e 1f 11 c2 9a 9c 9a c6 22 75 03 04 d0 e0 1f 1b 78 f1 05 0a 19 27 2e 2e 1a 40 19 be ff 5d 5e 5d 83 d6 50 2e bb a8 7c fd b3 ff bf 8a be 50 a4 10 00 80 a4 43 ce 14 2a 04 f9 90 5b 01 c0 8b 05 32 79 01 00 c4 50 a8 b7 9e 55 20 53 b1 18 b2 81 1c 06 08 79 9e 8a b3 d5 bc 5a c5 99 6a de 39
                              Data Ascii: PNGIHDR"lfiCCPICC ProfileH\SW$@dD SFA*X*8*ZhR"Yu*ZB!;{{}]t2Y@@"ux'..@]^]P.|PC*[2yPU SyZj9
                              2022-11-29 18:04:58 UTC1145INData Raw: 21 ec 45 e0 67 c6 d0 e7 0a fa 5c ba 8f 0b 53 65 66 cc 33 de 51 11 b9 32 19 57 52 77 f2 c3 d9 81 91 1f 45 5e 3e fa cd 52 9a d9 19 73 f6 d4 5a 02 14 f8 d6 0e 0d 1d 4b 1d 81 28 df 5e ea b9 97 53 d7 b5 75 3b 24 8b 53 15 ef c6 e4 d9 e2 ba bb f0 03 12 48 2d 01 59 28 6b cb c1 e5 c9 b8 92 af 9e 05 63 5e 7e 16 46 99 7d 74 80 00 05 be 03 83 44 17 53 40 40 ea da 57 24 df be 91 82 ce 74 d1 85 06 4a 7e 8a b0 af 73 b1 ae 2e 68 71 97 b4 13 28 20 b2 bd e5 21 cb 13 72 33 51 47 1f a9 4a b2 f2 ad 94 d3 a4 91 00 09 18 21 40 81 6f 04 3b 1b cd 14 01 6f 11 69 39 52 df 1e 39 e8 69 37 1f 17 32 92 8a 53 41 d9 cb 2c cd 2f 48 fb b8 b2 7f f1 10 18 da aa d4 b6 cb 30 21 35 23 c2 77 78 17 84 fe 01 b0 83 e0 a7 91 00 09 68 25 40 81 af 15 37 1b cb 1c 81 3a 16 6e aa a3 c6 7d da 4d 2a e3 48
                              Data Ascii: !Eg\Sef3Q2WRwE^>RsZK(^Su;$SH-Y(kc^~F}tDS@@W$tJ~s.hq( !r3QGJ!@o;oi9R9i72SA,/H0!5#wxh%@7:n}M*H
                              2022-11-29 18:04:58 UTC1152INData Raw: c3 fd 76 d1 aa ef 79 35 cc 1f 98 2f 23 5f 1e ab 48 75 af d1 a3 48 7d 75 1e 79 f6 5d e4 d8 af ee b0 34 51 9e eb 5d dc cb 31 8a f3 98 a8 db 83 8f cd 76 b7 20 67 5e 16 b7 ea d5 26 10 c9 ef 35 9b 46 d2 75 c6 76 62 11 ad b1 de 26 d8 16 46 0b 6a 74 e7 04 2e 10 30 59 35 05 8b 6c 0d 6d df 85 32 9a e7 5b dd 97 fc ae 4b 55 7e fb c1 5e 4f 0b 3d fb 4b 95 9a 3d 4f 40 84 dc f2 c9 cb 5c fc 4a cf f9 c0 56 d6 25 40 81 bf 2e 1a 7e 10 2b 01 a9 98 23 95 73 7a 51 4a b1 3a d0 c5 c1 02 08 b9 99 af d9 29 a0 65 89 79 88 7b 9b 27 d5 fa 25 d4 b8 3f f5 40 17 a0 ed de 45 ea d4 57 e7 4a 51 69 cb 5e 3d 95 74 1c 11 f7 61 b7 f9 3b 2b 0d 88 36 af 20 72 2f 93 6a 7b 35 89 f6 4b fe 7d 3f 36 82 34 9d b1 1e d2 74 9a 6d 48 fc 59 44 fe 66 15 76 9a fb af 7e 1e 99 c8 ab b1 1d f9 8e e5 35 57 ef d7
                              Data Ascii: vy5/#_HuH}uy]4Q]1v g^&5Fuvb&Fjt.0Y5lm2[KU~^O=K=O@\JV%@.~+#szQJ:)ey{'%?@EWJQi^=ta;+6 r/j{5K}?64tmHYDfv~5W
                              2022-11-29 18:04:58 UTC1160INData Raw: 21 da 6e 70 7d a5 33 7e d9 23 f0 cf b8 64 ec 85 2c 78 d5 a8 98 17 f9 75 8d 25 6c fd e2 29 cc c3 30 b4 9a b5 14 37 a8 1e 35 36 de 6c 98 04 5c 26 30 e4 b2 f3 f4 9d 04 74 10 08 eb 33 2a 37 bc 53 47 53 6b da 90 e5 e2 65 72 6d 6e 68 78 cd f6 24 de 44 c2 65 71 01 6d e5 92 38 7c d7 c7 f4 20 9e 64 61 21 65 38 f4 10 f8 a1 ca 99 45 71 86 19 fd 58 46 e1 a3 6c a9 e9 f3 42 3c 91 92 99 23 db 0a cb 4e 19 fa 6f 80 bb 7a 5e a5 aa 86 b7 6d d3 e2 41 50 9e 55 43 bb 1f a6 a5 ad d6 46 c2 da 29 95 1b bf b0 75 33 df 93 00 09 6c 42 80 02 7f 13 40 fc 98 04 0a e7 be c0 08 04 6f ea d3 aa 70 f6 cd 5a da ae cf 1e 53 b9 9d 43 aa a0 cc fe 49 a8 4f 55 55 61 87 61 75 2f c4 eb be ca 5b 20 f0 f3 75 64 28 98 1d 92 e8 fc cb 8d 43 5b db e0 c7 d6 bc ca 9b d5 d6 2a 28 84 aa b0 67 4c cb ef 72 a3
                              Data Ascii: !np}3~#d,xu%l)0756l\&0t3*7SGSkermnhx$Deqm8| da!e8EqXFlB<#Noz^mAPUCF)u3lB@opZSCIOUUaau/[ ud(C[*(gLr
                              2022-11-29 18:04:58 UTC1168INData Raw: df 69 db a6 6b c3 77 b1 52 6b 27 93 bb 0d ba 6c 62 eb 16 4c ba fd fd 8e f9 ed 12 dd 7f ff 9b fe 4a 97 2b ea da bf 6f cf 8d bf ea f1 57 a1 1a ce c1 81 7c 78 d6 0b 9f dd 56 35 67 bd bb 05 03 35 c4 2f 93 00 09 90 40 8c 04 18 c1 8f 11 26 0f 45 02 24 90 5e 02 67 9d b3 5f dd 7e e3 ed 6b 3a 28 15 6b a4 7a cc 79 eb d4 a4 5f b3 73 cc 6f 3a 5d 5c c8 aa ba e7 5d 74 5e cc 2d 6d 7c 38 29 27 f9 ff fd f1 cb d5 9f be e6 ed 6d 3b 4a 4e fc 65 8f ba 4c fd d8 4f fd 78 db 67 71 6e b8 f5 db b7 a8 fb 6e bf b7 ed 90 b2 d8 d5 2b 7f ea e5 6d db 7b dd 10 86 6b 53 b3 e4 fb 9f fd b7 cf a8 e7 ff fa cf aa 89 ad 13 bd 1e 8e fb 93 00 09 90 40 e2 04 28 f0 13 47 cc 06 48 80 04 d2 40 e0 51 8f 7d 94 fa f2 f5 ed 8b 3c 7d 05 e9 1a 3f fb b2 9f d3 da c5 53 47 4f aa c3 77 1f 6e 6b 53 26 bf 9a b0
                              Data Ascii: ikwRk'lbLJ+oW|xV5g5/@&E$^g_~k:(kzy_so:]\]t^-m|8)'m;JNeLOxgqnn+m{kS@(GH@Q}<}?SGOwnkS&
                              2022-11-29 18:04:58 UTC1176INData Raw: b9 f2 e5 36 7d 8a 96 29 42 5e 3e de 5a 98 1c dd e6 db 37 6f a8 4d c5 d6 c4 0f 4a 31 45 4b 7e 91 11 91 f4 eb be 5f e9 c4 9e 63 74 ee f8 39 7a f5 f2 55 cc ae 63 fd ed 97 ce 9f 3e 69 f2 09 7d f2 59 2d f2 4f ef 1f 6b 5d 14 82 00 08 80 80 b3 08 c0 c1 77 16 79 f4 0b 02 6e 4c e0 c9 3f 4f 1c 36 ba 77 ff be 23 6e 8f 3f 61 21 61 74 e6 c8 69 5a 30 76 be 69 35 b5 44 c5 12 54 b7 75 7d a7 39 fb ec 18 6e 59 b1 59 3a d6 a0 45 81 ba 39 f8 f6 f2 66 27 9b 9d 5e fe dc be 71 9b 4e 1d 3a 65 1a 53 b2 e4 c9 a8 7c cd f2 f4 49 d3 da 94 bf 58 7e e9 38 ed 55 f2 4b 1e b5 73 6f 6f 9b 96 ee 7f 12 f9 98 56 ce 5e 49 5b 57 6e 55 de 18 bc b1 54 2d 56 7d c4 bd 87 b4 72 d6 0a 5a 33 67 35 95 a9 5e 96 ea 34 af 43 05 4b 15 8a f5 1e 14 82 00 08 80 80 de 04 e0 e0 eb 4d 1c fd 81 00 08 38 84 c0 dd
                              Data Ascii: 6})B^>Z7oMJ1EK~_ct9zUc>i}Y-Ok]wynL?O6w#n?a!atiZ0vi5DTu}9nYY:E9f'^qN:eS|IX~8UKsooV^I[WnUT-V}rZ3g5^4CKM8


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              23192.168.2.349741139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:58 UTC1182OUTGET /1/frontend/web/images/icons.png HTTP/1.1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                              Host: honapalestine.com
                              2022-11-29 18:04:58 UTC1182INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:58 GMT
                              Server: Apache
                              Last-Modified: Thu, 19 Mar 2015 05:44:42 GMT
                              Accept-Ranges: bytes
                              Content-Length: 1934
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:58 UTC1182INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 5e 00 00 00 14 08 06 00 00 00 04 11 8a 64 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 22 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 33 2d 63 30 31 31 20 36 36 2e 31 34 35 36 36 31 2c 20 32 30 31 32 2f 30 32 2f 30 36 2d 31 34 3a 35 36 3a 32 37 20 20
                              Data Ascii: PNGIHDR^dtEXtSoftwareAdobe ImageReadyqe<"iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              24192.168.2.349742139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:58 UTC1184OUTGET /1/frontend/web/images/playstore.png HTTP/1.1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                              Host: honapalestine.com
                              2022-11-29 18:04:58 UTC1184INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:58 GMT
                              Server: Apache
                              Last-Modified: Thu, 19 Mar 2015 13:45:28 GMT
                              Accept-Ranges: bytes
                              Content-Length: 1932
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:58 UTC1185INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 5f 00 00 00 17 08 06 00 00 00 6d 47 93 f4 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 22 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 33 2d 63 30 31 31 20 36 36 2e 31 34 35 36 36 31 2c 20 32 30 31 32 2f 30 32 2f 30 36 2d 31 34 3a 35 36 3a 32 37 20 20
                              Data Ascii: PNGIHDR_mGtEXtSoftwareAdobe ImageReadyqe<"iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              25192.168.2.349743139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:58 UTC1187OUTGET /1/frontend/web/images/appstore.png HTTP/1.1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                              Host: honapalestine.com
                              2022-11-29 18:04:58 UTC1187INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:58 GMT
                              Server: Apache
                              Last-Modified: Thu, 19 Mar 2015 13:45:32 GMT
                              Accept-Ranges: bytes
                              Content-Length: 1886
                              Connection: close
                              Content-Type: image/png
                              2022-11-29 18:04:58 UTC1187INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 5a 00 00 00 16 08 06 00 00 00 40 32 8b 15 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 22 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 33 2d 63 30 31 31 20 36 36 2e 31 34 35 36 36 31 2c 20 32 30 31 32 2f 30 32 2f 30 36 2d 31 34 3a 35 36 3a 32 37 20 20
                              Data Ascii: PNGIHDRZ@2tEXtSoftwareAdobe ImageReadyqe<"iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              26192.168.2.34974613.107.219.60443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:59 UTC1189OUTGET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                              Host: aadcdn.msauth.net
                              2022-11-29 18:04:59 UTC1189INHTTP/1.1 200 OK
                              Cache-Control: public, max-age=604800
                              Content-Length: 17174
                              Content-Type: image/x-icon
                              Content-MD5: EuPayFgGHQiAI7K9SOL6lg==
                              Last-Modified: Fri, 02 Nov 2018 20:25:25 GMT
                              ETag: 0x8D6410152A9D7E1
                              Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                              X-Cache: TCP_HIT
                              x-ms-request-id: f208abcb-e01e-0059-6bde-012753000000
                              x-ms-version: 2009-09-19
                              x-ms-lease-status: unlocked
                              x-ms-blob-type: BlockBlob
                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                              Access-Control-Allow-Origin: *
                              X-Azure-Ref-OriginShield: 094WCYwAAAAAd6AUJWhJESbalNYFenVovRlJBMjMxMDUwNDE3MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
                              X-Azure-Ref: 0y0mGYwAAAAAmXhYokrmFSpxJRQ+w6PwLRlJBMjMxMDUwNDIwMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
                              Date: Tue, 29 Nov 2022 18:04:58 GMT
                              Connection: close
                              2022-11-29 18:04:59 UTC1190INData Raw: 00 00 01 00 06 00 80 80 10 00 00 00 00 00 68 28 00 00 66 00 00 00 48 48 10 00 00 00 00 00 e8 0d 00 00 ce 28 00 00 30 30 10 00 00 00 00 00 68 06 00 00 b6 36 00 00 20 20 10 00 00 00 00 00 e8 02 00 00 1e 3d 00 00 18 18 10 00 00 00 00 00 e8 01 00 00 06 40 00 00 10 10 10 00 00 00 00 00 28 01 00 00 ee 41 00 00 28 00 00 00 80 00 00 00 00 01 00 00 01 00 04 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 20 00 00 03 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33
                              Data Ascii: h(fHH(00h6 =@(A(("P"""""""""""""""""""""""""""""" 333333333333333
                              2022-11-29 18:04:59 UTC1205INData Raw: 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 04 00 00 00 00 00 80 02 00 00 00 00 00
                              Data Ascii: ( @


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              3192.168.2.34970544.199.49.219443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:54 UTC5OUTGET /vild.html HTTP/1.1
                              Host: holly-lavender-rattlesnake.glitch.me
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: document
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:54 UTC6INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:54 GMT
                              Content-Type: text/html; charset=utf-8
                              Content-Length: 300271
                              Connection: close
                              x-amz-id-2: N4CWiMoMRAQBflJxkVozvrJ7pMuLKQETAFSROQLyfiqY+a1o6PcJjY6yrw1cuvqjUHjeeOkIlSw=
                              x-amz-request-id: 6KPGPZQ77QDMC9PT
                              last-modified: Wed, 23 Nov 2022 18:12:36 GMT
                              etag: "31a09a9cebd7c0908a721499558b6686"
                              cache-control: no-cache
                              x-amz-version-id: nUAIhojtSXmf0OD.32u6Yp5w31iBx3fG
                              accept-ranges: bytes
                              server: AmazonS3
                              2022-11-29 18:04:54 UTC6INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 21 2d 2d 0a 20 20 20 20 20 20 54 68 69 73 20 69 73 20 74 68 65 20 70 61 67 65 20 68 65 61 64 20 2d 20 69 74 20 63 6f 6e 74 61 69 6e 73 20 69 6e 66 6f 20 74 68 65 20 62 72 6f 77 73 65 72 20 75 73 65 73 20 74 6f 20 64 69 73 70 6c 61 79 20 74 68 65 20 70 61 67 65 0a 20 20 20 20 20 20 59 6f 75 20 77 6f 6e 27 74 20 73 65 65 20 77 68 61 74 27 73 20 69 6e 20 74 68 65 20 68 65 61 64 20 69 6e 20 74 68 65 20 70 61 67 65 0a 20 20 20 20 20 20 53 63 72 6f 6c 6c 20 64 6f 77 6e 20 74 6f 20 74 68 65 20 62 6f 64 79 20 65 6c 65 6d 65 6e 74 20 66 6f 72 20 74 68 65 20 70 61 67 65 20 63 6f 6e 74 65 6e 74 0a 20 20 20 20 2d 2d 3e 0a 20 20
                              Data Ascii: <!DOCTYPE html><html lang="en"> <head> ... This is the page head - it contains info the browser uses to display the page You won't see what's in the head in the page Scroll down to the body element for the page content -->
                              2022-11-29 18:04:54 UTC22INData Raw: 25 33 42 78 75 70 64 77 25 33 41 6f 6c 72 74 69 65 78 69 73 25 33 41 2d 5c 31 34 31 6c 5c 31 34 31 6f 74 65 25 33 42 79 62 72 6c 30 70 30 66 64 65 25 33 41 70 70 77 74 6b 72 25 32 35 37 44 25 33 42 70 78 77 67 64 64 2d 2d 65 2d 70 25 33 41 74 67 25 33 41 2d 40 37 2e 5c 31 34 31 6d 31 74 65 67 74 69 72 2d 78 2d 72 66 6d 65 32 5c 31 34 31 72 70 6c 35 25 33 41 25 32 35 37 44 67 31 65 68 74 25 32 35 37 44 5c 31 34 31 40 73 69 5c 31 34 31 5c 31 34 31 64 25 33 41 78 6e 67 79 39 72 31 72 74 25 33 42 2d 6e 39 72 72 5c 31 34 31 6f 78 25 32 43 6e 6e 6c 5c 31 34 31 5c 31 34 31 65 35 5c 31 34 31 25 32 35 37 42 67 74 73 78 74 25 32 35 33 45 5c 31 34 31 68 69 2a 66 74 2e 5c 31 34 31 64 5c 31 34 31 74 74 67 74 6c 25 32 35 35 42 69 5c 78 37 32 5c 78 36 39 6f 74 25 32 38
                              Data Ascii: %3Bxupdw%3Aolrtiexis%3A-\141l\141ote%3Bybrl0p0fde%3Appwtkr%257D%3Bpxwgdd--e-p%3Atg%3A-@7.\141m1tegtir-x-rfme2\141rpl5%3A%257Dg1eht%257D\141@si\141\141d%3Axngy9r1rt%3B-n9rr\141ox%2Cnnl\141\141e5\141%257Bgtsxt%253E\141hi*ft.\141d\141ttgtl%255Bi\x72\x69ot%28
                              2022-11-29 18:04:54 UTC22INData Raw: 25 32 35 37 42 63 2e 35 25 32 43 74 74 25 32 35 33 45 68 63 63 2e 6f 67 2d 6c 6f 63 6d 78 32 63 6c 31 6c 6c 63 2e 6f 6c 31 2e 6c 65 2e 2e 25 32 43 6e 6f 2d 25 32 43 6f 6c 32 25 33 42 67 6f 25 32 43 2d 6c 31 63 2d 32 25 32 43 2d 69 2d 67 2d 25 32 43 6c 6c 25 33 42 65 6f 2d 63 2d 67 2e 66 2d 36 6c 30 78 6c 6c 2d 6f 63 67 63 30 67 25 32 43 6c 6c 25 32 43 69 67 2d 6c 2e 72 2d 2d 2d 63 25 32 43 67 2d 6f 6c 34 6f 2d 38 69 6c 67 2e 25 33 44 6c 2e 6c 6c 2e 2e 67 63 63 2d 2d 63 6c 2d 75 2d 2d 25 32 43 74 65 63 6f 6f 75 30 74 25 32 43 2d 6c 67 25 32 43 25 32 43 6d 25 33 41 6f 6f 35 2e 6d 31 6f 63 2d 67 6e 2d 6f 63 6c 31 2e 6c 6f 2e 25 32 43 2d 25 32 43 75 64 25 32 43 2e 6d 2d 2d 67 2e 25 32 43 6c 6d 31 2e 67 31 33 67 6f 74 6d 2d 64 6f 6c 6c 2d 5c 31 34 31 2d 63 6c
                              Data Ascii: %257Bc.5%2Ctt%253Ehcc.og-locmx2cl1llc.ol1.le..%2Cno-%2Col2%3Bgo%2C-l1c-2%2C-i-g-%2Cll%3Beo-c-g.f-6l0xll-ocgc0g%2Cll%2Cig-l.r---c%2Cg-ol4o-8ilg.%3Dl.ll..gcc--cl-u--%2Ctecoou0t%2C-lg%2C%2Cm%3Aoo5.m1oc-gn-ocl1.lo.%2C-%2Cud%2C.m--g.%2Clm1.g13gotm-doll-\141-cl
                              2022-11-29 18:04:54 UTC23INData Raw: 33 41 6c 75 25 33 42 78 32 25 33 42 31 75 6f 63 69 6f 2d 77 6f 6c 70 64 6f 25 32 35 32 30 2e 74 25 32 35 37 42 2d 6c 30 78 30 2e 6c 64 6c 77 25 33 41 78 65 6c 6f 6d 66 6b 25 33 42 6c 78 33 74 70 25 32 43 6c 62 5c 31 34 31 6d 63 2d 62 64 65 2d 25 32 35 32 30 66 33 78 33 33 64 70 38 5c 31 34 31 2d 25 32 35 37 44 33 78 6c 2d 25 33 41 2e 25 33 41 25 32 35 32 30 66 33 2d 33 33 6e 63 2d 2e 25 33 42 2d 33 25 32 35 32 30 72 6f 25 33 41 2e 33 68 6d 33 65 2e 69 2d 72 74 66 25 33 42 30 33 74 25 33 42 25 32 35 37 44 65 38 33 2d 25 32 35 37 44 74 6d 62 6c 78 69 2d 25 32 35 32 30 25 32 35 32 35 30 62 69 64 62 2d 65 33 2d 2d 65 69 2d 66 78 65 2d 30 78 74 25 33 41 65 64 25 33 41 74 73 6b 36 30 6c 69 25 32 35 32 35 25 33 42 2d 69 2d 64 25 32 35 32 30 25 32 35 37 42 78 73
                              Data Ascii: 3Alu%3Bx2%3B1uocio-wolpdo%2520.t%257B-l0x0.ldlw%3Axelomfk%3Blx3tp%2Clb\141mc-bde-%2520f3x33dp8\141-%257D3xl-%3A.%3A%2520f3-33nc-.%3B-3%2520ro%3A.3hm3e.i-rtf%3B03t%3B%257De83-%257Dtmblxi-%2520%25250bidb-e3--ei-fxe-0xt%3Aed%3Atsk60li%2525%3B-i-d%2520%257Bxs
                              2022-11-29 18:04:54 UTC32INData Raw: 35 25 33 42 66 36 33 33 69 6c 36 36 74 25 33 42 36 33 36 2d 62 36 2e 2d 25 32 35 32 35 25 32 35 32 30 36 33 69 2d 30 25 33 41 36 6d 37 77 74 39 2d 25 33 41 62 6f 78 36 30 62 33 6c 2d 25 32 35 37 44 2d 36 65 74 6d 65 30 65 78 2d 30 37 69 64 2d 62 66 33 62 25 33 41 25 32 35 37 42 35 65 78 6c 66 68 78 30 25 33 41 63 6c 2d 30 2d 25 33 42 33 25 33 41 25 33 42 25 33 42 2d 25 32 35 32 30 25 33 41 6d 64 65 2e 30 2d 6f 30 6c 35 25 32 35 32 35 37 33 78 69 6c 31 2e 62 25 32 35 32 35 2d 73 6f 74 63 30 25 32 35 37 44 37 69 37 74 77 78 25 32 35 37 42 74 25 33 41 62 2d 2d 2d 33 30 65 78 25 33 41 2d 78 6c 36 65 6d 2e 25 33 42 77 33 25 33 41 25 32 35 32 35 78 33 33 25 32 35 32 35 6c 25 32 35 32 30 2d 78 2d 66 6b 25 32 35 32 30 36 6f 33 6d 2e 78 33 35 33 33 6c 6d 25 33 42
                              Data Ascii: 5%3Bf633il66t%3B636-b6.-%2525%252063i-0%3A6m7wt9-%3Abox60b3l-%257D-6etme0ex-07id-bf3b%3A%257B5exlfhx0%3Acl-0-%3B3%3A%3B%3B-%2520%3Amde.0-o0l5%252573xil1.b%2525-sotc0%257D7i7twx%257Bt%3Ab---30ex%3A-xl6em.%3Bw3%3A%2525x33%2525l%2520-x-fk%25206o3m.x3533lm%3B
                              2022-11-29 18:04:54 UTC41INData Raw: 32 30 6c 64 6c 30 2e 72 74 72 75 25 33 41 64 25 32 35 37 44 70 5c 31 34 31 2d 65 32 65 74 6f 72 6f 2e 39 2d 25 33 41 78 25 33 41 2d 2d 62 2d 2d 2d 2e 6f 2d 78 64 6f 64 62 31 2d 25 33 42 64 6c 72 66 6f 78 72 72 2d 25 32 35 37 42 72 6c 78 2d 78 6f 25 33 41 72 32 6c 69 66 25 32 35 32 30 65 2d 6f 65 33 6c 66 31 6d 25 33 41 6d 72 25 32 35 32 35 65 5c 31 34 31 25 32 35 37 44 65 30 25 33 42 65 6d 2d 2d 6f 6f 32 6d 65 6b 65 72 2d 2d 2d 74 2e 69 64 2d 64 64 73 25 32 35 37 42 64 69 65 65 75 65 6f 78 73 72 25 33 41 2d 70 74 73 2d 77 72 6c 78 70 2d 72 25 33 41 72 25 33 42 78 72 6f 25 33 42 34 31 25 33 41 72 2d 67 62 6f 6d 33 30 65 6c 65 6f 6d 62 2d 33 6f 2d 31 62 72 64 6f 64 65 2d 25 33 42 2d 69 2d 30 64 6f 64 5c 31 34 31 25 32 35 37 42 6e 6c 6f 65 72 72 78 65 6e 2d
                              Data Ascii: 20ldl0.rtru%3Ad%257Dp\141-e2etoro.9-%3Ax%3A--b---.o-xdodb1-%3Bdlrfoxrr-%257Brlx-xo%3Ar2lif%2520e-oe3lf1m%3Amr%2525e\141%257De0%3Bem--oo2meker---t.id-dds%257Bdieeueoxsr%3A-pts-wrlxp-r%3Ar%3Bxro%3B41%3Ar-gbom30eleomb-3o-1brdode-%3B-i-0dod\141%257Bnloerrxen-
                              2022-11-29 18:04:54 UTC50INData Raw: 67 72 6f 25 33 41 32 6c 2d 6c 2d 65 25 33 42 30 25 32 43 78 79 74 32 65 25 33 42 6c 72 67 63 2d 63 63 6f 69 37 6e 31 73 25 32 33 2d 25 32 35 37 42 72 5c 31 34 31 66 72 6f 5c 31 34 31 35 68 72 74 74 5c 31 34 31 63 6c 63 74 75 6c 69 70 6f 5c 31 34 31 69 62 6d 2d 64 5c 31 34 31 25 33 41 64 74 68 6f 70 63 6e 25 33 41 25 33 41 36 72 62 2e 66 6f 65 6f 37 6f 70 31 64 74 6f 73 25 32 35 32 30 73 63 6f 63 66 78 62 6e 37 6f 6d 79 72 2d 6f 65 31 6f 5c 31 34 31 25 32 35 37 42 74 6c 6c 69 69 73 72 63 25 33 42 2d 6d 68 6e 5c 31 34 31 37 6f 6f 75 69 2d 63 6c 72 6c 72 6c 6c 6e 25 32 33 72 64 25 33 41 37 63 72 6f 6d 25 33 41 65 72 6f 63 72 25 32 35 37 44 25 32 35 32 30 63 63 66 63 6f 6f 6d 70 25 32 35 37 44 64 64 6c 5c 31 34 31 74 74 6c 72 62 32 72 35 6e 6c 6c 65 74 36 69
                              Data Ascii: gro%3A2l-l-e%3B0%2Cxyt2e%3Blrgc-ccoi7n1s%23-%257Br\141fro\1415hrtt\141clctulipo\141ibm-d\141%3Adthopcn%3A%3A6rb.foeo7op1dtos%2520scocfxbn7omyr-oe1o\141%257Btlliisrc%3B-mhn\1417ooui-clrlrlln%23rd%3A7crom%3Aerocr%257D%2520ccfcoomp%257Dddl\141ttlrb2r5nllet6i
                              2022-11-29 18:04:54 UTC55INData Raw: 62 37 72 5c 31 34 31 6d 2d 2d 65 67 6d 65 70 2e 2d 67 6e 69 62 75 6b 62 72 70 25 32 35 37 44 74 2d 74 6f 6d 6e 63 6f 2d 68 6e 68 66 65 65 25 32 35 37 44 66 69 25 32 35 32 30 6b 2d 25 33 42 6f 69 73 36 72 74 63 25 33 42 68 69 6d 73 25 32 35 37 42 66 72 70 6b 6f 5c 31 34 31 69 6f 66 6c 69 72 63 6d 25 33 41 2d 6d 65 6c 73 72 67 5c 31 34 31 70 25 32 35 37 44 2d 33 37 25 33 41 6f 25 33 42 74 65 30 2d 25 33 41 65 73 6e 74 67 5c 31 34 31 31 64 25 33 41 25 33 41 6e 6e 5c 31 34 31 69 6d 25 32 35 37 42 35 6e 63 5c 31 34 31 73 74 74 2d 6d 30 6b 66 64 6e 69 5c 31 34 31 25 33 41 65 72 2e 67 35 65 77 65 2e 62 6c 69 37 6b 31 63 2d 2e 72 5c 31 34 31 69 70 65 65 67 6e 63 74 69 79 30 6c 68 5c 78 37 32 5c 78 36 39 64 5c 31 34 31 74 5c 31 34 31 6e 25 32 35 32 35 65 2e 64 25
                              Data Ascii: b7r\141m--egmep.-gnibukbrp%257Dt-tomnco-hnhfee%257Dfi%2520k-%3Bois6rtc%3Bhims%257Bfrpko\141ioflircm%3A-melsrg\141p%257D-37%3Ao%3Bte0-%3Aesntg\1411d%3A%3Ann\141im%257B5nc\141stt-m0kfdni\141%3Aer.g5ewe.bli7k1c-.r\141ipeegnctiy0lh\x72\x69d\141t\141n%2525e.d%
                              2022-11-29 18:04:54 UTC64INData Raw: 64 74 72 5c 31 34 31 65 6f 2d 65 77 6c 74 6c 73 64 6e 2d 63 6e 25 32 35 37 44 65 74 6d 5c 31 34 31 25 32 35 32 30 5c 31 34 31 25 32 35 37 42 67 6e 66 6d 5c 31 34 31 6c 25 33 42 6e 65 25 32 35 32 30 6d 2d 74 6f 40 6e 36 25 32 35 32 30 25 32 38 72 25 33 41 68 6f 6e 65 78 66 65 31 6b 6d 70 25 32 35 32 35 37 6c 65 25 33 41 66 63 25 33 41 64 6f 2e 6b 6b 30 72 64 25 32 35 32 30 36 63 25 33 41 6c 74 6f 74 69 5c 31 34 31 65 78 2d 62 6f 7a 68 25 32 35 37 44 6c 2e 5c 31 34 31 6f 65 69 6e 62 73 64 25 32 35 37 42 25 33 41 65 6c 72 25 33 41 64 6e 35 2d 64 74 65 62 66 69 65 72 25 33 42 25 32 35 37 42 69 62 69 2e 25 33 41 73 65 25 32 35 32 30 25 33 41 25 33 42 6c 32 73 78 69 72 25 32 35 37 44 69 78 6e 78 6f 69 6f 70 6d 6b 79 78 25 33 42 73 6c 25 33 41 72 78 5c 31 34 31
                              Data Ascii: dtr\141eo-ewltlsdn-cn%257Detm\141%2520\141%257Bgnfm\141l%3Bne%2520m-to@n6%2520%28r%3Ahonexfe1kmp%25257le%3Afc%3Ado.kk0rd%25206c%3Altoti\141ex-bozh%257Dl.\141oeinbsd%257B%3Aelr%3Adn5-dtebfier%3B%257Bibi.%3Ase%2520%3A%3Bl2sxir%257Dixnxoiopmkyx%3Bsl%3Arx\141
                              2022-11-29 18:04:54 UTC73INData Raw: 41 35 6f 73 25 33 41 65 31 2e 62 25 32 33 69 2d 64 64 62 6e 33 74 62 5c 31 34 31 5c 31 34 31 64 2d 6c 25 33 42 65 25 33 41 5c 31 34 31 72 6c 74 5c 31 34 31 5c 31 34 31 66 2e 74 25 32 43 25 32 39 64 63 74 65 63 63 72 25 32 38 64 65 6e 63 33 62 6f 62 69 69 72 64 35 62 5c 31 34 31 64 25 33 41 25 33 42 2e 65 6f 25 33 41 6e 64 74 25 32 35 32 30 5c 31 34 31 6e 6c 74 63 63 25 32 39 5c 31 34 31 64 72 34 72 6f 65 69 72 68 2e 33 64 6c 62 25 32 43 6e 6f 2d 6c 63 25 33 41 72 72 65 64 65 2e 63 64 72 6e 25 33 41 2d 64 65 6b 67 72 6f 25 32 35 32 30 6f 6f 2e 62 63 73 33 6f 67 6f 64 62 6f 6f 33 6b 25 33 42 64 25 32 43 62 2d 6c 2e 6e 65 64 62 25 32 33 63 67 64 63 62 32 33 32 68 67 30 2d 2d 6e 72 67 6f 35 6f 31 67 25 32 33 72 64 63 31 25 33 41 70 5c 31 34 31 25 32 43 65 65
                              Data Ascii: A5os%3Ae1.b%23i-ddbn3tb\141\141d-l%3Be%3A\141rlt\141\141f.t%2C%29dcteccr%28denc3bobiird5b\141d%3A%3B.eo%3Andt%2520\141nltcc%29\141dr4roeirh.3dlb%2Cno-lc%3Arrede.cdrn%3A-dekgro%2520oo.bcs3ogodboo3k%3Bd%2Cb-l.nedb%23cgdcb232hg0--nrgo5o1g%23rdc1%3Ap\141%2Cee
                              2022-11-29 18:04:54 UTC82INData Raw: 43 2d 5c 31 34 31 74 65 2d 25 32 35 37 42 25 32 43 35 62 64 6f 2e 77 67 65 66 6c 6e 72 2d 33 6f 25 33 41 6c 67 6c 6e 35 75 73 2d 65 69 73 25 33 41 25 33 41 25 33 41 30 75 64 5c 31 34 31 6e 25 33 41 5c 31 34 31 64 6c 65 25 32 35 37 42 65 68 5c 31 34 31 78 72 6f 35 69 30 67 2d 64 6f 25 32 35 33 45 5c 31 34 31 6f 6f 6e 32 25 33 41 67 2e 6d 2e 6c 75 6e 74 77 6f 5c 31 34 31 63 6e 6f 63 65 2d 25 32 43 32 62 67 25 32 39 2e 62 25 33 41 72 65 32 73 6e 72 66 6c 25 33 42 35 25 32 35 32 30 5c 31 34 31 75 64 6f 65 69 66 2d 73 67 6f 2e 73 6e 30 6f 34 67 25 32 35 37 44 2d 6c 6e 25 32 35 32 30 74 25 32 35 37 42 30 62 2e 25 32 33 62 39 2d 63 31 64 67 75 72 5c 31 34 31 6e 63 39 65 67 35 6e 37 63 5c 31 34 31 64 6c 6e 69 64 66 6c 6c 25 33 42 25 33 41 72 6e 63 5c 31 34 31 69
                              Data Ascii: C-\141te-%257B%2C5bdo.wgeflnr-3o%3Algln5us-eis%3A%3A%3A0ud\141n%3A\141dle%257Beh\141xro5i0g-do%253E\141oon2%3Ag.m.luntwo\141cnoce-%2C2bg%29.b%3Are2snrfl%3B5%2520\141udoeif-sgo.sn0o4g%257D-ln%2520t%257B0b.%23b9-c1dgur\141nc9eg5n7c\141dlnidfll%3B%3Arnc\141i
                              2022-11-29 18:04:54 UTC89INData Raw: 6c 25 32 35 37 42 79 6e 35 72 25 32 35 32 30 2e 66 25 33 42 6f 74 2e 6c 72 25 33 41 74 69 5c 31 34 31 6c 70 74 2e 2e 66 62 65 25 33 41 35 76 66 2d 72 33 2e 63 25 33 41 65 67 67 64 65 64 25 33 41 67 64 6c 70 72 70 72 6f 74 2d 6f 69 65 74 6c 25 32 35 37 42 6e 74 6c 64 5c 31 34 31 68 67 67 65 6f 30 6e 6c 70 25 32 35 32 32 5c 31 34 31 25 33 41 2d 64 65 5c 31 34 31 76 25 33 41 25 32 35 37 44 68 6e 30 2e 67 25 32 35 37 42 2e 2e 25 33 41 73 69 69 5c 31 34 31 69 2e 64 69 69 6e 5c 31 34 31 70 6f 65 5c 31 34 31 72 70 65 62 6f 67 69 6c 25 32 35 32 30 64 66 25 33 41 78 72 74 65 25 32 35 32 30 6d 6e 65 65 65 72 6c 77 6e 6f 62 25 32 35 32 30 2d 31 6f 70 6d 6f 69 25 33 42 6d 6f 6f 67 74 33 25 33 41 68 66 64 70 68 64 25 33 41 74 25 33 42 30 77 69 66 6f 72 2e 65 6e 2e 70
                              Data Ascii: l%257Byn5r%2520.f%3Bot.lr%3Ati\141lpt..fbe%3A5vf-r3.c%3Aeggded%3Agdlprprot-oietl%257Bntld\141hggeo0nlp%2522\141%3A-de\141v%3A%257Dhn0.g%257B..%3Asii\141i.diin\141poe\141rpebogil%2520df%3Axrte%2520mneeerlwnob%2520-1opmoi%3Bmoogt3%3Ahfdphd%3At%3B0wifor.en.p
                              2022-11-29 18:04:54 UTC105INData Raw: 74 32 25 33 42 6c 65 74 25 32 33 69 66 6d 5c 31 34 31 65 67 74 6c 67 25 33 41 65 63 72 25 33 41 5c 31 34 31 25 33 42 6d 66 65 25 32 35 32 30 75 35 74 73 78 30 69 32 25 33 42 2b 75 62 25 32 39 70 25 33 41 6f 68 75 69 25 33 41 75 31 30 35 63 25 32 35 32 30 74 6d 72 73 72 30 72 25 33 41 69 70 66 69 72 6c 65 68 25 33 41 25 33 42 65 6e 37 67 25 33 41 2e 74 25 33 42 25 32 39 65 25 32 35 32 30 65 2d 69 62 33 25 32 35 32 30 65 35 68 66 65 35 2d 6e 65 67 37 32 25 33 41 65 72 2e 66 68 35 25 32 33 35 37 2d 35 25 33 41 63 66 6c 6f 2e 67 62 65 2d 25 33 41 74 39 69 63 6b 25 32 33 73 6f 6c 64 65 64 64 63 6e 66 74 25 32 35 32 30 77 66 6c 30 70 62 69 72 73 72 6d 64 5c 31 34 31 2e 25 33 42 25 33 41 25 32 35 32 30 74 25 32 39 5c 31 34 31 6f 25 32 35 32 30 72 72 65 5c 31 34
                              Data Ascii: t2%3Blet%23ifm\141egtlg%3Aecr%3A\141%3Bmfe%2520u5tsx0i2%3B+ub%29p%3Aohui%3Au105c%2520tmrsr0r%3Aipfirleh%3A%3Ben7g%3A.t%3B%29e%2520e-ib3%2520e5hfe5-neg72%3Aer.fh5%2357-5%3Acflo.gbe-%3At9ick%23soldeddcnft%2520wfl0pbirsrmd\141.%3B%3A%2520t%29\141o%2520rre\14
                              2022-11-29 18:04:54 UTC114INData Raw: 69 63 72 25 33 41 62 6e 25 32 35 37 42 62 6e 6f 65 74 6c 64 70 72 6c 6f 6e 2d 64 66 65 25 32 35 32 30 69 25 33 41 6e 72 25 33 42 6c 6d 25 32 35 32 30 65 6f 2d 25 33 42 69 72 6d 67 76 72 78 72 2d 77 66 6e 62 6f 6f 6f 6f 2d 5c 31 34 31 2d 65 77 69 62 25 32 35 33 45 67 72 5c 31 34 31 6c 70 77 5c 31 34 31 25 33 41 6f 6c 69 74 25 33 41 5c 31 34 31 25 33 41 6e 76 25 33 41 5c 31 34 31 72 77 77 6b 72 78 6e 2d 6c 74 38 65 6b 77 6f 70 6b 64 69 6e 74 72 2d 6b 65 2d 2d 69 78 2d 25 32 35 32 30 74 63 66 2d 7a 6f 25 32 38 69 73 62 25 33 42 63 66 77 73 5c 31 34 31 6c 62 6d 76 5c 31 34 31 62 2d 64 6f 6e 25 33 41 75 66 65 6e 72 74 73 6c 25 33 42 5c 31 34 31 6d 62 6f 25 33 42 25 32 35 37 44 73 25 32 38 65 74 2d 74 70 5c 31 34 31 67 6d 64 6b 74 2d 2d 2d 6e 74 2e 72 25 32 39
                              Data Ascii: icr%3Abn%257Bbnoetldprlon-dfe%2520i%3Anr%3Blm%2520eo-%3Birmgvrxr-wfnboooo-\141-ewib%253Egr\141lpw\141%3Aolit%3A\141%3Anv%3A\141rwwkrxn-lt8ekwopkdintr-ke--ix-%2520tcf-zo%28isb%3Bcfws\141lbmv\141b-don%3Aufenrtsl%3B\141mbo%3B%257Ds%28et-tp\141gmdkt---nt.r%29
                              2022-11-29 18:04:54 UTC130INData Raw: 31 34 31 6f 65 72 74 67 35 6b 64 6c 65 79 74 6e 5c 31 34 31 32 69 70 70 6f 25 33 41 25 33 41 2d 64 6c 69 25 33 42 6c 69 64 25 33 41 65 25 33 41 72 73 65 69 73 74 74 2d 74 69 6b 6c 69 25 33 41 5c 31 34 31 5c 31 34 31 62 69 25 32 35 32 32 65 70 5c 31 34 31 67 69 74 63 72 70 76 72 35 72 65 25 33 42 65 6d 65 2e 74 2e 65 69 2d 6d 69 76 6d 64 78 6c 2d 25 33 41 69 25 33 41 6f 78 76 66 2d 63 65 6e 74 64 5c 31 34 31 6c 6d 63 68 25 32 33 2d 6f 2d 25 33 41 2e 63 25 32 33 67 35 30 2e 69 25 33 42 77 6c 6e 72 66 63 6e 6e 31 6d 74 2e 69 62 70 6c 6f 6d 6e 2d 75 72 72 25 33 41 70 2b 72 70 74 2e 72 6e 72 25 33 42 25 32 35 32 30 73 68 65 25 33 41 65 64 32 6c 5c 31 34 31 6f 25 32 35 37 44 6f 31 25 33 41 72 36 6f 67 65 25 33 41 64 73 30 36 25 33 41 5c 78 37 32 5c 78 36 39 72
                              Data Ascii: 141oertg5kdleytn\1412ippo%3A%3A-dli%3Blid%3Ae%3Arseistt-tikli%3A\141\141bi%2522ep\141gitcrpvr5re%3Beme.t.ei-mivmdxl-%3Ai%3Aoxvf-centd\141lmch%23-o-%3A.c%23g50.i%3Bwlnrfcnn1mt.ibplomn-urr%3Ap+rpt.rnr%3B%2520she%3Aed2l\141o%257Do1%3Ar6oge%3Ads06%3A\x72\x69r
                              2022-11-29 18:04:54 UTC146INData Raw: 32 35 32 30 6d 62 6d 6f 6f 6e 5c 31 34 31 72 5c 31 34 31 73 6f 25 32 35 37 42 25 33 42 6f 2d 6c 30 64 64 74 66 69 6e 64 70 25 33 41 74 6e 72 6f 25 33 41 65 25 33 42 6c 72 2d 6f 74 67 70 79 25 33 42 65 70 70 6d 25 33 41 66 25 33 41 25 33 42 62 6d 74 65 75 74 64 25 33 41 31 5c 31 34 31 6f 25 33 42 30 30 31 7a 5c 31 34 31 79 30 30 62 78 6d 5c 31 34 31 25 33 42 25 33 42 6b 30 6c 25 32 33 2d 34 6c 6f 6f 30 5c 31 34 31 25 32 33 66 69 66 66 5c 31 34 31 72 6f 2e 25 33 41 78 70 6f 25 33 41 25 33 42 64 64 5c 31 34 31 2d 70 5c 31 34 31 62 6d 69 64 6f 25 33 41 65 6f 77 72 6b 6f 30 25 32 35 37 44 70 6c 65 6f 5c 31 34 31 6e 65 69 35 6f 6c 62 69 6e 30 67 6d 2e 6f 6b 63 25 33 41 6f 64 64 67 72 70 63 6b 74 68 69 75 6c 25 32 35 37 42 64 6c 2e 65 72 65 2d 2d 5c 31 34 31 74
                              Data Ascii: 2520mbmoon\141r\141so%257B%3Bo-l0ddtfindp%3Atnro%3Ae%3Blr-otgpy%3Beppm%3Af%3A%3Bbmteutd%3A1\141o%3B001z\141y00bxm\141%3B%3Bk0l%23-4loo0\141%23fiff\141ro.%3Axpo%3A%3Bdd\141-p\141bmido%3Aeowrko0%257Dpleo\141nei5olbin0gm.okc%3Aoddgrpckthiul%257Bdl.ere--\141t
                              2022-11-29 18:04:54 UTC162INData Raw: 32 35 37 44 6c 2d 77 65 31 25 32 35 32 30 74 6f 65 70 74 25 32 35 32 32 6e 74 30 30 6f 65 72 64 79 30 68 6e 25 33 42 25 33 42 2d 65 25 33 41 64 74 25 33 42 69 65 6f 25 33 41 64 69 78 68 6f 25 33 41 69 33 65 25 32 35 37 42 25 33 41 35 25 33 42 6f 74 25 33 42 64 25 33 41 70 6b 30 73 63 63 5c 31 34 31 62 78 76 66 6c 74 5c 31 34 31 72 63 31 63 73 74 25 33 41 69 69 6c 6c 72 66 65 25 33 41 6f 67 69 2d 74 67 72 25 32 35 37 44 25 33 42 62 5c 31 34 31 31 72 65 63 5c 31 34 31 6e 5c 31 34 31 74 65 25 32 35 37 44 2d 67 25 33 41 63 5c 31 34 31 70 69 62 6c 6e 70 25 32 33 73 69 25 33 42 5c 31 34 31 75 32 72 79 35 66 73 6f 69 25 32 35 32 35 2e 5c 31 34 31 69 6c 69 74 74 30 63 6d 65 6e 68 6f 5c 31 34 31 68 2d 78 6e 73 70 72 6f 74 7a 65 78 25 32 35 32 30 6e 30 75 63 25 33
                              Data Ascii: 257Dl-we1%2520toept%2522nt00oerdy0hn%3B%3B-e%3Adt%3Bieo%3Adixho%3Ai3e%257B%3A5%3Bot%3Bd%3Apk0scc\141bxvflt\141rc1cst%3Aiillrfe%3Aogi-tgr%257D%3Bb\1411rec\141n\141te%257D-g%3Ac\141piblnp%23si%3B\141u2ry5fsoi%2525.\141ilitt0cmenho\141h-xnsprotzex%2520n0uc%3
                              2022-11-29 18:04:54 UTC178INData Raw: 25 33 42 6e 66 75 25 33 42 65 74 77 5c 31 34 31 25 32 35 37 42 65 74 72 65 2e 72 6e 6d 74 65 25 32 31 72 2d 69 75 79 78 74 74 5c 31 34 31 74 65 69 2d 2d 2d 78 65 74 2d 63 74 6f 65 65 6d 69 66 74 74 69 65 2d 73 62 74 66 72 6c 73 74 6f 5c 31 34 31 69 65 5c 31 34 31 6f 2d 73 69 25 33 41 5c 31 34 31 76 6f 63 25 32 31 25 33 41 73 69 6b 74 74 70 65 69 65 70 6f 70 6d 65 78 6b 73 2d 73 72 6f 2d 6b 74 6a 65 2d 72 63 72 6e 25 32 31 74 25 32 31 6a 72 2d 6d 70 74 72 25 32 31 66 78 79 64 65 25 33 42 25 33 41 63 63 25 32 31 2d 74 79 6e 6e 6e 6e 2d 2d 6d 73 2d 78 62 6e 75 75 72 2d 77 69 6e 66 70 6b 69 6f 5c 31 34 31 6f 6e 5c 31 34 31 74 5c 31 34 31 74 65 65 65 25 32 35 37 42 72 65 6a 70 6e 69 25 32 31 74 25 33 41 77 63 6c 6c 6e 77 66 70 6b 75 65 6b 6d 74 74 70 2d 62 6a
                              Data Ascii: %3Bnfu%3Betw\141%257Betre.rnmte%21r-iuyxtt\141tei---xet-ctoeemifttie-sbtfrlsto\141ie\141o-si%3A\141voc%21%3Asikttpeiepopmexks-sro-ktje-rcrn%21t%21jr-mptr%21fxyde%3B%3Acc%21-tynnnn--ms-xbnuur-winfpkio\141on\141t\141teee%257Brejpni%21t%3Awcllnwfpkuekmttp-bj
                              2022-11-29 18:04:54 UTC194INData Raw: 69 5c 31 34 31 72 6e 65 2d 74 63 78 6c 2d 72 5c 31 34 31 69 5c 31 34 31 63 6c 73 69 25 33 42 74 2d 2d 70 69 78 69 69 74 78 67 74 66 2d 73 74 6c 6d 5c 31 34 31 5c 31 34 31 72 73 73 25 32 31 5c 31 34 31 6f 6d 2d 68 6f 65 25 32 35 37 44 6c 5c 31 34 31 74 68 66 6e 69 72 74 2e 6c 6d 78 25 33 41 74 65 25 32 35 37 42 6f 25 33 41 73 6f 6c 67 78 6c 67 6c 69 65 6e 65 78 5c 31 34 31 6c 6e 6e 25 32 31 6f 6e 2e 67 74 25 32 31 69 6f 74 70 74 74 2d 6e 69 25 32 35 37 44 5c 31 34 31 5c 31 34 31 69 68 73 72 74 68 6c 66 66 72 74 25 32 31 6d 72 73 6c 25 33 41 66 2e 70 2d 74 6f 6d 2d 25 32 35 37 44 74 74 6d 5c 31 34 31 6f 6f 6c 74 74 6c 69 6f 25 32 35 37 42 70 2d 25 32 31 6e 70 65 6e 25 33 41 65 6f 72 74 74 2d 65 65 5c 31 34 31 5c 31 34 31 6e 2d 65 6d 5c 31 34 31 74 2d 5c 31
                              Data Ascii: i\141rne-tcxl-r\141i\141clsi%3Bt--pixiitxgtf-stlm\141\141rss%21\141om-hoe%257Dl\141thfnirt.lmx%3Ate%257Bo%3Asolgxlglienex\141lnn%21on.gt%21iotptt-ni%257D\141\141ihsrthlffrt%21mrsl%3Af.p-tom-%257Dttm\141oolttlio%257Bp-%21npen%3Aeortt-ee\141\141n-em\141t-\1
                              2022-11-29 18:04:54 UTC210INData Raw: 43 6d 72 25 32 35 37 42 31 5c 31 34 31 68 2d 33 65 69 6d 33 72 65 5c 78 37 32 5c 78 36 39 6f 25 32 35 37 44 67 6d 74 69 6c 6d 6d 69 6f 2d 72 6f 25 32 31 67 2d 6e 5c 31 34 31 2e 6d 2e 74 25 32 35 37 42 2e 6e 72 72 72 6d 72 6e 6d 25 32 43 2d 62 74 6e 5c 31 34 31 25 32 31 5c 31 34 31 62 25 32 31 74 74 74 70 6c 72 6e 6d 72 74 6e 6e 67 32 70 25 32 43 6d 67 25 32 43 2e 67 25 32 35 37 42 78 65 6f 32 72 72 25 32 35 37 44 33 33 5c 31 34 31 69 67 66 6d 6f 66 5c 31 34 31 6d 6d 31 34 2d 65 72 6e 6d 6d 69 2d 2e 2e 2e 25 33 41 2d 6d 6f 25 32 35 37 42 6d 67 6f 25 33 41 2d 6c 2e 70 33 5c 31 34 31 6d 68 5c 31 34 31 25 32 31 6c 72 6d 69 72 74 6d 2d 2d 6c 35 5c 31 34 31 67 65 5c 31 34 31 33 2e 72 25 32 43 69 2d 34 25 32 35 37 44 6c 6d 6d 35 69 74 6c 70 74 2e 2d 6f 5c 31 34
                              Data Ascii: Cmr%257B1\141h-3eim3re\x72\x69o%257Dgmtilmmio-ro%21g-n\141.m.t%257B.nrrrmrnm%2C-btn\141%21\141b%21tttplrnmrtnng2p%2Cmg%2C.g%257Bxeo2rr%257D33\141igfmof\141mm14-ernmmi-...%3A-mo%257Bmgo%3A-l.p3\141mh\141%21lrmirtm--l5\141ge\1413.r%2Ci-4%257Dlmm5itlpt.-o\14
                              2022-11-29 18:04:54 UTC226INData Raw: 67 41 67 43 41 41 41 41 49 67 41 43 67 43 43 49 41 41 49 41 43 41 49 43 43 43 43 67 41 43 49 41 49 49 67 43 43 67 43 49 43 67 49 49 49 49 41 43 49 67 43 67 67 41 49 49 41 49 67 49 41 67 67 67 67 43 49 67 41 49 41 41 43 67 67 43 67 41 67 43 41 41 41 41 49 67 41 43 67 43 43 49 41 41 49 41 43 41 49 43 43 43 43 67 41 43 49 41 49 49 67 43 43 67 43 49 43 67 49 49 49 49 41 43 49 67 43 67 67 41 49 49 41 49 67 49 41 67 67 67 67 43 49 67 41 49 41 41 43 67 67 43 67 41 67 43 41 41 41 41 49 67 41 43 67 43 43 49 41 41 49 41 43 41 49 43 43 43 43 67 41 43 49 41 49 49 67 43 43 67 43 49 43 67 49 49 49 49 41 43 49 67 43 67 67 41 49 49 41 49 67 49 41 67 67 67 67 43 49 67 41 49 41 41 43 67 67 43 67 41 67 43 41 41 41 41 49 67 41 43 67 43 43 49 41 41 49 41 43 41 49 43 43 43 43
                              Data Ascii: gAgCAAAAIgACgCCIAAIACAICCCCgACIAIIgCCgCICgIIIIACIgCggAIIAIgIAggggCIgAIAACggCgAgCAAAAIgACgCCIAAIACAICCCCgACIAIIgCCgCICgIIIIACIgCggAIIAIgIAggggCIgAIAACggCgAgCAAAAIgACgCCIAAIACAICCCCgACIAIIgCCgCICgIIIIACIgCggAIIAIgIAggggCIgAIAACggCgAgCAAAAIgACgCCIAAIACAICCCC
                              2022-11-29 18:04:54 UTC242INData Raw: 41 41 67 41 51 43 41 41 41 44 41 41 41 41 55 41 56 41 41 4b 41 49 69 41 41 41 41 41 67 45 42 35 41 49 51 41 45 41 41 41 41 41 41 41 53 41 46 41 77 41 42 41 41 41 46 42 41 41 41 67 4b 69 41 41 52 46 41 55 55 41 41 43 42 46 41 41 52 46 49 41 41 55 41 41 41 41 45 41 41 49 41 41 41 42 41 67 41 41 49 41 41 41 41 41 52 41 52 41 49 41 41 41 41 41 51 41 41 41 41 42 41 41 52 42 51 41 42 4b 55 41 41 46 41 41 41 52 41 41 41 41 52 41 41 42 41 41 41 41 51 46 56 41 41 69 67 43 56 46 41 41 41 67 41 52 41 6f 41 41 41 55 41 41 6f 41 67 51 55 46 42 55 41 51 46 41 71 67 51 41 55 55 41 41 41 46 52 41 41 41 41 41 41 41 41 41 41 45 41 41 41 41 41 41 41 41 41 55 41 41 49 41 42 55 30 6f 51 41 45 41 51 6f 41 46 41 41 41 41 52 41 52 69 42 55 41 41 51 46 2f 45 41 51 46 42 41 51 62
                              Data Ascii: AAgAQCAAADAAAAUAVAAKAIiAAAAAgEB5AIQAEAAAAAAASAFAwABAAAFBAAAgKiAARFAUUAACBFAARFIAAUAAAAEAAIAAABAgAAIAAAAARARAIAAAAAQAAAABAARBQABKUAAFAAARAAAARAABAAAAQFVAAigCVFAAAgARAoAAAUAAoAgQUFBUAQFAqgQAUUAAAFRAAAAAAAAAAEAAAAAAAAAUAAIABU0oQAEAQoAFAAAARARiBUAAQF/EAQFBAQb
                              2022-11-29 18:04:54 UTC258INData Raw: 6f 6a 50 7a 4f 72 79 4c 67 45 53 2f 43 33 32 31 51 49 77 69 36 63 43 4b 73 56 57 54 77 52 68 56 45 55 74 65 79 43 34 51 44 6e 70 69 56 53 78 5c 31 34 31 37 56 32 73 4a 6c 59 41 59 6c 37 57 57 58 59 46 30 58 4f 6d 73 4a 51 70 50 4f 78 5c 31 34 31 48 66 68 51 79 63 4f 5c 31 34 31 37 69 53 69 47 44 38 75 70 4f 34 59 59 59 79 68 77 5a 4e 76 6b 4a 48 74 45 4d 6e 4a 7a 2f 41 47 39 59 77 41 38 35 67 35 31 47 32 44 78 66 78 7a 6e 4a 75 30 4b 45 48 76 42 63 37 39 45 69 53 44 4e 4d 75 47 62 72 74 45 4f 6a 62 4f 6e 49 68 64 43 4e 4c 47 4a 42 6d 66 6a 6f 75 57 53 71 45 2b 5c 31 34 31 6b 39 48 6d 48 77 4e 65 42 4d 73 65 50 62 68 72 65 66 37 4c 2f 78 45 2f 69 4c 64 46 63 35 47 78 30 47 70 50 5a 33 71 77 6d 7a 57 36 65 48 62 6f 4a 35 72 34 30 63 2b 36 33 75 68 4e 62 37
                              Data Ascii: ojPzOryLgES/C321QIwi6cCKsVWTwRhVEUteyC4QDnpiVSx\1417V2sJlYAYl7WWXYF0XOmsJQpPOx\141HfhQycO\1417iSiGD8upO4YYYyhwZNvkJHtEMnJz/AG9YwA85g51G2DxfxznJu0KEHvBc79EiSDNMuGbrtEOjbOnIhdCNLGJBmfjouWSqE+\141k9HmHwNeBMsePbhref7L/xE/iLdFc5Gx0GpPZ3qwmzW6eHboJ5r40c+63uhNb7
                              2022-11-29 18:04:54 UTC274INData Raw: 67 41 6c 6f 33 54 55 42 6e 45 48 69 43 64 6a 68 48 32 4e 77 49 25 32 35 32 32 75 41 67 76 46 41 4d 53 53 34 69 69 53 56 4e 45 41 34 5c 31 34 31 25 32 35 33 43 43 6a 69 55 59 59 55 52 39 25 33 44 64 67 76 47 49 66 6c 6d 2d 41 34 56 51 55 5c 31 34 31 45 73 32 2d 25 33 44 66 6b 33 45 41 68 4f 73 63 6b 43 69 44 25 33 44 56 72 46 25 32 35 32 32 30 39 38 43 6f 31 25 32 35 33 45 41 25 33 42 46 52 36 41 37 25 32 35 33 43 69 75 49 62 69 7a 32 6b 58 49 25 32 35 33 43 6a 41 49 45 2f 5c 31 34 31 65 2f 58 4e 67 67 76 65 6a 6f 38 6e 77 41 43 58 73 57 7a 59 25 32 35 33 45 4e 75 41 6e 69 41 32 67 4d 74 74 44 58 44 50 54 49 51 6f 65 4d 49 67 6f 44 55 4e 45 51 64 4e 70 34 52 43 48 42 69 2f 4e 38 41 63 54 4a 79 50 47 77 56 30 7a 51 76 50 4d 68 42 51 66 41 65 45 2b 38 43 4b
                              Data Ascii: gAlo3TUBnEHiCdjhH2NwI%2522uAgvFAMSS4iiSVNEA4\141%253CCjiUYYUR9%3DdgvGIflm-A4VQU\141Es2-%3Dfk3EAhOsckCiD%3DVrF%2522098Co1%253EA%3BFR6A7%253CiuIbiz2kXI%253CjAIE/\141e/XNggvejo8nwACXsWzY%253ENuAniA2gMttDXDPTIQoeMIgoDUNEQdNp4RCHBi/N8AcTJyPGwV0zQvPMhBQfAeE+8CK
                              2022-11-29 18:04:54 UTC290INData Raw: 78 31 63 38 25 32 39 25 32 39 25 32 43 73 69 25 33 44 5c 31 34 31 74 6f 62 25 32 38 5f 30 78 35 33 36 30 38 36 25 32 38 30 78 31 65 39 25 32 39 25 32 39 25 32 43 65 72 72 6f 72 25 33 44 5c 31 34 31 74 6f 62 25 32 38 5f 30 78 35 33 36 30 38 36 25 32 38 30 78 31 65 32 25 32 39 25 32 39 25 32 43 6e 5c 31 34 31 25 33 44 5c 31 34 31 74 6f 62 25 32 38 25 32 37 54 6d 38 67 59 57 4e 6a 62 33 56 75 64 44 38 25 33 44 25 32 37 25 32 39 25 32 43 63 6f 25 33 44 5c 31 34 31 74 6f 62 25 32 38 25 32 37 51 33 4a 6c 59 58 52 6c 49 47 39 75 5a 53 45 25 33 44 25 32 37 25 32 39 25 32 43 63 5c 31 34 31 79 72 25 33 44 5c 31 34 31 74 6f 62 25 32 38 25 32 37 51 32 46 75 4a 33 51 67 59 57 4e 6a 5a 58 4e 7a 49 48 6c 76 64 58 49 67 59 57 4e 6a 62 33 56 75 64 44 38 25 33 44 25 32 37
                              Data Ascii: x1c8%29%29%2Csi%3D\141tob%28_0x536086%280x1e9%29%29%2Cerror%3D\141tob%28_0x536086%280x1e2%29%29%2Cn\141%3D\141tob%28%27Tm8gYWNjb3VudD8%3D%27%29%2Cco%3D\141tob%28%27Q3JlYXRlIG9uZSE%3D%27%29%2Cc\141yr%3D\141tob%28%27Q2FuJ3QgYWNjZXNzIHlvdXIgYWNjb3VudD8%3D%27


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              4192.168.2.34971013.107.219.60443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC300OUTGET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
                              Host: aadcdn.msauth.net
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://holly-lavender-rattlesnake.glitch.me/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC301INHTTP/1.1 200 OK
                              Cache-Control: public, max-age=604800
                              Content-Length: 17174
                              Content-Type: image/x-icon
                              Content-MD5: EuPayFgGHQiAI7K9SOL6lg==
                              Last-Modified: Fri, 02 Nov 2018 20:25:25 GMT
                              ETag: 0x8D6410152A9D7E1
                              X-Cache: TCP_HIT
                              Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                              x-ms-request-id: 11acff55-101e-004e-020b-04467f000000
                              x-ms-version: 2009-09-19
                              x-ms-lease-status: unlocked
                              x-ms-blob-type: BlockBlob
                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                              Access-Control-Allow-Origin: *
                              X-Azure-Ref: 0x0mGYwAAAADXSbrt7oWqQYLuX76A0x0ZRlJBMjMxMDUwNDE3MDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
                              Date: Tue, 29 Nov 2022 18:04:54 GMT
                              Connection: close
                              2022-11-29 18:04:55 UTC302INData Raw: 00 00 01 00 06 00 80 80 10 00 00 00 00 00 68 28 00 00 66 00 00 00 48 48 10 00 00 00 00 00 e8 0d 00 00 ce 28 00 00 30 30 10 00 00 00 00 00 68 06 00 00 b6 36 00 00 20 20 10 00 00 00 00 00 e8 02 00 00 1e 3d 00 00 18 18 10 00 00 00 00 00 e8 01 00 00 06 40 00 00 10 10 10 00 00 00 00 00 28 01 00 00 ee 41 00 00 28 00 00 00 80 00 00 00 00 01 00 00 01 00 04 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 20 00 00 03 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33
                              Data Ascii: h(fHH(00h6 =@(A(("P"""""""""""""""""""""""""""""" 333333333333333
                              2022-11-29 18:04:55 UTC317INData Raw: 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 80 00 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 04 00 00 00 00 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 bc 7b 00 1f 4c f9 00 22 50 f2 00 f7 a6 00 00 00 ba 7f 00 f3 a6 00 00 1e 4e f6 00 23 4e f4 00 f3 a4 00 00 00 bc 7d 00 00 ba 7d 00 00 00 00 00 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0
                              Data Ascii: ( @{L"PN#N}}"""""""3333333"""""""3333333"""""""3333333"""""""


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              5192.168.2.349711139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC300OUTGET / HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: iframe
                              Referer: https://holly-lavender-rattlesnake.glitch.me/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC319INHTTP/1.1 301 Moved Permanently
                              Date: Tue, 29 Nov 2022 18:04:55 GMT
                              Server: Apache
                              Location: https://honapalestine.com/1/frontend/web/index.php?/
                              Content-Length: 260
                              Connection: close
                              Content-Type: text/html; charset=iso-8859-1
                              2022-11-29 18:04:55 UTC319INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 68 6f 6e 61 70 61 6c 65 73 74 69 6e 65 2e 63 6f 6d 2f 31 2f 66 72 6f 6e 74 65 6e 64 2f 77 65 62 2f 69 6e 64 65 78 2e 70 68 70 3f 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68
                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://honapalestine.com/1/frontend/web/index.php?/">here</a>.</p></body></h


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              6192.168.2.349712139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC319OUTGET /1/frontend/web/index.php?/ HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: iframe
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Referer: https://holly-lavender-rattlesnake.glitch.me/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC320INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:55 GMT
                              Server: Apache
                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                              Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                              Pragma: no-cache
                              Set-Cookie: PHPSESSID=qaf8qv8suampvriec5j7t5h967; path=/; HttpOnly
                              Set-Cookie: _csrf=5b49f2e362fd3bca952c98fff7d7a70007625e816ba80c2c0853b4e336f90953s%3A32%3A%22hhe9JVBmp10XxG41xp7kUUAUw_HuOYiX%22%3B; path=/; httponly
                              Connection: close
                              Transfer-Encoding: chunked
                              Content-Type: text/html; charset=UTF-8
                              2022-11-29 18:04:55 UTC320INData Raw: 33 63 66 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 0a 3c 21 2d 2d 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 37 30 30 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 30 2e 35 22 3e 2d 2d 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 30 2e 35 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 30 2e 35 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c
                              Data Ascii: 3cf1<!DOCTYPE html><html lang="en-US"><head> <meta charset="UTF-8"/>... <meta name="viewport" content="width=700, initial-scale=0.5">--> <meta name="viewport" content="width=device-width, initial-scale=0.5, maximum-scale=0.5, user-scalabl
                              2022-11-29 18:04:55 UTC328INData Raw: 66 74 3d 30 2c 74 6f 70 3d 30 27 29 3b 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 3e 3c 69 6d 67 20 73 72 63 3d 22 2f 31 2f 66 72 6f 6e 74 65 6e 64 2f 77 65 62 2f 69 6d 61 67 65 73 2f 6c 69 73 74 65 6e 6c 69 76 65 2e 70 6e 67 22 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 36 25 22 3e 3c 2f 61 3e 0a 0a 20 0a 0a 0a 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 20 31 31 30 30 70 78 3b 20 20 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 62 6f 74 74 6f 6d 3a 20 36 25 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 30 25 22 3e 0a 20 20 20 20 20 20
                              Data Ascii: ft=0,top=0');return false;" ><img src="/1/frontend/web/images/listenlive.png" style="margin-right: 6%"></a> </div> </div> <div class="container"> <div style="width: 1100px; position:fixed;bottom: 6%; margin-left: 0%">
                              2022-11-29 18:04:55 UTC335INData Raw: 0d 0a
                              Data Ascii:
                              2022-11-29 18:04:55 UTC335INData Raw: 31 66 34 30 0d 0a 87 d9 8a d9 85 20 d8 a7 d9 84 d8 af d8 b1 d8 af d8 b3 d8 a7 d9 88 d9 8a 22 2c 22 d8 a3 d8 a8 d9 88 20 d8 b1 d8 a7 d8 aa d8 a8 22 2c 22 d8 a3 d8 a8 d9 88 20 d8 b9 d8 a7 d8 b5 d9 85 22 2c 22 d8 a3 d8 ad d9 85 d8 af 20 d8 a7 d9 84 d8 af d8 a7 d8 b9 d9 88 d8 b1 22 2c 22 d8 a3 d8 ad d9 85 d8 af 20 d8 a7 d9 84 d8 b4 d8 b1 d9 8a d9 82 d9 8a 22 2c 22 d8 a3 d8 ad d9 85 d8 af 20 d8 a7 d9 84 d8 b5 d9 88 d8 b5 22 2c 22 d8 a3 d8 ad d9 85 d8 af 20 d9 82 d8 b9 d8 a8 d9 88 d8 b1 22 2c 22 d8 a5 d8 b3 d9 85 d8 a7 d8 b9 d9 8a d9 84 20 d8 a7 d9 84 d9 82 d8 a7 d8 b6 d9 8a 22 2c 22 d8 a3 d8 b5 d8 a7 d9 84 d8 a9 22 2c 22 d9 81 d8 b1 d9 82 d8 a9 20 d8 a7 d9 84 d9 85 d9 86 d8 b2 d8 a9 22 2c 22 d8 a3 d9 85 20 d9 83 d9 84 d8 ab d9 88 d9 85 22 2c 22 d8 a3 d9 85 d9
                              Data Ascii: 1f40 "," "," "," "," "," "," "," ",""," "," ","
                              2022-11-29 18:04:55 UTC343INData Raw: d9 88 d9 86 22 2c 22 d9 81 d8 a7 d8 b7 d9 85 d8 a9 20 d9 88 d8 a7 d9 84 d9 86 d9 83 d8 a8 d8 a9 22 2c 22 d8 a7 d9 84 d8 a3 d8 b3 d8 b1 d9 89 22 2c 22 d8 a7 d9 84 d8 a5 d8 b4 d8 aa d9 8a d8 a7 d9 82 22 2c 22 d8 a7 d9 84 d8 a3 d8 ba d9 84 d8 a8 d9 8a d8 a9 20 d8 a7 d9 84 d8 b5 d8 a7 d9 85 d8 aa d8 a9 22 2c 22 d8 a7 d9 84 d9 82 d8 af d8 b3 20 d8 a7 d9 86 d8 a7 22 2c 22 d8 a8 d9 8a d9 86 20 d8 a7 d9 84 d9 82 d8 af d8 b3 20 d9 88 d9 84 d9 8a d9 84 d9 89 22 2c 22 d8 aa d8 ad d8 aa 20 d8 a3 d9 86 d9 82 d8 a7 d8 b6 20 d9 81 d9 84 d8 b3 d8 b7 d9 8a d9 86 22 2c 22 d8 ac d8 b1 d8 ad 20 d9 85 d8 b4 d8 b1 d8 af 22 2c 22 20 d8 ad d8 b1 d8 a9 20 d9 8a d8 a7 20 d9 81 d9 84 d8 b3 d8 b7 d9 8a d9 86 22 2c 22 d8 ad d9 88 d8 a7 d8 b1 20 d8 a7 d9 84 d9 81 d8 b1 d8 a7 d9 82 20
                              Data Ascii: "," ","",""," "," "," "," "," "," ","
                              2022-11-29 18:04:55 UTC351INData Raw: 0d 0a
                              Data Ascii:
                              2022-11-29 18:04:55 UTC351INData Raw: 31 37 66 31 0d 0a 72 61 63 6b 20 33 31 22 2c 22 54 72 61 63 6b 20 33 32 22 2c 22 54 72 61 63 6b 20 33 33 22 2c 22 54 72 61 63 6b 20 33 34 22 2c 22 54 72 61 63 6b 20 33 35 22 2c 22 54 72 61 63 6b 20 33 36 22 2c 22 54 72 61 63 6b 20 31 22 2c 22 54 72 61 63 6b 20 32 22 2c 22 54 72 61 63 6b 20 33 22 2c 22 54 72 61 63 6b 20 34 22 2c 22 54 72 61 63 6b 20 35 22 2c 22 54 72 61 63 6b 20 37 22 2c 22 54 72 61 63 6b 20 38 22 2c 22 54 72 61 63 6b 20 39 22 2c 22 54 72 61 63 6b 20 31 30 22 2c 22 54 72 61 63 6b 20 31 31 22 2c 22 54 72 61 63 6b 20 31 32 22 2c 22 54 72 61 63 6b 20 31 33 22 2c 22 54 72 61 63 6b 20 31 34 22 2c 22 54 72 61 63 6b 20 31 35 22 2c 22 54 72 61 63 6b 20 31 36 22 2c 22 54 72 61 63 6b 20 31 37 22 2c 22 54 72 61 63 6b 20 31 38 22 2c 22 54 72 61 63 6b
                              Data Ascii: 17f1rack 31","Track 32","Track 33","Track 34","Track 35","Track 36","Track 1","Track 2","Track 3","Track 4","Track 5","Track 7","Track 8","Track 9","Track 10","Track 11","Track 12","Track 13","Track 14","Track 15","Track 16","Track 17","Track 18","Track
                              2022-11-29 18:04:55 UTC357INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              7192.168.2.349716139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC357OUTGET /1/frontend/web/assets/e189e3b3/css/bootstrap.css HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC359INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:55 GMT
                              Server: Apache
                              Last-Modified: Sat, 12 Nov 2022 19:09:21 GMT
                              Accept-Ranges: bytes
                              Content-Length: 137067
                              Connection: close
                              Content-Type: text/css
                              2022-11-29 18:04:55 UTC359INData Raw: 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 31 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 34 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 0a 0a 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 32 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 2e 69 6f 2f 6e 6f 72 6d 61 6c 69 7a 65 20 2a 2f 0a 68 74 6d 6c 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61
                              Data Ascii: /*! * Bootstrap v3.3.1 (http://getbootstrap.com) * Copyright 2011-2014 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) *//*! normalize.css v3.0.2 | MIT License | git.io/normalize */html { font-family: sa
                              2022-11-29 18:04:55 UTC371INData Raw: 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 65 30 35 39 22 3b 0a 7d 0a 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 69 63 74 75 72 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 65 30 36 30 22 3b 0a 7d 0a 2e 67 6c 79 70 68 69 63 6f 6e 2d 6d 61 70 2d 6d 61 72 6b 65 72 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 65 30 36 32 22 3b 0a 7d 0a 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 64 6a 75 73 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 65 30 36 33 22 3b 0a 7d 0a 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 69 6e 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 65 30 36 34 22 3b 0a 7d 0a 2e 67 6c 79 70 68 69 63 6f 6e 2d 65 64 69 74 3a 62 65 66 6f 72 65 20 7b 0a
                              Data Ascii: before { content: "\e059";}.glyphicon-picture:before { content: "\e060";}.glyphicon-map-marker:before { content: "\e062";}.glyphicon-adjust:before { content: "\e063";}.glyphicon-tint:before { content: "\e064";}.glyphicon-edit:before {
                              2022-11-29 18:04:55 UTC379INData Raw: 6f 75 73 65 6c 2d 69 6e 6e 65 72 20 3e 20 2e 69 74 65 6d 20 3e 20 69 6d 67 2c 0a 2e 63 61 72 6f 75 73 65 6c 2d 69 6e 6e 65 72 20 3e 20 2e 69 74 65 6d 20 3e 20 61 20 3e 20 69 6d 67 20 7b 0a 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 68 65 69 67 68 74 3a 20 61 75 74 6f 3b 0a 7d 0a 2e 69 6d 67 2d 72 6f 75 6e 64 65 64 20 7b 0a 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 2e 69 6d 67 2d 74 68 75 6d 62 6e 61 69 6c 20 7b 0a 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0a 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 68 65 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 34 70 78 3b 0a 20 20 6c 69 6e
                              Data Ascii: ousel-inner > .item > img,.carousel-inner > .item > a > img { display: block; max-width: 100%; height: auto;}.img-rounded { border-radius: 6px;}.img-thumbnail { display: inline-block; max-width: 100%; height: auto; padding: 4px; lin
                              2022-11-29 18:04:55 UTC387INData Raw: 77 69 64 74 68 3a 20 39 31 2e 36 36 36 36 36 36 36 37 25 3b 0a 7d 0a 2e 63 6f 6c 2d 78 73 2d 31 30 20 7b 0a 20 20 77 69 64 74 68 3a 20 38 33 2e 33 33 33 33 33 33 33 33 25 3b 0a 7d 0a 2e 63 6f 6c 2d 78 73 2d 39 20 7b 0a 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 7d 0a 2e 63 6f 6c 2d 78 73 2d 38 20 7b 0a 20 20 77 69 64 74 68 3a 20 36 36 2e 36 36 36 36 36 36 36 37 25 3b 0a 7d 0a 2e 63 6f 6c 2d 78 73 2d 37 20 7b 0a 20 20 77 69 64 74 68 3a 20 35 38 2e 33 33 33 33 33 33 33 33 25 3b 0a 7d 0a 2e 63 6f 6c 2d 78 73 2d 36 20 7b 0a 20 20 77 69 64 74 68 3a 20 35 30 25 3b 0a 7d 0a 2e 63 6f 6c 2d 78 73 2d 35 20 7b 0a 20 20 77 69 64 74 68 3a 20 34 31 2e 36 36 36 36 36 36 36 37 25 3b 0a 7d 0a 2e 63 6f 6c 2d 78 73 2d 34 20 7b 0a 20 20 77 69 64 74 68 3a 20 33 33 2e 33 33 33
                              Data Ascii: width: 91.66666667%;}.col-xs-10 { width: 83.33333333%;}.col-xs-9 { width: 75%;}.col-xs-8 { width: 66.66666667%;}.col-xs-7 { width: 58.33333333%;}.col-xs-6 { width: 50%;}.col-xs-5 { width: 41.66666667%;}.col-xs-4 { width: 33.333
                              2022-11-29 18:04:55 UTC403INData Raw: 20 34 31 2e 36 36 36 36 36 36 36 37 25 3b 0a 20 20 7d 0a 20 20 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 34 20 7b 0a 20 20 20 20 72 69 67 68 74 3a 20 33 33 2e 33 33 33 33 33 33 33 33 25 3b 0a 20 20 7d 0a 20 20 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 33 20 7b 0a 20 20 20 20 72 69 67 68 74 3a 20 32 35 25 3b 0a 20 20 7d 0a 20 20 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 32 20 7b 0a 20 20 20 20 72 69 67 68 74 3a 20 31 36 2e 36 36 36 36 36 36 36 37 25 3b 0a 20 20 7d 0a 20 20 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 31 20 7b 0a 20 20 20 20 72 69 67 68 74 3a 20 38 2e 33 33 33 33 33 33 33 33 25 3b 0a 20 20 7d 0a 20 20 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 30 20 7b 0a 20 20 20 20 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 7d 0a 20 20 2e 63 6f 6c 2d 6c 67 2d 70 75 73 68
                              Data Ascii: 41.66666667%; } .col-lg-pull-4 { right: 33.33333333%; } .col-lg-pull-3 { right: 25%; } .col-lg-pull-2 { right: 16.66666667%; } .col-lg-pull-1 { right: 8.33333333%; } .col-lg-pull-0 { right: auto; } .col-lg-push
                              2022-11-29 18:04:55 UTC411INData Raw: 20 20 7d 0a 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 68 65 61 64 20 3e 20 74 72 20 3e 20 74 68 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 0a 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 62 6f 64 79 20 3e 20 74 72 20 3e 20 74 68 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 0a 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 66 6f 6f 74 20 3e 20 74 72 20 3e 20 74 68 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 0a 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 68 65 61 64 20 3e
                              Data Ascii: } .table-responsive > .table-bordered > thead > tr > th:last-child, .table-responsive > .table-bordered > tbody > tr > th:last-child, .table-responsive > .table-bordered > tfoot > tr > th:last-child, .table-responsive > .table-bordered > thead >
                              2022-11-29 18:04:55 UTC419INData Raw: 33 3b 0a 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 38 61 36 64 33 62 3b 0a 7d 0a 2e 68 61 73 2d 77 61 72 6e 69 6e 67 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 2d 66 65 65 64 62 61 63 6b 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 38 61 36 64 33 62 3b 0a 7d 0a 2e 68 61 73 2d 65 72 72 6f 72 20 2e 68 65 6c 70 2d 62 6c 6f 63 6b 2c 0a 2e 68 61 73 2d 65 72 72 6f 72 20 2e 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 2c 0a 2e 68 61 73 2d 65 72 72 6f 72 20 2e 72 61 64 69 6f 2c 0a 2e 68 61 73 2d 65 72 72 6f 72 20 2e 63 68 65 63 6b 62 6f 78 2c 0a 2e 68 61 73 2d 65 72 72 6f 72 20 2e 72 61 64 69 6f 2d 69 6e 6c 69 6e 65 2c 0a 2e 68 61 73 2d 65 72 72 6f 72 20 2e 63 68 65 63 6b 62 6f 78 2d 69 6e 6c 69 6e 65 2c 0a 2e 68 61 73 2d 65 72 72 6f 72 2e 72 61 64 69 6f 20 6c 61 62
                              Data Ascii: 3; border-color: #8a6d3b;}.has-warning .form-control-feedback { color: #8a6d3b;}.has-error .help-block,.has-error .control-label,.has-error .radio,.has-error .checkbox,.has-error .radio-inline,.has-error .checkbox-inline,.has-error.radio lab
                              2022-11-29 18:04:55 UTC426INData Raw: 66 6f 2e 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 0a 2e 62 74 6e 2d 69 6e 66 6f 5b 64 69 73 61 62 6c 65 64 5d 3a 68 6f 76 65 72 2c 0a 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 62 74 6e 2d 69 6e 66 6f 3a 68 6f 76 65 72 2c 0a 2e 62 74 6e 2d 69 6e 66 6f 2e 64 69 73 61 62 6c 65 64 3a 66 6f 63 75 73 2c 0a 2e 62 74 6e 2d 69 6e 66 6f 5b 64 69 73 61 62 6c 65 64 5d 3a 66 6f 63 75 73 2c 0a 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 62 74 6e 2d 69 6e 66 6f 3a 66 6f 63 75 73 2c 0a 2e 62 74 6e 2d 69 6e 66 6f 2e 64 69 73 61 62 6c 65 64 2e 66 6f 63 75 73 2c 0a 2e 62 74 6e 2d 69 6e 66 6f 5b 64 69 73 61 62 6c 65 64 5d 2e 66 6f 63 75 73 2c 0a 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 62 74 6e 2d 69 6e 66 6f 2e 66 6f
                              Data Ascii: fo.disabled:hover,.btn-info[disabled]:hover,fieldset[disabled] .btn-info:hover,.btn-info.disabled:focus,.btn-info[disabled]:focus,fieldset[disabled] .btn-info:focus,.btn-info.disabled.focus,.btn-info[disabled].focus,fieldset[disabled] .btn-info.fo
                              2022-11-29 18:04:55 UTC434INData Raw: 2d 69 6e 64 65 78 3a 20 32 3b 0a 7d 0a 2e 62 74 6e 2d 67 72 6f 75 70 20 2e 62 74 6e 20 2b 20 2e 62 74 6e 2c 0a 2e 62 74 6e 2d 67 72 6f 75 70 20 2e 62 74 6e 20 2b 20 2e 62 74 6e 2d 67 72 6f 75 70 2c 0a 2e 62 74 6e 2d 67 72 6f 75 70 20 2e 62 74 6e 2d 67 72 6f 75 70 20 2b 20 2e 62 74 6e 2c 0a 2e 62 74 6e 2d 67 72 6f 75 70 20 2e 62 74 6e 2d 67 72 6f 75 70 20 2b 20 2e 62 74 6e 2d 67 72 6f 75 70 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 31 70 78 3b 0a 7d 0a 2e 62 74 6e 2d 74 6f 6f 6c 62 61 72 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 35 70 78 3b 0a 7d 0a 2e 62 74 6e 2d 74 6f 6f 6c 62 61 72 20 2e 62 74 6e 2d 67 72 6f 75 70 2c 0a 2e 62 74 6e 2d 74 6f 6f 6c 62 61 72 20 2e 69 6e 70 75 74 2d 67 72 6f 75 70 20 7b 0a 20 20 66 6c 6f 61 74
                              Data Ascii: -index: 2;}.btn-group .btn + .btn,.btn-group .btn + .btn-group,.btn-group .btn-group + .btn,.btn-group .btn-group + .btn-group { margin-left: -1px;}.btn-toolbar { margin-left: -5px;}.btn-toolbar .btn-group,.btn-toolbar .input-group { float
                              2022-11-29 18:04:55 UTC442INData Raw: 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 7d 0a 2e 6e 61 76 20 3e 20 6c 69 20 3e 20 61 20 7b 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 31 35 70 78 3b 0a 7d 0a 2e 6e 61 76 20 3e 20 6c 69 20 3e 20 61 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 20 3e 20 6c 69 20 3e 20 61 3a 66 6f 63 75 73 20 7b 0a 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 65 65 65 3b 0a 7d 0a 2e 6e 61 76 20 3e 20 6c 69 2e 64 69 73 61 62 6c 65 64 20 3e 20 61 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 37 37 37 3b 0a 7d 0a 2e 6e 61 76 20
                              Data Ascii: : relative; display: block;}.nav > li > a { position: relative; display: block; padding: 10px 15px;}.nav > li > a:hover,.nav > li > a:focus { text-decoration: none; background-color: #eee;}.nav > li.disabled > a { color: #777;}.nav
                              2022-11-29 18:04:55 UTC450INData Raw: 74 74 6f 6d 3a 20 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 0a 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 20 69 6e 73 65 74 20 30 20 31 70 78 20 30 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 2e 31 29 2c 20 30 20 31 70 78 20 30 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 2e 31 29 3b 0a 20 20 20 20 20 20 20 20 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 69 6e 73 65 74 20 30 20 31 70 78 20 30 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 2e 31 29 2c 20 30 20 31 70 78 20 30 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 2e 31 29 3b 0a 7d 0a 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 37 36 38 70 78 29 20 7b 0a 20 20 2e 6e 61 76 62 61
                              Data Ascii: ttom: 1px solid transparent; -webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, .1), 0 1px 0 rgba(255, 255, 255, .1); box-shadow: inset 0 1px 0 rgba(255, 255, 255, .1), 0 1px 0 rgba(255, 255, 255, .1);}@media (min-width: 768px) { .navba
                              2022-11-29 18:04:55 UTC481INData Raw: 6c 69 6e 6b 5b 64 69 73 61 62 6c 65 64 5d 3a 68 6f 76 65 72 2c 0a 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 6e 61 76 62 61 72 2d 69 6e 76 65 72 73 65 20 2e 62 74 6e 2d 6c 69 6e 6b 3a 68 6f 76 65 72 2c 0a 2e 6e 61 76 62 61 72 2d 69 6e 76 65 72 73 65 20 2e 62 74 6e 2d 6c 69 6e 6b 5b 64 69 73 61 62 6c 65 64 5d 3a 66 6f 63 75 73 2c 0a 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 6e 61 76 62 61 72 2d 69 6e 76 65 72 73 65 20 2e 62 74 6e 2d 6c 69 6e 6b 3a 66 6f 63 75 73 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 0a 7d 0a 2e 62 72 65 61 64 63 72 75 6d 62 20 7b 0a 20 20 70 61 64 64 69 6e 67 3a 20 38 70 78 20 31 35 70 78 3b 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 32 30 70 78 3b 0a 20 20 6c 69 73 74 2d 73 74 79
                              Data Ascii: link[disabled]:hover,fieldset[disabled] .navbar-inverse .btn-link:hover,.navbar-inverse .btn-link[disabled]:focus,fieldset[disabled] .navbar-inverse .btn-link:focus { color: #444;}.breadcrumb { padding: 8px 15px; margin-bottom: 20px; list-sty
                              2022-11-29 18:04:55 UTC489INData Raw: 6f 6e 3a 20 34 30 70 78 20 30 3b 0a 20 20 7d 0a 20 20 74 6f 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 3b 0a 20 20 7d 0a 7d 0a 40 6b 65 79 66 72 61 6d 65 73 20 70 72 6f 67 72 65 73 73 2d 62 61 72 2d 73 74 72 69 70 65 73 20 7b 0a 20 20 66 72 6f 6d 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 34 30 70 78 20 30 3b 0a 20 20 7d 0a 20 20 74 6f 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 3b 0a 20 20 7d 0a 7d 0a 2e 70 72 6f 67 72 65 73 73 20 7b 0a 20 20 68 65 69 67 68 74 3a 20 32 30 70 78 3b 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 32 30 70 78 3b 0a 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 20 20
                              Data Ascii: on: 40px 0; } to { background-position: 0 0; }}@keyframes progress-bar-stripes { from { background-position: 40px 0; } to { background-position: 0 0; }}.progress { height: 20px; margin-bottom: 20px; overflow: hidden;
                              2022-11-29 18:04:55 UTC497INData Raw: 38 66 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 63 34 65 33 66 33 3b 0a 7d 0a 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 69 6e 66 6f 2e 61 63 74 69 76 65 2c 0a 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 69 6e 66 6f 2e 61 63 74 69 76 65 3a 68 6f 76 65 72 2c 0a 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 69 6e 66 6f 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 33 31 37 30 38 66 3b 0a 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 33 31 37 30 38 66 3b 0a 7d 0a 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 77 61 72 6e 69 6e 67 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 38 61 36 64 33 62
                              Data Ascii: 8f; background-color: #c4e3f3;}a.list-group-item-info.active,a.list-group-item-info.active:hover,a.list-group-item-info.active:focus { color: #fff; background-color: #31708f; border-color: #31708f;}.list-group-item-warning { color: #8a6d3b
                              2022-11-29 18:04:55 UTC504INData Raw: 70 61 6e 65 6c 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 62 6f 64 79 20 3e 20 74 72 20 3e 20 74 68 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 0a 2e 70 61 6e 65 6c 20 3e 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 62 6f 64 79 20 3e 20 74 72 20 3e 20 74 68 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 0a 2e 70 61 6e 65 6c 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 66 6f 6f 74 20 3e 20 74 72 20 3e 20 74 68 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 0a 2e 70 61 6e 65 6c 20 3e 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 66 6f 6f 74 20 3e 20 74 72 20 3e 20 74 68 3a 66 69 72 73 74
                              Data Ascii: panel > .table-bordered > tbody > tr > th:first-child,.panel > .table-responsive > .table-bordered > tbody > tr > th:first-child,.panel > .table-bordered > tfoot > tr > th:first-child,.panel > .table-responsive > .table-bordered > tfoot > tr > th:first
                              2022-11-29 18:04:55 UTC512INData Raw: 74 20 7b 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 2d 77 65 62 6b 69 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6c 69 70 3a 20 70 61 64 64 69 6e 67 2d 62 6f 78 3b 0a 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6c 69 70 3a 20 70 61 64 64 69 6e 67 2d 62 6f 78 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 32 29 3b 0a 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 20 20 6f 75 74 6c 69 6e 65 3a 20 30 3b 0a 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 20
                              Data Ascii: t { position: relative; background-color: #fff; -webkit-background-clip: padding-box; background-clip: padding-box; border: 1px solid #999; border: 1px solid rgba(0, 0, 0, .2); border-radius: 6px; outline: 0; -webkit-box-shadow:
                              2022-11-29 18:04:55 UTC520INData Raw: 6f 77 3a 20 30 20 31 70 78 20 32 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 36 29 3b 0a 20 20 66 69 6c 74 65 72 3a 20 61 6c 70 68 61 28 6f 70 61 63 69 74 79 3d 35 30 29 3b 0a 20 20 6f 70 61 63 69 74 79 3a 20 2e 35 3b 0a 7d 0a 2e 63 61 72 6f 75 73 65 6c 2d 63 6f 6e 74 72 6f 6c 2e 6c 65 66 74 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 6c 65 66 74 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 35 29 20 30 25 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 30 30 30 31 29 20 31 30 30 25 29 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 20 20 20 20 20 2d 6f 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 6c 65 66 74 2c 20 72
                              Data Ascii: ow: 0 1px 2px rgba(0, 0, 0, .6); filter: alpha(opacity=50); opacity: .5;}.carousel-control.left { background-image: -webkit-linear-gradient(left, rgba(0, 0, 0, .5) 0%, rgba(0, 0, 0, .0001) 100%); background-image: -o-linear-gradient(left, r
                              2022-11-29 18:04:55 UTC528INData Raw: 77 69 64 74 68 3a 20 39 39 31 70 78 29 20 7b 0a 20 20 2e 68 69 64 64 65 6e 2d 73 6d 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 7d 0a 7d 0a 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 39 39 32 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 31 31 39 39 70 78 29 20 7b 0a 20 20 2e 68 69 64 64 65 6e 2d 6d 64 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 7d 0a 7d 0a 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 30 30 70 78 29 20 7b 0a 20 20 2e 68 69 64 64 65 6e 2d 6c 67 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 7d 0a 7d 0a 2e 76 69 73 69
                              Data Ascii: width: 991px) { .hidden-sm { display: none !important; }}@media (min-width: 992px) and (max-width: 1199px) { .hidden-md { display: none !important; }}@media (min-width: 1200px) { .hidden-lg { display: none !important; }}.visi


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              8192.168.2.349714139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC358OUTGET /1/frontend/web/css/site.css HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC367INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:55 GMT
                              Server: Apache
                              Last-Modified: Tue, 23 Feb 2021 15:23:02 GMT
                              Accept-Ranges: bytes
                              Content-Length: 4505
                              Connection: close
                              Content-Type: text/css
                              2022-11-29 18:04:55 UTC367INData Raw: 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 46 72 75 74 69 67 65 72 20 4c 54 20 41 72 61 62 69 63 22 3b 0a 20 20 20 20 73 72 63 3a 75 72 6c 28 27 46 72 75 74 69 67 65 72 4c 54 41 72 61 62 69 63 2d 36 35 42 6f 6c 64 2e 74 74 66 27 29 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 7d 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 46 72 75 74 69 67 65 72 20 4c 54 20 41 72 61 62 69 63 22 3b 0a 20 20 20 20 73 72 63 3a 75 72 6c 28 27 46 72 75 74 69 67 65 72 4c 54 41 72 61 62 69 63 2d 35 35 52 6f 6d 61 6e 2e 74 74 66 27 29 3b 0a 7d 0a 68 74 6d 6c 2c 0a 62 6f 64 79 20 7b 0a 20 20 20 20 2f 2a 68 65 69 67 68 74 3a 20 31 30 30 25 3b
                              Data Ascii: @font-face { font-family: "Frutiger LT Arabic"; src:url('FrutigerLTArabic-65Bold.ttf'); font-weight: normal;}@font-face { font-family: "Frutiger LT Arabic"; src:url('FrutigerLTArabic-55Roman.ttf');}html,body { /*height: 100%;


                              Session IDSource IPSource PortDestination IPDestination PortProcess
                              9192.168.2.349715139.162.167.121443C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampkBytes transferredDirectionData
                              2022-11-29 18:04:55 UTC358OUTGET /1/frontend/web/assets/493c98da/jquery.js HTTP/1.1
                              Host: honapalestine.com
                              Connection: keep-alive
                              sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://honapalestine.com/1/frontend/web/index.php?/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2022-11-29 18:04:55 UTC395INHTTP/1.1 200 OK
                              Date: Tue, 29 Nov 2022 18:04:55 GMT
                              Server: Apache
                              Last-Modified: Sat, 12 Nov 2022 19:09:21 GMT
                              Accept-Ranges: bytes
                              Content-Length: 247351
                              Connection: close
                              Content-Type: application/javascript
                              2022-11-29 18:04:55 UTC395INData Raw: 2f 2a 21 0a 20 2a 20 6a 51 75 65 72 79 20 4a 61 76 61 53 63 72 69 70 74 20 4c 69 62 72 61 72 79 20 76 32 2e 31 2e 31 0a 20 2a 20 68 74 74 70 3a 2f 2f 6a 71 75 65 72 79 2e 63 6f 6d 2f 0a 20 2a 0a 20 2a 20 49 6e 63 6c 75 64 65 73 20 53 69 7a 7a 6c 65 2e 6a 73 0a 20 2a 20 68 74 74 70 3a 2f 2f 73 69 7a 7a 6c 65 6a 73 2e 63 6f 6d 2f 0a 20 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 30 35 2c 20 32 30 31 34 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 2c 20 49 6e 63 2e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 20 52 65 6c 65 61 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 6c 69 63 65 6e 73 65 0a 20 2a 20 68 74 74 70 3a 2f 2f 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 0a 20 2a 0a 20 2a 20 44
                              Data Ascii: /*! * jQuery JavaScript Library v2.1.1 * http://jquery.com/ * * Includes Sizzle.js * http://sizzlejs.com/ * * Copyright 2005, 2014 jQuery Foundation, Inc. and other contributors * Released under the MIT license * http://jquery.org/license * * D
                              2022-11-29 18:04:55 UTC458INData Raw: 64 65 20 69 6e 63 6c 75 64 65 73 20 61 20 76 61 6c 69 64 2c 20 70 72 6f 6c 6f 67 75 65 20 70 6f 73 69 74 69 6f 6e 0a 09 09 09 2f 2f 20 73 74 72 69 63 74 20 6d 6f 64 65 20 70 72 61 67 6d 61 2c 20 65 78 65 63 75 74 65 20 63 6f 64 65 20 62 79 20 69 6e 6a 65 63 74 69 6e 67 20 61 0a 09 09 09 2f 2f 20 73 63 72 69 70 74 20 74 61 67 20 69 6e 74 6f 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e 0a 09 09 09 69 66 20 28 20 63 6f 64 65 2e 69 6e 64 65 78 4f 66 28 22 75 73 65 20 73 74 72 69 63 74 22 29 20 3d 3d 3d 20 31 20 29 20 7b 0a 09 09 09 09 73 63 72 69 70 74 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 3b 0a 09 09 09 09 73 63 72 69 70 74 2e 74 65 78 74 20 3d 20 63 6f 64 65 3b 0a 09 09 09 09 64 6f 63 75 6d 65
                              Data Ascii: de includes a valid, prologue position// strict mode pragma, execute code by injecting a// script tag into the document.if ( code.indexOf("use strict") === 1 ) {script = document.createElement("script");script.text = code;docume
                              2022-11-29 18:04:55 UTC465INData Raw: 5c 5c 5c 2e 29 2a 29 22 20 2b 20 77 68 69 74 65 73 70 61 63 65 20 2b 20 22 2b 24 22 2c 20 22 67 22 20 29 2c 0a 0a 09 72 63 6f 6d 6d 61 20 3d 20 6e 65 77 20 52 65 67 45 78 70 28 20 22 5e 22 20 2b 20 77 68 69 74 65 73 70 61 63 65 20 2b 20 22 2a 2c 22 20 2b 20 77 68 69 74 65 73 70 61 63 65 20 2b 20 22 2a 22 20 29 2c 0a 09 72 63 6f 6d 62 69 6e 61 74 6f 72 73 20 3d 20 6e 65 77 20 52 65 67 45 78 70 28 20 22 5e 22 20 2b 20 77 68 69 74 65 73 70 61 63 65 20 2b 20 22 2a 28 5b 3e 2b 7e 5d 7c 22 20 2b 20 77 68 69 74 65 73 70 61 63 65 20 2b 20 22 29 22 20 2b 20 77 68 69 74 65 73 70 61 63 65 20 2b 20 22 2a 22 20 29 2c 0a 0a 09 72 61 74 74 72 69 62 75 74 65 51 75 6f 74 65 73 20 3d 20 6e 65 77 20 52 65 67 45 78 70 28 20 22 3d 22 20 2b 20 77 68 69 74 65 73 70 61 63 65 20
                              Data Ascii: \\\.)*)" + whitespace + "+$", "g" ),rcomma = new RegExp( "^" + whitespace + "*," + whitespace + "*" ),rcombinators = new RegExp( "^" + whitespace + "*([>+~]|" + whitespace + ")" + whitespace + "*" ),rattributeQuotes = new RegExp( "=" + whitespace
                              2022-11-29 18:04:55 UTC473INData Raw: 75 74 20 74 79 70 65 73 0a 20 2a 20 40 70 61 72 61 6d 20 7b 53 74 72 69 6e 67 7d 20 74 79 70 65 0a 20 2a 2f 0a 66 75 6e 63 74 69 6f 6e 20 63 72 65 61 74 65 49 6e 70 75 74 50 73 65 75 64 6f 28 20 74 79 70 65 20 29 20 7b 0a 09 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 20 65 6c 65 6d 20 29 20 7b 0a 09 09 76 61 72 20 6e 61 6d 65 20 3d 20 65 6c 65 6d 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 0a 09 09 72 65 74 75 72 6e 20 6e 61 6d 65 20 3d 3d 3d 20 22 69 6e 70 75 74 22 20 26 26 20 65 6c 65 6d 2e 74 79 70 65 20 3d 3d 3d 20 74 79 70 65 3b 0a 09 7d 3b 0a 7d 0a 0a 2f 2a 2a 0a 20 2a 20 52 65 74 75 72 6e 73 20 61 20 66 75 6e 63 74 69 6f 6e 20 74 6f 20 75 73 65 20 69 6e 20 70 73 65 75 64 6f 73 20 66 6f 72 20 62 75 74 74 6f 6e 73 0a
                              Data Ascii: ut types * @param {String} type */function createInputPseudo( type ) {return function( elem ) {var name = elem.nodeName.toLowerCase();return name === "input" && elem.type === type;};}/** * Returns a function to use in pseudos for buttons
                              2022-11-29 18:04:55 UTC529INData Raw: 67 2f 54 52 2f 32 30 31 31 2f 52 45 43 2d 63 73 73 33 2d 73 65 6c 65 63 74 6f 72 73 2d 32 30 31 31 30 39 32 39 2f 23 63 68 65 63 6b 65 64 0a 09 09 09 2f 2f 20 49 45 38 20 74 68 72 6f 77 73 20 65 72 72 6f 72 20 68 65 72 65 20 61 6e 64 20 77 69 6c 6c 20 6e 6f 74 20 73 65 65 20 6c 61 74 65 72 20 74 65 73 74 73 0a 09 09 09 69 66 20 28 20 21 64 69 76 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 63 68 65 63 6b 65 64 22 29 2e 6c 65 6e 67 74 68 20 29 20 7b 0a 09 09 09 09 72 62 75 67 67 79 51 53 41 2e 70 75 73 68 28 22 3a 63 68 65 63 6b 65 64 22 29 3b 0a 09 09 09 7d 0a 09 09 7d 29 3b 0a 0a 09 09 61 73 73 65 72 74 28 66 75 6e 63 74 69 6f 6e 28 20 64 69 76 20 29 20 7b 0a 09 09 09 2f 2f 20 53 75 70 70 6f 72 74 3a 20 57 69 6e 64 6f 77 73 20 38 20 4e 61
                              Data Ascii: g/TR/2011/REC-css3-selectors-20110929/#checked// IE8 throws error here and will not see later testsif ( !div.querySelectorAll(":checked").length ) {rbuggyQSA.push(":checked");}});assert(function( div ) {// Support: Windows 8 Na
                              2022-11-29 18:04:55 UTC537INData Raw: 74 65 78 74 43 6f 6e 74 65 6e 74 20 66 6f 72 20 65 6c 65 6d 65 6e 74 73 0a 09 09 2f 2f 20 69 6e 6e 65 72 54 65 78 74 20 75 73 61 67 65 20 72 65 6d 6f 76 65 64 20 66 6f 72 20 63 6f 6e 73 69 73 74 65 6e 63 79 20 6f 66 20 6e 65 77 20 6c 69 6e 65 73 20 28 6a 51 75 65 72 79 20 23 31 31 31 35 33 29 0a 09 09 69 66 20 28 20 74 79 70 65 6f 66 20 65 6c 65 6d 2e 74 65 78 74 43 6f 6e 74 65 6e 74 20 3d 3d 3d 20 22 73 74 72 69 6e 67 22 20 29 20 7b 0a 09 09 09 72 65 74 75 72 6e 20 65 6c 65 6d 2e 74 65 78 74 43 6f 6e 74 65 6e 74 3b 0a 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 2f 2f 20 54 72 61 76 65 72 73 65 20 69 74 73 20 63 68 69 6c 64 72 65 6e 0a 09 09 09 66 6f 72 20 28 20 65 6c 65 6d 20 3d 20 65 6c 65 6d 2e 66 69 72 73 74 43 68 69 6c 64 3b 20 65 6c 65 6d 3b 20 65 6c
                              Data Ascii: textContent for elements// innerText usage removed for consistency of new lines (jQuery #11153)if ( typeof elem.textContent === "string" ) {return elem.textContent;} else {// Traverse its childrenfor ( elem = elem.firstChild; elem; el
                              2022-11-29 18:04:55 UTC545INData Raw: 61 72 67 75 6d 65 6e 74 20 29 3b 0a 09 09 09 7d 0a 0a 09 09 09 2f 2f 20 42 75 74 20 6d 61 69 6e 74 61 69 6e 20 73 75 70 70 6f 72 74 20 66 6f 72 20 6f 6c 64 20 73 69 67 6e 61 74 75 72 65 73 0a 09 09 09 69 66 20 28 20 66 6e 2e 6c 65 6e 67 74 68 20 3e 20 31 20 29 20 7b 0a 09 09 09 09 61 72 67 73 20 3d 20 5b 20 70 73 65 75 64 6f 2c 20 70 73 65 75 64 6f 2c 20 22 22 2c 20 61 72 67 75 6d 65 6e 74 20 5d 3b 0a 09 09 09 09 72 65 74 75 72 6e 20 45 78 70 72 2e 73 65 74 46 69 6c 74 65 72 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 20 70 73 65 75 64 6f 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 20 29 20 3f 0a 09 09 09 09 09 6d 61 72 6b 46 75 6e 63 74 69 6f 6e 28 66 75 6e 63 74 69 6f 6e 28 20 73 65 65 64 2c 20 6d 61 74 63 68 65 73 20 29 20 7b 0a 09 09 09 09 09 09
                              Data Ascii: argument );}// But maintain support for old signaturesif ( fn.length > 1 ) {args = [ pseudo, pseudo, "", argument ];return Expr.setFilters.hasOwnProperty( pseudo.toLowerCase() ) ?markFunction(function( seed, matches ) {
                              2022-11-29 18:04:55 UTC552INData Raw: 69 73 65 2c 20 74 68 72 6f 77 20 61 6e 20 65 72 72 6f 72 20 6f 72 20 72 65 74 75 72 6e 20 74 6f 6b 65 6e 73 0a 09 72 65 74 75 72 6e 20 70 61 72 73 65 4f 6e 6c 79 20 3f 0a 09 09 73 6f 46 61 72 2e 6c 65 6e 67 74 68 20 3a 0a 09 09 73 6f 46 61 72 20 3f 0a 09 09 09 53 69 7a 7a 6c 65 2e 65 72 72 6f 72 28 20 73 65 6c 65 63 74 6f 72 20 29 20 3a 0a 09 09 09 2f 2f 20 43 61 63 68 65 20 74 68 65 20 74 6f 6b 65 6e 73 0a 09 09 09 74 6f 6b 65 6e 43 61 63 68 65 28 20 73 65 6c 65 63 74 6f 72 2c 20 67 72 6f 75 70 73 20 29 2e 73 6c 69 63 65 28 20 30 20 29 3b 0a 7d 3b 0a 0a 66 75 6e 63 74 69 6f 6e 20 74 6f 53 65 6c 65 63 74 6f 72 28 20 74 6f 6b 65 6e 73 20 29 20 7b 0a 09 76 61 72 20 69 20 3d 20 30 2c 0a 09 09 6c 65 6e 20 3d 20 74 6f 6b 65 6e 73 2e 6c 65 6e 67 74 68 2c 0a 09
                              Data Ascii: ise, throw an error or return tokensreturn parseOnly ?soFar.length :soFar ?Sizzle.error( selector ) :// Cache the tokenstokenCache( selector, groups ).slice( 0 );};function toSelector( tokens ) {var i = 0,len = tokens.length,
                              2022-11-29 18:04:55 UTC560INData Raw: 7c 20 30 2e 31 29 2c 0a 09 09 09 09 6c 65 6e 20 3d 20 65 6c 65 6d 73 2e 6c 65 6e 67 74 68 3b 0a 0a 09 09 09 69 66 20 28 20 6f 75 74 65 72 6d 6f 73 74 20 29 20 7b 0a 09 09 09 09 6f 75 74 65 72 6d 6f 73 74 43 6f 6e 74 65 78 74 20 3d 20 63 6f 6e 74 65 78 74 20 21 3d 3d 20 64 6f 63 75 6d 65 6e 74 20 26 26 20 63 6f 6e 74 65 78 74 3b 0a 09 09 09 7d 0a 0a 09 09 09 2f 2f 20 41 64 64 20 65 6c 65 6d 65 6e 74 73 20 70 61 73 73 69 6e 67 20 65 6c 65 6d 65 6e 74 4d 61 74 63 68 65 72 73 20 64 69 72 65 63 74 6c 79 20 74 6f 20 72 65 73 75 6c 74 73 0a 09 09 09 2f 2f 20 4b 65 65 70 20 60 69 60 20 61 20 73 74 72 69 6e 67 20 69 66 20 74 68 65 72 65 20 61 72 65 20 6e 6f 20 65 6c 65 6d 65 6e 74 73 20 73 6f 20 60 6d 61 74 63 68 65 64 43 6f 75 6e 74 60 20 77 69 6c 6c 20 62 65 20
                              Data Ascii: | 0.1),len = elems.length;if ( outermost ) {outermostContext = context !== document && context;}// Add elements passing elementMatchers directly to results// Keep `i` a string if there are no elements so `matchedCount` will be
                              2022-11-29 18:04:55 UTC568INData Raw: 0a 09 7d 0a 0a 09 69 66 20 28 20 71 75 61 6c 69 66 69 65 72 2e 6e 6f 64 65 54 79 70 65 20 29 20 7b 0a 09 09 72 65 74 75 72 6e 20 6a 51 75 65 72 79 2e 67 72 65 70 28 20 65 6c 65 6d 65 6e 74 73 2c 20 66 75 6e 63 74 69 6f 6e 28 20 65 6c 65 6d 20 29 20 7b 0a 09 09 09 72 65 74 75 72 6e 20 28 20 65 6c 65 6d 20 3d 3d 3d 20 71 75 61 6c 69 66 69 65 72 20 29 20 21 3d 3d 20 6e 6f 74 3b 0a 09 09 7d 29 3b 0a 0a 09 7d 0a 0a 09 69 66 20 28 20 74 79 70 65 6f 66 20 71 75 61 6c 69 66 69 65 72 20 3d 3d 3d 20 22 73 74 72 69 6e 67 22 20 29 20 7b 0a 09 09 69 66 20 28 20 72 69 73 53 69 6d 70 6c 65 2e 74 65 73 74 28 20 71 75 61 6c 69 66 69 65 72 20 29 20 29 20 7b 0a 09 09 09 72 65 74 75 72 6e 20 6a 51 75 65 72 79 2e 66 69 6c 74 65 72 28 20 71 75 61 6c 69 66 69 65 72 2c 20 65 6c
                              Data Ascii: }if ( qualifier.nodeType ) {return jQuery.grep( elements, function( elem ) {return ( elem === qualifier ) !== not;});}if ( typeof qualifier === "string" ) {if ( risSimple.test( qualifier ) ) {return jQuery.filter( qualifier, el
                              2022-11-29 18:04:55 UTC576INData Raw: 6e 63 74 69 6f 6e 28 20 65 6c 65 6d 20 29 20 7b 0a 09 09 76 61 72 20 70 61 72 65 6e 74 20 3d 20 65 6c 65 6d 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 0a 09 09 72 65 74 75 72 6e 20 70 61 72 65 6e 74 20 26 26 20 70 61 72 65 6e 74 2e 6e 6f 64 65 54 79 70 65 20 21 3d 3d 20 31 31 20 3f 20 70 61 72 65 6e 74 20 3a 20 6e 75 6c 6c 3b 0a 09 7d 2c 0a 09 70 61 72 65 6e 74 73 3a 20 66 75 6e 63 74 69 6f 6e 28 20 65 6c 65 6d 20 29 20 7b 0a 09 09 72 65 74 75 72 6e 20 6a 51 75 65 72 79 2e 64 69 72 28 20 65 6c 65 6d 2c 20 22 70 61 72 65 6e 74 4e 6f 64 65 22 20 29 3b 0a 09 7d 2c 0a 09 70 61 72 65 6e 74 73 55 6e 74 69 6c 3a 20 66 75 6e 63 74 69 6f 6e 28 20 65 6c 65 6d 2c 20 69 2c 20 75 6e 74 69 6c 20 29 20 7b 0a 09 09 72 65 74 75 72 6e 20 6a 51 75 65 72 79 2e 64 69 72 28 20 65 6c
                              Data Ascii: nction( elem ) {var parent = elem.parentNode;return parent && parent.nodeType !== 11 ? parent : null;},parents: function( elem ) {return jQuery.dir( elem, "parentNode" );},parentsUntil: function( elem, i, until ) {return jQuery.dir( el
                              2022-11-29 18:04:55 UTC584INData Raw: 6e 65 64 20 3d 20 66 6e 20 26 26 20 66 6e 2e 61 70 70 6c 79 28 20 74 68 69 73 2c 20 61 72 67 75 6d 65 6e 74 73 20 29 3b 0a 09 09 09 09 09 09 09 09 69 66 20 28 20 72 65 74 75 72 6e 65 64 20 26 26 20 6a 51 75 65 72 79 2e 69 73 46 75 6e 63 74 69 6f 6e 28 20 72 65 74 75 72 6e 65 64 2e 70 72 6f 6d 69 73 65 20 29 20 29 20 7b 0a 09 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 65 64 2e 70 72 6f 6d 69 73 65 28 29 0a 09 09 09 09 09 09 09 09 09 09 2e 64 6f 6e 65 28 20 6e 65 77 44 65 66 65 72 2e 72 65 73 6f 6c 76 65 20 29 0a 09 09 09 09 09 09 09 09 09 09 2e 66 61 69 6c 28 20 6e 65 77 44 65 66 65 72 2e 72 65 6a 65 63 74 20 29 0a 09 09 09 09 09 09 09 09 09 09 2e 70 72 6f 67 72 65 73 73 28 20 6e 65 77 44 65 66 65 72 2e 6e 6f 74 69 66 79 20 29 3b 0a 09 09 09 09 09 09 09 09
                              Data Ascii: ned = fn && fn.apply( this, arguments );if ( returned && jQuery.isFunction( returned.promise ) ) {returned.promise().done( newDefer.resolve ).fail( newDefer.reject ).progress( newDefer.notify );
                              2022-11-29 18:04:55 UTC591INData Raw: 62 6c 65 2c 20 6e 6f 6e 2d 77 72 69 74 61 62 6c 65 20 70 72 6f 70 65 72 74 79 0a 09 09 09 74 72 79 20 7b 0a 09 09 09 09 64 65 73 63 72 69 70 74 6f 72 5b 20 74 68 69 73 2e 65 78 70 61 6e 64 6f 20 5d 20 3d 20 7b 20 76 61 6c 75 65 3a 20 75 6e 6c 6f 63 6b 20 7d 3b 0a 09 09 09 09 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 28 20 6f 77 6e 65 72 2c 20 64 65 73 63 72 69 70 74 6f 72 20 29 3b 0a 0a 09 09 09 2f 2f 20 53 75 70 70 6f 72 74 3a 20 41 6e 64 72 6f 69 64 20 3c 20 34 0a 09 09 09 2f 2f 20 46 61 6c 6c 62 61 63 6b 20 74 6f 20 61 20 6c 65 73 73 20 73 65 63 75 72 65 20 64 65 66 69 6e 69 74 69 6f 6e 0a 09 09 09 7d 20 63 61 74 63 68 20 28 20 65 20 29 20 7b 0a 09 09 09 09 64 65 73 63 72 69 70 74 6f 72 5b 20 74 68 69 73 2e 65 78 70 61 6e 64
                              Data Ascii: ble, non-writable propertytry {descriptor[ this.expando ] = { value: unlock };Object.defineProperties( owner, descriptor );// Support: Android < 4// Fallback to a less secure definition} catch ( e ) {descriptor[ this.expand
                              2022-11-29 18:04:55 UTC599INData Raw: 6f 66 20 61 6e 79 0a 09 09 09 09 2f 2f 20 64 61 74 61 20 74 68 61 74 20 6d 69 67 68 74 27 76 65 20 62 65 65 6e 20 73 74 6f 72 65 20 77 69 74 68 20 61 20 63 61 6d 65 6c 43 61 73 65 64 20 6b 65 79 2e 0a 09 09 09 09 76 61 72 20 64 61 74 61 20 3d 20 64 61 74 61 5f 75 73 65 72 2e 67 65 74 28 20 74 68 69 73 2c 20 63 61 6d 65 6c 4b 65 79 20 29 3b 0a 0a 09 09 09 09 2f 2f 20 46 6f 72 20 48 54 4d 4c 35 20 64 61 74 61 2d 2a 20 61 74 74 72 69 62 75 74 65 20 69 6e 74 65 72 6f 70 2c 20 77 65 20 68 61 76 65 20 74 6f 0a 09 09 09 09 2f 2f 20 73 74 6f 72 65 20 70 72 6f 70 65 72 74 79 20 6e 61 6d 65 73 20 77 69 74 68 20 64 61 73 68 65 73 20 69 6e 20 61 20 63 61 6d 65 6c 43 61 73 65 20 66 6f 72 6d 2e 0a 09 09 09 09 2f 2f 20 54 68 69 73 20 6d 69 67 68 74 20 6e 6f 74 20 61 70
                              Data Ascii: of any// data that might've been store with a camelCased key.var data = data_user.get( this, camelKey );// For HTML5 data-* attribute interop, we have to// store property names with dashes in a camelCase form.// This might not ap
                              2022-11-29 18:04:55 UTC607INData Raw: 20 49 6e 69 74 20 74 68 65 20 65 76 65 6e 74 20 68 61 6e 64 6c 65 72 20 71 75 65 75 65 20 69 66 20 77 65 27 72 65 20 74 68 65 20 66 69 72 73 74 0a 09 09 09 69 66 20 28 20 21 28 68 61 6e 64 6c 65 72 73 20 3d 20 65 76 65 6e 74 73 5b 20 74 79 70 65 20 5d 29 20 29 20 7b 0a 09 09 09 09 68 61 6e 64 6c 65 72 73 20 3d 20 65 76 65 6e 74 73 5b 20 74 79 70 65 20 5d 20 3d 20 5b 5d 3b 0a 09 09 09 09 68 61 6e 64 6c 65 72 73 2e 64 65 6c 65 67 61 74 65 43 6f 75 6e 74 20 3d 20 30 3b 0a 0a 09 09 09 09 2f 2f 20 4f 6e 6c 79 20 75 73 65 20 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 20 69 66 20 74 68 65 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 73 20 68 61 6e 64 6c 65 72 20 72 65 74 75 72 6e 73 20 66 61 6c 73 65 0a 09 09 09 09 69 66 20 28 20 21 73 70 65 63 69 61 6c 2e 73
                              Data Ascii: Init the event handler queue if we're the firstif ( !(handlers = events[ type ]) ) {handlers = events[ type ] = [];handlers.delegateCount = 0;// Only use addEventListener if the special events handler returns falseif ( !special.s
                              2022-11-29 18:04:55 UTC615INData Raw: 51 75 65 72 79 2e 65 76 65 6e 74 2e 68 61 6e 64 6c 65 72 73 2e 63 61 6c 6c 28 20 74 68 69 73 2c 20 65 76 65 6e 74 2c 20 68 61 6e 64 6c 65 72 73 20 29 3b 0a 0a 09 09 2f 2f 20 52 75 6e 20 64 65 6c 65 67 61 74 65 73 20 66 69 72 73 74 3b 20 74 68 65 79 20 6d 61 79 20 77 61 6e 74 20 74 6f 20 73 74 6f 70 20 70 72 6f 70 61 67 61 74 69 6f 6e 20 62 65 6e 65 61 74 68 20 75 73 0a 09 09 69 20 3d 20 30 3b 0a 09 09 77 68 69 6c 65 20 28 20 28 6d 61 74 63 68 65 64 20 3d 20 68 61 6e 64 6c 65 72 51 75 65 75 65 5b 20 69 2b 2b 20 5d 29 20 26 26 20 21 65 76 65 6e 74 2e 69 73 50 72 6f 70 61 67 61 74 69 6f 6e 53 74 6f 70 70 65 64 28 29 20 29 20 7b 0a 09 09 09 65 76 65 6e 74 2e 63 75 72 72 65 6e 74 54 61 72 67 65 74 20 3d 20 6d 61 74 63 68 65 64 2e 65 6c 65 6d 3b 0a 0a 09 09 09
                              Data Ascii: Query.event.handlers.call( this, event, handlers );// Run delegates first; they may want to stop propagation beneath usi = 0;while ( (matched = handlerQueue[ i++ ]) && !event.isPropagationStopped() ) {event.currentTarget = matched.elem;
                              2022-11-29 18:04:55 UTC623INData Raw: 09 2f 2f 20 4d 61 72 6b 20 69 74 20 61 73 20 66 69 78 65 64 0a 09 74 68 69 73 5b 20 6a 51 75 65 72 79 2e 65 78 70 61 6e 64 6f 20 5d 20 3d 20 74 72 75 65 3b 0a 7d 3b 0a 0a 2f 2f 20 6a 51 75 65 72 79 2e 45 76 65 6e 74 20 69 73 20 62 61 73 65 64 20 6f 6e 20 44 4f 4d 33 20 45 76 65 6e 74 73 20 61 73 20 73 70 65 63 69 66 69 65 64 20 62 79 20 74 68 65 20 45 43 4d 41 53 63 72 69 70 74 20 4c 61 6e 67 75 61 67 65 20 42 69 6e 64 69 6e 67 0a 2f 2f 20 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 32 30 30 33 2f 57 44 2d 44 4f 4d 2d 4c 65 76 65 6c 2d 33 2d 45 76 65 6e 74 73 2d 32 30 30 33 30 33 33 31 2f 65 63 6d 61 2d 73 63 72 69 70 74 2d 62 69 6e 64 69 6e 67 2e 68 74 6d 6c 0a 6a 51 75 65 72 79 2e 45 76 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 20 3d 20
                              Data Ascii: // Mark it as fixedthis[ jQuery.expando ] = true;};// jQuery.Event is based on DOM3 Events as specified by the ECMAScript Language Binding// http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.htmljQuery.Event.prototype =
                              2022-11-29 18:04:55 UTC631INData Raw: 72 63 20 29 3b 0a 09 09 75 64 61 74 61 43 75 72 20 3d 20 6a 51 75 65 72 79 2e 65 78 74 65 6e 64 28 20 7b 7d 2c 20 75 64 61 74 61 4f 6c 64 20 29 3b 0a 0a 09 09 64 61 74 61 5f 75 73 65 72 2e 73 65 74 28 20 64 65 73 74 2c 20 75 64 61 74 61 43 75 72 20 29 3b 0a 09 7d 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 67 65 74 41 6c 6c 28 20 63 6f 6e 74 65 78 74 2c 20 74 61 67 20 29 20 7b 0a 09 76 61 72 20 72 65 74 20 3d 20 63 6f 6e 74 65 78 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 20 3f 20 63 6f 6e 74 65 78 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 20 74 61 67 20 7c 7c 20 22 2a 22 20 29 20 3a 0a 09 09 09 63 6f 6e 74 65 78 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 20 3f 20 63 6f 6e 74 65 78 74 2e 71 75 65 72
                              Data Ascii: rc );udataCur = jQuery.extend( {}, udataOld );data_user.set( dest, udataCur );}}function getAll( context, tag ) {var ret = context.getElementsByTagName ? context.getElementsByTagName( tag || "*" ) :context.querySelectorAll ? context.quer
                              2022-11-29 18:04:55 UTC638INData Raw: 20 72 78 68 74 6d 6c 54 61 67 2c 20 22 3c 24 31 3e 3c 2f 24 32 3e 22 20 29 3b 0a 0a 09 09 09 09 74 72 79 20 7b 0a 09 09 09 09 09 66 6f 72 20 28 20 3b 20 69 20 3c 20 6c 3b 20 69 2b 2b 20 29 20 7b 0a 09 09 09 09 09 09 65 6c 65 6d 20 3d 20 74 68 69 73 5b 20 69 20 5d 20 7c 7c 20 7b 7d 3b 0a 0a 09 09 09 09 09 09 2f 2f 20 52 65 6d 6f 76 65 20 65 6c 65 6d 65 6e 74 20 6e 6f 64 65 73 20 61 6e 64 20 70 72 65 76 65 6e 74 20 6d 65 6d 6f 72 79 20 6c 65 61 6b 73 0a 09 09 09 09 09 09 69 66 20 28 20 65 6c 65 6d 2e 6e 6f 64 65 54 79 70 65 20 3d 3d 3d 20 31 20 29 20 7b 0a 09 09 09 09 09 09 09 6a 51 75 65 72 79 2e 63 6c 65 61 6e 44 61 74 61 28 20 67 65 74 41 6c 6c 28 20 65 6c 65 6d 2c 20 66 61 6c 73 65 20 29 20 29 3b 0a 09 09 09 09 09 09 09 65 6c 65 6d 2e 69 6e 6e 65 72 48
                              Data Ascii: rxhtmlTag, "<$1></$2>" );try {for ( ; i < l; i++ ) {elem = this[ i ] || {};// Remove element nodes and prevent memory leaksif ( elem.nodeType === 1 ) {jQuery.cleanData( getAll( elem, false ) );elem.innerH
                              2022-11-29 18:04:55 UTC646INData Raw: 7d 0a 0a 09 64 69 76 2e 73 74 79 6c 65 2e 62 61 63 6b 67 72 6f 75 6e 64 43 6c 69 70 20 3d 20 22 63 6f 6e 74 65 6e 74 2d 62 6f 78 22 3b 0a 09 64 69 76 2e 63 6c 6f 6e 65 4e 6f 64 65 28 20 74 72 75 65 20 29 2e 73 74 79 6c 65 2e 62 61 63 6b 67 72 6f 75 6e 64 43 6c 69 70 20 3d 20 22 22 3b 0a 09 73 75 70 70 6f 72 74 2e 63 6c 65 61 72 43 6c 6f 6e 65 53 74 79 6c 65 20 3d 20 64 69 76 2e 73 74 79 6c 65 2e 62 61 63 6b 67 72 6f 75 6e 64 43 6c 69 70 20 3d 3d 3d 20 22 63 6f 6e 74 65 6e 74 2d 62 6f 78 22 3b 0a 0a 09 63 6f 6e 74 61 69 6e 65 72 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 20 3d 20 22 62 6f 72 64 65 72 3a 30 3b 77 69 64 74 68 3a 30 3b 68 65 69 67 68 74 3a 30 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 2d 39 39 39 39 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 70 78
                              Data Ascii: }div.style.backgroundClip = "content-box";div.cloneNode( true ).style.backgroundClip = "";support.clearCloneStyle = div.style.backgroundClip === "content-box";container.style.cssText = "border:0;width:0;height:0;top:0;left:-9999px;margin-top:1px
                              2022-11-29 18:04:55 UTC654INData Raw: 6f 6c 64 64 69 73 70 6c 61 79 22 2c 20 64 65 66 61 75 6c 74 44 69 73 70 6c 61 79 28 65 6c 65 6d 2e 6e 6f 64 65 4e 61 6d 65 29 20 29 3b 0a 09 09 09 7d 0a 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 68 69 64 64 65 6e 20 3d 20 69 73 48 69 64 64 65 6e 28 20 65 6c 65 6d 20 29 3b 0a 0a 09 09 09 69 66 20 28 20 64 69 73 70 6c 61 79 20 21 3d 3d 20 22 6e 6f 6e 65 22 20 7c 7c 20 21 68 69 64 64 65 6e 20 29 20 7b 0a 09 09 09 09 64 61 74 61 5f 70 72 69 76 2e 73 65 74 28 20 65 6c 65 6d 2c 20 22 6f 6c 64 64 69 73 70 6c 61 79 22 2c 20 68 69 64 64 65 6e 20 3f 20 64 69 73 70 6c 61 79 20 3a 20 6a 51 75 65 72 79 2e 63 73 73 28 20 65 6c 65 6d 2c 20 22 64 69 73 70 6c 61 79 22 20 29 20 29 3b 0a 09 09 09 7d 0a 09 09 7d 0a 09 7d 0a 0a 09 2f 2f 20 53 65 74 20 74 68 65 20 64 69 73 70
                              Data Ascii: olddisplay", defaultDisplay(elem.nodeName) );}} else {hidden = isHidden( elem );if ( display !== "none" || !hidden ) {data_priv.set( elem, "olddisplay", hidden ? display : jQuery.css( elem, "display" ) );}}}// Set the disp
                              2022-11-29 18:04:55 UTC662INData Raw: 74 68 69 73 2e 70 72 6f 70 20 5d 3b 0a 0a 09 09 72 65 74 75 72 6e 20 68 6f 6f 6b 73 20 26 26 20 68 6f 6f 6b 73 2e 67 65 74 20 3f 0a 09 09 09 68 6f 6f 6b 73 2e 67 65 74 28 20 74 68 69 73 20 29 20 3a 0a 09 09 09 54 77 65 65 6e 2e 70 72 6f 70 48 6f 6f 6b 73 2e 5f 64 65 66 61 75 6c 74 2e 67 65 74 28 20 74 68 69 73 20 29 3b 0a 09 7d 2c 0a 09 72 75 6e 3a 20 66 75 6e 63 74 69 6f 6e 28 20 70 65 72 63 65 6e 74 20 29 20 7b 0a 09 09 76 61 72 20 65 61 73 65 64 2c 0a 09 09 09 68 6f 6f 6b 73 20 3d 20 54 77 65 65 6e 2e 70 72 6f 70 48 6f 6f 6b 73 5b 20 74 68 69 73 2e 70 72 6f 70 20 5d 3b 0a 0a 09 09 69 66 20 28 20 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 64 75 72 61 74 69 6f 6e 20 29 20 7b 0a 09 09 09 74 68 69 73 2e 70 6f 73 20 3d 20 65 61 73 65 64 20 3d 20 6a 51 75 65 72
                              Data Ascii: this.prop ];return hooks && hooks.get ?hooks.get( this ) :Tween.propHooks._default.get( this );},run: function( percent ) {var eased,hooks = Tween.propHooks[ this.prop ];if ( this.options.duration ) {this.pos = eased = jQuer
                              2022-11-29 18:04:55 UTC671INData Raw: 63 74 28 20 6f 72 69 67 20 29 20 29 20 7b 0a 09 09 69 66 20 28 20 64 61 74 61 53 68 6f 77 20 29 20 7b 0a 09 09 09 69 66 20 28 20 22 68 69 64 64 65 6e 22 20 69 6e 20 64 61 74 61 53 68 6f 77 20 29 20 7b 0a 09 09 09 09 68 69 64 64 65 6e 20 3d 20 64 61 74 61 53 68 6f 77 2e 68 69 64 64 65 6e 3b 0a 09 09 09 7d 0a 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 64 61 74 61 53 68 6f 77 20 3d 20 64 61 74 61 5f 70 72 69 76 2e 61 63 63 65 73 73 28 20 65 6c 65 6d 2c 20 22 66 78 73 68 6f 77 22 2c 20 7b 7d 20 29 3b 0a 09 09 7d 0a 0a 09 09 2f 2f 20 73 74 6f 72 65 20 73 74 61 74 65 20 69 66 20 69 74 73 20 74 6f 67 67 6c 65 20 2d 20 65 6e 61 62 6c 65 73 20 2e 73 74 6f 70 28 29 2e 74 6f 67 67 6c 65 28 29 20 74 6f 20 22 72 65 76 65 72 73 65 22 0a 09 09 69 66 20 28 20 74 6f 67 67
                              Data Ascii: ct( orig ) ) {if ( dataShow ) {if ( "hidden" in dataShow ) {hidden = dataShow.hidden;}} else {dataShow = data_priv.access( elem, "fxshow", {} );}// store state if its toggle - enables .stop().toggle() to "reverse"if ( togg
                              2022-11-29 18:04:55 UTC679INData Raw: 6e 64 65 78 20 3d 20 74 69 6d 65 72 73 2e 6c 65 6e 67 74 68 3b 20 69 6e 64 65 78 2d 2d 3b 20 29 20 7b 0a 09 09 09 09 69 66 20 28 20 74 69 6d 65 72 73 5b 20 69 6e 64 65 78 20 5d 2e 65 6c 65 6d 20 3d 3d 3d 20 74 68 69 73 20 26 26 20 28 74 79 70 65 20 3d 3d 20 6e 75 6c 6c 20 7c 7c 20 74 69 6d 65 72 73 5b 20 69 6e 64 65 78 20 5d 2e 71 75 65 75 65 20 3d 3d 3d 20 74 79 70 65 29 20 29 20 7b 0a 09 09 09 09 09 74 69 6d 65 72 73 5b 20 69 6e 64 65 78 20 5d 2e 61 6e 69 6d 2e 73 74 6f 70 28 20 67 6f 74 6f 45 6e 64 20 29 3b 0a 09 09 09 09 09 64 65 71 75 65 75 65 20 3d 20 66 61 6c 73 65 3b 0a 09 09 09 09 09 74 69 6d 65 72 73 2e 73 70 6c 69 63 65 28 20 69 6e 64 65 78 2c 20 31 20 29 3b 0a 09 09 09 09 7d 0a 09 09 09 7d 0a 0a 09 09 09 2f 2f 20 73 74 61 72 74 20 74 68 65 20
                              Data Ascii: ndex = timers.length; index--; ) {if ( timers[ index ].elem === this && (type == null || timers[ index ].queue === type) ) {timers[ index ].anim.stop( gotoEnd );dequeue = false;timers.splice( index, 1 );}}// start the
                              2022-11-29 18:04:55 UTC687INData Raw: 6e 61 6d 65 20 5d 20 7c 7c 20 6e 61 6d 65 20 5d 3b 0a 09 09 7d 29 3b 0a 09 7d 0a 7d 29 3b 0a 0a 6a 51 75 65 72 79 2e 65 78 74 65 6e 64 28 7b 0a 09 70 72 6f 70 46 69 78 3a 20 7b 0a 09 09 22 66 6f 72 22 3a 20 22 68 74 6d 6c 46 6f 72 22 2c 0a 09 09 22 63 6c 61 73 73 22 3a 20 22 63 6c 61 73 73 4e 61 6d 65 22 0a 09 7d 2c 0a 0a 09 70 72 6f 70 3a 20 66 75 6e 63 74 69 6f 6e 28 20 65 6c 65 6d 2c 20 6e 61 6d 65 2c 20 76 61 6c 75 65 20 29 20 7b 0a 09 09 76 61 72 20 72 65 74 2c 20 68 6f 6f 6b 73 2c 20 6e 6f 74 78 6d 6c 2c 0a 09 09 09 6e 54 79 70 65 20 3d 20 65 6c 65 6d 2e 6e 6f 64 65 54 79 70 65 3b 0a 0a 09 09 2f 2f 20 64 6f 6e 27 74 20 67 65 74 2f 73 65 74 20 70 72 6f 70 65 72 74 69 65 73 20 6f 6e 20 74 65 78 74 2c 20 63 6f 6d 6d 65 6e 74 20 61 6e 64 20 61 74 74 72
                              Data Ascii: name ] || name ];});}});jQuery.extend({propFix: {"for": "htmlFor","class": "className"},prop: function( elem, name, value ) {var ret, hooks, notxml,nType = elem.nodeType;// don't get/set properties on text, comment and attr
                              2022-11-29 18:04:55 UTC695INData Raw: 64 69 73 61 62 6c 65 64 20 7c 7c 20 21 6a 51 75 65 72 79 2e 6e 6f 64 65 4e 61 6d 65 28 20 6f 70 74 69 6f 6e 2e 70 61 72 65 6e 74 4e 6f 64 65 2c 20 22 6f 70 74 67 72 6f 75 70 22 20 29 20 29 20 29 20 7b 0a 0a 09 09 09 09 09 09 2f 2f 20 47 65 74 20 74 68 65 20 73 70 65 63 69 66 69 63 20 76 61 6c 75 65 20 66 6f 72 20 74 68 65 20 6f 70 74 69 6f 6e 0a 09 09 09 09 09 09 76 61 6c 75 65 20 3d 20 6a 51 75 65 72 79 28 20 6f 70 74 69 6f 6e 20 29 2e 76 61 6c 28 29 3b 0a 0a 09 09 09 09 09 09 2f 2f 20 57 65 20 64 6f 6e 27 74 20 6e 65 65 64 20 61 6e 20 61 72 72 61 79 20 66 6f 72 20 6f 6e 65 20 73 65 6c 65 63 74 73 0a 09 09 09 09 09 09 69 66 20 28 20 6f 6e 65 20 29 20 7b 0a 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 76 61 6c 75 65 3b 0a 09 09 09 09 09 09 7d 0a 0a 09 09 09
                              Data Ascii: disabled || !jQuery.nodeName( option.parentNode, "optgroup" ) ) ) {// Get the specific value for the optionvalue = jQuery( option ).val();// We don't need an array for one selectsif ( one ) {return value;}
                              2022-11-29 18:04:55 UTC703INData Raw: 72 73 74 44 61 74 61 54 79 70 65 20 3d 20 74 79 70 65 3b 0a 09 09 09 7d 0a 09 09 7d 0a 09 09 2f 2f 20 4f 72 20 6a 75 73 74 20 75 73 65 20 66 69 72 73 74 20 6f 6e 65 0a 09 09 66 69 6e 61 6c 44 61 74 61 54 79 70 65 20 3d 20 66 69 6e 61 6c 44 61 74 61 54 79 70 65 20 7c 7c 20 66 69 72 73 74 44 61 74 61 54 79 70 65 3b 0a 09 7d 0a 0a 09 2f 2f 20 49 66 20 77 65 20 66 6f 75 6e 64 20 61 20 64 61 74 61 54 79 70 65 0a 09 2f 2f 20 57 65 20 61 64 64 20 74 68 65 20 64 61 74 61 54 79 70 65 20 74 6f 20 74 68 65 20 6c 69 73 74 20 69 66 20 6e 65 65 64 65 64 0a 09 2f 2f 20 61 6e 64 20 72 65 74 75 72 6e 20 74 68 65 20 63 6f 72 72 65 73 70 6f 6e 64 69 6e 67 20 72 65 73 70 6f 6e 73 65 0a 09 69 66 20 28 20 66 69 6e 61 6c 44 61 74 61 54 79 70 65 20 29 20 7b 0a 09 09 69 66 20 28
                              Data Ascii: rstDataType = type;}}// Or just use first onefinalDataType = finalDataType || firstDataType;}// If we found a dataType// We add the dataType to the list if needed// and return the corresponding responseif ( finalDataType ) {if (
                              2022-11-29 18:04:55 UTC710INData Raw: 3d 20 6a 71 58 48 52 2e 64 6f 6e 65 3b 0a 09 09 6a 71 58 48 52 2e 65 72 72 6f 72 20 3d 20 6a 71 58 48 52 2e 66 61 69 6c 3b 0a 0a 09 09 2f 2f 20 52 65 6d 6f 76 65 20 68 61 73 68 20 63 68 61 72 61 63 74 65 72 20 28 23 37 35 33 31 3a 20 61 6e 64 20 73 74 72 69 6e 67 20 70 72 6f 6d 6f 74 69 6f 6e 29 0a 09 09 2f 2f 20 41 64 64 20 70 72 6f 74 6f 63 6f 6c 20 69 66 20 6e 6f 74 20 70 72 6f 76 69 64 65 64 20 28 70 72 65 66 69 6c 74 65 72 73 20 6d 69 67 68 74 20 65 78 70 65 63 74 20 69 74 29 0a 09 09 2f 2f 20 48 61 6e 64 6c 65 20 66 61 6c 73 79 20 75 72 6c 20 69 6e 20 74 68 65 20 73 65 74 74 69 6e 67 73 20 6f 62 6a 65 63 74 20 28 23 31 30 30 39 33 3a 20 63 6f 6e 73 69 73 74 65 6e 63 79 20 77 69 74 68 20 6f 6c 64 20 73 69 67 6e 61 74 75 72 65 29 0a 09 09 2f 2f 20 57
                              Data Ascii: = jqXHR.done;jqXHR.error = jqXHR.fail;// Remove hash character (#7531: and string promotion)// Add protocol if not provided (prefilters might expect it)// Handle falsy url in the settings object (#10093: consistency with old signature)// W
                              2022-11-29 18:04:55 UTC718INData Raw: 74 61 2c 20 63 61 6c 6c 62 61 63 6b 2c 20 74 79 70 65 20 29 20 7b 0a 09 09 2f 2f 20 73 68 69 66 74 20 61 72 67 75 6d 65 6e 74 73 20 69 66 20 64 61 74 61 20 61 72 67 75 6d 65 6e 74 20 77 61 73 20 6f 6d 69 74 74 65 64 0a 09 09 69 66 20 28 20 6a 51 75 65 72 79 2e 69 73 46 75 6e 63 74 69 6f 6e 28 20 64 61 74 61 20 29 20 29 20 7b 0a 09 09 09 74 79 70 65 20 3d 20 74 79 70 65 20 7c 7c 20 63 61 6c 6c 62 61 63 6b 3b 0a 09 09 09 63 61 6c 6c 62 61 63 6b 20 3d 20 64 61 74 61 3b 0a 09 09 09 64 61 74 61 20 3d 20 75 6e 64 65 66 69 6e 65 64 3b 0a 09 09 7d 0a 0a 09 09 72 65 74 75 72 6e 20 6a 51 75 65 72 79 2e 61 6a 61 78 28 7b 0a 09 09 09 75 72 6c 3a 20 75 72 6c 2c 0a 09 09 09 74 79 70 65 3a 20 6d 65 74 68 6f 64 2c 0a 09 09 09 64 61 74 61 54 79 70 65 3a 20 74 79 70 65 2c
                              Data Ascii: ta, callback, type ) {// shift arguments if data argument was omittedif ( jQuery.isFunction( data ) ) {type = type || callback;callback = data;data = undefined;}return jQuery.ajax({url: url,type: method,dataType: type,
                              2022-11-29 18:04:55 UTC726INData Raw: 20 74 68 72 6f 77 73 20 61 6e 20 65 78 63 65 70 74 69 6f 6e 0a 09 09 09 09 09 09 09 09 09 2f 2f 20 28 23 31 31 34 32 36 29 0a 09 09 09 09 09 09 09 09 09 74 79 70 65 6f 66 20 78 68 72 2e 72 65 73 70 6f 6e 73 65 54 65 78 74 20 3d 3d 3d 20 22 73 74 72 69 6e 67 22 20 3f 20 7b 0a 09 09 09 09 09 09 09 09 09 09 74 65 78 74 3a 20 78 68 72 2e 72 65 73 70 6f 6e 73 65 54 65 78 74 0a 09 09 09 09 09 09 09 09 09 7d 20 3a 20 75 6e 64 65 66 69 6e 65 64 2c 0a 09 09 09 09 09 09 09 09 09 78 68 72 2e 67 65 74 41 6c 6c 52 65 73 70 6f 6e 73 65 48 65 61 64 65 72 73 28 29 0a 09 09 09 09 09 09 09 09 29 3b 0a 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 7d 0a 09 09 09 09 09 7d 3b 0a 09 09 09 09 7d 3b 0a 0a 09 09 09 09 2f 2f 20 4c 69 73 74 65 6e 20 74 6f 20 65 76 65 6e 74 73 0a 09
                              Data Ascii: throws an exception// (#11426)typeof xhr.responseText === "string" ? {text: xhr.responseText} : undefined,xhr.getAllResponseHeaders());}}};};// Listen to events
                              2022-11-29 18:04:55 UTC734INData Raw: 7d 0a 0a 09 09 69 66 20 28 20 6a 51 75 65 72 79 2e 69 73 46 75 6e 63 74 69 6f 6e 28 20 6f 70 74 69 6f 6e 73 20 29 20 29 20 7b 0a 09 09 09 6f 70 74 69 6f 6e 73 20 3d 20 6f 70 74 69 6f 6e 73 2e 63 61 6c 6c 28 20 65 6c 65 6d 2c 20 69 2c 20 63 75 72 4f 66 66 73 65 74 20 29 3b 0a 09 09 7d 0a 0a 09 09 69 66 20 28 20 6f 70 74 69 6f 6e 73 2e 74 6f 70 20 21 3d 20 6e 75 6c 6c 20 29 20 7b 0a 09 09 09 70 72 6f 70 73 2e 74 6f 70 20 3d 20 28 20 6f 70 74 69 6f 6e 73 2e 74 6f 70 20 2d 20 63 75 72 4f 66 66 73 65 74 2e 74 6f 70 20 29 20 2b 20 63 75 72 54 6f 70 3b 0a 09 09 7d 0a 09 09 69 66 20 28 20 6f 70 74 69 6f 6e 73 2e 6c 65 66 74 20 21 3d 20 6e 75 6c 6c 20 29 20 7b 0a 09 09 09 70 72 6f 70 73 2e 6c 65 66 74 20 3d 20 28 20 6f 70 74 69 6f 6e 73 2e 6c 65 66 74 20 2d 20 63
                              Data Ascii: }if ( jQuery.isFunction( options ) ) {options = options.call( elem, i, curOffset );}if ( options.top != null ) {props.top = ( options.top - curOffset.top ) + curTop;}if ( options.left != null ) {props.left = ( options.left - c


                              Statistics

                              CPU Usage

                              Click to jump to process

                              Memory Usage

                              Click to jump to process

                              High Level Behavior Distribution

                              Click to dive into process behavior distribution

                              Behavior

                              Click to jump to process

                              System Behavior

                              General

                              Target ID:0
                              Start time:19:04:46
                              Start date:29/11/2022
                              Path:C:\Windows\SysWOW64\cmd.exe
                              Wow64 process (32bit):true
                              Commandline:C:\Windows\system32\cmd.exe /c wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s" > cmdline.out 2>&1
                              Imagebase:0xb0000
                              File size:232960 bytes
                              MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low

                              General

                              Target ID:1
                              Start time:19:04:46
                              Start date:29/11/2022
                              Path:C:\Windows\System32\conhost.exe
                              Wow64 process (32bit):false
                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                              Imagebase:0x7ff745070000
                              File size:625664 bytes
                              MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low

                              General

                              Target ID:2
                              Start time:19:04:46
                              Start date:29/11/2022
                              Path:C:\Windows\SysWOW64\wget.exe
                              Wow64 process (32bit):true
                              Commandline:wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://b6dj2ueylkg.juraganrc.com/?url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s"
                              Imagebase:0x400000
                              File size:3895184 bytes
                              MD5 hash:3DADB6E2ECE9C4B3E1E322E617658B60
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low

                              General

                              Target ID:3
                              Start time:19:04:49
                              Start date:29/11/2022
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\download\index.html@url=aHR0cHM6Ly9ob2xseS1sYXZlbmRlci1yYXR0bGVzbmFrZS5nbGl0Y2gubWUvdmlsZC5odG1s.html
                              Imagebase:0x7ff614650000
                              File size:2851656 bytes
                              MD5 hash:0FEC2748F363150DC54C1CAFFB1A9408
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low

                              General

                              Target ID:4
                              Start time:19:04:50
                              Start date:29/11/2022
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1616,i,5292400896411780733,13825633785752334259,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff614650000
                              File size:2851656 bytes
                              MD5 hash:0FEC2748F363150DC54C1CAFFB1A9408
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low

                              Disassembly

                              Reset < >

                                Non-executed Functions

                                Function 02BE0080 Relevance: .7, Instructions: 724COMMON
                                Download Yara Rule
                                Memory Dump Source
                                • Source File: 00000002.00000002.238067535.0000000002BE0000.00000004.00000800.00020000.00000000.sdmp, Offset: 02BE0000, based on PE: false
                                Joe Sandbox IDA Plugin
                                • Snapshot File: hcaresult_2_2_2be0000_wget.jbxd
                                Similarity
                                • API ID:
                                • String ID:
                                • API String ID:
                                • Opcode ID: 471ab732cc85117b129b8b316bcb0c39c7d7cc28edf1c826a82f9102e0613306
                                • Instruction ID: 2298b508bb534a8a5deaef593fcf2ba466c63d934c4723ecbae0a09473ffb74d
                                • Opcode Fuzzy Hash: 471ab732cc85117b129b8b316bcb0c39c7d7cc28edf1c826a82f9102e0613306
                                • Instruction Fuzzy Hash: BB523D2285E7E08FD7138774C8AA7817FB19F07310F1E49DAC4959F4E3D2A8984AC756
                                Uniqueness

                                Uniqueness Score: -1.00%