Edit tour

Windows Analysis Report
https://storage.googleapis.com/bdlinkmanager/TSTATTFDYHS_UJG.html

Overview

General Information

Sample URL:	https://storage.googleapis.com/bdlinkmanager/TSTATTFDYHS_UJG.html
Analysis ID:	1348255
Infos:

Detection

GRQ Scam, Phisher

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Yara detected Phisher

Yara detected GRQ Scam

Antivirus detection for URL or domain

Stores files to the Windows start menu directory

Creates files inside the system directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64

chrome.exe (PID: 6128 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4324 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2220,i,6617707891209174409,3735623123366737918,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4764 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" "https://storage.googleapis.com/bdlinkmanager/TSTATTFDYHS_UJG.html MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_94	JoeSecurity_Phisher_1	Yara detected Phisher	Joe Security

HTML

Source	Rule	Description	Author
3.5.pages.csv	JoeSecurity_GRQScam	Yara detected GRQ Scam	Joe Security
3.3.pages.csv	JoeSecurity_GRQScam	Yara detected GRQ Scam	Joe Security
3.7.pages.csv	JoeSecurity_GRQScam	Yara detected GRQ Scam	Joe Security
3.2.pages.csv	JoeSecurity_GRQScam	Yara detected GRQ Scam	Joe Security
3.6.pages.csv	JoeSecurity_GRQScam	Yara detected GRQ Scam	Joe Security

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=Ef5vPFGw-MZYo5hwe-0ThAVslbxbmvdVZwcHnqVzWHAU14v53MN1VvwvQq8baYfg2-IAtqZBV5NOL5rvj2NWIqrz377UhLdHtOgE-tJaBlUBYJEhuGsQdqni3oTJg0brqv1djdiLJyvTSUhdK-c5JWadCSsULPLzhSx-F-6wOg4

Source: unknown	HTTPS traffic detected: 2.22.76.127:443 -> 192.168.2.5:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.22.76.127:443 -> 192.168.2.5:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49781 version: TLS 1.2

Spam, unwanted Advertisements and Ransom Demands

Yara detected GRQ Scam

Source: Yara match	File source: 3.5.pages.csv, type: HTML
Source: Yara match	File source: 3.3.pages.csv, type: HTML
Source: Yara match	File source: 3.7.pages.csv, type: HTML
Source: Yara match	File source: 3.2.pages.csv, type: HTML
Source: Yara match	File source: 3.6.pages.csv, type: HTML

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_6128_1043036991

Jump to behavior

Source: classification engine

Classification label: mal72.phis.win@26/47@37/15

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2220,i,6617707891209174409,3735623123366737918,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "https://storage.googleapis.com/bdlinkmanager/TSTATTFDYHS_UJG.html
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2220,i,6617707891209174409,3735623123366737918,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: agree
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: agree

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact	Resource Development	Reconnaissance
Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	11 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	1 Encrypted Channel	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Abuse Accessibility Features	Acquire Infrastructure	Gather Victim Identity Information
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	3 Non-Application Layer Protocol	SIM Card Swap	Obtain Device Cloud Backups	Network Denial of Service	Domains	Credentials
Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	4 Application Layer Protocol			Data Encrypted for Impact	DNS Server	Email Addresses
Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Traffic Duplication	1 Ingress Tool Transfer			Data Destruction	Virtual Private Server	Employee Names

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://storage.googleapis.com/bdlinkmanager/TSTATTFDYHS_UJG.html	0%	Avira URL Cloud	safe
https://storage.googleapis.com/bdlinkmanager/TSTATTFDYHS_UJG.html	1%	Virustotal		Browse
https://storage.googleapis.com/bdlinkmanager/TSTATTFDYHS_UJG.html	100%	SlashNext	Fraudulent Website type: Phishing & Social Engineering

Source	Detection	Scanner	Link
govwlfeloony.com	1%	Virustotal	Browse
svylst.com	0%	Virustotal	Browse
pushrev.neptuneadspush.com	0%	Virustotal	Browse
www.govwlfeloony.com	0%	Virustotal	Browse
pushlite.neptuneadspush.com	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label	Link
https://pushrev.neptuneadspush.com/javascripts/trackpush-v2-cm.js	0%	Avira URL Cloud	safe
https://sofa.thriveuniversehq.com/people/5.jpg	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/people/1.jpg	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/people/4.jpg	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/assets/images/state-farm-drake-2021.jpg	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/assets/bootstrap/dist/css/bootstrap.min.css	100%	Avira URL Cloud	phishing
https://pushrev.neptuneadspush.com/javascripts/trackpush-v2-cm.js	0%	Virustotal		Browse
https://sofa.thriveuniversehq.com/utils/banners/images/2023-months/2023-11.png?v=1	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/assets/images/State-Farm-Logo.png	100%	Avira URL Cloud	phishing
https://www.govwlfeloony.com/2FRNJG5BQ/GZHBQPR/	0%	Avira URL Cloud	safe
https://sofa.thriveuniversehq.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/service_worker.js	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/images/a-favicon.ico	100%	Avira URL Cloud	phishing
https://svylst.com/favicon.ico	0%	Avira URL Cloud	safe
https://svylst.com/aff_c?offer_id=437&aff_id=1189&aff_sub=statefarm2&aff_sub2=a0e14b7d50354470b5133d0848e58a95&aff_sub3=704753&aff_sub4=&view=fb31fd86985514de1142f2f6b3bcea13_0	0%	Avira URL Cloud	safe
https://sofa.thriveuniversehq.com/people/3.jpg	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/assets/js/scripts-w14-t-f-qc-v2-fst-ri.js?v=5.40&cc=us	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/favicon.ico	100%	Avira URL Cloud	phishing
https://pushlite.neptuneadspush.com	0%	Avira URL Cloud	safe
https://www.govwlfeloony.com/2FRNJG5BQ/GZHBQPR/	0%	Virustotal		Browse
https://pushlite.neptuneadspush.com/javascripts/service_worker.js?v1	0%	Avira URL Cloud	safe
https://pushlite.neptuneadspush.com	0%	Virustotal		Browse
http://getbootstrap.com)	0%	Avira URL Cloud	safe
http://svylst.com/favicon.ico	0%	Avira URL Cloud	safe
https://sofa.thriveuniversehq.com/assets/js/mobile-detect.js-master/mobile-detect.min.js	100%	Avira URL Cloud	phishing
http://svylst.com/js/ads.js	0%	Avira URL Cloud	safe
https://sofa.thriveuniversehq.com/assets/bootstrap/dist/js/bootstrap.min.js	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/js/fingerprintjs2/1.5.0/fingerprint2.min.js	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/manifest.json	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/people/2.jpg	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/utils/banners/banner-bf.js?v=1.04	100%	Avira URL Cloud	phishing
https://sofa.thriveuniversehq.com/assets/js/ads.js	100%	Avira URL Cloud	phishing
http://svylst.com/favicon.ico	0%	Virustotal		Browse
https://pushlite.neptuneadspush.com/javascripts/service_worker.js?v1	0%	Virustotal		Browse

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
govwlfeloony.com	38.62.240.122	true	false	1%, Virustotal, Browse	unknown
a.nel.cloudflare.com	35.190.80.1	true	false		high
accounts.google.com	172.253.63.84	true	false		high
svylst.com	104.21.78.140	true	false	0%, Virustotal, Browse	unknown
www.google.com	142.251.167.104	true	false		high
clients.l.google.com	142.251.179.100	true	false		high
sofa.thriveuniversehq.com	104.21.1.7	true	false		unknown
stun.l.google.com	142.250.112.127	true	false		high
pushlite.neptuneadspush.com	172.64.100.6	true	false	0%, Virustotal, Browse	unknown
pushrev.neptuneadspush.com	172.64.100.6	true	false	0%, Virustotal, Browse	unknown
clients1.google.com	unknown	unknown	false		high
www.govwlfeloony.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
clients2.google.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://sofa.thriveuniversehq.com/people/5.jpg	false	Avira URL Cloud: phishing	unknown
https://pushrev.neptuneadspush.com/javascripts/trackpush-v2-cm.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://sofa.thriveuniversehq.com/s3/terms/terms.php	false		unknown
https://sofa.thriveuniversehq.com/people/1.jpg	false	Avira URL Cloud: phishing	unknown
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard	false		high
https://www.google.com/images/icons/product/cloud_storage-32.png	false		high
https://clients1.google.com/tools/pso/ping?as=chrome&brand=ONGR&pid=&hl=en&events=C1I,C2I,C7I,C1S,C7S&rep=2&rlz=C1:,C2:,C7:&id=000000000000000000000000000000000000000061077E5FEE	false		high
http://svylst.com/aff_c?offer_id=437&aff_id=1189&aff_sub=statefarm2&aff_sub2=a0e14b7d50354470b5133d0848e58a95&aff_sub3=704753&aff_sub4=	false		unknown
https://sofa.thriveuniversehq.com/people/4.jpg	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/assets/images/state-farm-drake-2021.jpg	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/assets/bootstrap/dist/css/bootstrap.min.css	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/utils/banners/images/2023-months/2023-11.png?v=1	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/assets/images/State-Farm-Logo.png	false	Avira URL Cloud: phishing	unknown
https://svylst.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php	false		unknown
https://www.govwlfeloony.com/2FRNJG5BQ/GZHBQPR/	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://sofa.thriveuniversehq.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/images/a-favicon.ico	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/s3/terms/terms.php	false		unknown
https://sofa.thriveuniversehq.com/assets/js/scripts-w14-t-f-qc-v2-fst-ri.js?v=5.40&cc=us	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/service_worker.js	false	Avira URL Cloud: phishing	unknown
https://a.nel.cloudflare.com/report/v3?s=Ql%2F6%2FLhK%2FE2hXSOr%2BqV4blrmcGlD02a1U%2F55F1JbgXvJQAeddoeC9W1HGdHeKvrQ%2FVYniGYcZ6ZfdWwCWjxbAp2TdfnO1rgq%2FGnUYJh1k1uSp5cozt3jMi0nUiZLEcy8wjm0fhpzFn6Mg3pG	false		high
https://svylst.com/aff_c?offer_id=437&aff_id=1189&aff_sub=statefarm2&aff_sub2=a0e14b7d50354470b5133d0848e58a95&aff_sub3=704753&aff_sub4=&view=fb31fd86985514de1142f2f6b3bcea13_0	false	Avira URL Cloud: safe	unknown
https://sofa.thriveuniversehq.com/people/3.jpg	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/favicon.ico	false	Avira URL Cloud: phishing	unknown
https://pushlite.neptuneadspush.com/javascripts/service_worker.js?v1	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://svylst.com/favicon.ico	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://sofa.thriveuniversehq.com/assets/js/mobile-detect.js-master/mobile-detect.min.js	false	Avira URL Cloud: phishing	unknown
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1	false		high
http://svylst.com/js/ads.js	false	Avira URL Cloud: safe	unknown
https://sofa.thriveuniversehq.com/assets/bootstrap/dist/js/bootstrap.min.js	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/js/fingerprintjs2/1.5.0/fingerprint2.min.js	false	Avira URL Cloud: phishing	unknown
http://svylst.com/aff_c?offer_id=437&aff_id=1189&aff_sub=statefarm2&aff_sub2=a0e14b7d50354470b5133d0848e58a95&aff_sub3=704753&aff_sub4=	false		unknown
https://sofa.thriveuniversehq.com/manifest.json	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php	false		unknown
https://sofa.thriveuniversehq.com/people/2.jpg	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/utils/banners/banner-bf.js?v=1.04	false	Avira URL Cloud: phishing	unknown
https://sofa.thriveuniversehq.com/assets/js/ads.js	false	Avira URL Cloud: phishing	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://www.loc.gov/copyright	chromecache_125.2.dr	false		high
https://pushlite.neptuneadspush.com	chromecache_100.2.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://getbootstrap.com)	chromecache_129.2.dr, chromecache_119.2.dr	false	Avira URL Cloud: safe	low
https://github.com/twbs/bootstrap/blob/master/LICENSE)	chromecache_119.2.dr	false		high
https://github.com/hgoebl/mobile-detect.js	chromecache_128.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.112.127	stun.l.google.com	United States	15169	GOOGLEUS	false
38.62.240.122	govwlfeloony.com	United States	174	COGENT-174US	false
172.253.63.84	accounts.google.com	United States	15169	GOOGLEUS	false
142.251.167.104	www.google.com	United States	15169	GOOGLEUS	false
172.253.122.102	unknown	United States	15169	GOOGLEUS	false
142.251.163.105	unknown	United States	15169	GOOGLEUS	false
104.21.78.140	svylst.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.251.179.100	clients.l.google.com	United States	15169	GOOGLEUS	false
172.67.151.183	unknown	United States	13335	CLOUDFLARENETUS	false
172.64.100.6	pushlite.neptuneadspush.com	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
172.253.62.106	unknown	United States	15169	GOOGLEUS	false
104.21.1.7	sofa.thriveuniversehq.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.5

General Information

Joe Sandbox Version:	38.0.0 Ammolite
Analysis ID:	1348255
Start date and time:	2023-11-27 04:22:52 +01:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 3m 40s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://storage.googleapis.com/bdlinkmanager/TSTATTFDYHS_UJG.html
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal72.phis.win@26/47@37/15
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://sofa.thriveuniversehq.com/s3/terms/terms.php Browse: https://sofa.thriveuniversehq.com/s3/terms/terms.php Browse: https://sofa.thriveuniversehq.com/s3/terms/terms.php Browse: https://sofa.thriveuniversehq.com/s3/terms/terms.php Browse: https://sofa.thriveuniversehq.com/s3/terms/terms.php

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.253.62.94, 34.104.35.123, 142.251.16.207, 142.251.163.207, 172.253.63.207, 172.253.115.207, 142.251.167.207, 142.251.179.207, 172.253.62.207, 172.253.122.207, 142.251.111.95, 172.253.115.95, 142.251.16.94, 172.253.62.95, 142.251.16.95, 172.253.63.95, 172.253.122.95, 142.251.167.95, 142.251.179.95, 142.251.163.95, 142.250.31.95, 69.164.0.0, 67.26.245.254, 192.229.211.108
Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, storage.googleapis.com, content-autofill.googleapis.com, slscr.update.microsoft.com, ajax.googleapis.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com
HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 27 02:23:40 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9770963435428595
Encrypted:	false
SSDEEP:	48:8JbdWTSqxEHSidAKZdA19ehwiZUklqehgy+3:8J8Pxh3y
MD5:	3DF5C19C25ED46556665D067BABBFB45
SHA1:	533990DA6DB903B2AFA8139A9FAE95EDD587362C
SHA-256:	92D819D51A4EAAEEF6E5F0E4CEAF9B1D45469EA15A1CCB1D3931DAC0C9471BF9
SHA-512:	AC14D6A987C28DE1260C7A1E1CBD065CF8454B4349F72D3C051C68D9027904C63B249C92E973BC9D46F3487E8E6967CAA658704B4DEEA26104928107856CC70D
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....^.5.. ..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I{W......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{W......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{W......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{W............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{W.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..........._~.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Source: https://sofa.thriveuniversehq.com/people/5.jpg	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/people/1.jpg	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/people/4.jpg	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/assets/images/state-farm-drake-2021.jpg	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/assets/bootstrap/dist/css/bootstrap.min.css	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/utils/banners/images/2023-months/2023-11.png?v=1	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/assets/images/State-Farm-Logo.png	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/service_worker.js	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/images/a-favicon.ico	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/people/3.jpg	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/assets/js/scripts-w14-t-f-qc-v2-fst-ri.js?v=5.40&cc=us	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/assets/js/mobile-detect.js-master/mobile-detect.min.js	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/assets/bootstrap/dist/js/bootstrap.min.js	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/js/fingerprintjs2/1.5.0/fingerprint2.min.js	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/manifest.json	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/people/2.jpg	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/utils/banners/banner-bf.js?v=1.04	Avira URL Cloud: Label: phishing
Source: https://sofa.thriveuniversehq.com/assets/js/ads.js	Avira URL Cloud: Label: phishing

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.22.76.127
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91

Source: chromecache_129.2.dr, chromecache_119.2.dr	String found in binary or memory: http://getbootstrap.com)
Source: chromecache_125.2.dr	String found in binary or memory: http://www.loc.gov/copyright
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAUi-qJCY.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwaPGR_p.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI3wi_FQft1dw.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI3wi_Gwft.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_FQft1dw.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
Source: chromecache_112.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
Source: chromecache_128.2.dr	String found in binary or memory: https://github.com/hgoebl/mobile-detect.js
Source: chromecache_119.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_100.2.dr	String found in binary or memory: https://pushlite.neptuneadspush.com
Source: chromecache_108.2.dr	String found in binary or memory: https://pushlite.neptuneadspush.com/javascripts/service_worker.js?v1
Source: chromecache_94.2.dr	String found in binary or memory: https://www.govwlfeloony.com/2FRNJG5BQ/GZHBQPR/

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Nov 27, 2023 04:23:39.724996090 CET	51431	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:39.726337910 CET	63162	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:39.726901054 CET	57513	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:39.727164030 CET	53520	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:39.832622051 CET	53	55534	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:39.850802898 CET	53	51431	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:39.850816011 CET	53	57513	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:39.850830078 CET	53	63162	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:39.852226973 CET	53	53520	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:40.432145119 CET	53	62345	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:41.096457005 CET	53	54649	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:41.579351902 CET	52856	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:41.579827070 CET	55151	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:41.699278116 CET	59048	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:41.700181007 CET	54178	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:41.757745028 CET	53	52856	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:41.757924080 CET	53	55151	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:41.824938059 CET	53	59048	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:41.825299978 CET	53	54178	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:42.257987976 CET	55055	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:42.258431911 CET	59857	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:42.382123947 CET	53	59857	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:42.382831097 CET	53	55055	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:42.771570921 CET	57285	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:42.771893024 CET	60811	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:42.903717995 CET	53	57285	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:42.962994099 CET	53	60811	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:44.026251078 CET	51035	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:44.026560068 CET	59722	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:44.151392937 CET	53	59722	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:44.151411057 CET	53	51035	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:45.305892944 CET	52983	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:45.306229115 CET	58426	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:45.306657076 CET	54294	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:45.308665991 CET	59164	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:45.351689100 CET	55355	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:45.352018118 CET	55836	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:45.431442022 CET	53	52983	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:45.434801102 CET	53	54294	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:45.435677052 CET	53	59164	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:45.455770969 CET	53	58426	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:45.479222059 CET	53	55836	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:45.560125113 CET	53	55355	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:45.596704960 CET	50423	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:45.597100973 CET	53591	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:45.723148108 CET	53	50423	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:45.724821091 CET	53	53591	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:46.982177973 CET	65513	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:46.982537985 CET	61993	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:47.108946085 CET	53	61993	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:47.110044003 CET	53	65513	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:49.589373112 CET	53	60348	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:49.594057083 CET	53	55627	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:49.734327078 CET	60740	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:49.734688997 CET	52427	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:49.861304998 CET	53	60740	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:49.862173080 CET	53	52427	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:50.134679079 CET	53	59830	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:51.090750933 CET	59324	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:51.091991901 CET	58923	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:51.219249964 CET	53	59324	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:51.220175028 CET	53	58923	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:51.310503960 CET	53	54978	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:52.622035980 CET	53	59664	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:52.811131001 CET	63511	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:52.812136889 CET	50697	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:52.935066938 CET	53	63511	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:52.935729980 CET	53	50697	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:52.936508894 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:23:52.942687035 CET	65370	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:53.038371086 CET	19302	62818	142.250.112.127	192.168.2.5
Nov 27, 2023 04:23:53.067167997 CET	53	65370	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:53.510288000 CET	49785	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:53.510924101 CET	53798	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:23:53.636158943 CET	53	49785	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:53.642005920 CET	53	53798	1.1.1.1	192.168.2.5
Nov 27, 2023 04:23:58.911720991 CET	53	52141	1.1.1.1	192.168.2.5
Nov 27, 2023 04:24:01.570143938 CET	52002	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:24:01.571038008 CET	49663	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:24:01.694446087 CET	53	52002	1.1.1.1	192.168.2.5
Nov 27, 2023 04:24:01.694777966 CET	53	49663	1.1.1.1	192.168.2.5
Nov 27, 2023 04:24:03.149235964 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:24:03.252383947 CET	19302	62818	142.250.112.127	192.168.2.5
Nov 27, 2023 04:24:13.281244040 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:24:13.383451939 CET	19302	62818	142.250.112.127	192.168.2.5
Nov 27, 2023 04:24:19.352032900 CET	53	57651	1.1.1.1	192.168.2.5
Nov 27, 2023 04:24:23.429867983 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:24:23.531656027 CET	19302	62818	142.250.112.127	192.168.2.5
Nov 27, 2023 04:24:33.548221111 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:24:33.650089979 CET	19302	62818	142.250.112.127	192.168.2.5
Nov 27, 2023 04:24:39.316006899 CET	53	50534	1.1.1.1	192.168.2.5
Nov 27, 2023 04:24:43.671749115 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:24:43.773730040 CET	19302	62818	142.250.112.127	192.168.2.5
Nov 27, 2023 04:24:44.364459038 CET	53	50065	1.1.1.1	192.168.2.5
Nov 27, 2023 04:24:53.780978918 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:24:53.883173943 CET	19302	62818	142.250.112.127	192.168.2.5
Nov 27, 2023 04:25:04.369684935 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:25:04.471905947 CET	19302	62818	142.250.112.127	192.168.2.5
Nov 27, 2023 04:25:07.515547037 CET	53	58890	1.1.1.1	192.168.2.5
Nov 27, 2023 04:25:08.598532915 CET	57548	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:25:08.598957062 CET	49239	53	192.168.2.5	1.1.1.1
Nov 27, 2023 04:25:08.724175930 CET	53	57548	1.1.1.1	192.168.2.5
Nov 27, 2023 04:25:08.724987984 CET	53	49239	1.1.1.1	192.168.2.5
Nov 27, 2023 04:25:14.499320984 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:25:14.601408958 CET	19302	62818	142.250.112.127	192.168.2.5
Nov 27, 2023 04:25:25.019145012 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:25:25.121093035 CET	19302	62818	142.250.112.127	192.168.2.5
Nov 27, 2023 04:25:36.083713055 CET	62818	19302	192.168.2.5	142.250.112.127
Nov 27, 2023 04:25:36.185728073 CET	19302	62818	142.250.112.127	192.168.2.5

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Nov 27, 2023 04:23:42.963083982 CET	192.168.2.5	1.1.1.1	c22a	(Port unreachable)	Destination Unreachable
Nov 27, 2023 04:23:45.560197115 CET	192.168.2.5	1.1.1.1	c201	(Port unreachable)	Destination Unreachable
Nov 27, 2023 04:23:52.620352030 CET	192.168.2.5	1.1.1.1	c286	(Port unreachable)	Destination Unreachable

Timestamp	Bytes transferred	Direction	Data
Nov 27, 2023 04:23:43.062812090 CET	596	OUT	GET /aff_c?offer_id=437&aff_id=1189&aff_sub=statefarm2&aff_sub2=a0e14b7d50354470b5133d0848e58a95&aff_sub3=704753&aff_sub4= HTTP/1.1 Host: svylst.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Nov 27, 2023 04:23:43.608185053 CET	1340	IN	HTTP/1.1 200 OK Date: Mon, 27 Nov 2023 03:23:43 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: C=848bd2316dc3abc1c9b4aad2b173f936 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Khgq%2F4SnZlmkgEnW5gbjwlfakrRA1f7T7iftpmCZQGJ3PMBysyi6IlQv2yp%2FQyYC9zkKvEm5Ct%2FE%2Flx9GitlXXx5jYuTmJ5DYcA%2BuqrSDKlyPj7KpbQQjdQZutFD"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 82c7410a6b9272ec-IAD Content-Encoding: gzip alt-svc: h3=":443"; ma=86400 Data Raw: 36 62 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ac 58 5b 93 d3 36 14 7e 86 5f 01 3c ac 2c 62 58 5d 2c 4b c6 eb 9d d9 42 69 a1 b4 53 ba a5 b7 8c 87 91 6d 99 84 66 93 60 3b bb 81 6d fe 7b 47 92 2d c7 ac b3 30 d3 be 38 96 ce 55 e7 7c 3a e7 c4 77 ef 9c cc 9a 8b c5 e9 dd 3b 27 33 25 0b fd 5b e7 d5 7c dd dc ab ab 3c 79 70 fc be 3e 96 45 fd f8 7d fd e0 f4 e4 d8 52 7a 9e d3 bb 77 ca cd 32 6f e6 ab e5 bd b7 68 1b 84 38 f3 de a2 2d 55 38 67 c2 d7 3b 34 0a 05 87 d7 97 b2 d2 0c 12 13 52 ca a4 7d f3 60 5c a9 66 53 39 d9 a4 53 e6 b5 1b 92 68 25 18 85 11 2d e1 b5 db 4c dc db 23 b4 e5 2a 6e b5 53 9c 2b 5e 26 ce ce d4 b1 a5 7b 86 2c 57 bc f3 6f 73 38 de b5 3a 19 43 0a 85 9d c1 78 ff b4 f6 08 dd d1 32 5c 64 4c 25 53 10 c8 cb e6 f7 ec 25 f0 c1 4c d6 b3 a7 ab 8b f5 6a a9 96 4d 0d 7c 80 05 7a ba 99 bd 5c fe 04 7c b0 59 16 aa 9c 2f 55 01 7c d0 cc d4 52 f3 37 cd fa c9 f1 b1 de a8 e6 17 c0 07 f9 be 30 0d 22 82 58 55 bf fe e6 cd 33 cd b2 da e4 b3 f3 cd 7a bd aa 1a e0 83 42 5d ce 73 f5 a3 ba 58 55 1f b5 25 fc e9 f7 ef 5e 9d 9f 69 ad 95 2a 81 0f ca 6a 75 f1 74 26 ab a7 ab 42 01 1f 5c ca c5 46 ff 56 6a bd 90 b9 7e bb 90 db 5f b5 ce 9f 57 f3 d6 5b 72 f5 ee 43 2d 9f 03 1f bc 53 da 46 2e 9b 7c 06 7c c0 78 a0 fe 3c fb 20 57 c0 07 d7 ea 62 dd 7c dc 01 1f 04 18 a3 e0 c7 37 9f fe 78 af 79 08 8d b8 e0 f4 c3 f9 b3 37 cf fe 02 3e 58 ac 72 a9 03 a7 0f 42 69 20 02 82 d4 ab ef cb f7 5a c7 42 2d df 35 b3 36 00 b5 8d 00 c5 9c a2 20 38 ff e1 97 b3 17 bf 68 67 e8 1f f5 fa ec fc 03 f0 81 0e 03 e5 e8 75 f9 42 be d4 aa 49 c8 a2 df ae 9e 6f de e8 90 99 d3 5c a8 65 03 d2 b8 cd 51 8f 2a 78 dd c3 c0 e6 2b de ed 21 a3 c5 e4 ce db 87 21 61 54 b0 dc c0 30 63 b2 60 2e e1 2c 64 a1 a2 89 41 65 9e 45 51 f9 04 6d a3 c2 30 16 39 15 e1 13 b4 15 5c 2f 59 20 8a 30 d3 cb c8 20 8c 89 2c 10 9a d9 52 15 e6 98 69 6a 60 21 49 b1 0a 82 0e 70 66 47 4a 24 78 e2 7c f1 60 7c 35 9b 2f 94 77 ff fe 34 85 d7 4d f5 b1 73 29 50 a5 a4 3c 79 b4 96 55 ad 5e 2c 1b cf e9 f3 d0 56 48 08 8f d1 16 3f f4 c6 e9 bc 34 74 02 27 Data Ascii: 6baX[6~_<,bX],KBiSmf`;m{G-08U\|:w;'3%[\|<yp>E}Rzw2oh8-U8g;4R}`\fS9Sh%-L#nS+^&{,Wos8:Cx2\dL%S%LjM\|z\\|Y/U\|R70"XU3zB]sXU%^ijut&B\FVj~_W[rC-SF.\|\|x< Wb\|7xy7>XrBi ZB-56 8hguBIo\eQ*x+!!aT0c`.,dAeEQm09\/Y 0 ,Rij`!IpfGJ$x\|`\|5/w4Ms)P<yU^,VH?4t'
Nov 27, 2023 04:23:43.608217001 CET	1127	IN	Data Raw: e3 e2 c4 90 e9 43 6f 9c 9c 1b 72 70 40 3a 0a 0c 99 4d c6 6c bb 60 3e 76 b1 34 dc e1 b8 ab 03 76 1b 6b c3 ce 0f 79 8e 0d 59 1c 3a b8 50 86 1e 8d 8a 0f 8c d9 4c 1a 6e 39 1a 87 e1 49 4c a2 0d 77 06 bf 7c 70 0b 04 c3 9e 1f 0a b2 d5 56 c0 78 5e 7a 7d Data Ascii: Corp@:Ml`>v4vkyY:PLn9ILw\|pVx^z}GgV)w3M=SeRxg)`BUmE(0Yda-g#fG5D:1TYYP9ZRq<}y(Tx4O&y_
Nov 27, 2023 04:23:43.608232975 CET	59	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Nov 27, 2023 04:23:44.068578005 CET	516	OUT	GET /js/ads.js HTTP/1.1 Host: svylst.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://svylst.com/aff_c?offer_id=437&aff_id=1189&aff_sub=statefarm2&aff_sub2=a0e14b7d50354470b5133d0848e58a95&aff_sub3=704753&aff_sub4= Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: C=848bd2316dc3abc1c9b4aad2b173f936
Nov 27, 2023 04:23:44.202110052 CET	1340	IN	HTTP/1.1 200 OK Date: Mon, 27 Nov 2023 03:23:44 GMT Content-Type: text/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Thu, 05 May 2022 12:29:39 GMT Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 7030 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2F%2BSVDsanfHfRy1VsvK5DjDZ%2BgAdCNzi%2BUYjjAWYznocGFflx2xh1fDtqtaCwy5cuTfWPdhj9MAW5xVtmo23RrqTnG%2BO4%2FrlrkMQ2xV7lKfXtGgfdDZZTxPZ7biN"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 82c74110a98272ec-IAD Content-Encoding: gzip alt-svc: h3=":443"; ma=86400 Data Raw: 33 31 61 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 7d dd 76 db 38 d2 e0 ab c8 4c 7f 6e 32 82 68 52 92 1d 87 0a e3 e3 38 3f ed 9e 38 71 c7 49 f7 cc 28 6c 0f 44 42 12 da 24 c0 06 40 d9 8a ad 7d 85 bd df 8b dd b3 d7 fb 02 fb 3c fb 02 bb 8f b0 a7 00 fe 49 96 dd dd b3 37 3b d3 27 26 80 02 50 28 14 0a 85 42 a1 b4 c0 a2 73 fc fa 22 9c 16 2c 56 94 33 9b 38 b7 56 21 49 47 2a 41 63 65 8d 16 58 74 54 53 ec dc 0a a2 0a c1 3a 2a fc 38 f9 8d c4 ca c5 52 d2 19 bb bb 6b b7 30 e5 c2 d6 15 11 0b 7d 24 42 2c 66 45 46 98 92 6e 4a d8 4c cd 47 ec 85 18 b1 6e d7 a9 00 71 87 42 93 35 dc 98 45 4e d9 7e 2e b8 e2 6a 99 13 77 8e e5 c7 6b 76 2e 78 4e 84 5a ba 31 4e 53 5b 21 ec ec ee da 64 8c a3 50 8d 71 e4 8c 4a fc c8 0a 29 17 e7 79 ba b4 d5 9c 4a 54 37 ed ac 46 15 aa 1d 66 13 a4 10 43 a2 1e 16 23 d7 36 bb bb b3 59 78 2e 78 46 25 71 1c db ae 87 86 11 77 6e eb da 14 86 aa c4 f2 b6 b0 85 cb c8 8d b2 89 e3 ac 62 ac e2 b9 ad 9c 5b 6e 2b 67 b5 aa a1 e3 36 b4 9a 0b 7e fd 28 78 01 e0 9a 86 23 e2 26 9c 91 23 6c 13 77 81 d3 82 38 81 ad c2 f2 1b a9 0e 65 52 61 16 13 3e ed b0 23 15 30 72 dd 61 2d 9c 89 73 4b a0 69 c7 71 5c 35 27 cc a6 28 76 56 85 6d 8b 50 94 04 22 48 dd dd 8d 23 c7 31 a3 70 00 b8 c1 44 40 b9 c1 85 21 81 30 e2 88 86 b7 29 9e 90 34 f0 90 24 4c 05 2d f6 a0 53 db df c5 63 2f 72 f4 18 3b 78 ec 47 d5 9c c0 f7 0a 29 b1 94 c1 38 42 3c 87 3f ab aa 90 87 b7 d0 7b 10 db 9e 83 74 dd 20 b6 7d 07 99 e2 20 b6 fb ce 0a 59 55 4f 56 18 02 4f f0 69 e7 62 99 4d 78 ba bb 6b f3 b1 f9 74 a9 22 02 2b 2e a2 6d 6c 3b a7 72 e5 20 3e 6a cd 0b af 4b 6b f8 f8 7e 16 d7 63 63 e5 b0 80 ca 9f 97 39 79 23 04 17 b6 f5 8e 30 d3 67 87 ca 0e 4e 05 c1 c9 b2 43 6e 48 5c 28 ca 66 ae e5 8c 80 d3 47 74 e4 00 07 40 3b b0 2e 76 77 6d 1c f6 77 f9 d8 8b 8e 84 Data Ascii: 31a3}v8Ln2hR8?8qI(lDB$@}<I7;'&P(Bs",V38V!IGAceXtTS:8Rk0}$B,fEFnJLGnqB5EN~.jwkv.xNZ1NS[!dPqJ)yJT7FfC#6Yx.xF%qwnb[n+g6~(x#&#lw8eRa>#0ra-sKiq\5'(vVmP"H#1pD@!0)4$L-Sc/r;xG)8B<?{t } YUOVOibMxkt"+.ml;r >jKk~cc9y#0gNCnH\(fGt@;.vwmw
Nov 27, 2023 04:23:44.202125072 CET	1340	IN	Data Raw: 5b 0e b4 4c e9 6e ee ee 6c 1b 87 55 91 b3 bb 8b 0d d7 0b 07 79 4e 60 98 ce d9 dd dd b1 71 58 95 20 3e f6 61 26 81 65 9c 8a ee 23 79 4d 81 cd 44 e8 21 0c a4 0a c7 a6 5b 84 0d 1b 45 0e 82 a4 73 1b 63 49 3a 5e a0 ff f8 01 0e f9 68 22 08 be 1a e9 8c Data Ascii: [LnlUyN`qX >a&e#yMD![EscI:^h"aP6H]=.A2A%Bbe1`Ryn;&&dTtj`6UGNvw]=+ {/N<Zf(z"P[o!jB#Ts
Nov 27, 2023 04:23:44.202137947 CET	1340	IN	Data Raw: fa 4e 84 fa c3 1a d6 7f 0c d6 73 22 e4 1f d4 b0 de 23 b0 cf 9d 08 d5 23 7b 1e 68 aa 6a e0 fb a0 87 4e e4 c0 5c b4 e8 0f 53 a4 e7 26 af 9a 38 0c e2 70 6a c7 5b fb 7a e6 44 68 bf 46 eb d9 23 90 07 6b 04 3f 78 04 72 7f 8d dc fb 8f 40 0e d7 88 3d 7c Data Ascii: Ns"##{hjN\S&8pj[zDhF#k?xr@=\|rF#5Bt4=Pr^44g#EtF0G+IDMe67[_(Aq21{Nw+Nf;[k$p@6xd-Vd"c`H6i
Nov 27, 2023 04:23:44.202179909 CET	1340	IN	Data Raw: b2 df 4f 45 5a 81 9f 60 b6 c0 f2 04 e7 40 af 0d 96 63 1b b3 73 59 cf 4e 35 80 fa ae de 6d b0 29 07 75 77 47 dc 4c be dd 9a cd bf 41 fe c5 66 be e1 ef 2d 55 80 84 0d 1a 9f 6b 34 2e 40 ec 87 e7 a0 78 80 fe b4 bb bb 53 eb 99 7e a9 56 df 9f 40 ce b8 Data Ascii: OEZ`@csYN5m)uwGLAf-Uk4.@xS~V@)orEcA_29HaN="]3\3[7:z&\3:E1*F~?}#ja'#}c_\|oorZ !scA"8zn`ZC\|
Nov 27, 2023 04:23:44.202193975 CET	1340	IN	Data Raw: e7 22 27 31 c5 a9 5a 9a 82 2f a7 4d 9f 67 9f 3b 6f 6e 94 c0 f0 f9 8f 4f a7 c7 af cb 39 3e c3 22 25 4a e9 ae a8 58 f2 ce 97 53 f8 a6 b1 e0 92 4f 55 e7 0b 9d cd 0b a1 b3 98 3e dd 08 8d 02 67 da 21 b7 73 c2 85 a4 0b 68 f5 fc 8c b2 d9 7b fa 05 3e 05 Data Ascii: "'1Z/Mg;onO9>"%JXSOU>g!sh{>28tz1\|'rwf?i-.cx7T%_]!;'o:8ye4_>!o\|a."y*svKc5>`xXc^Dbx
Nov 27, 2023 04:23:44.202208042 CET	1340	IN	Data Raw: 9b a9 76 95 fa b6 ef c6 ac 35 c5 90 bb c4 13 be a0 79 df eb 3f d3 53 6b f0 54 d9 00 a7 69 7f 3e d4 2c 1c c7 fb fd 67 87 97 a6 af 4b 9c 34 fd bc 05 45 75 0e 9c f7 8d 33 92 17 13 60 67 3d f4 a7 a1 75 89 93 f7 04 27 44 4c 38 16 89 61 67 9a fc 1a 1a Data Ascii: v5y?SkTi>,gK4Eu3`g=u'DL8agXzg`o/W8-ks8]^X#""5.'>joB%3`^__J7!{K$ TQ4O4{S]FGc3[+\rY0SP7MJ^ze0IU:g
Nov 27, 2023 04:23:44.202223063 CET	1340	IN	Data Raw: ef f0 42 74 26 29 9f ad 61 a4 e8 5b 0c 32 86 c3 fa 75 0b 45 53 90 14 bd 8c 27 45 4a 7a 53 2a c8 34 5d f6 f4 fd ab 5e 0a a6 de 1b 36 87 71 98 ed 92 08 18 8f cb 73 c2 f4 55 d4 59 25 40 a8 94 05 c9 7a 29 c1 57 cb 5e 8e 97 d7 38 4d ab 81 c9 de 37 22 Data Ascii: Bt&)a[2uES'EJzS*4]^6qsUY%@z)W^8M7"xO8Q61/ALK}.zs+<)H4T^:z4g'Z-/GQ?3,)U`\I-uMhr fp-&Rb#^N!;`-f_CRAk=Pb,)+
Nov 27, 2023 04:23:44.202234983 CET	1340	IN	Data Raw: ed 3a 48 ae b9 10 16 0e c2 1b 3e 85 88 8e d3 28 2c 46 7f de 47 74 df fb 93 4e a2 5b 7c 18 b1 33 82 58 2d 40 96 2d 43 02 54 5c 3e 9d 82 ab 8d 76 96 bb bb b3 e3 31 0c 32 0a 77 e0 11 5f 15 4d a7 f6 6d c4 0f 78 d5 a9 bb 3b b5 e6 55 87 ab 8b de 71 1f Data Ascii: :H>(,FGtN[\|3X-@-CT\>v12w_Mmx;Uq}1_pmuAHm[6ebr!s,`D6m6\?B.gEjEJ`kyw2nCM%K38soiO!\#B3"m7V#Y8zN*a
Nov 27, 2023 04:23:44.202249050 CET	1340	IN	Data Raw: fd 5a bd 57 bd 8c 84 23 a2 b2 7d b4 4f 06 68 38 f4 3d cf d1 3a 9f 99 b2 8f 32 a6 69 0a 96 55 ad 6c 94 57 ff 60 53 86 4b 41 50 b6 04 f9 bd 80 f7 05 26 fc 6c e8 93 e1 86 46 f8 da 28 e5 12 9c 7d 05 91 52 37 85 21 2c 2e 91 60 30 2a 2b f6 f6 3d 84 dd Data Ascii: ZW#}Oh8=:2iUlW`SKAP&lF(}R7!,.`0+=+Fx+jR8s4IU%HiG\\'tWc2dX(^y<3Uv\|$CONzS%Zu1$yU~0iwr#2lc&MF-PVM-ITt
Nov 27, 2023 04:23:44.277457952 CET	579	OUT	GET /favicon.ico HTTP/1.1 Host: svylst.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://svylst.com/aff_c?offer_id=437&aff_id=1189&aff_sub=statefarm2&aff_sub2=a0e14b7d50354470b5133d0848e58a95&aff_sub3=704753&aff_sub4= Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: C=848bd2316dc3abc1c9b4aad2b173f936
Nov 27, 2023 04:23:44.409430027 CET	785	IN	HTTP/1.1 200 OK Date: Mon, 27 Nov 2023 03:23:44 GMT Content-Type: text/plain; charset=utf-8; SameSite=None; Secure Content-Length: 0 Connection: keep-alive Nrid: 149463646 Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 7030 Last-Modified: Mon, 27 Nov 2023 01:26:34 GMT Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcA79%2FUwRmkR0g3BCMlg0XfFGDKmnoCDm7ExBPEXEeu%2FSl4qCGAo7TdzLbnTKis732ouz2OH7zV8o6Nzbu6AZAQ1pTIS%2BUYpgKk2XzW3XJayqmpHZQi%2BYQtJ7tX0"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 82c74111fce072ec-IAD alt-svc: h3=":443"; ma=86400

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:40 UTC	752	OUT	GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1 Host: clients2.google.com Connection: keep-alive X-Goog-Update-Interactivity: fg X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda X-Goog-Update-Updater: chromecrx-117.0.5938.132 Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2023-11-27 03:23:40 UTC	732	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 3a 20 73 63 72 69 70 74 2d 73 72 63 20 27 72 65 70 6f 72 74 2d 73 61 6d 70 6c 65 27 20 27 6e 6f 6e 63 65 2d 48 74 74 54 44 55 32 31 6a 59 77 6d 6f 33 75 63 49 33 59 6f 6e 77 27 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 27 73 74 72 69 63 74 2d 64 79 6e 61 6d 69 63 27 20 68 74 74 70 73 3a 20 68 74 74 70 3a 3b 6f 62 6a 65 63 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 62 61 73 65 2d 75 72 69 20 27 73 65 6c 66 27 3b 72 65 70 6f 72 74 2d 75 72 69 20 68 74 74 70 73 3a 2f 2f 63 73 70 2e 77 69 74 68 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 63 73 70 2f 63 6c 69 65 6e 74 75 70 64 61 74 65 2d 61 75 73 2f 31 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c Data Ascii: HTTP/1.1 200 OKContent-Security-Policy: script-src 'report-sample' 'nonce-HttTDU21jYwmo3ucI3Yonw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1Cache-Control
2023-11-27 03:23:40 UTC	520	IN	Data Raw: 32 63 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 36 31 37 33 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 36 39 38 32 30 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22 Data Ascii: 2c9<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="6173" elapsed_seconds="69820"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
2023-11-27 03:23:40 UTC	200	IN	Data Raw: 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69 7a 65 3d 22 32 34 38 35 33 31 22 20 73 74 61 74 75 73 3d 22 6f 6b 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 2e 30 2e 36 22 2f 3e 3c 2f 61 70 70 3e 3c 2f 67 75 70 64 61 74 65 3e 0d 0a Data Ascii: 723f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" size="248531" status="ok" version="1.0.0.6"/></app></gupdate>
2023-11-27 03:23:40 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:40 UTC	680	OUT	POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1 Host: accounts.google.com Connection: keep-alive Content-Length: 1 Origin: https://www.google.com Content-Type: application/x-www-form-urlencoded Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=511=Ef5vPFGw-MZYo5hwe-0ThAVslbxbmvdVZwcHnqVzWHAU14v53MN1VvwvQq8baYfg2-IAtqZBV5NOL5rvj2NWIqrz377UhLdHtOgE-tJaBlUBYJEhuGsQdqni3oTJg0brqv1djdiLJyvTSUhdK-c5JWadCSsULPLzhSx-F-6wOg4
2023-11-27 03:23:40 UTC	1	OUT	Data Raw: 20 Data Ascii:
2023-11-27 03:23:40 UTC	1627	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 43 72 65 64 65 6e 74 69 61 6c 73 3a 20 74 72 75 65 0d 0a 58 2d 43 6f 6e 74 65 6e 74 2d 54 79 70 65 2d 4f 70 74 69 6f 6e 73 3a 20 6e 6f 73 6e 69 66 66 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 2c 20 6e 6f 2d 73 74 6f 72 65 2c 20 6d 61 78 2d 61 67 65 3d 30 2c 20 6d 75 73 74 2d 72 65 76 61 6c 69 64 61 74 65 0d 0a 50 72 Data Ascii: HTTP/1.1 200 OKContent-Type: application/json; charset=utf-8Access-Control-Allow-Origin: https://www.google.comAccess-Control-Allow-Credentials: trueX-Content-Type-Options: nosniffCache-Control: no-cache, no-store, max-age=0, must-revalidatePr
2023-11-27 03:23:40 UTC	23	IN	Data Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a Data Ascii: 11["gaia.l.a.r",[]]
2023-11-27 03:23:40 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:42 UTC	955	OUT	GET /images/icons/product/cloud_storage-32.png HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://storage.googleapis.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=511=Ef5vPFGw-MZYo5hwe-0ThAVslbxbmvdVZwcHnqVzWHAU14v53MN1VvwvQq8baYfg2-IAtqZBV5NOL5rvj2NWIqrz377UhLdHtOgE-tJaBlUBYJEhuGsQdqni3oTJg0brqv1djdiLJyvTSUhdK-c5JWadCSsULPLzhSx-F-6wOg4
2023-11-27 03:23:42 UTC	670	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 41 63 63 65 70 74 2d 52 61 6e 67 65 73 3a 20 62 79 74 65 73 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 69 6d 61 67 65 2f 70 6e 67 0d 0a 43 72 6f 73 73 2d 4f 72 69 67 69 6e 2d 52 65 73 6f 75 72 63 65 2d 50 6f 6c 69 63 79 3a 20 63 72 6f 73 73 2d 6f 72 69 67 69 6e 0d 0a 43 72 6f 73 73 2d 4f 72 69 67 69 6e 2d 4f 70 65 6e 65 72 2d 50 6f 6c 69 63 79 2d 52 65 70 6f 72 74 2d 4f 6e 6c 79 3a 20 73 61 6d 65 2d 6f 72 69 67 69 6e 3b 20 72 65 70 6f 72 74 2d 74 6f 3d 22 73 74 61 74 69 63 2d 6f 6e 2d 62 69 67 74 61 62 6c 65 22 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 67 72 6f 75 70 22 3a 22 73 74 61 74 69 63 2d 6f 6e 2d 62 69 67 74 61 62 6c 65 22 2c 22 6d 61 78 5f 61 67 65 22 3a 32 35 39 32 30 30 30 2c 22 65 6e Data Ascii: HTTP/1.1 200 OKAccept-Ranges: bytesContent-Type: image/pngCross-Origin-Resource-Policy: cross-originCross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"Report-To: {"group":"static-on-bigtable","max_age":2592000,"en
2023-11-27 03:23:42 UTC	582	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 03 19 49 44 41 54 58 c3 cd 97 dd 6b d3 50 18 c6 83 37 ea ed 10 ff 84 dd 28 c8 c6 50 44 71 fd 48 ba 75 0c 3b 2f 74 75 30 61 e8 86 55 71 8c 31 d0 75 28 36 4d 5a 6d ad ab db 98 ba 2f 86 4c c1 4b 91 81 8c 81 57 fb 0f 44 f6 65 bb 8f 8b b9 2d 5d d6 36 6d d3 26 3d 9e d3 b4 83 b0 b6 49 fa 01 3b f0 a3 17 c9 fb 3c 4f 72 4e 7a de 83 61 27 7d 00 00 ce 76 4f a5 1b 1e ce 88 9a e8 9e 12 1b 50 6d 59 e6 d6 51 b1 cf 40 0b 40 4f 8b 25 22 00 eb 98 38 a0 d9 78 e0 ab 88 3d fd 2c 5e 44 02 46 57 79 20 8d 27 b3 42 5d d7 84 a8 2d 44 8b 57 f8 63 74 a5 40 25 30 7b 84 15 4d e6 1d 63 a9 bb 7a 2a 09 8c 74 65 30 40 2d eb 48 ea 9e a2 31 9f 02 99 5f 93 2b 19 c3 61 61 25 21 5c 49 1e 69 Data Ascii: PNGIHDR szzIDATXkP7(PDqHu;/tu0aUq1u(6MZm/LKWDe-]6m&=I;<OrNza'}vOPmYQ@@O%"8x=,^DFWy 'B]-DWct@%0{Mcz*te0@-H1_+aa%!\Ii
2023-11-27 03:23:42 UTC	268	IN	Data Raw: 91 00 12 f8 51 88 d2 b8 31 18 00 f7 47 b6 af d5 f6 32 c7 37 23 8b 87 fd 41 a0 79 52 00 27 19 cd 9f 63 8e 16 47 f0 67 de 9d f0 db 52 02 6e c7 89 1a c9 24 a4 08 4e ee 43 c1 75 cd 01 7c df f7 cf cd 2c 1e 14 69 48 bc 2c ad 26 80 3c 84 3a 5a 9d 41 4f d1 6e 28 29 48 ed 52 13 c5 70 26 27 03 94 20 10 e4 1e 14 5f 03 7a 88 ae 00 e8 9a 61 68 3d 81 b4 63 7c 5a b9 29 ed 1c 65 ad e8 e9 4c 4e 75 10 e4 2e 34 59 cd 18 e5 a3 71 70 15 b4 7b 82 9d 9a 3a e3 56 17 f3 db 84 42 a8 84 70 fc 03 7a 68 94 8f a6 17 6b cb 9a cc 9f cd 85 b1 be 59 f6 02 ee d8 83 e2 ea 91 42 ac c8 68 7c be 02 1e 8f 6f 5e ea 9b d8 d6 7e 34 eb f0 87 7a 09 18 02 77 ec aa e7 d5 0e 34 5d ce a0 83 dc 71 07 fa cb 3d 9c 9e ee f9 10 aa b3 7d 52 4f cf f8 4e 7d 97 3f 50 0f 6b cf 9c f8 d3 f7 7f 4c 43 26 8f bb 11 b4 Data Ascii: Q1G27#AyR'cGgRn$NCu\|,iH,&<:ZAOn()HRp&' _zah=c\|Z)eLNu.4Yqp{:VBpzhkYBh\|o^~4zw4]q=}RON}?PkLC&

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:42 UTC	709	OUT	GET /2FRNJG5BQ/GZHBQPR/ HTTP/1.1 Host: www.govwlfeloony.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Referer: https://storage.googleapis.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2023-11-27 03:23:42 UTC	595	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 33 30 32 20 46 6f 75 6e 64 0d 0a 53 65 72 76 65 72 3a 20 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 34 32 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 31 37 38 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 6f 63 61 74 69 6f 6e 3a 20 68 74 74 70 3a 2f 2f 73 76 79 6c 73 74 2e 63 6f 6d 2f 61 66 66 5f 63 3f 6f 66 66 65 72 5f 69 64 3d 34 33 37 26 61 66 66 5f 69 64 3d 31 31 38 39 26 61 66 66 5f 73 75 62 3d 73 74 61 74 65 66 61 72 6d 32 26 61 66 66 5f 73 75 62 32 3d Data Ascii: HTTP/1.1 302 FoundServer: nginx/1.18.0 (Ubuntu)Date: Mon, 27 Nov 2023 03:23:42 GMTContent-Type: text/html; charset=utf-8Content-Length: 178Connection: closeLocation: http://svylst.com/aff_c?offer_id=437&aff_id=1189&aff_sub=statefarm2&aff_sub2=
2023-11-27 03:23:42 UTC	178	IN	Data Raw: 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 73 76 79 6c 73 74 2e 63 6f 6d 2f 61 66 66 5f 63 3f 6f 66 66 65 72 5f 69 64 3d 34 33 37 26 61 6d 70 3b 61 66 66 5f 69 64 3d 31 31 38 39 26 61 6d 70 3b 61 66 66 5f 73 75 62 3d 73 74 61 74 65 66 61 72 6d 32 26 61 6d 70 3b 61 66 66 5f 73 75 62 32 3d 61 30 65 31 34 62 37 64 35 30 33 35 34 34 37 30 62 35 31 33 33 64 30 38 34 38 65 35 38 61 39 35 26 61 6d 70 3b 61 66 66 5f 73 75 62 33 3d 37 30 34 37 35 33 26 61 6d 70 3b 61 66 66 5f 73 75 62 34 3d 22 3e 46 6f 75 6e 64 3c 2f 61 3e 2e 0a 0a Data Ascii: <a href="http://svylst.com/aff_c?offer_id=437&aff_id=1189&aff_sub=statefarm2&aff_sub2=a0e14b7d50354470b5133d0848e58a95&aff_sub3=704753&aff_sub4=">Found</a>.

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:45 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2023-11-27 03:23:45 UTC	436	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 41 70 69 56 65 72 73 69 6f 6e 3a 20 44 69 73 74 72 69 62 75 74 65 20 31 2e 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 61 74 74 61 63 68 6d 65 6e 74 3b 20 66 69 6c 65 6e 61 6d 65 3d 63 6f 6e 66 69 67 2e 6a 73 6f 6e 3b 20 66 69 6c 65 6e 61 6d 65 2a 3d 55 54 46 2d 38 27 27 63 6f 6e 66 69 67 2e 6a 73 6f 6e 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 45 54 61 67 3a 20 22 30 78 36 34 36 36 37 46 37 30 37 46 46 30 37 44 36 32 42 37 33 33 44 42 43 42 37 39 45 46 45 33 38 35 35 45 36 38 38 36 43 39 39 37 35 42 30 43 30 42 34 36 37 44 34 36 32 33 31 42 33 46 41 35 45 37 22 0d 0a 4c 61 73 74 2d 4d 6f 64 69 Data Ascii: HTTP/1.1 200 OKApiVersion: Distribute 1.1Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.jsonContent-Type: application/octet-streamETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"Last-Modi

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:45 UTC	869	OUT	GET /aff_c?offer_id=437&aff_id=1189&aff_sub=statefarm2&aff_sub2=a0e14b7d50354470b5133d0848e58a95&aff_sub3=704753&aff_sub4=&view=fb31fd86985514de1142f2f6b3bcea13_0 HTTP/1.1 Host: svylst.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Referer: http://svylst.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: C=848bd2316dc3abc1c9b4aad2b173f936
2023-11-27 03:23:46 UTC	392	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 33 30 32 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 34 36 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 70 6c 61 69 6e 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3b 20 53 61 6d 65 53 69 74 65 3d 4e 6f 6e 65 3b 20 53 65 63 75 72 65 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 41 6c 74 2d 53 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 45 78 70 69 72 65 73 3a 20 54 68 75 2c 20 31 39 20 4e 6f 76 20 31 39 38 31 20 30 38 3a 35 32 3a 30 30 20 47 4d 54 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 73 74 6f 72 65 2c 20 6e Data Ascii: HTTP/1.1 302 FoundDate: Mon, 27 Nov 2023 03:23:46 GMTContent-Type: text/plain; charset=utf-8; SameSite=None; SecureContent-Length: 0Connection: closeAlt-Svc: h3=":443"; ma=86400Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, n
2023-11-27 03:23:46 UTC	3602	IN	Data Raw: 4c 6f 63 61 74 69 6f 6e 3a 20 68 74 74 70 73 3a 2f 2f 73 6f 66 61 2e 74 68 72 69 76 65 75 6e 69 76 65 72 73 65 68 71 2e 63 6f 6d 2f 79 75 66 61 70 65 73 6f 2f 79 65 6a 65 2f 73 75 64 75 6c 65 78 75 2f 72 6f 63 61 6c 69 62 75 2f 7a 6f 2f 69 6e 64 65 78 2e 70 68 70 23 2f 79 75 66 61 70 65 73 6f 2f 79 65 6a 65 2f 73 75 64 75 6c 65 78 75 2f 72 6f 63 61 6c 69 62 75 2f 7a 6f 2f 69 6e 64 65 78 2e 70 68 70 3f 72 70 63 6c 6b 3d 6b 4b 6b 50 77 6f 4e 6a 30 6a 69 42 48 25 32 42 74 4e 45 48 59 62 42 59 25 32 46 49 67 55 25 32 42 79 25 32 46 74 52 58 67 55 44 4a 36 69 70 52 31 66 50 47 6a 4f 74 6f 58 79 52 4e 78 59 73 38 42 58 36 56 71 76 41 7a 72 49 67 39 70 4f 67 58 6a 55 4a 6b 38 78 39 25 32 42 74 30 41 25 32 46 47 6b 55 63 33 59 37 46 4b 25 32 42 7a 78 66 55 31 78 Data Ascii: Location: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php#/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1x
2023-11-27 03:23:46 UTC	1508	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 63 65 70 2d 76 34 3d 56 4a 79 71 5a 6a 4f 37 49 69 65 30 57 75 33 62 77 49 2d 31 4f 53 6e 46 4c 71 71 59 71 67 37 77 33 6b 62 75 68 41 74 78 4b 37 44 47 4f 4b 4a 71 72 4a 6a 4c 58 5f 36 70 76 39 41 78 73 30 72 79 74 44 4a 56 7a 35 63 49 56 6a 6c 4f 79 52 36 70 54 72 4b 70 58 34 31 34 6d 7a 38 38 39 5f 51 42 2d 42 32 76 30 79 78 33 30 63 35 47 36 39 4d 47 46 53 33 54 68 48 6a 78 53 54 58 47 52 4d 74 49 68 52 4b 55 49 79 73 51 6e 66 58 6c 6e 33 33 6e 50 39 68 51 5f 4f 4e 2d 47 66 35 49 47 50 36 54 66 74 62 4d 31 6d 58 46 6a 78 49 78 4f 72 6a 50 4a 32 66 36 33 70 6b 6c 47 5a 4a 57 77 67 48 5f 67 62 35 33 5f 32 6d 44 41 35 6a 71 5a 4f 31 62 48 6e 38 62 7a 49 75 65 45 44 55 61 43 65 4d 5a 77 6b 2d 46 52 38 4a 62 67 32 34 47 Data Ascii: Set-Cookie: cep-v4=VJyqZjO7Iie0Wu3bwI-1OSnFLqqYqg7w3kbuhAtxK7DGOKJqrJjLX_6pv9Axs0rytDJVz5cIVjlOyR6pTrKpX414mz889_QB-B2v0yx30c5G69MGFS3ThHjxSTXGRMtIhRKUIysQnfXln33nP9hQ_ON-Gf5IGP6TftbM1mXFjxIxOrjPJ2f63pklGZJWwgH_gb53_2mDA5jqZO1bHn8bzIueEDUaCeMZwk-FR8Jbg24G

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:46 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2023-11-27 03:23:46 UTC	535	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 31 36 20 4d 61 79 20 32 30 31 37 20 32 32 3a 35 38 3a 30 30 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 30 78 36 34 36 36 37 46 37 30 37 46 46 30 37 44 36 32 42 37 33 33 44 42 43 42 37 39 45 46 45 33 38 35 35 45 36 38 38 36 43 39 39 37 35 42 30 43 30 42 34 36 37 44 34 36 32 33 31 42 33 46 41 35 45 37 22 0d 0a 41 70 69 56 65 72 73 69 6f 6e 3a 20 44 69 73 74 72 69 62 75 74 65 20 31 2e 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 61 74 74 61 63 68 6d 65 6e 74 3b 20 66 69 6c 65 6e 61 6d 65 3d 63 6f 6e 66 69 67 Data Ascii: HTTP/1.1 200 OKContent-Type: application/octet-streamLast-Modified: Tue, 16 May 2017 22:58:00 GMTETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"ApiVersion: Distribute 1.1Content-Disposition: attachment; filename=config
2023-11-27 03:23:46 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:47 UTC	727	OUT	GET /yufapeso/yeje/sudulexu/rocalibu/zo/index.php HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: http://svylst.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2023-11-27 03:23:48 UTC	719	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 34 38 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 6f 63 61 74 69 6f 6e 3a 20 68 74 74 70 73 3a 2f 2f 73 6f 66 61 2e 74 68 72 69 76 65 75 6e 69 76 65 72 73 65 68 71 2e 63 6f 6d 2f 79 75 66 61 70 65 73 6f 2f 79 65 6a 65 2f 73 75 64 75 6c 65 78 75 2f 72 6f 63 61 6c 69 62 75 2f 7a 6f 2f 69 6e 64 65 78 2e 70 68 70 3f 77 6f 78 75 79 61 3d 64 65 6a 75 77 6f 6b 75 6d 65 62 61 6d 65 6d 75 0d 0a Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:48 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeLocation: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?woxuya=dejuwokumebamemu
2023-11-27 03:23:48 UTC	650	IN	Data Raw: 34 64 31 0d 0a ef bb bf 3c 73 63 72 69 70 74 3e 0d 0a 09 76 61 72 20 5f 30 78 34 35 61 33 3d 5b 27 68 72 65 66 27 2c 27 33 31 30 33 32 36 54 65 6d 61 6d 59 27 2c 27 24 31 2f 2f 24 32 27 2c 27 33 37 38 39 6a 71 4c 41 6a 49 27 2c 27 32 30 31 32 36 30 43 75 66 59 42 52 27 2c 27 69 6e 63 6c 75 64 65 73 27 2c 27 6c 6f 63 61 74 69 6f 6e 27 2c 27 36 32 34 38 35 36 6f 67 64 4d 72 7a 27 2c 27 32 38 70 52 57 68 58 58 27 2c 27 31 30 37 33 34 79 76 74 46 71 7a 27 2c 27 33 35 32 52 75 4d 4d 70 51 27 2c 27 31 33 33 39 50 76 70 52 41 68 27 2c 27 33 39 32 38 36 38 50 63 74 6b 64 59 27 2c 27 69 6e 64 65 78 4f 66 27 2c 27 35 39 36 42 6d 5a 78 76 59 27 5d 3b 76 61 72 20 5f 30 78 35 63 65 37 3d 66 75 6e 63 74 69 6f 6e 28 5f 30 78 33 34 62 62 31 37 2c 5f 30 78 33 37 37 31 38 Data Ascii: 4d1<script>var _0x45a3=['href','310326TemamY','$1//$2','3789jqLAjI','201260CufYBR','includes','location','624856ogdMrz','28pRWhXX','10734yvtFqz','352RuMMpQ','1339PvpRAh','392868PctkdY','indexOf','596BmZxvY'];var _0x5ce7=function(_0x34bb17,_0x37718
2023-11-27 03:23:48 UTC	590	IN	Data Raw: 65 36 28 30 78 31 62 38 29 29 2b 70 61 72 73 65 49 6e 74 28 5f 30 78 32 65 63 34 65 36 28 30 78 31 63 36 29 29 2a 70 61 72 73 65 49 6e 74 28 5f 30 78 32 65 63 34 65 36 28 30 78 31 62 65 29 29 3b 69 66 28 5f 30 78 65 32 66 39 32 64 3d 3d 3d 5f 30 78 34 61 30 31 34 63 29 62 72 65 61 6b 3b 65 6c 73 65 20 5f 30 78 34 32 37 39 62 65 5b 27 70 75 73 68 27 5d 28 5f 30 78 34 32 37 39 62 65 5b 27 73 68 69 66 74 27 5d 28 29 29 3b 7d 63 61 74 63 68 28 5f 30 78 31 32 32 37 63 62 29 7b 5f 30 78 34 32 37 39 62 65 5b 27 70 75 73 68 27 5d 28 5f 30 78 34 32 37 39 62 65 5b 27 73 68 69 66 74 27 5d 28 29 29 3b 7d 7d 7d 28 5f 30 78 34 35 61 33 2c 30 78 38 37 65 35 65 29 29 3b 76 61 72 20 70 61 72 61 6d 73 3d 27 27 3b 70 61 72 61 6d 73 21 3d 27 27 26 26 28 77 69 6e 64 6f 77 5b Data Ascii: e6(0x1b8))+parseInt(_0x2ec4e6(0x1c6))*parseInt(_0x2ec4e6(0x1be));if(_0xe2f92d===_0x4a014c)break;else _0x4279be['push'](_0x4279be['shift']());}catch(_0x1227cb){_0x4279be['push'](_0x4279be['shift']());}}}(_0x45a3,0x87e5e));var params='';params!=''&&(window[
2023-11-27 03:23:48 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:48 UTC	3770	OUT	GET /yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2023-11-27 03:23:49 UTC	923	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 34 39 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 50 48 50 53 45 53 53 49 44 3d 74 35 63 36 67 64 32 38 30 64 61 65 72 66 6b 70 6c 61 69 68 6c 6d 37 6a 6f 36 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 63 69 64 3d 31 30 32 61 61 36 34 32 39 32 66 63 66 61 66 66 62 62 33 35 37 61 65 35 39 39 65 64 61 30 3b 20 65 78 70 69 72 65 73 3d Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:49 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeSet-Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; path=/Set-Cookie: cid=102aa64292fcfaffbb357ae599eda0; expires=
2023-11-27 03:23:49 UTC	446	IN	Data Raw: 37 63 31 34 0d 0a ef bb bf 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 70 75 62 6c 69 63 22 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a Data Ascii: 7c14<!DOCTYPE html><html lang="en"><head><meta http-equiv="Cache-control" content="public"><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1">
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 2c 37 30 30 2c 37 30 30 69 74 61 6c 69 63 2c 39 30 30 2c 39 30 30 69 74 61 6c 69 63 27 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 6f 6e 6c 6f 61 64 3d 22 74 68 69 73 2e 6d 65 64 69 61 3d 27 61 6c 6c 27 22 3e 0d 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 61 73 73 65 74 73 2f 62 6f 6f 74 73 74 72 61 70 2f 64 69 73 74 2f 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 3c 21 2d 2d 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 61 73 73 65 74 73 2f 63 73 73 2f 73 74 79 6c 65 73 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 2d 2d 3e 0d 0a 3c 73 74 79 6c 65 3e 0d 0a 0d 0a Data Ascii: ,700,700italic,900,900italic' rel='stylesheet' type='text/css' media="print" onload="this.media='all'"><link href="/assets/bootstrap/dist/css/bootstrap.min.css" rel="stylesheet">...<link href="/assets/css/styles.css" rel="stylesheet">--><style>
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 75 65 73 74 69 6f 6e 2e 61 63 74 69 76 65 20 7b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 0d 0a 7d 0d 0a 23 6f 66 66 65 72 77 72 61 70 70 65 72 20 68 32 20 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 30 0d 0a 7d 0d 0a 23 6f 66 66 65 72 77 72 61 70 70 65 72 20 68 33 20 7b 0d 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 0d 0a 7d 0d 0a 23 6f 66 66 65 72 77 72 61 70 70 65 72 20 2e 64 64 61 79 20 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 30 0d 0a 7d 0d 0a 23 6f 66 66 65 72 77 72 61 70 70 65 72 20 73 70 61 6e 2e 6c 6f 67 6f 20 69 6d 67 20 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 30 0d 0a 7d 0d 0a 23 6f 66 66 65 72 77 72 61 70 70 65 72 20 70 20 7b 0d 0a 20 20 20 20 Data Ascii: uestion.active { display: block}#offerwrapper h2 { margin-top: 0}#offerwrapper h3 { font-weight: 700}#offerwrapper .dday { margin-bottom: 0}#offerwrapper span.logo img { margin-bottom: 0}#offerwrapper p {
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 74 61 74 65 2d 66 61 72 6d 2d 64 72 61 6b 65 2d 32 30 32 31 2e 6a 70 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 63 65 6e 74 65 72 20 63 65 6e 74 65 72 20 66 69 78 65 64 3b 20 0d 0a 20 20 09 2d 77 65 62 6b 69 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 20 63 6f 76 65 72 3b 0d 0a 20 20 09 2d 6d 6f 7a 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 20 63 6f 76 65 72 3b 0d 0a 20 20 09 2d 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 20 63 6f 76 65 72 3b 0d 0a 20 20 09 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 20 63 6f 76 65 72 3b 0d 0a 0d 0a 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 23 6f 66 66 65 72 77 72 61 70 70 65 72 20 23 6f 66 66 65 72 73 20 2e 62 6f 78 20 69 6d 67 20 7b 0d 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 61 Data Ascii: tate-farm-drake-2021.jpg) no-repeat center center fixed; -webkit-background-size: cover; -moz-background-size: cover; -o-background-size: cover; background-size: cover; } #offerwrapper #offers .box img { margin: 0 a
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0d 0a 20 20 20 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0d 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 6d 69 64 64 6c 65 0d 0a 7d 0d 0a 0d 0a 2e 61 2d 62 75 74 74 6f 6e 20 2e 61 2d 62 75 74 74 6f 6e 2d 69 6e 6e 65 72 20 7b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 23 63 66 32 37 32 37 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 2d 77 65 62 6b Data Ascii: der-width: 1px; cursor: pointer; display: inline-block; padding: 0; text-align: center; text-decoration: none!important; vertical-align: middle}.a-button .a-button-inner { background:#cf2727; background: -webk
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 64 63 64 66 65 33 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 33 70 78 20 32 70 78 20 72 67 62 61 28 32 32 38 2c 31 32 31 2c 31 37 2c 2e 35 29 0d 0a 7d 0d 0a 0d 0a 0d 0a 2e 61 2d 62 75 74 74 6f 6e 20 2e 61 2d 62 75 74 74 6f 6e 2d 74 65 78 74 20 7b 0d 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d 0a 7d 0d 0a 0d 0a 2e 61 2d 62 75 74 74 6f 6e 2d 74 65 78 74 20 7b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 3a 20 30 3b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b Data Ascii: background-color: #dcdfe3; background-image: none; box-shadow: 0 0 3px 2px rgba(228,121,17,.5)}.a-button .a-button-text { color: #fff;}.a-button-text { background-color: transparent; border: 0; display: block
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 0d 0a 0d 0a 2e 61 2d 62 75 74 74 6f 6e 2d 64 69 73 2d 70 72 69 6d 61 72 79 20 7b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 42 30 30 30 30 30 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 61 38 61 38 61 38 20 23 39 63 39 63 39 63 20 23 38 34 38 34 38 34 3b 0d 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 0d 0a 7d 0d 0a 0d 0a 0d 0a 2e 61 2d 62 75 74 74 6f 6e 2d 70 72 69 6d 61 72 79 20 2e 61 2d 62 75 74 74 6f 6e 2d 69 6e 6e 65 72 20 7b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 33 64 30 37 38 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 23 63 66 32 37 32 37 2c 23 63 66 32 37 32 37 29 3b 20 2f 2a 20 68 73 6c 61 Data Ascii: .a-button-dis-primary { background: #B00000; border-color: #a8a8a8 #9c9c9c #848484; color: #fff}.a-button-primary .a-button-inner { background: #f3d078; background: -webkit-linear-gradient(top,#cf2727,#cf2727); /* hsla
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 0d 0a 2e 61 2d 62 75 74 74 6f 6e 2d 73 74 61 63 6b 20 2e 61 2d 62 75 74 74 6f 6e 20 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 0d 0a 7d 0d 0a 0d 0a 2e 61 2d 62 75 74 74 6f 6e 2d 73 74 61 63 6b 20 2e 61 2d 62 75 74 74 6f 6e 3a 6c 61 73 74 2d 63 68 69 6c 64 20 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 30 0d 0a 7d 0d 0a 0d 0a 0d 0a 2e 61 2d 69 63 6f 6e 20 7b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 61 73 73 65 74 73 2f 69 6d 61 67 65 73 2f 63 61 72 74 34 2e 70 6e 67 29 3b 0d 0a 20 20 20 20 23 20 2d 77 65 62 6b 69 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 20 38 30 30 70 78 20 31 33 34 Data Ascii: .a-button-stack .a-button { margin-bottom: 10px; display: block}.a-button-stack .a-button:last-child { margin-bottom: 0}.a-icon { background-image: url(assets/images/cart4.png); # -webkit-background-size: 800px 134
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 6f 6c 6f 72 3a 20 23 62 31 62 30 62 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 09 09 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 09 7d 0d 0a 0d 0a 09 3a 2d 6d 6f 7a 2d 70 6c 61 63 65 68 6f 6c 64 65 72 20 7b 20 2f 2a 20 46 69 72 65 66 6f 78 20 31 38 2d 20 2a 2f 0d 0a 09 09 63 6f 6c 6f 72 3a 20 23 62 31 62 30 62 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 09 09 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 20 0d 0a 09 7d 0d 0a 0d 0a 09 3a 3a 2d 6d 6f 7a 2d 70 6c 61 63 65 68 6f 6c 64 65 72 20 7b 20 20 2f 2a 20 46 69 72 65 66 6f 78 20 31 39 2b 20 2a 2f 0d 0a 09 09 63 6f 6c 6f 72 3a 20 23 62 31 62 30 62 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 09 09 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 20 0d 0a 09 Data Ascii: olor: #b1b0b0 !important;text-align: center;}:-moz-placeholder { /* Firefox 18- /color: #b1b0b0 !important;text-align: center; }::-moz-placeholder { / Firefox 19+ */color: #b1b0b0 !important;text-align: center;

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:49 UTC	3700	OUT	GET /assets/bootstrap/dist/css/bootstrap.min.css HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:49 UTC	714	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 34 39 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 63 73 73 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 30 34 20 47 4d 54 0d 0a 45 54 61 67 3a 20 57 2f 22 31 64 39 61 63 2d 36 30 38 39 30 32 65 34 35 66 62 66 35 2d 67 7a 69 70 22 0d 0a 56 61 72 79 3a 20 41 63 63 65 70 74 2d 45 6e 63 6f 64 69 6e 67 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d 61 67 65 3d 31 34 Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:49 GMTContent-Type: text/cssTransfer-Encoding: chunkedConnection: closeLast-Modified: Wed, 25 Oct 2023 20:20:04 GMTETag: W/"1d9ac-608902e45fbf5-gzip"Vary: Accept-EncodingCache-Control: max-age=14
2023-11-27 03:23:49 UTC	655	IN	Data Raw: 37 63 65 34 0d 0a 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 36 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 35 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 33 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 68 75 62 2e 63 6f 6d 2f 6e 65 63 6f 6c 61 73 2f 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 2a 2f 68 74 6d 6c 7b Data Ascii: 7ce4/! Bootstrap v3.3.6 (http://getbootstrap.com) * Copyright 2011-2015 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) //! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css */html{
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 65 3a 30 7d 61 62 62 72 5b 74 69 74 6c 65 5d 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 31 70 78 20 64 6f 74 74 65 64 7d 62 2c 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 64 66 6e 7b 66 6f 6e 74 2d 73 74 79 6c 65 3a 69 74 61 6c 69 63 7d 68 31 7b 6d 61 72 67 69 6e 3a 2e 36 37 65 6d 20 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 65 6d 7d 6d 61 72 6b 7b 63 6f 6c 6f 72 3a 23 30 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 30 7d 73 6d 61 6c 6c 7b 66 6f 6e 74 2d 73 69 7a 65 3a 38 30 25 7d 73 75 62 2c 73 75 70 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 37 35 25 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 30 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 62 61 73 65 6c 69 6e 65 7d 73 75 70 7b 74 Data Ascii: e:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{color:#000;background:#ff0}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sup{t
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 7d 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 2e 33 35 65 6d 20 2e 36 32 35 65 6d 20 2e 37 35 65 6d 3b 6d 61 72 67 69 6e 3a 30 20 32 70 78 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 73 69 6c 76 65 72 7d 6c 65 67 65 6e 64 7b 70 61 64 64 69 6e 67 3a 30 3b 62 6f 72 64 65 72 3a 30 7d 74 65 78 74 61 72 65 61 7b 6f 76 65 72 66 6c 6f 77 3a 61 75 74 6f 7d 6f 70 74 67 72 6f 75 70 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 74 61 62 6c 65 7b 62 6f 72 64 65 72 2d 73 70 61 63 69 6e 67 3a 30 3b 62 6f 72 64 65 72 2d 63 6f 6c 6c 61 70 73 65 3a 63 6f 6c 6c 61 70 73 65 7d 74 64 2c 74 68 7b 70 61 64 64 69 6e 67 3a 30 7d 2f 2a 21 20 53 6f 75 72 63 65 3a 20 68 74 74 70 73 3a 2f 2f Data Ascii: -webkit-appearance:none}fieldset{padding:.35em .625em .75em;margin:0 2px;border:1px solid silver}legend{padding:0;border:0}textarea{overflow:auto}optgroup{font-weight:700}table{border-spacing:0;border-collapse:collapse}td,th{padding:0}/*! Source: https://
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 74 74 66 29 20 66 6f 72 6d 61 74 28 27 74 72 75 65 74 79 70 65 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 73 76 67 23 67 6c 79 70 68 69 63 6f 6e 73 5f 68 61 6c 66 6c 69 6e 67 73 72 65 67 75 6c 61 72 29 20 66 6f 72 6d 61 74 28 27 73 76 67 27 29 7d Data Ascii: lings-regular.woff2) format('woff2'),url(../fonts/glyphicons-halflings-regular.woff) format('woff'),url(../fonts/glyphicons-halflings-regular.ttf) format('truetype'),url(../fonts/glyphicons-halflings-regular.svg#glyphicons_halflingsregular) format('svg')}
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 6e 74 3a 22 5c 65 30 31 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 66 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 69 67 6e 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 6f 67 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 72 61 73 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 32 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 68 6f 6d 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 32 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 69 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 32 32 22 7d 2e 67 6c 79 70 68 69 63 6f Data Ascii: nt:"\e016"}.glyphicon-off:before{content:"\e017"}.glyphicon-signal:before{content:"\e018"}.glyphicon-cog:before{content:"\e019"}.glyphicon-trash:before{content:"\e020"}.glyphicon-home:before{content:"\e021"}.glyphicon-file:before{content:"\e022"}.glyphico
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 6c 79 70 68 69 63 6f 6e 2d 74 65 78 74 2d 68 65 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 65 78 74 2d 77 69 64 74 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 6c 69 67 6e 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 6c 69 67 6e 2d 63 65 6e 74 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 6c 69 67 6e 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 6c 69 67 6e 2d 6a 75 73 74 69 66 79 3a 62 65 66 Data Ascii: lyphicon-text-height:before{content:"\e050"}.glyphicon-text-width:before{content:"\e051"}.glyphicon-align-left:before{content:"\e052"}.glyphicon-align-center:before{content:"\e053"}.glyphicon-align-right:before{content:"\e054"}.glyphicon-align-justify:bef
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 6d 6f 76 65 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 6b 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 71 75 65 73 74 69 6f 6e 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 69 6e 66 6f 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 63 72 65 65 6e 73 68 6f 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 37 22 7d 2e Data Ascii: -sign:before{content:"\e082"}.glyphicon-remove-sign:before{content:"\e083"}.glyphicon-ok-sign:before{content:"\e084"}.glyphicon-question-sign:before{content:"\e085"}.glyphicon-info-sign:before{content:"\e086"}.glyphicon-screenshot:before{content:"\e087"}.
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 2d 63 61 72 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6f 6c 64 65 72 2d 63 6c 6f 73 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6f 6c 64 65 72 2d 6f 70 65 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 73 69 7a 65 2d 76 65 72 74 69 63 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 73 69 7a 65 2d 68 6f 72 69 7a 6f 6e 74 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 32 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 68 64 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 Data Ascii: -cart:before{content:"\e116"}.glyphicon-folder-close:before{content:"\e117"}.glyphicon-folder-open:before{content:"\e118"}.glyphicon-resize-vertical:before{content:"\e119"}.glyphicon-resize-horizontal:before{content:"\e120"}.glyphicon-hdd:before{content:"
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 67 6c 79 70 68 69 63 6f 6e 2d 75 73 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 67 62 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 72 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 35 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 72 74 2d 62 79 2d 61 6c 70 68 61 62 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 35 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 72 74 2d 62 79 2d 61 6c 70 68 61 62 65 74 2d 61 6c 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 35 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 72 74 2d 62 79 2d 6f 72 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e Data Ascii: glyphicon-usd:before{content:"\e148"}.glyphicon-gbp:before{content:"\e149"}.glyphicon-sort:before{content:"\e150"}.glyphicon-sort-by-alphabet:before{content:"\e151"}.glyphicon-sort-by-alphabet-alt:before{content:"\e152"}.glyphicon-sort-by-order:before{con

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:49 UTC	3736	OUT	GET /assets/images/State-Farm-Logo.png HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:49 UTC	698	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 34 39 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 69 6d 61 67 65 2f 70 6e 67 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 34 34 31 35 39 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 30 35 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 61 63 37 66 2d 36 30 38 39 30 32 65 34 39 35 37 35 34 22 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d 61 67 65 3d 31 34 34 30 30 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 48 49 54 0d 0a 41 67 65 3a 20 34 30 36 Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:49 GMTContent-Type: image/pngContent-Length: 44159Connection: closeLast-Modified: Wed, 25 Oct 2023 20:20:05 GMTETag: "ac7f-608902e495754"Cache-Control: max-age=14400CF-Cache-Status: HITAge: 406
2023-11-27 03:23:49 UTC	671	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 0f 00 00 00 08 70 04 03 00 00 00 62 90 d6 41 00 00 00 15 50 4c 54 45 47 70 4c ed 1d 24 ee 1c 24 ee 1c 23 ee 1d 24 ee 1d 24 ed 1d 24 39 05 26 69 00 00 00 06 74 52 4e 53 00 d8 23 aa 4d 7b 33 4b 72 93 00 00 20 00 49 44 41 54 78 da ec c1 01 01 00 00 00 80 90 fe af ee 08 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: PNGIHDRpbAPLTEGpL$$#$$$9&itRNS#M{3Kr IDATx
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 Data Ascii: UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 98 ff 59 2c 38 2e 00 00 c1 98 bc 88 b7 e3 a0 d3 0d 15 d1 5d d7 1c a5 4c 96 65 9b f2 15 9b fa 37 1a 1d e6 74 00 00 04 ea 42 34 9a fc ee 24 98 54 70 fb 2d 27 ca b2 b2 4c 9a f1 26 cf d3 4d aa 50 6b 9d 24 49 23 c3 34 53 03 00 c8 73 7f 63 bd 1d 13 1d e0 04 bf bf e3 d4 ea bb 9b 2c a6 5b 26 8b d5 bf ab 03 06 9a 00 00 48 93 86 65 31 ae fc ee e3 d0 19 4e f0 cb 11 ab fd 5c cf 9e 6e 6a dd 78 c2 4c d7 06 00 90 e3 fe 6e a7 00 27 f8 e5 88 b3 c1 19 f6 2a 48 37 0c 15 03 00 90 e0 9b 45 c5 08 b5 cf ed f5 d0 e9 1a 27 78 27 bf 65 6c 71 c6 0c 15 03 00 10 a1 bf e7 b7 fe 1e 91 e0 64 83 8e 98 ac b0 4e b0 d7 12 bc 41 82 01 00 bc 56 87 89 c2 cf 2f 61 68 e9 32 52 7b bf 27 dd 70 02 7a b9 c0 eb ab bf e2 0c 40 38 d1 ad de 4e 8b fe be 16 7e c1 39 35 c0 a0 5d 45 f0 55 84 ef bd 7b 39 38 Data Ascii: Y,8.]Le7tB4$Tp-'L&MPk$I#4Ssc,[&He1N\njxLn'*H7E'x'elqdNAV/ah2R{'pz@8N~95]EU{98
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 96 b8 f2 03 a4 a2 86 ed 88 d7 c9 c6 a8 33 3e 66 61 86 b8 58 1e c6 39 af 56 1f de 7a 99 61 f2 eb 7b 71 8c c9 8a 78 50 f3 ba 80 79 60 4b 97 02 fc 07 01 06 31 0c 7a d5 aa 60 b3 3e 77 e7 ec c1 56 f3 ce 20 b4 57 f7 9b d9 27 1a d8 46 10 cc f0 fc c0 9d cf f2 1b 15 f1 b0 6b 88 84 36 55 b7 02 8c 55 06 29 0c da 41 a8 d3 6c 8c 4b a9 ca 06 79 5a 5e 05 a1 a3 d9 ab 59 ec c6 08 59 c8 af cf b9 39 13 95 c9 e0 63 10 30 0f cc e9 24 ca df 98 65 90 c2 ed 20 f7 77 ac 98 90 1a e4 04 fb 14 84 9e 7f a0 81 95 00 f7 b6 dc bc b9 19 79 2b c0 03 83 33 72 6a 84 be 30 89 12 60 86 50 53 bf 83 56 a5 67 47 9f df 04 fa b4 24 17 c3 41 28 cf c6 7c 5d 0d 8d ba fa 9d 9b 53 16 7d 72 32 e6 81 39 9d 44 f9 0f 76 19 64 30 a0 45 26 28 c7 9d 8d 11 0d 58 8c eb 8d ab a5 e6 77 80 2b 9b 0c a5 5d a4 d1 db Data Ascii: 3>faX9Vza{qxPy`K1z`>wV W'Fk6UU)AlKyZ^YY9c0$e wy+3rj0`PSVgG$A(\|]S}r29Dvd0E&(Xw+]
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: d0 51 1c 8e 7f c7 0d 5a 4a b1 4c 97 1c 5c e0 40 68 87 73 0c 2c 64 d2 b2 55 ca db 2d 7c 3f 71 d0 de b3 72 29 c0 0b 2c 34 f8 4c d7 e0 81 96 00 b4 9a 42 7f 77 a5 58 87 6f 59 57 2a ee 02 73 42 0e d7 99 ff 39 ff 39 90 26 c0 76 ee 9e b7 f3 c0 4e 7f 32 9c 3d c1 00 17 48 57 13 70 70 78 b7 5f c6 53 5d 73 0f 15 b8 d3 21 bb b8 b2 53 97 cb dc 6c 04 98 f6 9b 13 04 58 c2 a0 c4 2b 04 18 60 2a 3a 22 d0 2d 73 97 a3 78 ba 40 d3 61 c3 71 b4 f2 24 26 e5 72 92 ee f5 64 7f 4d 5f 05 d8 d2 dd 93 d0 06 fc c9 e1 03 bc fd 8d 85 06 89 f1 a5 c3 ab fd 44 f1 e7 27 7f fb e1 fd e7 a9 8e 66 e0 8b db c8 e0 30 02 6d 35 89 d2 2e f7 e9 eb 1a 5c 4b 77 4f c2 9c a6 65 78 19 4f 30 c0 05 be 5d 1d 7e e6 81 cc 45 d3 46 52 0f b7 1e aa d8 8f 57 d2 65 17 e5 bf 67 3f 08 db ad 1f d7 a0 89 02 01 df fe 63 Data Ascii: QZJL\@hs,dU-\|?qr),4LBwXoYWsB99&vN2=HWppx_S]s!SlX+`:"-sx@aq$&rdM_D'f0m5.\KwOexO0]~EFRWeg?c
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 80 d8 59 df 64 b7 9e 2a dc af 46 54 30 1b ea 70 b1 35 58 af c0 23 56 96 86 b2 25 2c 27 22 60 44 1c e2 03 d1 60 5a d9 89 80 09 04 c4 ce 6a e5 4c 6c ce 0e fc 56 72 c1 cb 24 6d b8 a9 1b 3b 86 03 dc 7c 11 71 6b a1 21 09 1a ec 5d ff 75 75 4f d0 40 ce 1b 3c 4a 6e 5e 02 81 20 b8 b3 5a 67 7b 77 33 26 c0 1d 12 1a fb aa 4e b8 73 99 c4 6a 91 49 16 aa c1 4e ab ef 3d da 13 be cf e1 f8 85 30 e0 15 79 57 02 01 be b3 ee 25 43 5f 95 43 e8 5a b1 80 9d 32 17 6e 05 51 4d b6 f1 b3 9c 50 bc d7 9b a2 bb c9 36 f7 9e ba 09 58 17 21 81 40 b8 05 4f d7 fd 31 f2 ef a7 d4 a0 9f 9a 09 5e 68 63 05 2a f2 2e 42 5c fe f0 b0 95 21 60 60 b3 a7 ab 03 28 80 6f ec 9b 0f 7e e2 85 08 98 40 50 0f 1e a9 35 b3 ca 39 4b b0 6e d2 8b 17 1b 49 00 57 83 85 9d 32 75 5b 88 05 50 48 81 04 fc e4 e8 9e 00 06 Data Ascii: YdFT0p5X#V%,'"`D`ZjLlVr$m;\|qk!]uuO@<Jn^ Zg{w3&NsjIN=0yW%C_CZ2nQMP6X!@O1^hc.B\!``(o~@P59KnIW2u[PH
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 8a e3 9a 07 83 20 28 c4 cb 16 59 9c 05 21 6e d4 e9 35 d5 be d2 7d 09 84 10 f1 69 60 2b 0d 36 bb a2 44 5c 94 80 1b 6a af 29 6d c0 2d 8e 65 a1 8e c1 8d fa 08 78 d6 f2 d1 45 b0 04 e8 d9 b0 5e 93 29 cf f8 56 8c 95 7f cf b6 27 74 8f 0d 1d fb f5 a5 07 ab 34 c5 3c ab eb 62 b3 f2 ff 9d cf 93 3a 35 cc 38 b7 a7 99 77 5e 69 31 a5 c9 4c ec 1b ae c7 bd 97 aa 80 b9 cc 7b 43 d8 61 19 4b 93 10 21 b1 d4 e6 51 d3 7d d2 a4 7b 50 4b 45 f4 59 76 bd 2b 8d 2b 8a 94 ac 44 fc 51 c9 9d d5 06 4b 24 cc c1 ff 60 f5 4e b3 4d e2 18 22 e0 a5 c9 2f f6 4e 2a da 90 de 05 29 e4 0c c8 b8 fe d7 6b 26 d1 40 1c 47 91 76 1e 06 12 b0 ee af 13 7d e4 52 ff 0c 3f 08 96 49 92 5f ce 93 65 c2 0f 16 11 70 d5 3e 7b 6e 19 cd 54 b1 ca 35 07 ad df 15 66 cb 2c d2 2d 38 1e 6f 7c 64 88 b7 cf e8 5c 12 e5 c7 97 Data Ascii: (Y!n5}i`+6D\j)m-exE^)V't4<b:58w^i1L{CaK!Q}{PKEYv++DQK$`NM"/N*)k&@Gv}R?I_ep>{nT5f,-8o\|d\
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: ce d0 dc 52 7c 3f ba 4f c0 62 cd 59 c2 fc 94 4b 2d 19 ac 5e 80 af ca a7 7b 48 0a 0b 25 60 7e d6 cd f2 50 ee 01 d0 3c 5e fe 78 d9 51 0c f6 01 1b 39 88 c3 ae 49 58 18 02 3e e8 26 e0 50 fb fb 12 89 21 a2 58 81 f6 dc 5c 37 a8 08 6b 22 01 b3 58 26 b7 2b 96 7a 18 18 31 4f 55 93 15 47 0a b4 e7 4e 12 2c 23 1b dc c9 13 70 3c 12 82 76 ee 3c 81 8e 44 e1 66 dd 8b 93 f8 be 2b c4 44 e8 08 5a b6 40 17 25 f2 09 d8 c2 51 94 26 67 c0 b1 81 04 7c a7 fd 75 8d ff 04 c6 6e ef 3d 55 90 cf 40 84 2d fd b7 5d c3 df 24 4b 25 15 81 e5 ef 95 19 16 a3 63 53 f6 8f 58 92 79 49 32 d5 6b b0 c6 01 5e 3c 16 8f 75 9d 77 66 39 43 8b a0 7f 70 c9 12 f2 b5 5f 45 f6 54 0c d7 6d 96 bf 89 7e ad b9 0d c9 da cb 18 30 e2 9d fd 04 3c 5a 84 c5 94 ea 88 b8 a3 a5 85 79 04 2c cd bf 9a dc da ff d9 bb 96 ee Data Ascii: R\|?ObYK-^{H%`~P<^xQ9IX>&P!X\7k"X&+z1OUGN,#p<v<Df+DZ@%Q&g\|un=U@-]$K%cSXyI2k^<uwf9Cp_ETm~0<Zy,
2023-11-27 03:23:49 UTC	1369	IN	Data Raw: 7d 0a 39 bd 27 5a 6a 82 52 32 46 81 07 2b c1 ef a2 d8 6b 1a 9e bf 9e 0f cb a3 15 a1 9f 8d be 13 c6 7b 48 45 d3 bd e5 c6 2b 7e 00 ce fb cc 27 8e bd 0e e2 e5 bc b3 08 8d 29 1f 82 b6 c1 ee 1c 89 6e 46 23 f6 61 2d 89 a2 2a a1 04 ce 22 42 27 cf 40 b7 76 a8 c6 66 5e 62 7c 21 72 fa 96 39 36 54 c2 8d 55 fc 3e 9b 80 fe c2 d1 a5 0e 1d 74 1a e6 16 8e 8b 1b 72 1f 04 00 1f 8c df e8 f0 1f 00 07 06 c0 3d f9 72 5e b3 4b 32 00 b0 2c bc e0 a5 c0 00 d5 a2 1b 97 66 f3 ed 7a 4e 99 bb db 48 9b 82 5b b7 ed a1 6b 52 16 4b 9e a0 a1 c4 1b 2d 53 7d 52 8a b0 36 b6 3b ad ef ac fc 1a 61 33 8b 14 80 87 c6 7c 93 4d fc b1 cd 65 34 36 7f b8 b9 32 00 26 ee 2a db 72 9e 97 58 39 af 51 06 a5 8f ea 76 59 e0 e8 41 e0 18 c8 2d 66 22 ee 44 0c 29 b0 1b 9b fc 29 8b bb 00 f7 ca cb 7d be 93 29 ff f1 Data Ascii: }9'ZjR2F+k{HE+~')nF#a-"B'@vf^b\|!r96TU>tr=r^K2,fzNH[kRK-S}R6;a3\|Me462&rX9QvYA-f"D))})

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:49 UTC	3705	OUT	GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:49 UTC	756	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 34 39 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 31 32 33 39 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 54 68 75 2c 20 31 36 20 4e 6f 76 20 32 30 32 33 20 32 31 3a 35 35 3a 34 38 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 36 35 35 36 38 66 65 34 2d 34 64 37 22 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:49 GMTContent-Type: application/javascriptContent-Length: 1239Connection: closeLast-Modified: Thu, 16 Nov 2023 21:55:48 GMTETag: "65568fe4-4d7"Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloud
2023-11-27 03:23:49 UTC	613	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 65 28 65 29 7b 74 72 79 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 63 6f 6e 73 6f 6c 65 29 72 65 74 75 72 6e 3b 22 65 72 72 6f 72 22 69 6e 20 63 6f 6e 73 6f 6c 65 3f 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 65 29 3a 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 65 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 74 28 65 29 7b 72 65 74 75 72 6e 20 64 2e 69 6e 6e 65 72 48 54 4d 4c 3d 27 3c 61 20 68 72 65 66 3d 22 27 2b 65 2e 72 65 70 6c 61 63 65 28 2f 22 2f 67 2c 22 26 71 75 6f 74 3b 22 29 2b 27 22 3e 3c 2f 61 3e 27 2c 64 2e 63 68 69 6c 64 4e 6f 64 65 73 5b 30 5d 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 68 72 65 66 Data Ascii: !function(){"use strict";function e(e){try{if("undefined"==typeof console)return;"error"in console?console.error(e):console.log(e)}catch(e){}}function t(e){return d.innerHTML='<a href="'+e.replace(/"/g,""")+'"></a>',d.childNodes[0].getAttribute("href
2023-11-27 03:23:49 UTC	626	IN	Data Raw: 2e 68 72 65 66 2c 61 2b 6c 2e 6c 65 6e 67 74 68 29 29 7d 63 61 74 63 68 28 69 29 7b 65 28 69 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 74 29 7b 66 6f 72 28 76 61 72 20 72 3d 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 75 29 2c 63 3d 30 3b 63 3c 72 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 74 72 79 7b 76 61 72 20 6f 3d 72 5b 63 5d 2c 61 3d 6f 2e 70 61 72 65 6e 74 4e 6f 64 65 2c 69 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 66 29 3b 69 66 28 69 29 7b 76 61 72 20 6c 3d 6e 28 69 2c 30 29 2c 64 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 54 65 78 74 4e 6f 64 65 28 6c 29 3b 61 2e 72 65 70 6c 61 63 65 43 68 69 6c 64 28 64 2c 6f 29 7d 7d 63 61 74 63 68 28 68 29 7b 65 28 68 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 61 28 74 29 7b 66 6f 72 28 76 61 72 20 Data Ascii: .href,a+l.length))}catch(i){e(i)}}function o(t){for(var r=t.querySelectorAll(u),c=0;c<r.length;c++)try{var o=r[c],a=o.parentNode,i=o.getAttribute(f);if(i){var l=n(i,0),d=document.createTextNode(l);a.replaceChild(d,o)}}catch(h){e(h)}}function a(t){for(var

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:49 UTC	3742	OUT	GET /assets/images/state-farm-drake-2021.jpg HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:50 UTC	698	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 35 30 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 69 6d 61 67 65 2f 6a 70 65 67 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 31 36 30 37 38 39 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 30 35 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 32 37 34 31 35 2d 36 30 38 39 30 32 65 34 39 35 37 35 34 22 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d 61 67 65 3d 31 34 34 30 30 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 4d 49 53 53 0d 0a 41 63 63 65 Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:50 GMTContent-Type: image/jpegContent-Length: 160789Connection: closeLast-Modified: Wed, 25 Oct 2023 20:20:05 GMTETag: "27415-608902e495754"Cache-Control: max-age=14400CF-Cache-Status: MISSAcce
2023-11-27 03:23:50 UTC	671	IN	Data Raw: ff d8 ff e1 00 18 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 00 00 00 00 00 00 00 00 ff ec 00 11 44 75 63 6b 79 00 01 00 04 00 00 00 46 00 00 ff e1 03 2c 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 36 2e 30 2d 63 30 30 32 20 37 39 2e 31 36 34 34 38 38 2c 20 32 30 32 30 2f 30 37 2f 31 30 2d 32 32 3a 30 36 3a 35 33 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d Data Ascii: ExifII*DuckyF,http://ns.adobe.com/xap/1.0/<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xm
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 41 41 31 33 44 39 43 44 35 42 45 46 31 31 45 42 42 31 37 32 45 45 35 42 35 32 43 38 37 38 42 41 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 41 41 31 33 44 39 43 45 35 42 45 46 31 31 45 42 42 31 37 32 45 45 35 42 35 32 43 38 37 38 42 41 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e ff ee 00 0e 41 64 6f 62 65 00 64 c0 00 00 00 01 ff db 00 84 00 04 03 03 03 03 03 04 03 03 04 06 04 03 04 06 07 05 04 04 05 07 08 06 06 07 06 06 08 0a 08 09 09 09 09 08 0a 0a 0c 0c 0c 0c 0c 0a 0c Data Ascii: dFrom stRef:instanceID="xmp.iid:AA13D9CD5BEF11EBB172EE5B52C878BA" stRef:documentID="xmp.did:AA13D9CE5BEF11EBB172EE5B52C878BA"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>Adobed
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 75 aa 9b 55 0e 6b c4 d0 d1 45 54 07 29 24 3b c5 60 d1 0b 3d a0 7b ea ea 90 b6 95 28 9c 96 1a 39 43 5c 2b 40 b7 d3 69 23 3d a2 2d d8 8a 16 8d 68 0a bf 38 8c 2c 36 96 8c 11 80 06 ab 3b bd 83 0f 5d 5a b4 06 9e b5 46 bc 94 6d 03 cf 6e d1 1b 28 28 7c 56 b6 f4 65 ac ea 22 08 01 8c 7c 16 3e 4e 89 1d 6d b8 2f 28 f2 16 16 eb 6d 13 95 36 05 b7 b4 06 67 73 1b 78 ad f4 ac 76 8a 0f 7f 4c fb 4b e6 88 47 50 00 5a e5 87 8f 52 31 17 d7 4e 63 5a 4f a7 fb 54 6d 57 a6 ab a6 3a 27 c8 d0 f7 6e 42 e5 de ba f0 90 92 d6 a3 5f 0e 89 4a 56 02 b8 81 fc 69 e0 55 e5 26 72 ad 77 f4 c7 53 4e 9f b1 6b 9e 88 9d d5 e8 19 23 63 f4 92 02 9c ae ae 96 dc 8e 26 40 7e ae 1b f8 aa b7 a2 27 74 1d a3 5c d7 9a 57 75 cb 5d 89 db 56 3c f8 f2 f1 51 92 4b c3 1b e8 37 04 23 00 67 17 74 d1 3c 07 b8 b9 39 Data Ascii: uUkET)$;`={(9C\+@i#=-h8,6;]ZFmn((\|Ve"\|>Nm/(m6gsxvLKGPZR1NcZOTmW:'nB_JViU&rwSNk#c&@~'t\Wu]V<QK7#gt<9
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 1e 0f c1 1e 03 c9 d0 f0 42 57 51 97 79 0a a9 f1 3f 22 b9 02 14 dd 55 e4 61 ec a9 53 e0 7e 41 dd 6c 09 4f c4 bc 8d 4f 64 1e da 30 eb e6 aa 6a 3c 81 b7 14 e7 90 5d d3 65 5e 29 f2 1d 1d 8b 58 dd 46 a3 74 78 8f 22 a5 b0 64 83 ae da 25 35 1e 46 1d 8a 04 00 ed 7f ee 55 82 94 f4 76 11 81 a0 a5 14 f8 aa 6d 4b 16 31 83 53 ba 3c 4f ca bc 6c d8 e1 4a 6e 9f 89 79 10 31 b1 07 72 a6 aa f5 46 c8 ac af 68 e3 f2 b3 09 27 6f ac 75 5a 65 18 72 df b3 ec 6d dc 28 05 06 da 29 a7 3a 25 60 c5 41 0b 40 68 a5 36 59 dd 72 d2 6c 70 da 33 c2 9f 25 3e 27 93 72 63 e1 7e 84 7c d3 c2 4c bf 11 04 ad 31 bc 55 9e 0a a2 61 9f f9 7a c8 0a 06 e8 9e 0c 63 2c 61 8e 23 08 1e 82 29 4f 24 54 ce e6 a3 c5 5a c7 f4 b2 8b 3b ac 69 e7 44 32 d6 16 6c c4 bc 20 f3 a7 68 1a 3d 23 74 fc 60 f2 af 54 a3 c6 1f Data Ascii: BWQy?"UaS~AlOOd0j<]e^)XFtx"d%5FUvmK1S<OlJny1rFh'ouZerm():%`A@h6Yrlp3%>'rc~\|L1Uazc,a#)O$TZ;iD2l h=#t`T
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: e5 13 c8 c3 a9 1b 88 22 4e a5 01 c3 ba 03 85 c7 e0 3a aa 85 54 6e f9 ef 03 87 80 c1 68 41 ba 92 ad 8f ad 0f 89 5a 48 cb 6b 86 2f 1d bc d7 f7 2e 96 62 5f 2c 8e 2e 7b cf 52 57 4f 1e ae 6d ae 53 2c 81 96 2c d3 ea 56 52 a3 af 2e 1d 37 5f 4d 12 5e 51 cd 15 2a 36 5c 48 5a 9e 24 0f da b9 f6 ae 8d 45 4d 73 c1 b4 58 e1 b7 92 22 e6 e3 95 68 56 98 65 6a 3e 59 c5 35 3a ad 23 2b 42 3e 50 ea 8a aa c2 2d 48 f6 ee 72 e7 0f 78 c9 23 71 f6 ea 2a df 9a 58 13 67 d0 1d bf dc 6d c8 5a b2 70 fa d4 6a 3c 0a cf 0b 82 32 17 77 6c 9b dd 84 7b 91 9f e1 ea 96 12 10 65 6d a6 21 b3 b0 c7 20 3a 3a 9f ec 4a c1 94 ce 3b 3d 2d 93 da e2 f1 71 6f b1 1b b8 03 fb d4 d8 bf 25 c6 07 61 f2 f1 03 19 0c 98 8a d3 62 b3 ba 65 a6 bc 96 23 ef f1 73 d9 9a fd 70 9d 9e 36 58 6d c7 87 4e bb e5 1c f1 a2 ca Data Ascii: "N:TnhAZHk/.b_,.{RWOmS,,VR.7_M^Q6\HZ$EMsX"hVej>Y5:#+B>P-Hrx#qXgmZpj<2wl{em! ::J;=-qo%abe#sp6XmN
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: d4 27 03 b5 4c 3c 08 d7 54 13 84 a6 97 13 0e 84 40 50 dd 50 2a a1 30 82 b4 23 db 6f c1 7a 55 c8 39 a7 cd 40 2c bb d2 80 1d ee 34 40 21 af ae c5 00 f4 64 a0 0b 61 a8 a9 40 3c d3 a0 4c 1c 3f b5 01 e2 3c 34 a7 8a 02 17 b9 1a e3 89 b9 35 af a5 4d 0c a4 e8 10 a5 67 35 53 a7 9a 9a 10 5e d5 6a 90 38 c8 a8 28 80 99 c2 8a 38 ad 22 2a fd 63 fe 83 51 b3 3a 93 b6 15 22 aa 49 2f 06 8d 41 23 73 46 81 87 74 a9 88 c5 54 b1 30 9a 6c 7a 55 2a 9a 8c c8 30 7b 8d f1 4a 10 1b c6 8f 70 78 51 59 0d b1 6f f2 47 c5 25 0c 0d 01 3c 95 2c 1e 9e 09 80 b7 6d 73 47 26 1d 6b 54 aa f5 ee aa f7 8c cf 8a c2 39 ab 42 d7 03 5f 81 5c dc 91 e9 fa fd c1 5b f7 9e 6a 08 23 0d 98 70 0d 00 29 9a ab 96 48 2a 3f c8 d9 86 1f 50 6b db b6 ea f1 5c c3 ac bf 25 5f c9 20 85 f0 ea 76 a1 47 8d 2c ac ff 00 f3 Data Ascii: 'L<T@PP0#ozU9@,4@!da@<L?<45Mg5S^j8(8"cQ:"I/A#sFtT0lzU0{JpxQYoG%<,msG&kT9B_\[j#p)H?Pk\%_ vG,
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: cd a9 37 76 57 56 cd f7 0b 0f 16 8a ad a5 71 6d 15 98 b3 d3 4f 91 6c 16 82 92 34 fe e5 bd 98 8e 4f 3c ed 88 ba 5c 5f 64 af 20 63 2e 89 2d 68 fa 76 6d 57 3d ae cd 20 31 14 86 29 01 07 51 a2 35 bd 55 bc e8 90 ec 2c a4 56 73 cd 69 27 fa 92 38 86 fc d5 f2 f6 63 c5 f8 4f e5 9a 60 b8 2f 35 e2 f0 08 2b 89 d6 1d 97 2e e2 00 25 3a 25 38 cb 89 39 54 92 47 82 06 46 c7 75 25 29 cc 8f 25 34 f3 06 41 79 34 7a 89 08 25 47 53 e8 32 2c a5 c4 6e 0e 12 12 56 77 2d 24 89 38 3b 8e f1 a3 ea aa cf 6b b4 54 d2 25 2d 73 93 dc 55 a6 b4 3a 6e b9 b7 e6 b1 b6 bc 32 a2 33 76 30 b8 3e e6 9f cc 3a d5 69 c7 c9 69 ed c7 22 0a 10 05 57 66 63 9d a6 f6 ae 6e d6 d3 1b ed cb 18 73 a8 75 22 ab 1d 86 08 9a fa d2 e6 77 48 23 e2 4a 9d 79 21 5d 69 89 a2 13 9e 4d 6e a3 aa e8 9c 91 8d d2 8d ed f1 8e Data Ascii: 7vWVqmOl4O<\_d c.-hvmW= 1)Q5U,Vsi'8cO`/5+.%:%89TGFu%)%4Ay4z%GS2,nVw-$8;kT%-sU:n23v0>:ii"Wfcnsu"wH#Jy!]iMn
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 6d 97 e9 2a 2d 5c d2 8c 8f 17 21 00 87 29 bb 46 93 54 a5 8d 94 90 b8 72 75 42 e1 e4 99 ae 9d 3a 13 9c 05 96 8e 2a f8 67 54 f2 2a b0 bc 6b 5f 15 e8 61 c6 b6 e0 25 0f 85 cd 1a d0 50 05 9e c5 04 5c 4d 2c 4f a8 6d 69 d2 8b 9f a3 4c 18 39 cb 80 d2 d6 b5 ac a7 f1 6e 57 57 1f 1e 58 72 5c 19 c2 4d 6f 91 cb c7 fd 5a 4a 59 57 f9 8e 3a 0f d5 76 d9 35 9d 5c 77 35 a9 e5 7b df b6 e0 c6 b3 0d db 17 ac 75 c9 a4 65 d1 6a c8 c9 d2 ad ae e5 73 6f 8d e6 35 98 1a db 1b 86 22 0b 48 bb 36 1b 38 2d db 28 16 7c 4c 00 0f e6 3c b3 5f fd e2 95 e2 bf 5e 24 ea e6 b9 f3 cb e2 8e ef b3 a4 97 31 4d 17 09 9a e7 07 33 c0 83 b2 f4 78 7a 45 6f ae 55 1c 55 a5 c5 b4 6e 92 46 10 d2 6a 01 f0 5b db 92 d3 5c 22 f2 97 42 e2 5e 0c 14 a1 a1 5b 71 49 23 1e 5b d7 0b 36 06 d9 c6 cc 3d a7 a2 e4 e5 bd 5d Data Ascii: m-\!)FTruB:gT*k_a%P\M,OmiL9nWWXr\MoZJYW:v5\w5{uejso5"H68-(\|L<_^$1M3xzEoUUnFj[\"B^[qI#[6=]
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: b0 e5 ec 7c 73 aa db f6 ec 90 12 e6 e8 02 f2 be cb e5 87 7f 84 c2 93 7b 6b 77 75 9a fb 4b 72 19 15 75 27 aa fa 3e 2e 9a 65 e3 ef 3c b6 58 af b0 c6 db 1c 23 84 03 21 1e a2 16 33 6b 6a ac c2 8f 6f 6f 3d 9d d3 e4 00 b5 ed 3c aa bb 63 93 68 d8 bb 3b f3 cd ee 17 1c 71 57 f1 1b 8e 02 90 48 ed db e4 9c 95 cf 59 de 77 28 dc ae 42 7b d7 fd 57 0f 32 3b c3 d4 6a ba 26 bf 03 24 d9 c5 0d cc 4e 61 a1 01 67 b5 b1 7a f5 51 af ad 6d d9 7c f6 1d cb 8d 17 47 1d e8 e5 e5 9d 56 3c 28 6b 22 f6 9a 74 d7 f6 ae 7e 5b 9a ea e2 bd 02 77 14 67 ec dc 00 d4 6c a7 4e ed b6 ec a3 b6 5a ee 68 42 ea f1 72 e4 f4 73 d7 42 51 75 54 d8 4b 26 1b 55 67 85 e5 c3 28 06 b5 46 15 2b af bb 2f 8e 87 5a 27 ac ea 8d b7 02 f7 b5 c5 6f 18 53 2e 6a a6 78 11 6b 56 9a 0e a8 18 58 f1 ef 11 8d 7c 14 da b9 13 Data Ascii: \|s{kwuKru'>.e<X#!3kjoo=<ch;qWHYw(B{W2;j&$NagzQm\|GV<(k"t~[wglNZhBrsBQuTK&Ug(F+/Z'oS.jxkVX\|

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://storage.googleapis.com/bdlinkmanager/TSTATTFDYHS_UJG.html

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Dropped Files

HTML

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

Spam, unwanted Advertisements and Ransom Demands

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Windows Analysis Report
https://storage.googleapis.com/bdlinkmanager/TSTATTFDYHS_UJG.html

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:49 UTC	3684	OUT	GET /assets/bootstrap/dist/js/bootstrap.min.js HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:50 UTC	721	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 34 39 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 30 34 20 47 4d 54 0d 0a 45 54 61 67 3a 20 57 2f 22 39 30 30 34 2d 36 30 38 39 30 32 65 34 35 64 63 62 35 2d 67 7a 69 70 22 0d 0a 56 61 72 79 3a 20 41 63 63 65 70 74 2d 45 6e 63 6f 64 69 6e 67 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:49 GMTContent-Type: application/javascriptTransfer-Encoding: chunkedConnection: closeLast-Modified: Wed, 25 Oct 2023 20:20:04 GMTETag: W/"9004-608902e45dcb5-gzip"Vary: Accept-EncodingCache-Contro
2023-11-27 03:23:50 UTC	648	IN	Data Raw: 37 63 64 65 0d 0a 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 36 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 35 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 6c 69 63 65 6e 73 65 0a 20 2a 2f 0a 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 6a 51 75 65 72 79 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 42 6f 6f 74 73 74 72 61 70 27 73 20 4a 61 76 61 53 63 72 69 70 74 20 72 65 71 75 69 72 65 73 20 6a 51 75 65 72 79 22 29 3b 2b 66 75 6e 63 74 69 6f 6e 28 61 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 62 3d 61 2e 66 6e Data Ascii: 7cde/! Bootstrap v3.3.6 (http://getbootstrap.com) * Copyright 2011-2015 Twitter, Inc. * Licensed under the MIT license */if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+function(a){"use strict";var b=a.fn
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 6e 65 6e 64 22 2c 74 72 61 6e 73 69 74 69 6f 6e 3a 22 74 72 61 6e 73 69 74 69 6f 6e 65 6e 64 22 7d 3b 66 6f 72 28 76 61 72 20 63 20 69 6e 20 62 29 69 66 28 76 6f 69 64 20 30 21 3d 3d 61 2e 73 74 79 6c 65 5b 63 5d 29 72 65 74 75 72 6e 7b 65 6e 64 3a 62 5b 63 5d 7d 3b 72 65 74 75 72 6e 21 31 7d 61 2e 66 6e 2e 65 6d 75 6c 61 74 65 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 3d 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 3d 21 31 2c 64 3d 74 68 69 73 3b 61 28 74 68 69 73 29 2e 6f 6e 65 28 22 62 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 63 3d 21 30 7d 29 3b 76 61 72 20 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 63 7c 7c 61 28 64 29 2e 74 72 69 67 67 65 72 28 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e 2e 65 Data Ascii: nend",transition:"transitionend"};for(var c in b)if(void 0!==a.style[c])return{end:b[c]};return!1}a.fn.emulateTransitionEnd=function(b){var c=!1,d=this;a(this).one("bsTransitionEnd",function(){c=!0});var e=function(){c\|\|a(d).trigger(a.support.transition.e
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 61 2e 66 6e 2e 61 6c 65 72 74 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 66 6e 2e 61 6c 65 72 74 3d 65 2c 74 68 69 73 7d 2c 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 61 6c 65 72 74 2e 64 61 74 61 2d 61 70 69 22 2c 63 2c 64 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 6f 73 65 29 7d 28 6a 51 75 65 72 79 29 2c 2b 66 75 6e 63 74 69 6f 6e 28 61 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 62 28 62 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 64 3d 61 28 74 68 69 73 29 2c 65 3d 64 2e 64 61 74 61 28 22 62 73 2e 62 75 74 74 6f 6e 22 29 2c 66 3d 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 62 26 Data Ascii: a.fn.alert.noConflict=function(){return a.fn.alert=e,this},a(document).on("click.bs.alert.data-api",c,d.prototype.close)}(jQuery),+function(a){"use strict";function b(b){return this.each(function(){var d=a(this),e=d.data("bs.button"),f="object"==typeof b&
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 24 65 6c 65 6d 65 6e 74 2e 68 61 73 43 6c 61 73 73 28 22 61 63 74 69 76 65 22 29 29 2c 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 74 6f 67 67 6c 65 43 6c 61 73 73 28 22 61 63 74 69 76 65 22 29 7d 3b 76 61 72 20 64 3d 61 2e 66 6e 2e 62 75 74 74 6f 6e 3b 61 2e 66 6e 2e 62 75 74 74 6f 6e 3d 62 2c 61 2e 66 6e 2e 62 75 74 74 6f 6e 2e 43 6f 6e 73 74 72 75 63 74 6f 72 3d 63 2c 61 2e 66 6e 2e 62 75 74 74 6f 6e 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 66 6e 2e 62 75 74 74 6f 6e 3d 64 2c 74 68 69 73 7d 2c 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 62 75 74 74 6f 6e 2e 64 61 74 61 2d 61 70 69 22 2c 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 5e 3d 22 62 75 74 74 6f 6e 22 5d 27 2c 66 75 Data Ascii: $element.hasClass("active")),this.$element.toggleClass("active")};var d=a.fn.button;a.fn.button=b,a.fn.button.Constructor=c,a.fn.button.noConflict=function(){return a.fn.button=d,this},a(document).on("click.bs.button.data-api",'[data-toggle^="button"]',fu
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 6f 75 73 65 6c 65 61 76 65 2e 62 73 2e 63 61 72 6f 75 73 65 6c 22 2c 61 2e 70 72 6f 78 79 28 74 68 69 73 2e 63 79 63 6c 65 2c 74 68 69 73 29 29 7d 3b 63 2e 56 45 52 53 49 4f 4e 3d 22 33 2e 33 2e 36 22 2c 63 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 44 55 52 41 54 49 4f 4e 3d 36 30 30 2c 63 2e 44 45 46 41 55 4c 54 53 3d 7b 69 6e 74 65 72 76 61 6c 3a 35 65 33 2c 70 61 75 73 65 3a 22 68 6f 76 65 72 22 2c 77 72 61 70 3a 21 30 2c 6b 65 79 62 6f 61 72 64 3a 21 30 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 6b 65 79 64 6f 77 6e 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 2f 69 6e 70 75 74 7c 74 65 78 74 61 72 65 61 2f 69 2e 74 65 73 74 28 61 2e 74 61 72 67 65 74 2e 74 61 67 4e 61 6d 65 29 29 7b 73 77 69 74 63 68 28 61 2e 77 68 69 63 68 29 7b 63 61 73 65 20 33 37 Data Ascii: ouseleave.bs.carousel",a.proxy(this.cycle,this))};c.VERSION="3.3.6",c.TRANSITION_DURATION=600,c.DEFAULTS={interval:5e3,pause:"hover",wrap:!0,keyboard:!0},c.prototype.keydown=function(a){if(!/input\|textarea/i.test(a.target.tagName)){switch(a.which){case 37
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 69 6f 6e 2e 65 6e 64 29 2c 74 68 69 73 2e 63 79 63 6c 65 28 21 30 29 29 2c 74 68 69 73 2e 69 6e 74 65 72 76 61 6c 3d 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 74 68 69 73 2e 69 6e 74 65 72 76 61 6c 29 2c 74 68 69 73 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 6e 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 73 6c 69 64 69 6e 67 3f 76 6f 69 64 20 30 3a 74 68 69 73 2e 73 6c 69 64 65 28 22 6e 65 78 74 22 29 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 70 72 65 76 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 73 6c 69 64 69 6e 67 3f 76 6f 69 64 20 30 3a 74 68 69 73 2e 73 6c 69 64 65 28 22 70 72 65 76 22 29 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 64 65 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 64 29 Data Ascii: ion.end),this.cycle(!0)),this.interval=clearInterval(this.interval),this},c.prototype.next=function(){return this.sliding?void 0:this.slide("next")},c.prototype.prev=function(){return this.sliding?void 0:this.slide("prev")},c.prototype.slide=function(b,d)
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 66 6e 2e 63 61 72 6f 75 73 65 6c 3d 64 2c 74 68 69 73 7d 3b 76 61 72 20 65 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 64 2c 65 3d 61 28 74 68 69 73 29 2c 66 3d 61 28 65 2e 61 74 74 72 28 22 64 61 74 61 2d 74 61 72 67 65 74 22 29 7c 7c 28 64 3d 65 2e 61 74 74 72 28 22 68 72 65 66 22 29 29 26 26 64 2e 72 65 70 6c 61 63 65 28 2f 2e 2a 28 3f 3d 23 5b 5e 5c 73 5d 2b 24 29 2f 2c 22 22 29 29 3b 69 66 28 66 2e 68 61 73 43 6c 61 73 73 28 22 63 61 72 6f 75 73 65 6c 22 29 29 7b 76 61 72 20 67 3d 61 2e 65 78 74 65 6e 64 28 7b 7d 2c 66 2e 64 61 74 61 28 29 2c 65 2e 64 61 74 61 28 29 29 2c 68 3d 65 2e 61 74 74 72 28 22 64 61 74 61 2d 73 6c 69 64 65 2d 74 6f 22 29 3b 68 26 26 28 67 2e 69 6e 74 65 72 76 61 Data Ascii: unction(){return a.fn.carousel=d,this};var e=function(c){var d,e=a(this),f=a(e.attr("data-target")\|\|(d=e.attr("href"))&&d.replace(/.*(?=#[^\s]+$)/,""));if(f.hasClass("carousel")){var g=a.extend({},f.data(),e.data()),h=e.attr("data-slide-to");h&&(g.interva
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 67 6c 65 3a 21 30 7d 2c 64 2e 70 72 6f 74 6f 74 79 70 65 2e 64 69 6d 65 6e 73 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 68 61 73 43 6c 61 73 73 28 22 77 69 64 74 68 22 29 3b 72 65 74 75 72 6e 20 61 3f 22 77 69 64 74 68 22 3a 22 68 65 69 67 68 74 22 7d 2c 64 2e 70 72 6f 74 6f 74 79 70 65 2e 73 68 6f 77 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 74 68 69 73 2e 74 72 61 6e 73 69 74 69 6f 6e 69 6e 67 26 26 21 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 68 61 73 43 6c 61 73 73 28 22 69 6e 22 29 29 7b 76 61 72 20 62 2c 65 3d 74 68 69 73 2e 24 70 61 72 65 6e 74 26 26 74 68 69 73 2e 24 70 61 72 65 6e 74 2e 63 68 69 6c 64 72 65 6e 28 22 2e 70 61 6e 65 6c 22 29 2e 63 68 69 6c 64 72 65 6e 28 22 2e 69 Data Ascii: gle:!0},d.prototype.dimension=function(){var a=this.$element.hasClass("width");return a?"width":"height"},d.prototype.show=function(){if(!this.transitioning&&!this.$element.hasClass("in")){var b,e=this.$parent&&this.$parent.children(".panel").children(".i
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 61 2d 65 78 70 61 6e 64 65 64 22 2c 21 31 29 2c 74 68 69 73 2e 24 74 72 69 67 67 65 72 2e 61 64 64 43 6c 61 73 73 28 22 63 6f 6c 6c 61 70 73 65 64 22 29 2e 61 74 74 72 28 22 61 72 69 61 2d 65 78 70 61 6e 64 65 64 22 2c 21 31 29 2c 74 68 69 73 2e 74 72 61 6e 73 69 74 69 6f 6e 69 6e 67 3d 31 3b 76 61 72 20 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 74 72 61 6e 73 69 74 69 6f 6e 69 6e 67 3d 30 2c 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 22 63 6f 6c 6c 61 70 73 69 6e 67 22 29 2e 61 64 64 43 6c 61 73 73 28 22 63 6f 6c 6c 61 70 73 65 22 29 2e 74 72 69 67 67 65 72 28 22 68 69 64 64 65 6e 2e 62 73 2e 63 6f 6c 6c 61 70 73 65 22 29 7d 3b 72 65 74 75 72 6e 20 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e Data Ascii: a-expanded",!1),this.$trigger.addClass("collapsed").attr("aria-expanded",!1),this.transitioning=1;var e=function(){this.transitioning=0,this.$element.removeClass("collapsing").addClass("collapse").trigger("hidden.bs.collapse")};return a.support.transition

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:49 UTC	3697	OUT	GET /assets/js/scripts-w14-t-f-qc-v2-fst-ri.js?v=5.40&cc=us HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:50 UTC	717	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 34 39 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 30 34 20 47 4d 54 0d 0a 45 54 61 67 3a 20 57 2f 22 33 37 36 33 2d 36 30 38 39 30 32 65 34 34 66 32 35 35 2d 67 7a 69 70 22 0d 0a 56 61 72 79 3a 20 41 63 63 65 70 74 2d 45 6e 63 6f 64 69 6e 67 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:49 GMTContent-Type: application/javascriptTransfer-Encoding: chunkedConnection: closeLast-Modified: Wed, 25 Oct 2023 20:20:04 GMTETag: W/"3763-608902e44f255-gzip"Vary: Accept-EncodingCache-Contro
2023-11-27 03:23:50 UTC	652	IN	Data Raw: 33 37 36 33 0d 0a 76 61 72 20 78 20 3d 20 6e 65 77 20 44 61 74 65 28 29 3b 0d 0a 76 61 72 20 78 31 20 3d 20 78 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 66 69 6e 64 47 65 74 50 61 72 61 6d 65 74 65 72 28 70 61 72 61 6d 65 74 65 72 4e 61 6d 65 29 20 7b 0d 0a 20 20 20 20 76 61 72 20 72 65 73 75 6c 74 20 3d 20 6e 75 6c 6c 2c 0d 0a 20 20 20 20 20 20 20 20 74 6d 70 20 3d 20 5b 5d 3b 0d 0a 20 20 20 20 76 61 72 20 69 74 65 6d 73 20 3d 20 6c 6f 63 61 74 69 6f 6e 2e 73 65 61 72 63 68 2e 73 75 62 73 74 72 28 31 29 2e 73 70 6c 69 74 28 22 26 22 29 3b 0d 0a 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 6e 64 65 78 20 3d 20 30 3b 20 69 6e 64 65 78 20 3c 20 69 74 65 6d 73 2e 6c 65 6e 67 74 68 3b 20 69 6e 64 65 78 2b 2b 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 74 6d 70 20 3d 20 69 Data Ascii: 3763var x = new Date();var x1 = x;function findGetParameter(parameterName) { var result = null, tmp = []; var items = location.search.substr(1).split("&"); for (var index = 0; index < items.length; index++) { tmp = i
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 0a 7d 0d 0a 0d 0a 66 75 6e 63 74 69 6f 6e 20 6c 6f 61 64 57 61 6c 6c 20 28 29 20 7b 0d 0a 09 76 61 72 20 63 6f 75 6e 74 44 6f 77 6e 44 61 74 65 41 6a 61 78 3b 0d 0a 09 76 61 72 20 65 6e 64 44 61 74 65 41 6a 61 78 20 3d 20 41 72 72 61 79 28 29 3b 20 0d 0a 09 76 61 72 20 63 75 72 72 65 6e 74 54 69 6d 65 41 6a 61 78 3b 0d 0a 09 0d 0a 09 74 72 6b 63 6c 6b 28 29 3b 0d 0a 09 0d 0a 09 69 66 20 28 74 79 70 65 6f 66 20 67 74 61 67 20 21 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0d 0a 09 09 76 61 72 20 73 63 72 69 70 74 5f 74 61 67 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 73 63 72 69 70 74 27 29 3b 0d 0a 09 09 73 63 72 69 70 74 5f 74 61 67 2e 74 79 70 65 20 3d 20 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3b 0d Data Ascii: }function loadWall () {var countDownDateAjax;var endDateAjax = Array(); var currentTimeAjax;trkclk();if (typeof gtag != 'undefined') {var script_tag = document.createElement('script');script_tag.type = 'text/javascript';
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 70 78 20 31 36 70 78 20 39 70 78 20 31 36 70 78 3b 20 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 20 77 69 64 74 68 3a 20 39 30 25 3b 22 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 35 70 78 3b 22 3e 3c 69 6d 67 20 73 72 63 3d 22 2f 61 73 73 65 74 73 2f 69 6d 61 67 65 73 2f 34 2d 35 2e 70 6e 67 22 20 73 74 79 6c 65 3d 22 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 20 68 65 69 67 68 74 3a 20 32 30 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 34 70 78 3b 22 3e 20 28 35 33 36 29 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 6d Data Ascii: px 16px 9px 16px; border: none; margin-left: auto; margin-right: auto; width: 90%;"><div align="center" style="margin-bottom: 5px;"><img src="/assets/images/4-5.png" style="border: none; height: 20px; margin-top: -4px;"> (536)</div></div><div class="col-m
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 69 6d 65 41 6a 61 78 20 3d 20 44 61 74 65 2e 70 61 72 73 65 28 6e 65 77 20 44 61 74 65 28 29 29 3b 0d 0a 09 2f 2f 6e 6f 77 20 73 65 74 20 72 61 6e 64 6f 6d 20 65 6e 64 20 74 69 6d 65 73 20 61 6e 64 20 69 6e 69 74 20 74 68 65 20 63 6f 75 6e 74 65 72 73 0d 0a 09 66 6f 72 20 28 76 61 72 20 6a 20 3d 20 30 3b 20 6a 20 3c 3d 20 6f 66 66 65 72 5f 74 69 63 6b 3b 20 6a 2b 2b 29 20 7b 0d 0a 09 09 76 61 72 20 74 69 6d 65 49 6e 4d 69 6e 75 74 65 73 41 6a 61 78 20 3d 20 67 65 74 52 61 6e 64 6f 6d 49 6e 74 28 37 2c 20 31 30 29 3b 0d 0a 09 09 76 61 72 20 74 69 6d 65 49 6e 53 65 63 6f 6e 64 73 41 6a 61 78 20 3d 20 67 65 74 52 61 6e 64 6f 6d 49 6e 74 28 30 2c 20 35 39 29 3b 0d 0a 09 09 65 6e 64 44 61 74 65 41 6a 61 78 5b 6a 5d 20 3d 20 6e 65 77 20 44 61 74 65 28 63 75 72 Data Ascii: imeAjax = Date.parse(new Date());//now set random end times and init the countersfor (var j = 0; j <= offer_tick; j++) {var timeInMinutesAjax = getRandomInt(7, 10);var timeInSecondsAjax = getRandomInt(0, 59);endDateAjax[j] = new Date(cur
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 3d 20 6e 65 77 20 44 61 74 65 28 6e 6f 77 54 69 6d 65 20 2b 20 31 30 30 30 20 2a 20 36 30 20 2a 20 32 29 3b 20 2f 2f 72 65 73 65 74 20 74 6f 20 32 20 6d 69 6e 73 2e 0d 0a 09 09 09 09 24 28 27 23 63 6f 75 6e 74 64 6f 77 6e 2d 27 20 2b 20 6b 29 2e 68 74 6d 6c 28 27 32 3a 30 30 27 29 3b 0d 0a 09 09 09 09 76 61 6c 69 64 2b 2b 3b 0d 0a 09 09 09 7d 20 65 6c 73 65 20 7b 0d 0a 09 09 09 09 24 28 27 23 63 6f 75 6e 74 64 6f 77 6e 2d 27 20 2b 20 6b 29 2e 68 74 6d 6c 28 6d 69 6e 75 74 65 73 20 2b 20 27 3a 27 20 2b 20 73 65 63 6f 6e 64 73 29 3b 0d 0a 09 09 09 09 76 61 6c 69 64 2b 2b 3b 0d 0a 09 09 09 7d 0d 0a 09 09 7d 0d 0a 09 09 69 66 20 28 76 61 6c 69 64 20 3d 3d 20 30 29 20 7b 0d 0a 09 09 09 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 7a 29 3b 0d 0a 09 09 09 63 6f 6e Data Ascii: = new Date(nowTime + 1000 * 60 * 2); //reset to 2 mins.$('#countdown-' + k).html('2:00');valid++;} else {$('#countdown-' + k).html(minutes + ':' + seconds);valid++;}}if (valid == 0) {clearInterval(z);con
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 2d 74 65 78 74 22 20 3e 3c 21 2d 2d 3c 69 20 63 6c 61 73 73 3d 22 61 2d 69 63 6f 6e 20 61 2d 69 63 6f 6e 2d 63 61 72 74 22 3e 3c 2f 69 3e 2d 2d 3e 3c 62 3e 45 78 70 69 72 65 64 3c 2f 62 3e 3c 2f 73 70 61 6e 3e 3c 2f 73 70 61 6e 3e 3c 2f 73 70 61 6e 3e 3c 2f 64 69 76 3e 27 29 3b 0d 0a 09 09 09 09 09 0d 0a 09 09 09 09 7d 20 65 6c 73 65 20 7b 0d 0a 09 09 09 09 09 24 28 27 23 63 6f 75 6e 74 64 6f 77 6e 2d 66 69 6e 61 6c 27 29 2e 68 74 6d 6c 28 6d 69 6e 75 74 65 73 20 2b 20 27 3a 27 20 2b 20 73 65 63 6f 6e 64 73 29 3b 0d 0a 09 09 09 09 7d 0d 0a 0d 0a 09 09 09 7d 2c 20 35 30 30 29 3b 0d 0a 09 09 09 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 7a 7a 29 3b 0d 0a 09 09 09 0d 0a 09 09 7d 0d 0a 09 0d 0a 09 7d 2c 20 32 30 30 29 3b 0d 0a 7d 0d 0a 0d 0a 76 61 72 20 6f 66 Data Ascii: -text" >...<i class="a-icon a-icon-cart"></i>--><b>Expired</b></span></span></span></div>');} else {$('#countdown-final').html(minutes + ':' + seconds);}}, 500);clearInterval(zz);}}, 200);}var of
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 27 29 3b 0d 0a 0d 0a 09 09 69 66 20 28 24 6e 65 78 74 51 75 65 73 74 69 6f 6e 2e 6c 65 6e 67 74 68 20 3e 20 30 29 20 7b 0d 0a 09 09 09 24 61 63 74 69 76 65 51 75 65 73 74 69 6f 6e 2e 66 61 64 65 4f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0d 0a 09 09 09 09 24 28 74 68 69 73 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 61 63 74 69 76 65 27 29 3b 0d 0a 09 09 09 09 24 61 63 74 69 76 65 51 75 65 73 74 69 6f 6e 20 3d 20 24 6e 65 78 74 51 75 65 73 74 69 6f 6e 3b 0d 0a 09 09 09 09 24 61 63 74 69 76 65 51 75 65 73 74 69 6f 6e 2e 61 64 64 43 6c 61 73 73 28 27 61 63 74 69 76 65 27 29 3b 0d 0a 09 09 09 7d 29 3b 0d 0a 09 09 7d 20 65 6c 73 65 20 7b 0d 0a 09 09 09 69 66 20 28 77 61 6c 6c 5f 6c 6f 61 64 65 64 29 0d 0a 09 09 09 09 72 65 74 75 72 6e 3b 0d 0a 09 09 09 0d Data Ascii: ');if ($nextQuestion.length > 0) {$activeQuestion.fadeOut(function(){$(this).removeClass('active');$activeQuestion = $nextQuestion;$activeQuestion.addClass('active');});} else {if (wall_loaded)return;
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 6c 79 20 72 65 73 65 72 76 65 64 20 66 6f 72 20 79 6f 75 21 20 5c 5c 6e 5c 5c 6e 59 6f 75 20 68 61 76 65 20 35 20 6d 69 6e 75 74 65 73 20 62 65 66 6f 72 65 20 77 65 20 6f 66 66 65 72 20 69 74 20 74 6f 20 74 68 65 20 6e 65 78 74 20 71 75 61 6c 69 66 69 65 64 20 76 69 73 69 74 6f 72 21 5c 5c 6e 5c 5c 6e 4f 6e 20 74 68 65 20 6e 65 78 74 20 70 61 67 65 2c 20 72 65 61 64 20 74 68 65 20 72 65 77 61 72 64 20 6f 66 66 65 72 20 64 65 74 61 69 6c 73 20 61 6e 64 20 65 6e 74 65 72 20 79 6f 75 72 20 73 68 69 70 70 69 6e 67 20 61 64 64 72 65 73 73 20 61 6e 64 20 70 61 79 20 66 6f 72 20 61 20 73 6d 61 6c 6c 20 73 68 69 70 70 69 6e 67 20 66 65 65 20 28 22 20 2b 20 24 28 74 68 69 73 29 2e 61 74 74 72 28 22 64 61 74 61 2d 73 68 69 70 70 69 6e 67 22 29 20 2b 20 22 29 22 20 Data Ascii: ly reserved for you! \\n\\nYou have 5 minutes before we offer it to the next qualified visitor!\\n\\nOn the next page, read the reward offer details and enter your shipping address and pay for a small shipping fee (" + $(this).attr("data-shipping") + ")"
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 7b 0d 0a 09 09 09 09 6f 66 66 65 72 5b 37 5d 20 3d 20 6f 66 66 65 72 5b 37 5d 20 2b 20 22 2d 22 20 2b 20 6a 74 73 3b 0d 0a 09 09 09 09 0d 0a 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 63 69 20 21 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7b 0d 0a 09 09 09 09 09 6f 66 66 65 72 5b 37 5d 20 3d 20 6f 66 66 65 72 5b 37 5d 20 2b 20 22 2d 22 20 2b 20 63 69 3b 0d 0a 09 09 09 09 09 0d 0a 09 09 09 09 09 69 66 20 28 74 79 70 65 6f 66 20 70 74 66 20 21 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7b 0d 0a 09 09 09 09 09 09 6f 66 66 65 72 5b 37 5d 20 3d 20 6f 66 66 65 72 5b 37 5d 20 2b 20 22 2d 22 20 2b 20 70 74 66 3b 0d 0a 09 09 09 09 09 7d 0d 0a 09 09 09 09 7d 0d 0a 09 09 09 7d 0d 0a 09 09 7d 0d 0a 09 7d 0d 0a 09 69 66 20 28 74 79 70 65 6f 66 20 76 69 65 77 20 Data Ascii: {offer[7] = offer[7] + "-" + jts;if (typeof ci != "undefined") {offer[7] = offer[7] + "-" + ci;if (typeof ptf != "undefined") {offer[7] = offer[7] + "-" + ptf;}}}}}if (typeof view

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:49 UTC	3686	OUT	GET /js/fingerprintjs2/1.5.0/fingerprint2.min.js HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:50 UTC	725	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 34 39 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 31 39 20 47 4d 54 0d 0a 45 54 61 67 3a 20 57 2f 22 38 37 30 64 2d 36 30 38 39 30 32 66 32 37 36 32 65 31 2d 67 7a 69 70 22 0d 0a 56 61 72 79 3a 20 41 63 63 65 70 74 2d 45 6e 63 6f 64 69 6e 67 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:49 GMTContent-Type: application/javascriptTransfer-Encoding: chunkedConnection: closeLast-Modified: Wed, 25 Oct 2023 20:20:19 GMTETag: W/"870d-608902f2762e1-gzip"Vary: Accept-EncodingCache-Contro
2023-11-27 03:23:50 UTC	644	IN	Data Raw: 37 63 64 61 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 69 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 69 29 3a 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 69 28 29 3a 74 2e 65 78 70 6f 72 74 73 3f 74 2e 65 78 70 6f 72 74 73 3d 69 28 29 3a 74 5b 65 5d 3d 69 28 29 7d 28 22 46 69 6e 67 65 72 70 72 69 6e 74 32 22 2c 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 64 65 78 4f 66 7c 7c 28 41 72 72 61 79 Data Ascii: 7cda!function(e,t,i){"use strict";"function"==typeof define&&define.amd?define(i):"undefined"!=typeof module&&module.exports?module.exports=i():t.exports?t.exports=i():t[e]=i()}("Fingerprint2",this,function(){"use strict";Array.prototype.indexOf\|\|(Array
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 6e 74 6a 73 32 22 2c 73 77 66 50 61 74 68 3a 22 66 6c 61 73 68 2f 63 6f 6d 70 69 6c 65 64 2f 46 6f 6e 74 4c 69 73 74 2e 73 77 66 22 2c 64 65 74 65 63 74 53 63 72 65 65 6e 4f 72 69 65 6e 74 61 74 69 6f 6e 3a 21 30 2c 73 6f 72 74 50 6c 75 67 69 6e 73 46 6f 72 3a 5b 2f 70 61 6c 65 6d 6f 6f 6e 2f 69 5d 2c 75 73 65 72 44 65 66 69 6e 65 64 46 6f 6e 74 73 3a 5b 5d 7d 3b 74 68 69 73 2e 6f 70 74 69 6f 6e 73 3d 74 68 69 73 2e 65 78 74 65 6e 64 28 74 2c 69 29 2c 74 68 69 73 2e 6e 61 74 69 76 65 46 6f 72 45 61 63 68 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6f 72 45 61 63 68 2c 74 68 69 73 2e 6e 61 74 69 76 65 4d 61 70 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 6d 61 70 7d 3b 72 65 74 75 72 6e 20 65 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 65 78 74 65 Data Ascii: ntjs2",swfPath:"flash/compiled/FontList.swf",detectScreenOrientation:!0,sortPluginsFor:[/palemoon/i],userDefinedFonts:[]};this.options=this.extend(t,i),this.nativeForEach=Array.prototype.forEach,this.nativeMap=Array.prototype.map};return e.prototype={exte
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 67 65 74 55 73 65 72 41 67 65 6e 74 28 29 7d 29 2c 65 7d 2c 67 65 74 55 73 65 72 41 67 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 7d 2c 6c 61 6e 67 75 61 67 65 4b 65 79 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 65 78 63 6c 75 64 65 4c 61 6e 67 75 61 67 65 7c 7c 65 2e 70 75 73 68 28 7b 6b 65 79 3a 22 6c 61 6e 67 75 61 67 65 22 2c 76 61 6c 75 65 3a 6e 61 76 69 67 61 74 6f 72 2e 6c 61 6e 67 75 61 67 65 7c 7c 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 4c 61 6e 67 75 61 67 65 7c 7c 6e 61 76 69 67 61 74 6f 72 2e 62 72 6f 77 73 65 72 4c 61 6e 67 75 61 67 65 7c 7c 6e 61 76 69 67 61 74 6f 72 2e 73 79 73 74 65 6d 4c 61 6e 67 75 61 Data Ascii: getUserAgent()}),e},getUserAgent:function(){return navigator.userAgent},languageKey:function(e){return this.options.excludeLanguage\|\|e.push({key:"language",value:navigator.language\|\|navigator.userLanguage\|\|navigator.browserLanguage\|\|navigator.systemLangua
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 3a 22 61 76 61 69 6c 61 62 6c 65 5f 72 65 73 6f 6c 75 74 69 6f 6e 22 2c 76 61 6c 75 65 3a 74 7d 29 2c 65 7d 2c 74 69 6d 65 7a 6f 6e 65 4f 66 66 73 65 74 4b 65 79 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 65 78 63 6c 75 64 65 54 69 6d 65 7a 6f 6e 65 4f 66 66 73 65 74 7c 7c 65 2e 70 75 73 68 28 7b 6b 65 79 3a 22 74 69 6d 65 7a 6f 6e 65 5f 6f 66 66 73 65 74 22 2c 76 61 6c 75 65 3a 28 6e 65 77 20 44 61 74 65 29 2e 67 65 74 54 69 6d 65 7a 6f 6e 65 4f 66 66 73 65 74 28 29 7d 29 2c 65 7d 2c 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 4b 65 79 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 21 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 65 78 63 6c 75 64 65 53 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 26 26 Data Ascii: :"available_resolution",value:t}),e},timezoneOffsetKey:function(e){return this.options.excludeTimezoneOffset\|\|e.push({key:"timezone_offset",value:(new Date).getTimezoneOffset()}),e},sessionStorageKey:function(e){return!this.options.excludeSessionStorage&&
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 70 28 29 7d 29 2c 65 7d 2c 77 65 62 67 6c 4b 65 79 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 65 78 63 6c 75 64 65 57 65 62 47 4c 3f 65 3a 74 68 69 73 2e 69 73 57 65 62 47 6c 53 75 70 70 6f 72 74 65 64 28 29 3f 28 65 2e 70 75 73 68 28 7b 6b 65 79 3a 22 77 65 62 67 6c 22 2c 76 61 6c 75 65 3a 74 68 69 73 2e 67 65 74 57 65 62 67 6c 46 70 28 29 7d 29 2c 65 29 3a 65 7d 2c 61 64 42 6c 6f 63 6b 4b 65 79 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 65 78 63 6c 75 64 65 41 64 42 6c 6f 63 6b 7c 7c 65 2e 70 75 73 68 28 7b 6b 65 79 3a 22 61 64 62 6c 6f 63 6b 22 2c 76 61 6c 75 65 3a 74 68 69 73 2e 67 65 74 41 64 42 6c 6f 63 6b 28 29 7d 29 2c 65 7d 2c 68 61 73 Data Ascii: p()}),e},webglKey:function(e){return this.options.excludeWebGL?e:this.isWebGlSupported()?(e.push({key:"webgl",value:this.getWebglFp()}),e):e},adBlockKey:function(e){return this.options.excludeAdBlock\|\|e.push({key:"adblock",value:this.getAdBlock()}),e},has
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 72 72 6f 77 22 2c 22 41 72 69 61 6c 20 52 6f 75 6e 64 65 64 20 4d 54 20 42 6f 6c 64 22 2c 22 41 72 69 61 6c 20 55 6e 69 63 6f 64 65 20 4d 53 22 2c 22 42 69 74 73 74 72 65 61 6d 20 56 65 72 61 20 53 61 6e 73 20 4d 6f 6e 6f 22 2c 22 42 6f 6f 6b 20 41 6e 74 69 71 75 61 22 2c 22 42 6f 6f 6b 6d 61 6e 20 4f 6c 64 20 53 74 79 6c 65 22 2c 22 43 61 6c 69 62 72 69 22 2c 22 43 61 6d 62 72 69 61 22 2c 22 43 61 6d 62 72 69 61 20 4d 61 74 68 22 2c 22 43 65 6e 74 75 72 79 22 2c 22 43 65 6e 74 75 72 79 20 47 6f 74 68 69 63 22 2c 22 43 65 6e 74 75 72 79 20 53 63 68 6f 6f 6c 62 6f 6f 6b 22 2c 22 43 6f 6d 69 63 20 53 61 6e 73 22 2c 22 43 6f 6d 69 63 20 53 61 6e 73 20 4d 53 22 2c 22 43 6f 6e 73 6f 6c 61 73 22 2c 22 43 6f 75 72 69 65 72 22 2c 22 43 6f 75 72 69 65 72 20 4e 65 Data Ascii: rrow","Arial Rounded MT Bold","Arial Unicode MS","Bitstream Vera Sans Mono","Book Antiqua","Bookman Old Style","Calibri","Cambria","Cambria Math","Century","Century Gothic","Century Schoolbook","Comic Sans","Comic Sans MS","Consolas","Courier","Courier Ne
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 72 64 65 20 42 6b 20 42 54 22 2c 22 41 76 61 6e 74 47 61 72 64 65 20 4d 64 20 42 54 22 2c 22 41 56 45 4e 49 52 22 2c 22 41 79 75 74 68 61 79 61 22 2c 22 42 61 6e 64 79 22 2c 22 42 61 6e 67 6c 61 20 53 61 6e 67 61 6d 20 4d 4e 22 2c 22 42 61 6e 6b 20 47 6f 74 68 69 63 22 2c 22 42 61 6e 6b 47 6f 74 68 69 63 20 4d 64 20 42 54 22 2c 22 42 61 73 6b 65 72 76 69 6c 6c 65 22 2c 22 42 61 73 6b 65 72 76 69 6c 6c 65 20 4f 6c 64 20 46 61 63 65 22 2c 22 42 61 74 61 6e 67 22 2c 22 42 61 74 61 6e 67 43 68 65 22 2c 22 42 61 75 65 72 20 42 6f 64 6f 6e 69 22 2c 22 42 61 75 68 61 75 73 20 39 33 22 2c 22 42 61 7a 6f 6f 6b 61 22 2c 22 42 65 6c 6c 20 4d 54 22 2c 22 42 65 6d 62 6f 22 2c 22 42 65 6e 67 75 69 61 74 20 42 6b 20 42 54 22 2c 22 42 65 72 6c 69 6e 20 53 61 6e 73 20 46 Data Ascii: rde Bk BT","AvantGarde Md BT","AVENIR","Ayuthaya","Bandy","Bangla Sangam MN","Bank Gothic","BankGothic Md BT","Baskerville","Baskerville Old Face","Batang","BatangChe","Bauer Bodoni","Bauhaus 93","Bazooka","Bell MT","Bembo","Benguiat Bk BT","Berlin Sans F
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 2c 22 45 62 72 69 6d 61 22 2c 22 45 64 77 61 72 64 69 61 6e 20 53 63 72 69 70 74 20 49 54 43 22 2c 22 45 6c 65 70 68 61 6e 74 22 2c 22 45 6e 67 6c 69 73 68 20 31 31 31 20 56 69 76 61 63 65 20 42 54 22 2c 22 45 6e 67 72 61 76 65 72 73 20 4d 54 22 2c 22 45 6e 67 72 61 76 65 72 73 47 6f 74 68 69 63 20 42 54 22 2c 22 45 72 61 73 20 42 6f 6c 64 20 49 54 43 22 2c 22 45 72 61 73 20 44 65 6d 69 20 49 54 43 22 2c 22 45 72 61 73 20 4c 69 67 68 74 20 49 54 43 22 2c 22 45 72 61 73 20 4d 65 64 69 75 6d 20 49 54 43 22 2c 22 45 75 63 72 6f 73 69 61 55 50 43 22 2c 22 45 75 70 68 65 6d 69 61 22 2c 22 45 75 70 68 65 6d 69 61 20 55 43 41 53 22 2c 22 45 55 52 4f 53 54 49 4c 45 22 2c 22 45 78 6f 74 63 33 35 30 20 42 64 20 42 54 22 2c 22 46 61 6e 67 53 6f 6e 67 22 2c 22 46 65 Data Ascii: ,"Ebrima","Edwardian Script ITC","Elephant","English 111 Vivace BT","Engravers MT","EngraversGothic BT","Eras Bold ITC","Eras Demi ITC","Eras Light ITC","Eras Medium ITC","EucrosiaUPC","Euphemia","Euphemia UCAS","EUROSTILE","Exotc350 Bd BT","FangSong","Fe
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 41 22 2c 22 49 6e 66 6f 72 6d 61 6c 20 52 6f 6d 61 6e 22 2c 22 49 6e 66 6f 72 6d 61 6c 30 31 31 20 42 54 22 2c 22 49 4e 54 45 52 53 54 41 54 45 22 2c 22 49 72 69 73 55 50 43 22 2c 22 49 73 6b 6f 6f 6c 61 20 50 6f 74 61 22 2c 22 4a 61 73 6d 69 6e 65 55 50 43 22 2c 22 4a 61 7a 7a 20 4c 45 54 22 2c 22 4a 65 6e 73 6f 6e 22 2c 22 4a 65 73 74 65 72 22 2c 22 4a 6f 6b 65 72 6d 61 6e 22 2c 22 4a 75 69 63 65 20 49 54 43 22 2c 22 4b 61 62 65 6c 20 42 6b 20 42 54 22 2c 22 4b 61 62 65 6c 20 55 6c 74 20 42 54 22 2c 22 4b 61 69 6c 61 73 61 22 2c 22 4b 61 69 54 69 22 2c 22 4b 61 6c 69 6e 67 61 22 2c 22 4b 61 6e 6e 61 64 61 20 53 61 6e 67 61 6d 20 4d 4e 22 2c 22 4b 61 72 74 69 6b 61 22 2c 22 4b 61 75 66 6d 61 6e 6e 20 42 64 20 42 54 22 2c 22 4b 61 75 66 6d 61 6e 6e 20 42 Data Ascii: A","Informal Roman","Informal011 BT","INTERSTATE","IrisUPC","Iskoola Pota","JasmineUPC","Jazz LET","Jenson","Jester","Jokerman","Juice ITC","Kabel Bk BT","Kabel Ult BT","Kailasa","KaiTi","Kalinga","Kannada Sangam MN","Kartika","Kaufmann Bd BT","Kaufmann B

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:49 UTC	3697	OUT	GET /assets/js/mobile-detect.js-master/mobile-detect.min.js HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:50 UTC	731	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 35 30 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 30 34 20 47 4d 54 0d 0a 45 54 61 67 3a 20 57 2f 22 39 32 61 38 2d 36 30 38 39 30 32 65 34 35 32 31 33 35 2d 67 7a 69 70 22 0d 0a 56 61 72 79 3a 20 41 63 63 65 70 74 2d 45 6e 63 6f 64 69 6e 67 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:50 GMTContent-Type: application/javascriptTransfer-Encoding: chunkedConnection: closeLast-Modified: Wed, 25 Oct 2023 20:20:04 GMTETag: W/"92a8-608902e452135-gzip"Vary: Accept-EncodingCache-Contro
2023-11-27 03:23:50 UTC	638	IN	Data Raw: 37 63 64 34 0d 0a 2f 2a 21 40 6c 69 63 65 6e 73 65 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 33 2c 20 48 65 69 6e 72 69 63 68 20 47 6f 65 62 6c 2c 20 4c 69 63 65 6e 73 65 3a 20 4d 49 54 2c 20 73 65 65 20 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 68 67 6f 65 62 6c 2f 6d 6f 62 69 6c 65 2d 64 65 74 65 63 74 2e 6a 73 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 28 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 61 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 61 26 26 6e 75 6c 6c 21 3d 62 26 26 61 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3d 3d 3d 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 66 75 6e 63 74 69 6f 6e 20 63 28 61 2c 62 29 7b 76 61 72 20 63 2c 64 2c 65 3d Data Ascii: 7cd4/!@license Copyright 2013, Heinrich Goebl, License: MIT, see https://github.com/hgoebl/mobile-detect.js/!function(a,b){a(function(){"use strict";function a(a,b){return null!=a&&null!=b&&a.toLowerCase()===b.toLowerCase()}function c(a,b){var c,d,e=
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 74 69 6f 6e 7c 45 76 6f 7c 56 69 73 69 6f 6e 7c 45 78 70 6c 6f 72 65 72 7c 36 38 30 30 7c 38 31 30 30 7c 38 39 30 30 7c 41 37 32 37 32 7c 53 35 31 30 65 7c 43 31 31 30 65 7c 4c 65 67 65 6e 64 7c 44 65 73 69 72 65 7c 54 38 32 38 32 29 7c 41 50 58 35 31 35 43 4b 54 7c 51 74 65 6b 39 30 39 30 7c 41 50 41 39 32 39 32 4b 54 7c 48 44 5f 6d 69 6e 69 7c 53 65 6e 73 61 74 69 6f 6e 2e 2a 5a 37 31 30 65 7c 50 47 38 36 31 30 30 7c 5a 37 31 35 65 7c 44 65 73 69 72 65 2e 2a 28 41 38 31 38 31 7c 48 44 29 7c 41 44 52 36 32 30 30 7c 41 44 52 36 34 30 30 4c 7c 41 44 52 36 34 32 35 7c 30 30 31 48 54 7c 49 6e 73 70 69 72 65 20 34 47 7c 41 6e 64 72 6f 69 64 2e 2a 5c 5c 62 45 56 4f 5c 5c 62 7c 54 2d 4d 6f 62 69 6c 65 20 47 31 7c 5a 35 32 30 6d 22 2c 4e 65 78 75 73 3a 22 4e 65 Data Ascii: tion\|Evo\|Vision\|Explorer\|6800\|8100\|8900\|A7272\|S510e\|C110e\|Legend\|Desire\|T8282)\|APX515CKT\|Qtek9090\|APA9292KT\|HD_mini\|Sensation.Z710e\|PG86100\|Z715e\|Desire.(A8181\|HD)\|ADR6200\|ADR6400L\|ADR6425\|001HT\|Inspire 4G\|Android.*\\bEVO\\b\|T-Mobile G1\|Z520m",Nexus:"Ne
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 37 32 32 7c 47 54 2d 42 37 38 30 30 7c 47 54 2d 43 33 30 31 30 7c 47 54 2d 43 33 30 31 31 7c 47 54 2d 43 33 30 36 30 7c 47 54 2d 43 33 32 30 30 7c 47 54 2d 43 33 32 31 32 7c 47 54 2d 43 33 32 31 32 49 7c 47 54 2d 43 33 32 36 32 7c 47 54 2d 43 33 32 32 32 7c 47 54 2d 43 33 33 30 30 7c 47 54 2d 43 33 33 30 30 4b 7c 47 54 2d 43 33 33 30 33 7c 47 54 2d 43 33 33 30 33 4b 7c 47 54 2d 43 33 33 31 30 7c 47 54 2d 43 33 33 32 32 7c 47 54 2d 43 33 33 33 30 7c 47 54 2d 43 33 33 35 30 7c 47 54 2d 43 33 35 30 30 7c 47 54 2d 43 33 35 31 30 7c 47 54 2d 43 33 35 33 30 7c 47 54 2d 43 33 36 33 30 7c 47 54 2d 43 33 37 38 30 7c 47 54 2d 43 35 30 31 30 7c 47 54 2d 43 35 32 31 32 7c 47 54 2d 43 36 36 32 30 7c 47 54 2d 43 36 36 32 35 7c 47 54 2d 43 36 37 31 32 7c 47 54 2d 45 31 Data Ascii: 722\|GT-B7800\|GT-C3010\|GT-C3011\|GT-C3060\|GT-C3200\|GT-C3212\|GT-C3212I\|GT-C3262\|GT-C3222\|GT-C3300\|GT-C3300K\|GT-C3303\|GT-C3303K\|GT-C3310\|GT-C3322\|GT-C3330\|GT-C3350\|GT-C3500\|GT-C3510\|GT-C3530\|GT-C3630\|GT-C3780\|GT-C5010\|GT-C5212\|GT-C6620\|GT-C6625\|GT-C6712\|GT-E1
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 2d 53 37 30 37 30 7c 47 54 2d 53 37 32 30 30 7c 47 54 2d 53 37 32 32 30 7c 47 54 2d 53 37 32 33 30 7c 47 54 2d 53 37 32 33 33 7c 47 54 2d 53 37 32 35 30 7c 47 54 2d 53 37 35 30 30 7c 47 54 2d 53 37 35 33 30 7c 47 54 2d 53 37 35 35 30 7c 47 54 2d 53 37 35 36 32 7c 47 54 2d 53 37 37 31 30 7c 47 54 2d 53 38 30 30 30 7c 47 54 2d 53 38 30 30 33 7c 47 54 2d 53 38 35 30 30 7c 47 54 2d 53 38 35 33 30 7c 47 54 2d 53 38 36 30 30 7c 53 43 48 2d 41 33 31 30 7c 53 43 48 2d 41 35 33 30 7c 53 43 48 2d 41 35 37 30 7c 53 43 48 2d 41 36 31 30 7c 53 43 48 2d 41 36 33 30 7c 53 43 48 2d 41 36 35 30 7c 53 43 48 2d 41 37 39 30 7c 53 43 48 2d 41 37 39 35 7c 53 43 48 2d 41 38 35 30 7c 53 43 48 2d 41 38 37 30 7c 53 43 48 2d 41 38 39 30 7c 53 43 48 2d 41 39 33 30 7c 53 43 48 2d 41 Data Ascii: -S7070\|GT-S7200\|GT-S7220\|GT-S7230\|GT-S7233\|GT-S7250\|GT-S7500\|GT-S7530\|GT-S7550\|GT-S7562\|GT-S7710\|GT-S8000\|GT-S8003\|GT-S8500\|GT-S8530\|GT-S8600\|SCH-A310\|SCH-A530\|SCH-A570\|SCH-A610\|SCH-A630\|SCH-A650\|SCH-A790\|SCH-A795\|SCH-A850\|SCH-A870\|SCH-A890\|SCH-A930\|SCH-A
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 2d 45 33 33 35 7c 53 47 48 2d 45 35 39 30 7c 53 47 48 2d 45 36 33 35 7c 53 47 48 2d 45 37 31 35 7c 53 47 48 2d 45 38 39 30 7c 53 47 48 2d 46 33 30 30 7c 53 47 48 2d 46 34 38 30 7c 53 47 48 2d 49 32 30 30 7c 53 47 48 2d 49 33 30 30 7c 53 47 48 2d 49 33 32 30 7c 53 47 48 2d 49 35 35 30 7c 53 47 48 2d 49 35 37 37 7c 53 47 48 2d 49 36 30 30 7c 53 47 48 2d 49 36 30 37 7c 53 47 48 2d 49 36 31 37 7c 53 47 48 2d 49 36 32 37 7c 53 47 48 2d 49 36 33 37 7c 53 47 48 2d 49 36 37 37 7c 53 47 48 2d 49 37 30 30 7c 53 47 48 2d 49 37 31 37 7c 53 47 48 2d 49 37 32 37 7c 53 47 48 2d 69 37 34 37 4d 7c 53 47 48 2d 49 37 37 37 7c 53 47 48 2d 49 37 38 30 7c 53 47 48 2d 49 38 32 37 7c 53 47 48 2d 49 38 34 37 7c 53 47 48 2d 49 38 35 37 7c 53 47 48 2d 49 38 39 36 7c 53 47 48 2d 49 Data Ascii: -E335\|SGH-E590\|SGH-E635\|SGH-E715\|SGH-E890\|SGH-F300\|SGH-F480\|SGH-I200\|SGH-I300\|SGH-I320\|SGH-I550\|SGH-I577\|SGH-I600\|SGH-I607\|SGH-I617\|SGH-I627\|SGH-I637\|SGH-I677\|SGH-I700\|SGH-I717\|SGH-I727\|SGH-i747M\|SGH-I777\|SGH-I780\|SGH-I827\|SGH-I847\|SGH-I857\|SGH-I896\|SGH-I
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 2d 41 37 34 30 7c 53 50 48 2d 41 37 36 30 7c 53 50 48 2d 41 37 39 30 7c 53 50 48 2d 41 38 30 30 7c 53 50 48 2d 41 38 32 30 7c 53 50 48 2d 41 38 34 30 7c 53 50 48 2d 41 38 38 30 7c 53 50 48 2d 41 39 30 30 7c 53 50 48 2d 41 39 34 30 7c 53 50 48 2d 41 39 36 30 7c 53 50 48 2d 44 36 30 30 7c 53 50 48 2d 44 37 30 30 7c 53 50 48 2d 44 37 31 30 7c 53 50 48 2d 44 37 32 30 7c 53 50 48 2d 49 33 30 30 7c 53 50 48 2d 49 33 32 35 7c 53 50 48 2d 49 33 33 30 7c 53 50 48 2d 49 33 35 30 7c 53 50 48 2d 49 35 30 30 7c 53 50 48 2d 49 36 30 30 7c 53 50 48 2d 49 37 30 30 7c 53 50 48 2d 4c 37 30 30 7c 53 50 48 2d 4d 31 30 30 7c 53 50 48 2d 4d 32 32 30 7c 53 50 48 2d 4d 32 34 30 7c 53 50 48 2d 4d 33 30 30 7c 53 50 48 2d 4d 33 30 35 7c 53 50 48 2d 4d 33 32 30 7c 53 50 48 2d 4d 33 Data Ascii: -A740\|SPH-A760\|SPH-A790\|SPH-A800\|SPH-A820\|SPH-A840\|SPH-A880\|SPH-A900\|SPH-A940\|SPH-A960\|SPH-D600\|SPH-D700\|SPH-D710\|SPH-D720\|SPH-I300\|SPH-I325\|SPH-I330\|SPH-I350\|SPH-I500\|SPH-I600\|SPH-I700\|SPH-L700\|SPH-M100\|SPH-M220\|SPH-M240\|SPH-M300\|SPH-M305\|SPH-M320\|SPH-M3
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 4e 32 37 30 7c 55 4e 35 31 30 7c 55 4e 36 31 30 7c 55 53 36 37 30 7c 55 53 37 34 30 7c 55 53 37 36 30 7c 55 58 32 36 35 7c 55 58 38 34 30 7c 56 4e 32 37 31 7c 56 4e 35 33 30 7c 56 53 36 36 30 7c 56 53 37 30 30 7c 56 53 37 34 30 7c 56 53 37 35 30 7c 56 53 39 31 30 7c 56 53 39 32 30 7c 56 53 39 33 30 7c 56 58 39 32 30 30 7c 56 58 31 31 30 30 30 7c 41 58 38 34 30 41 7c 4c 57 37 37 30 7c 50 35 30 36 7c 50 39 32 35 7c 50 39 39 39 7c 45 36 31 32 7c 44 39 35 35 7c 44 38 30 32 7c 4d 53 33 32 33 29 22 2c 53 6f 6e 79 3a 22 53 6f 6e 79 53 54 7c 53 6f 6e 79 4c 54 7c 53 6f 6e 79 45 72 69 63 73 73 6f 6e 7c 53 6f 6e 79 45 72 69 63 73 73 6f 6e 4c 54 31 35 69 76 7c 4c 54 31 38 69 7c 45 31 30 69 7c 4c 54 32 38 68 7c 4c 54 32 36 77 7c 53 6f 6e 79 45 72 69 63 73 73 6f 6e 4d Data Ascii: N270\|UN510\|UN610\|US670\|US740\|US760\|UX265\|UX840\|VN271\|VN530\|VS660\|VS700\|VS740\|VS750\|VS910\|VS920\|VS930\|VX9200\|VX11000\|AX840A\|LW770\|P506\|P925\|P999\|E612\|D955\|D802\|MS323)",Sony:"SonyST\|SonyLT\|SonyEricsson\|SonyEricssonLT15iv\|LT18i\|E10i\|LT28h\|LT26w\|SonyEricssonM
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 32 7c 43 49 4e 4b 20 2b 7c 43 49 4e 4b 20 4b 49 4e 47 7c 43 49 4e 4b 20 50 45 41 58 7c 43 49 4e 4b 20 53 4c 49 4d 7c 53 55 42 4c 49 4d 22 2c 69 4d 6f 62 69 6c 65 3a 22 69 2d 6d 6f 62 69 6c 65 20 28 49 51 7c 69 2d 53 54 59 4c 45 7c 69 64 65 61 7c 5a 41 41 7c 48 69 74 7a 29 22 2c 53 69 6d 56 61 6c 6c 65 79 3a 22 5c 5c 62 28 53 50 2d 38 30 7c 58 54 2d 39 33 30 7c 53 58 2d 33 34 30 7c 58 54 2d 39 33 30 7c 53 58 2d 33 31 30 7c 53 50 2d 33 36 30 7c 53 50 36 30 7c 53 50 54 2d 38 30 30 7c 53 50 2d 31 32 30 7c 53 50 54 2d 38 30 30 7c 53 50 2d 31 34 30 7c 53 50 58 2d 35 7c 53 50 58 2d 38 7c 53 50 2d 31 30 30 7c 53 50 58 2d 38 7c 53 50 58 2d 31 32 29 5c 5c 62 22 2c 57 6f 6c 66 67 61 6e 67 3a 22 41 54 2d 42 32 34 44 7c 41 54 2d 41 53 35 30 48 44 7c 41 54 2d 41 53 34 Data Ascii: 2\|CINK +\|CINK KING\|CINK PEAX\|CINK SLIM\|SUBLIM",iMobile:"i-mobile (IQ\|i-STYLE\|idea\|ZAA\|Hitz)",SimValley:"\\b(SP-80\|XT-930\|SX-340\|XT-930\|SX-310\|SP-360\|SP60\|SPT-800\|SP-120\|SPT-800\|SP-140\|SPX-5\|SPX-8\|SP-100\|SPX-8\|SPX-12)\\b",Wolfgang:"AT-B24D\|AT-AS50HD\|AT-AS4
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 2d 50 37 33 39 7c 53 43 48 2d 49 39 32 35 7c 47 54 2d 49 39 32 30 30 7c 47 54 2d 50 35 32 30 30 7c 47 54 2d 50 35 32 31 30 7c 47 54 2d 50 35 32 31 30 58 7c 53 4d 2d 54 33 31 31 7c 53 4d 2d 54 33 31 30 7c 53 4d 2d 54 33 31 30 58 7c 53 4d 2d 54 32 31 30 7c 53 4d 2d 54 32 31 30 52 7c 53 4d 2d 54 32 31 31 7c 53 4d 2d 50 36 30 30 7c 53 4d 2d 50 36 30 31 7c 53 4d 2d 50 36 30 35 7c 53 4d 2d 50 39 30 30 7c 53 4d 2d 50 39 30 31 7c 53 4d 2d 54 32 31 37 7c 53 4d 2d 54 32 31 37 41 7c 53 4d 2d 54 32 31 37 53 7c 53 4d 2d 50 36 30 30 30 7c 53 4d 2d 54 33 31 30 30 7c 53 47 48 2d 49 34 36 37 7c 58 45 35 30 30 7c 53 4d 2d 54 31 31 30 7c 47 54 2d 50 35 32 32 30 7c 47 54 2d 49 39 32 30 30 58 7c 47 54 2d 4e 35 31 31 30 58 7c 47 54 2d 4e 35 31 32 30 7c 53 4d 2d 50 39 30 35 7c Data Ascii: -P739\|SCH-I925\|GT-I9200\|GT-P5200\|GT-P5210\|GT-P5210X\|SM-T311\|SM-T310\|SM-T310X\|SM-T210\|SM-T210R\|SM-T211\|SM-P600\|SM-P601\|SM-P605\|SM-P900\|SM-P901\|SM-T217\|SM-T217A\|SM-T217S\|SM-P6000\|SM-T3100\|SGH-I467\|XE500\|SM-T110\|GT-P5220\|GT-I9200X\|GT-N5110X\|GT-N5120\|SM-P905\|

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:50 UTC	3676	OUT	GET /utils/banners/banner-bf.js?v=1.04 HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:50 UTC	737	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 35 30 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 56 61 72 79 3a 20 41 63 63 65 70 74 2d 45 6e 63 6f 64 69 6e 67 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d 61 67 65 3d 31 34 34 30 30 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:50 GMTContent-Type: application/javascript; charset=utf-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *Vary: Accept-EncodingCache-Control: max-age=14400CF-Cache-Status:
2023-11-27 03:23:50 UTC	632	IN	Data Raw: 32 66 30 0d 0a 76 61 72 20 63 73 73 20 3d 20 27 69 6d 67 2e 62 61 6e 6e 65 72 20 7b 20 5c 0d 0a 09 70 6f 73 69 74 69 6f 6e 3a 20 66 69 78 65 64 3b 20 5c 0d 0a 09 74 6f 70 3a 20 30 3b 20 5c 0d 0a 09 77 69 64 74 68 3a 20 31 35 30 70 78 3b 5c 0d 0a 09 7a 2d 69 6e 64 65 78 3a 20 39 39 39 39 39 39 39 39 39 39 39 39 3b 5c 0d 0a 7d 5c 0d 0a 5c 6e 5c 0d 0a 40 6d 65 64 69 61 20 61 6c 6c 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 35 30 30 70 78 29 20 7b 5c 0d 0a 09 69 6d 67 2e 62 61 6e 6e 65 72 20 7b 5c 0d 0a 09 09 77 69 64 74 68 3a 20 31 30 30 70 78 3b 5c 0d 0a 09 7d 5c 0d 0a 7d 5c 0d 0a 27 2c 0d 0a 68 65 61 64 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 68 65 61 64 20 7c 7c 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 Data Ascii: 2f0var css = 'img.banner { \position: fixed; \top: 0; \width: 150px;\z-index: 999999999999;\}\\n\@media all and (max-width: 500px) {\img.banner {\width: 100px;\}\}\',head = document.head \|\| document.getElementsByTagName
2023-11-27 03:23:50 UTC	127	IN	Data Raw: 76 3d 31 22 3b 0d 0a 69 6d 67 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 62 61 6e 6e 65 72 27 3b 0d 0a 69 6d 67 2e 6f 6e 63 6c 69 63 6b 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 74 68 69 73 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 20 3d 20 27 6e 6f 6e 65 27 3b 20 7d 0d 0a 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 69 6d 67 29 3b 0d 0a Data Ascii: v=1";img.className = 'banner';img.onclick = function () { this.style.display = 'none'; }document.body.appendChild(img);
2023-11-27 03:23:50 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:50 UTC	464	OUT	GET /assets/images/State-Farm-Logo.png HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:51 UTC	689	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 35 30 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 69 6d 61 67 65 2f 70 6e 67 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 34 34 31 35 39 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 30 35 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 61 63 37 66 2d 36 30 38 39 30 32 65 34 39 35 37 35 34 22 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d 61 67 65 3d 31 34 34 30 30 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 4d 49 53 53 0d 0a 41 63 63 65 70 74 2d Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:50 GMTContent-Type: image/pngContent-Length: 44159Connection: closeLast-Modified: Wed, 25 Oct 2023 20:20:05 GMTETag: "ac7f-608902e495754"Cache-Control: max-age=14400CF-Cache-Status: MISSAccept-
2023-11-27 03:23:51 UTC	680	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 0f 00 00 00 08 70 04 03 00 00 00 62 90 d6 41 00 00 00 15 50 4c 54 45 47 70 4c ed 1d 24 ee 1c 24 ee 1c 23 ee 1d 24 ee 1d 24 ed 1d 24 39 05 26 69 00 00 00 06 74 52 4e 53 00 d8 23 aa 4d 7b 33 4b 72 93 00 00 20 00 49 44 41 54 78 da ec c1 01 01 00 00 00 80 90 fe af ee 08 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: PNGIHDRpbAPLTEGpL$$#$$$9&itRNS#M{3Kr IDATx
2023-11-27 03:23:51 UTC	1369	IN	Data Raw: 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 55 Data Ascii: UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
2023-11-27 03:23:51 UTC	1369	IN	Data Raw: 98 bc 88 b7 e3 a0 d3 0d 15 d1 5d d7 1c a5 4c 96 65 9b f2 15 9b fa 37 1a 1d e6 74 00 00 04 ea 42 34 9a fc ee 24 98 54 70 fb 2d 27 ca b2 b2 4c 9a f1 26 cf d3 4d aa 50 6b 9d 24 49 23 c3 34 53 03 00 c8 73 7f 63 bd 1d 13 1d e0 04 bf bf e3 d4 ea bb 9b 2c a6 5b 26 8b d5 bf ab 03 06 9a 00 00 48 93 86 65 31 ae fc ee e3 d0 19 4e f0 cb 11 ab fd 5c cf 9e 6e 6a dd 78 c2 4c d7 06 00 90 e3 fe 6e a7 00 27 f8 e5 88 b3 c1 19 f6 2a 48 37 0c 15 03 00 90 e0 9b 45 c5 08 b5 cf ed f5 d0 e9 1a 27 78 27 bf 65 6c 71 c6 0c 15 03 00 10 a1 bf e7 b7 fe 1e 91 e0 64 83 8e 98 ac b0 4e b0 d7 12 bc 41 82 01 00 bc 56 87 89 c2 cf 2f 61 68 e9 32 52 7b bf 27 dd 70 02 7a b9 c0 eb ab bf e2 0c 40 38 d1 ad de 4e 8b fe be 16 7e c1 39 35 c0 a0 5d 45 f0 55 84 ef bd 7b 39 38 86 91 78 19 3b b3 5e af b3 Data Ascii: ]Le7tB4$Tp-'L&MPk$I#4Ssc,[&He1N\njxLn'*H7E'x'elqdNAV/ah2R{'pz@8N~95]EU{98x;^
2023-11-27 03:23:51 UTC	1369	IN	Data Raw: d7 c9 c6 a8 33 3e 66 61 86 b8 58 1e c6 39 af 56 1f de 7a 99 61 f2 eb 7b 71 8c c9 8a 78 50 f3 ba 80 79 60 4b 97 02 fc 07 01 06 31 0c 7a d5 aa 60 b3 3e 77 e7 ec c1 56 f3 ce 20 b4 57 f7 9b d9 27 1a d8 46 10 cc f0 fc c0 9d cf f2 1b 15 f1 b0 6b 88 84 36 55 b7 02 8c 55 06 29 0c da 41 a8 d3 6c 8c 4b a9 ca 06 79 5a 5e 05 a1 a3 d9 ab 59 ec c6 08 59 c8 af cf b9 39 13 95 c9 e0 63 10 30 0f cc e9 24 ca df 98 65 90 c2 ed 20 f7 77 ac 98 90 1a e4 04 fb 14 84 9e 7f a0 81 95 00 f7 b6 dc bc b9 19 79 2b c0 03 83 33 72 6a 84 be 30 89 12 60 86 50 53 bf 83 56 a5 67 47 9f df 04 fa b4 24 17 c3 41 28 cf c6 7c 5d 0d 8d ba fa 9d 9b 53 16 7d 72 32 e6 81 39 9d 44 f9 0f 76 19 64 30 a0 45 26 28 c7 9d 8d 11 0d 58 8c eb 8d ab a5 e6 77 80 2b 9b 0c a5 5d a4 d1 db dc 9c dd 35 49 42 91 ee 4f Data Ascii: 3>faX9Vza{qxPy`K1z`>wV W'Fk6UU)AlKyZ^YY9c0$e wy+3rj0`PSVgG$A(\|]S}r29Dvd0E&(Xw+]5IBO
2023-11-27 03:23:51 UTC	1369	IN	Data Raw: b1 4c 97 1c 5c e0 40 68 87 73 0c 2c 64 d2 b2 55 ca db 2d 7c 3f 71 d0 de b3 72 29 c0 0b 2c 34 f8 4c d7 e0 81 96 00 b4 9a 42 7f 77 a5 58 87 6f 59 57 2a ee 02 73 42 0e d7 99 ff 39 ff 39 90 26 c0 76 ee 9e b7 f3 c0 4e 7f 32 9c 3d c1 00 17 48 57 13 70 70 78 b7 5f c6 53 5d 73 0f 15 b8 d3 21 bb b8 b2 53 97 cb dc 6c 04 98 f6 9b 13 04 58 c2 a0 c4 2b 04 18 60 2a 3a 22 d0 2d 73 97 a3 78 ba 40 d3 61 c3 71 b4 f2 24 26 e5 72 92 ee f5 64 7f 4d 5f 05 d8 d2 dd 93 d0 06 fc c9 e1 03 bc fd 8d 85 06 89 f1 a5 c3 ab fd 44 f1 e7 27 7f fb e1 fd e7 a9 8e 66 e0 8b db c8 e0 30 02 6d 35 89 d2 2e f7 e9 eb 1a 5c 4b 77 4f c2 9c a6 65 78 19 4f 30 c0 05 be 5d 1d 7e e6 81 cc 45 d3 46 52 0f b7 1e aa d8 8f 57 d2 65 17 e5 bf 67 3f 08 db ad 1f d7 a0 89 02 01 df fe 63 ef 6a ba db 44 96 68 5e 47 Data Ascii: L\@hs,dU-\|?qr),4LBwXoYWsB99&vN2=HWppx_S]s!SlX+`:"-sx@aq$&rdM_D'f0m5.\KwOexO0]~EFRWeg?cjDh^G
2023-11-27 03:23:51 UTC	1369	IN	Data Raw: af 46 54 30 1b ea 70 b1 35 58 af c0 23 56 96 86 b2 25 2c 27 22 60 44 1c e2 03 d1 60 5a d9 89 80 09 04 c4 ce 6a e5 4c 6c ce 0e fc 56 72 c1 cb 24 6d b8 a9 1b 3b 86 03 dc 7c 11 71 6b a1 21 09 1a ec 5d ff 75 75 4f d0 40 ce 1b 3c 4a 6e 5e 02 81 20 b8 b3 5a 67 7b 77 33 26 c0 1d 12 1a fb aa 4e b8 73 99 c4 6a 91 49 16 aa c1 4e ab ef 3d da 13 be cf e1 f8 85 30 e0 15 79 57 02 01 be b3 ee 25 43 5f 95 43 e8 5a b1 80 9d 32 17 6e 05 51 4d b6 f1 b3 9c 50 bc d7 9b a2 bb c9 36 f7 9e ba 09 58 17 21 81 40 b8 05 4f d7 fd 31 f2 ef a7 d4 a0 9f 9a 09 5e 68 63 05 2a f2 2e 42 5c fe f0 b0 95 21 60 60 b3 a7 ab 03 28 80 6f ec 9b 0f 7e e2 85 08 98 40 50 0f 1e a9 35 b3 ca 39 4b b0 6e d2 8b 17 1b 49 00 57 83 85 9d 32 75 5b 88 05 50 48 81 04 fc e4 e8 9e 00 06 9d 3e 10 30 26 8a bc 27 ef Data Ascii: FT0p5X#V%,'"`D`ZjLlVr$m;\|qk!]uuO@<Jn^ Zg{w3&NsjIN=0yW%C_CZ2nQMP6X!@O1^hc*.B\!``(o~@P59KnIW2u[PH>0&'
2023-11-27 03:23:51 UTC	1369	IN	Data Raw: 16 59 9c 05 21 6e d4 e9 35 d5 be d2 7d 09 84 10 f1 69 60 2b 0d 36 bb a2 44 5c 94 80 1b 6a af 29 6d c0 2d 8e 65 a1 8e c1 8d fa 08 78 d6 f2 d1 45 b0 04 e8 d9 b0 5e 93 29 cf f8 56 8c 95 7f cf b6 27 74 8f 0d 1d fb f5 a5 07 ab 34 c5 3c ab eb 62 b3 f2 ff 9d cf 93 3a 35 cc 38 b7 a7 99 77 5e 69 31 a5 c9 4c ec 1b ae c7 bd 97 aa 80 b9 cc 7b 43 d8 61 19 4b 93 10 21 b1 d4 e6 51 d3 7d d2 a4 7b 50 4b 45 f4 59 76 bd 2b 8d 2b 8a 94 ac 44 fc 51 c9 9d d5 06 4b 24 cc c1 ff 60 f5 4e b3 4d e2 18 22 e0 a5 c9 2f f6 4e 2a da 90 de 05 29 e4 0c c8 b8 fe d7 6b 26 d1 40 1c 47 91 76 1e 06 12 b0 ee af 13 7d e4 52 ff 0c 3f 08 96 49 92 5f ce 93 65 c2 0f 16 11 70 d5 3e 7b 6e 19 cd 54 b1 ca 35 07 ad df 15 66 cb 2c d2 2d 38 1e 6f 7c 64 88 b7 cf e8 5c 12 e5 c7 97 2e 82 64 77 39 ca 2e 58 19 Data Ascii: Y!n5}i`+6D\j)m-exE^)V't4<b:58w^i1L{CaK!Q}{PKEYv++DQK$`NM"/N*)k&@Gv}R?I_ep>{nT5f,-8o\|d\.dw9.X
2023-11-27 03:23:51 UTC	1369	IN	Data Raw: 62 cd 59 c2 fc 94 4b 2d 19 ac 5e 80 af ca a7 7b 48 0a 0b 25 60 7e d6 cd f2 50 ee 01 d0 3c 5e fe 78 d9 51 0c f6 01 1b 39 88 c3 ae 49 58 18 02 3e e8 26 e0 50 fb fb 12 89 21 a2 58 81 f6 dc 5c 37 a8 08 6b 22 01 b3 58 26 b7 2b 96 7a 18 18 31 4f 55 93 15 47 0a b4 e7 4e 12 2c 23 1b dc c9 13 70 3c 12 82 76 ee 3c 81 8e 44 e1 66 dd 8b 93 f8 be 2b c4 44 e8 08 5a b6 40 17 25 f2 09 d8 c2 51 94 26 67 c0 b1 81 04 7c a7 fd 75 8d ff 04 c6 6e ef 3d 55 90 cf 40 84 2d fd b7 5d c3 df 24 4b 25 15 81 e5 ef 95 19 16 a3 63 53 f6 8f 58 92 79 49 32 d5 6b b0 c6 01 5e 3c 16 8f 75 9d 77 66 39 43 8b a0 7f 70 c9 12 f2 b5 5f 45 f6 54 0c d7 6d 96 bf 89 7e ad b9 0d c9 da cb 18 30 e2 9d fd 04 3c 5a 84 c5 94 ea 88 b8 a3 a5 85 79 04 2c cd bf 9a dc da ff d9 bb 96 ee c4 71 26 9a e3 c0 fe 83 98 Data Ascii: bYK-^{H%`~P<^xQ9IX>&P!X\7k"X&+z1OUGN,#p<v<Df+DZ@%Q&g\|un=U@-]$K%cSXyI2k^<uwf9Cp_ETm~0<Zy,q&
2023-11-27 03:23:51 UTC	1369	IN	Data Raw: 32 46 81 07 2b c1 ef a2 d8 6b 1a 9e bf 9e 0f cb a3 15 a1 9f 8d be 13 c6 7b 48 45 d3 bd e5 c6 2b 7e 00 ce fb cc 27 8e bd 0e e2 e5 bc b3 08 8d 29 1f 82 b6 c1 ee 1c 89 6e 46 23 f6 61 2d 89 a2 2a a1 04 ce 22 42 27 cf 40 b7 76 a8 c6 66 5e 62 7c 21 72 fa 96 39 36 54 c2 8d 55 fc 3e 9b 80 fe c2 d1 a5 0e 1d 74 1a e6 16 8e 8b 1b 72 1f 04 00 1f 8c df e8 f0 1f 00 07 06 c0 3d f9 72 5e b3 4b 32 00 b0 2c bc e0 a5 c0 00 d5 a2 1b 97 66 f3 ed 7a 4e 99 bb db 48 9b 82 5b b7 ed a1 6b 52 16 4b 9e a0 a1 c4 1b 2d 53 7d 52 8a b0 36 b6 3b ad ef ac fc 1a 61 33 8b 14 80 87 c6 7c 93 4d fc b1 cd 65 34 36 7f b8 b9 32 00 26 ee 2a db 72 9e 97 58 39 af 51 06 a5 8f ea 76 59 e0 e8 41 e0 18 c8 2d 66 22 ee 44 0c 29 b0 1b 9b fc 29 8b bb 00 f7 ca cb 7d be 93 29 ff f1 77 6a a2 8a d7 b9 6f 31 b1 Data Ascii: 2F+k{HE+~')nF#a-"B'@vf^b\|!r96TU>tr=r^K2,fzNH[kRK-S}R6;a3\|Me462&rX9QvYA-f"D))})wjo1

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:50 UTC	3659	OUT	GET /assets/js/ads.js HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:50 UTC	725	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 35 30 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 0d 0a 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 30 34 20 47 4d 54 0d 0a 45 54 61 67 3a 20 57 2f 22 37 61 39 35 2d 36 30 38 39 30 32 65 34 34 66 32 35 35 2d 67 7a 69 70 22 0d 0a 56 61 72 79 3a 20 41 63 63 65 70 74 2d 45 6e 63 6f 64 69 6e 67 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:50 GMTContent-Type: application/javascriptTransfer-Encoding: chunkedConnection: closeLast-Modified: Wed, 25 Oct 2023 20:20:04 GMTETag: W/"7a95-608902e44f255-gzip"Vary: Accept-EncodingCache-Contro
2023-11-27 03:23:50 UTC	644	IN	Data Raw: 37 61 39 35 0d 0a 76 61 72 20 41 44 53 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 3d 31 2c 72 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 6e 3c 72 3b 6e 2b 2b 29 66 6f 72 28 76 61 72 20 61 20 69 6e 20 74 3d 61 72 67 75 6d 65 6e 74 73 5b 6e 5d 29 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 74 2c 61 29 26 26 28 65 5b 61 5d 3d 74 5b 61 5d 29 3b 72 65 74 75 72 6e 20 65 7d 2c 74 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 3b 66 75 6e 63 Data Ascii: 7a95var ADS=function(e){"use strict";var t=function(){return t=Object.assign\|\|function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var a in t=arguments[n])Object.prototype.hasOwnProperty.call(t,a)&&(e[a]=t[a]);return e},t.apply(this,arguments)};func
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 3a 5b 5d 7d 3b 72 65 74 75 72 6e 20 6f 3d 7b 6e 65 78 74 3a 63 28 30 29 2c 74 68 72 6f 77 3a 63 28 31 29 2c 72 65 74 75 72 6e 3a 63 28 32 29 7d 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 28 6f 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 7d 29 2c 6f 3b 66 75 6e 63 74 69 6f 6e 20 63 28 6f 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6f 29 7b 69 66 28 6e 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 47 65 6e 65 72 61 74 6f 72 20 69 73 20 61 6c 72 65 61 64 79 20 65 78 65 63 75 74 69 6e 67 2e 22 29 3b 66 6f 72 28 3b 69 3b 29 74 72 79 7b 69 66 28 6e 3d 31 2c 72 Data Ascii: :[]};return o={next:c(0),throw:c(1),return:c(2)},"function"==typeof Symbol&&(o[Symbol.iterator]=function(){return this}),o;function c(o){return function(c){return function(o){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 74 28 21 31 2c 61 29 7d 76 61 72 20 72 7d 66 75 6e 63 74 69 6f 6e 20 63 28 65 2c 74 2c 61 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 3d 3d 3d 61 26 26 28 61 3d 31 36 29 2c 6e 28 74 68 69 73 2c 76 6f 69 64 20 30 2c 76 6f 69 64 20 30 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6e 2c 69 2c 63 3b 72 65 74 75 72 6e 20 72 28 74 68 69 73 2c 28 66 75 6e 63 74 69 6f 6e 28 72 29 7b 73 77 69 74 63 68 28 72 2e 6c 61 62 65 6c 29 7b 63 61 73 65 20 30 3a 6e 3d 44 61 74 65 2e 6e 6f 77 28 29 2c 69 3d 30 2c 72 2e 6c 61 62 65 6c 3d 31 3b 63 61 73 65 20 31 3a 72 65 74 75 72 6e 20 69 3c 65 2e 6c 65 6e 67 74 68 3f 28 74 28 65 5b 69 5d 2c 69 29 2c 28 63 3d 44 61 74 65 2e 6e 6f 77 28 29 29 3e 3d 6e 2b 61 3f 28 6e 3d 63 2c 5b 34 2c 6f 28 30 29 5d 29 3a 5b 33 2c 33 5d 29 Data Ascii: t(!1,a)}var r}function c(e,t,a){return void 0===a&&(a=16),n(this,void 0,void 0,(function(){var n,i,c;return r(this,(function(r){switch(r.label){case 0:n=Date.now(),i=0,r.label=1;case 1:return i<e.length?(t(e[i],i),(c=Date.now())>=n+a?(n=c,[4,o(0)]):[3,3])
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 5d 7d 66 75 6e 63 74 69 6f 6e 20 66 28 65 2c 74 29 7b 72 65 74 75 72 6e 5b 65 5b 30 5d 5e 74 5b 30 5d 2c 65 5b 31 5d 5e 74 5b 31 5d 5d 7d 66 75 6e 63 74 69 6f 6e 20 68 28 65 29 7b 72 65 74 75 72 6e 20 65 3d 66 28 65 2c 5b 30 2c 65 5b 30 5d 3e 3e 3e 31 5d 29 2c 65 3d 66 28 65 3d 73 28 65 2c 5b 34 32 38 33 35 34 33 35 31 31 2c 33 39 38 31 38 30 36 37 39 37 5d 29 2c 5b 30 2c 65 5b 30 5d 3e 3e 3e 31 5d 29 2c 65 3d 66 28 65 3d 73 28 65 2c 5b 33 33 30 31 38 38 32 33 36 36 2c 34 34 34 39 38 34 34 30 33 5d 29 2c 5b 30 2c 65 5b 30 5d 3e 3e 3e 31 5d 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 65 2c 74 29 7b 74 3d 74 7c 7c 30 3b 76 61 72 20 6e 2c 72 3d 28 65 3d 65 7c 7c 22 22 29 2e 6c 65 6e 67 74 68 25 31 36 2c 61 3d 65 2e 6c 65 6e 67 74 68 2d 72 2c 6f 3d 5b 30 2c 74 5d Data Ascii: ]}function f(e,t){return[e[0]^t[0],e[1]^t[1]]}function h(e){return e=f(e,[0,e[0]>>>1]),e=f(e=s(e,[4283543511,3981806797]),[0,e[0]>>>1]),e=f(e=s(e,[3301882366,444984403]),[0,e[0]>>>1])}function v(e,t){t=t\|\|0;var n,r=(e=e\|\|"").length%16,a=e.length-r,o=[0,t]
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 5d 2c 34 38 29 29 3b 63 61 73 65 20 36 3a 63 3d 66 28 63 2c 64 28 5b 30 2c 65 2e 63 68 61 72 43 6f 64 65 41 74 28 6e 2b 35 29 5d 2c 34 30 29 29 3b 63 61 73 65 20 35 3a 63 3d 66 28 63 2c 64 28 5b 30 2c 65 2e 63 68 61 72 43 6f 64 65 41 74 28 6e 2b 34 29 5d 2c 33 32 29 29 3b 63 61 73 65 20 34 3a 63 3d 66 28 63 2c 64 28 5b 30 2c 65 2e 63 68 61 72 43 6f 64 65 41 74 28 6e 2b 33 29 5d 2c 32 34 29 29 3b 63 61 73 65 20 33 3a 63 3d 66 28 63 2c 64 28 5b 30 2c 65 2e 63 68 61 72 43 6f 64 65 41 74 28 6e 2b 32 29 5d 2c 31 36 29 29 3b 63 61 73 65 20 32 3a 63 3d 66 28 63 2c 64 28 5b 30 2c 65 2e 63 68 61 72 43 6f 64 65 41 74 28 6e 2b 31 29 5d 2c 38 29 29 3b 63 61 73 65 20 31 3a 63 3d 73 28 63 3d 66 28 63 2c 5b 30 2c 65 2e 63 68 61 72 43 6f 64 65 41 74 28 6e 29 5d 29 2c 70 Data Ascii: ],48));case 6:c=f(c,d([0,e.charCodeAt(n+5)],40));case 5:c=f(c,d([0,e.charCodeAt(n+4)],32));case 4:c=f(c,d([0,e.charCodeAt(n+3)],24));case 3:c=f(c,d([0,e.charCodeAt(n+2)],16));case 2:c=f(c,d([0,e.charCodeAt(n+1)],8));case 1:c=s(c=f(c,[0,e.charCodeAt(n)]),p
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 29 7b 72 65 74 75 72 6e 7b 65 72 72 6f 72 3a 79 28 65 5b 31 5d 29 2c 64 75 72 61 74 69 6f 6e 3a 6f 7d 7d 29 29 3b 76 61 72 20 63 3d 65 5b 31 5d 3b 69 66 28 6e 28 63 29 29 72 65 74 75 72 6e 20 72 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 7b 76 61 6c 75 65 3a 63 2c 64 75 72 61 74 69 6f 6e 3a 6f 7d 7d 29 29 3b 72 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 44 61 74 65 2e 6e 6f 77 28 29 3b 69 28 63 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 6e 3d 5b 5d 2c 72 3d 30 3b 72 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 72 2b 2b 29 6e 5b 72 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 72 5d 3b 76 61 72 20 61 3d 6f 2b 44 61 Data Ascii: ){return{error:y(e[1]),duration:o}}));var c=e[1];if(n(c))return r((function(){return{value:c,duration:o}}));r((function(){return new Promise((function(e){var t=Date.now();i(c,(function(){for(var n=[],r=0;r<arguments.length;r++)n[r]=arguments[r];var a=o+Da
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 28 5b 22 77 65 62 6b 69 74 50 65 72 73 69 73 74 65 6e 74 53 74 6f 72 61 67 65 22 69 6e 20 74 2c 22 77 65 62 6b 69 74 54 65 6d 70 6f 72 61 72 79 53 74 6f 72 61 67 65 22 69 6e 20 74 2c 30 3d 3d 3d 74 2e 76 65 6e 64 6f 72 2e 69 6e 64 65 78 4f 66 28 22 47 6f 6f 67 6c 65 22 29 2c 22 77 65 62 6b 69 74 52 65 73 6f 6c 76 65 4c 6f 63 61 6c 46 69 6c 65 53 79 73 74 65 6d 55 52 4c 22 69 6e 20 65 2c 22 42 61 74 74 65 72 79 4d 61 6e 61 67 65 72 22 69 6e 20 65 2c 22 77 65 62 6b 69 74 4d 65 64 69 61 53 74 72 65 61 6d 22 69 6e 20 65 2c 22 77 65 62 6b 69 74 53 70 65 65 63 68 47 72 61 6d 6d 61 72 22 69 6e 20 65 5d 29 3e 3d 35 7d 66 75 6e 63 74 69 6f 6e 20 78 28 29 7b 76 61 72 20 65 3d 77 69 6e 64 6f 77 2c 74 3d 6e 61 76 69 67 61 74 6f 72 3b 72 65 74 75 72 6e 20 62 28 5b 22 Data Ascii: (["webkitPersistentStorage"in t,"webkitTemporaryStorage"in t,0===t.vendor.indexOf("Google"),"webkitResolveLocalFileSystemURL"in e,"BatteryManager"in e,"webkitMediaStream"in e,"webkitSpeechGrammar"in e])>=5}function x(){var e=window,t=navigator;return b(["
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 33 5d 3a 5b 34 2c 6f 28 61 29 5d 3b 63 61 73 65 20 32 3a 72 65 74 75 72 6e 20 72 2e 73 65 6e 74 28 29 2c 5b 33 2c 31 5d 3b 63 61 73 65 20 33 3a 73 3d 6e 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 66 72 61 6d 65 22 29 2c 72 2e 6c 61 62 65 6c 3d 34 3b 63 61 73 65 20 34 3a 72 65 74 75 72 6e 20 72 2e 74 72 79 73 2e 70 75 73 68 28 5b 34 2c 2c 31 30 2c 31 31 5d 29 2c 5b 34 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 72 29 7b 76 61 72 20 61 3d 21 31 2c 6f 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 61 3d 21 30 2c 65 28 29 7d 3b 73 2e 6f 6e 6c 6f 61 64 3d 6f 2c 73 2e 6f 6e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 61 3d 21 30 2c 72 28 65 29 7d 3b 76 61 72 20 69 3d 73 2e 73 74 79 6c 65 3b 69 2e 73 65 74 50 72 6f 70 65 72 Data Ascii: 3]:[4,o(a)];case 2:return r.sent(),[3,1];case 3:s=n.createElement("iframe"),r.label=4;case 4:return r.trys.push([4,,10,11]),[4,new Promise((function(e,r){var a=!1,o=function(){a=!0,e()};s.onload=o,s.onerror=function(e){a=!0,r(e)};var i=s.style;i.setProper
2023-11-27 03:23:50 UTC	1369	IN	Data Raw: 72 29 3b 75 28 64 5b 31 5d 2c 6e 75 6c 6c 21 3d 3d 28 6e 3d 6e 75 6c 6c 21 3d 3d 28 74 3d 64 5b 34 5d 29 26 26 76 6f 69 64 20 30 21 3d 3d 74 3f 74 3a 64 5b 35 5d 29 26 26 76 6f 69 64 20 30 21 3d 3d 6e 3f 6e 3a 22 22 29 3b 62 72 65 61 6b 3b 64 65 66 61 75 6c 74 3a 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 72 29 7d 7d 72 65 74 75 72 6e 5b 6f 2c 69 5d 7d 28 65 29 2c 6e 3d 74 5b 30 5d 2c 72 3d 74 5b 31 5d 2c 61 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 6e 75 6c 6c 21 3d 6e 3f 6e 3a 22 64 69 76 22 29 2c 6f 3d 30 2c 69 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 72 29 3b 6f 3c 69 2e 6c 65 6e 67 74 68 3b 6f 2b 2b 29 7b 76 61 72 20 63 3d 69 5b 6f 5d 2c 75 3d 72 5b 63 5d 2e 6a 6f 69 6e 28 22 20 22 29 3b 22 73 74 79 6c 65 22 3d 3d 3d Data Ascii: r);u(d[1],null!==(n=null!==(t=d[4])&&void 0!==t?t:d[5])&&void 0!==n?n:"");break;default:throw new Error(r)}}return[o,i]}(e),n=t[0],r=t[1],a=document.createElement(null!=n?n:"div"),o=0,i=Object.keys(r);o<i.length;o++){var c=i[o],u=r[c].join(" ");"style"===

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:50 UTC	3715	OUT	GET /people/5.jpg HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:50 UTC	702	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 35 30 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 69 6d 61 67 65 2f 6a 70 65 67 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 31 32 35 30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 33 30 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 34 65 32 2d 36 30 38 39 30 32 66 63 34 65 61 64 64 22 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d 61 67 65 3d 31 34 34 30 30 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 48 49 54 0d 0a 41 67 65 3a 20 33 38 39 34 Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:50 GMTContent-Type: image/jpegContent-Length: 1250Connection: closeLast-Modified: Wed, 25 Oct 2023 20:20:30 GMTETag: "4e2-608902fc4eadd"Cache-Control: max-age=14400CF-Cache-Status: HITAge: 3894
2023-11-27 03:23:50 UTC	667	IN	Data Raw: ff d8 ff e1 00 18 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 00 00 00 00 00 00 00 00 ff ec 00 11 44 75 63 6b 79 00 01 00 04 00 00 00 1e 00 00 ff ee 00 0e 41 64 6f 62 65 00 64 c0 00 00 00 01 ff db 00 84 00 10 0b 0b 0b 0c 0b 10 0c 0c 10 17 0f 0d 0f 17 1b 14 10 10 14 1b 1f 17 17 17 17 17 1f 1e 17 1a 1a 1a 1a 17 1e 1e 23 25 27 25 23 1e 2f 2f 33 33 2f 2f 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 01 11 0f 0f 11 13 11 15 12 12 15 14 11 14 11 14 1a 14 16 16 14 1a 26 1a 1a 1c 1a 1a 26 30 23 1e 1e 1e 1e 23 30 2b 2e 27 27 27 2e 2b 35 35 30 30 35 35 40 40 3f 40 40 40 40 40 40 40 40 40 40 40 40 ff c0 00 11 08 00 32 00 32 03 01 22 00 02 11 01 03 11 01 ff c4 00 8b 00 00 03 01 01 00 03 00 00 00 00 00 00 00 00 00 00 00 05 06 04 03 01 02 07 01 01 01 01 01 01 00 00 00 00 Data Ascii: ExifII*DuckyAdobed#%'%#//33//@@@@@@@@@@@@@@@&&0##0+.'''.+550055@@?@@@@@@@@@@@@22"
2023-11-27 03:23:50 UTC	583	IN	Data Raw: 6f 10 d9 48 a9 6d c7 0d 7c 6f 16 39 83 40 48 02 45 bf 57 91 85 e9 be 0f cc ac 62 5c 5c cc 71 92 d1 70 49 95 8a 92 3f 30 15 30 f1 d0 f4 d1 d7 32 b9 30 ef e2 08 f0 a2 58 a3 09 24 93 11 cc a2 dc ea a3 d2 3f 75 3b d8 cc 6f b6 19 73 08 8d 22 e4 76 63 70 58 a5 f9 6d df 52 5b d6 eb 36 e7 b9 1c 82 39 23 8b d0 85 06 8a 07 e3 4c d3 70 69 36 b5 8e 55 ba a0 24 a6 bc 10 8d 34 b7 13 55 1c 19 d9 a6 de 87 b9 bb ce df 98 ed 93 15 d8 1e 17 95 14 00 dd 96 36 26 dc 2b 94 3b 9e 32 cd e9 c6 a1 17 87 2d c2 b1 36 d4 5b b2 a5 5d b3 32 9c c3 0a 59 17 d2 29 6e 5b 03 a5 71 53 9c aa 5d 55 84 48 de 94 a0 12 bf 6d 30 44 22 c7 e3 31 bf e7 6e ff 00 fa fd 8a 29 07 c7 fe 6f 52 fa 0d 7f 0a 28 ed 47 76 a3 24 99 f8 e6 25 c5 2a c1 fb 58 81 ca cc 4d eb 98 33 c8 e4 c6 39 4d ac 79 7e ca e9 b6 60 Data Ascii: oHm\|o9@HEWb\\qpI?0020X$?u;os"vcpXmR[69#Lpi6U$4U6&+;2-6[]2Y)n[qS]UHm0D"1n)oR(Gv$%*XM39My~`

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:50 UTC	3715	OUT	GET /people/3.jpg HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:50 UTC	697	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 35 30 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 69 6d 61 67 65 2f 6a 70 65 67 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 39 33 36 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 33 30 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 33 61 38 2d 36 30 38 39 30 32 66 63 34 64 62 33 64 22 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d 61 67 65 3d 31 34 34 30 30 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 48 49 54 0d 0a 41 67 65 3a 20 34 34 38 39 0d Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:50 GMTContent-Type: image/jpegContent-Length: 936Connection: closeLast-Modified: Wed, 25 Oct 2023 20:20:30 GMTETag: "3a8-608902fc4db3d"Cache-Control: max-age=14400CF-Cache-Status: HITAge: 4489
2023-11-27 03:23:50 UTC	672	IN	Data Raw: ff d8 ff e1 00 18 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 00 00 00 00 00 00 00 00 ff ec 00 11 44 75 63 6b 79 00 01 00 04 00 00 00 1e 00 00 ff ee 00 0e 41 64 6f 62 65 00 64 c0 00 00 00 01 ff db 00 84 00 10 0b 0b 0b 0c 0b 10 0c 0c 10 17 0f 0d 0f 17 1b 14 10 10 14 1b 1f 17 17 17 17 17 1f 1e 17 1a 1a 1a 1a 17 1e 1e 23 25 27 25 23 1e 2f 2f 33 33 2f 2f 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 01 11 0f 0f 11 13 11 15 12 12 15 14 11 14 11 14 1a 14 16 16 14 1a 26 1a 1a 1c 1a 1a 26 30 23 1e 1e 1e 1e 23 30 2b 2e 27 27 27 2e 2b 35 35 30 30 35 35 40 40 3f 40 40 40 40 40 40 40 40 40 40 40 40 ff c0 00 11 08 00 32 00 32 03 01 22 00 02 11 01 03 11 01 ff c4 00 83 00 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 00 04 01 02 03 05 06 01 01 00 03 01 01 00 00 00 00 00 Data Ascii: ExifII*DuckyAdobed#%'%#//33//@@@@@@@@@@@@@@@&&0##0+.'''.+550055@@?@@@@@@@@@@@@22"
2023-11-27 03:23:50 UTC	264	IN	Data Raw: ff 00 98 ef ec 1d 88 5d 38 6f 0a 65 8f d8 09 db b9 a4 50 84 df 2b e5 2d 79 32 64 7c 4d 6d b6 0b 02 e3 c2 ab 4c a9 21 fa 83 87 8e c0 d8 63 04 4b 41 de 75 2e 3a 9a 8b 0f 1c f6 d8 5c fc b0 5a ef f8 23 3c ae 91 80 40 5a c2 3b cd b5 28 95 9d d1 31 95 75 1d 21 1a 85 4c d8 4c 32 d2 17 1d ae 15 a1 ba c6 38 1e f3 57 9b 05 75 10 8a b7 69 68 63 95 46 f7 ce 43 5b 57 bc 1d be 80 2f 52 ba 25 ae 8d ae 63 c1 6b b8 82 b6 e4 58 fb 5b 26 49 14 07 e0 8c f4 81 af ad 4f 33 e6 11 8a e3 c4 dd ce fe 47 80 0d 3f 08 4a f8 d6 19 37 0c 2c 9e 78 a5 22 9e e4 25 7e a1 fd 07 b1 08 e5 09 8b 3d 47 2f ff 00 3c 7a 77 9d a7 b7 d2 b8 f8 fe 74 fd 67 5d 75 28 42 9c be aa 76 27 0f b6 fd c4 26 f3 7d ea 1d dc 3e c4 21 51 6c 23 dc f4 90 ff 00 8a 1d 3c a1 e5 f7 74 f9 57 11 ba 70 42 13 fd 1a 50 0f 9f Data Ascii: ]8oeP+-y2d\|MmL!cKAu.:\Z#<@Z;(1u!LL28WuihcFC[W/R%ckX[&IO3G?J7,x"%~=G/<zwtg]u(Bv'&}>!Ql#<tWpBP

Timestamp	Bytes transferred	Direction	Data
2023-11-27 03:23:50 UTC	3715	OUT	GET /people/4.jpg HTTP/1.1 Host: sofa.thriveuniversehq.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://sofa.thriveuniversehq.com/yufapeso/yeje/sudulexu/rocalibu/zo/index.php?rpclk=kKkPwoNj0jiBH%2BtNEHYbBY%2FIgU%2By%2FtRXgUDJ6ipR1fPGjOtoXyRNxYs8BX6VqvAzrIg9pOgXjUJk8x9%2Bt0A%2FGkUc3Y7FK%2BzxfU1xLbwpncoX4QEEPNKeHkoGpdSmC06X9AutB9fPmCeVJ%2FxioY%2B%2FaeZQLzpDexEKo7QNhK7lxFPmr7FNiImBJD%2BJ2TMLxY4mFiI%2Bs5HSc9AOjOxP9ePSApGIjg%2BFTuEpEnzH518l7%2B3UDXULelrXOAU4rDQEw584WrOwmLgU2rjoJYiUlX%2BkHN%2F1GZWv41fRi1o1RsuaIaDjwP9G3MLnWd7gxCOXxl1sBLS0Bt4TO5kdsRhqvKx0i7gPAUjAv%2BTHkSjTU5VMWXVQ1D7yfytWJ4vjqJji8KMY2vA95PmeKRQXTh98zt7reu664F5tHC6PLSjWUDx3ZxYdbSIgzfV%2Bb4NsoUOa8jVNsAGB8aUlK6S6c3zMtcnn2ICXU9bfEJZ6tRhn8x1CWxZGPoJ9tLW4nlV%2FlLQE6SUfhJ%2BNyZsyz7QUeiM0H%2FdtsgmKv1yGuy21EHtCosnB2kogSUmv25twMntyWBvar88LMX4gLGk70C7r9t3P1ioZymlLRnJ5anyPEYWz8js7ycr85z33XojsZWd%2B%2BAfRhVqH5rnddMwEYCT5tJgJ5NB1Az5a8lalTFRTf8S4L%2FMz7zcjXdUSmDBdsD%2BooBKzE4IxaI1gbY1xSU4HE4TjmOfAYZY7pL7YWA%2BRc12UYf7bGSWzU4SL%2FQhqt67Nqq3Hayy0GT52%2BzTY5%2F2oyMKj8fNprIM534olb1cfC%2FAwRZsTZPQ4eecEohQ5MKWqcRI0BkbKwd5SARhv02qBuNjr8AYN85TnOAmLnEHrwhSd7NfCYvmuxPrAq05UVb8seW8Oa68a%2FzPHG%2FWUzTG8%2Fmfj33Y1%2B4hfQrD5Nr8OleZ91PDVowsbYdNHMY5tGoEF2eudTKC1%2F65WFV3LfJ0Kb9BVcc11O31D8gyZEHQ6hue8U9Cmyv1CdLKlsSghFjKHm50aFhzXUgQ%2F6YSAzHWjh26AF%2BXTT0rJmOaFWiT3xVclBE%2Fuvlfe0QPfPBtA11C40ZUlm5nKUxDcE7PQ5aFOS1xVGWH8zM6YBBTd7SNwenOIQLnqxQFCP0H3R%2FZgnFaWf0SPUZErjTWb5g3XynnxOB%2FRusUsa%2BEWmvhP0vmi4Gu8DiGeKFmwSCee%2FK2wuEDCqcC9kXt7%2BUo37er98qknkmXf2Aw%2F9b2ELDbk%2FKlLveMRGzaQFTqgsEh2aOuQofHQ6JwcU4qxiLKi0qxRPrI4eNsGrueSWdV3WoJ9rHOGT9pjcJcpbHAjfJbuJiaioukFhwqvt%2BmyotjQbYwFoFeAgB1w16swQ4mXrfagLznHUqwqagO48bOMdY3z%2BOz8dx3uBSoK7hMrXYbEC8DPQQlstcRNwIjNOLWda3X1ZlAH75iWbLzSwMQ9Pou%2FhzP5RLoQ8QQZrbLzf0Sg%2BI71Ob8RAOw3BWGWT%2B3LOIkw1DLHz%2Bq4Ol0iJRXqa4FBsmcdWveJuXikkGyeIZdH4Bv7aaZlhOI6DTqRDqU09rIYEpCzcgrCRkHR6vNmzYpRpNicqLOufOVYYu%2BBXseIpLUscXyqrsiVWTC4RaEof2TO4kosApJSR7xKckzb60M2TMc6Psp1GsWCBV60DYJFQKvPTUrb1Vf4kS1hstbNh6jzp33VDYn3KcOqdymTI3J9IJFhrVbmJ9xi5fL3ncEdY%2FBYD9ipL7wCn55xLGz3Rj1KghNnomC7M9hL03uOI4x2KD65die6YhLObI0E5ghleOyUa%2F8INk79PLNmOnB6vNc1trpjke6LhqAKl4fmlc6ZmO7%2FzI%2BX5FPhl0AADGAMPgb%2FY16AyC%2F9NHA0JUDiPD4Z8%2FRNJtY0Ce63XUnP8I9X2LayEOYmwqnN4jv%2FUJXaZ6e1f6gQxN5g%2BpQuvI8b%2FL%2FWCEfGqAt%2F6tAt5BP5gyZV7711TmuiPwisKuECDfivpsqVaxiJf4%2BXKaPur0lYZKxTgdLB2GkOeipHEYW%2BSyOjumq3RA79oMBQMegub9dOHI7Gfs6HtAbvOCB2E%2BjWf79rsdIkB0A9H%2BooeH7Kx70fmLfCnEdb8LYQbCudeMEFv12sID8fAaJx%2BCklhQJ2cY0l8U12GNMbxWof0YcR%2FuDKWvABD2i23EqytBIbUQfMb8HZUFmf%2BKFQA7%2BKwtjPDdDDMp1Xqq7wHwvHUQwERxtJ1pHDvfKkplLh3qPLbYibh1I%2BeVFRj0L%2BF1XKjiCVnYgJIYzO%2FBrGvBMok5jZ4ZRYhuxYJIiSHX8qOwos3%2BG2fpybd2ETADj1EQ7givHibP6egOW4kixEoJgS3QcchSqIvmeWBo4mGddqdQIPd%2BHZxs89TLhGHWWlMcIM4V%2B3SgEHXt6mFfj7aMXfgPyduvwx5iY1X%2FZKXvM9XBhWIKAd29vYYl3CSuSFO0wtW2B3KYpqmTw%2Bf72G6VQ1bnEY1d4wW%2FdX6YjKkNUpI%2Bm626sfqxB0ItTmyLHZ3BfzGHJQdffMJNduLQBBEmBrF49UI8tnZuMJHSn5lUjl1eEW%2BtW%2BnE6ClP%2FqqPW7cM91X4iwPR53JhAUbZASI5CIRgMv5po5bREQSNUJsPahC%2BXxBw%3D%3D%3A%3Ab76a4ddd668b8221d0b29b84fe1b8e47&p=OU88ie4lk0tb%2BbQ%2Ba8dRzdVt0WbPpQ%3D%3D%3A%3A4c8b9eba2c435fd063cb913ee9e2c7e9&oho=svylst.com&ptf=848bd2316dc3abc1c9b4aad2b173f936 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=t5c6gd280daerfkplaihlm7jo6; cid=102aa64292fcfaffbb357ae599eda0
2023-11-27 03:23:50 UTC	700	IN	Data Raw: 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 4d 6f 6e 2c 20 32 37 20 4e 6f 76 20 32 30 32 33 20 30 33 3a 32 33 3a 35 30 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 69 6d 61 67 65 2f 6a 70 65 67 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 31 30 30 35 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 57 65 64 2c 20 32 35 20 4f 63 74 20 32 30 32 33 20 32 30 3a 32 30 3a 33 30 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 33 65 64 2d 36 30 38 39 30 32 66 63 34 66 61 37 64 22 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d 61 67 65 3d 31 34 34 30 30 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 48 49 54 0d 0a 41 67 65 3a 20 34 32 34 32 Data Ascii: HTTP/1.1 200 OKDate: Mon, 27 Nov 2023 03:23:50 GMTContent-Type: image/jpegContent-Length: 1005Connection: closeLast-Modified: Wed, 25 Oct 2023 20:20:30 GMTETag: "3ed-608902fc4fa7d"Cache-Control: max-age=14400CF-Cache-Status: HITAge: 4242
2023-11-27 03:23:50 UTC	669	IN	Data Raw: ff d8 ff e1 00 18 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 00 00 00 00 00 00 00 00 ff ec 00 11 44 75 63 6b 79 00 01 00 04 00 00 00 1e 00 00 ff ee 00 0e 41 64 6f 62 65 00 64 c0 00 00 00 01 ff db 00 84 00 10 0b 0b 0b 0c 0b 10 0c 0c 10 17 0f 0d 0f 17 1b 14 10 10 14 1b 1f 17 17 17 17 17 1f 1e 17 1a 1a 1a 1a 17 1e 1e 23 25 27 25 23 1e 2f 2f 33 33 2f 2f 40 40 40 40 40 40 40 40 40 40 40 40 40 40 40 01 11 0f 0f 11 13 11 15 12 12 15 14 11 14 11 14 1a 14 16 16 14 1a 26 1a 1a 1c 1a 1a 26 30 23 1e 1e 1e 1e 23 30 2b 2e 27 27 27 2e 2b 35 35 30 30 35 35 40 40 3f 40 40 40 40 40 40 40 40 40 40 40 40 ff c0 00 11 08 00 32 00 32 03 01 22 00 02 11 01 03 11 01 ff c4 00 8d 00 00 01 05 01 01 00 00 00 00 00 00 00 00 00 00 00 00 02 03 04 05 06 01 07 01 00 03 01 01 01 00 00 00 00 Data Ascii: ExifII*DuckyAdobed#%'%#//33//@@@@@@@@@@@@@@@&&0##0+.'''.+550055@@?@@@@@@@@@@@@22"
2023-11-27 03:23:50 UTC	336	IN	Data Raw: 79 e8 52 fc 8f 5f 8b 7c c4 9b 09 07 69 7d 3a 95 1f 35 cd 0c ce 63 73 c2 66 eb 36 eb 2a db c9 f3 66 23 ce 77 11 c7 de 31 db e6 d0 0b 74 57 a1 33 08 b8 ed 2c 6a 98 3b b5 71 97 69 b3 fa d6 53 b7 fd af 86 f7 d0 9c fa 76 4f f6 63 e3 ef 78 47 1f 6a eb f6 a1 6b aa 64 ff 00 8b 09 19 18 33 12 48 1d 98 94 e3 2c 75 82 83 0b 41 e2 c2 db 86 b5 24 b4 1b 45 f7 82 a1 f2 d9 4b b2 02 33 42 d2 e7 1f bd 3f 0c b8 08 89 e6 df 50 f6 87 58 4a ca 56 bc 8a 1a 72 1e 12 bc 68 05 56 f3 99 25 2c 0c 06 fb 5c 06 a5 3e 49 9b 1e d7 1e 16 8b ca 81 9a 8d c5 8f 91 ee ab a8 49 d5 41 a0 21 8c 92 92 61 28 99 e2 e6 87 10 e1 51 f8 ad 27 94 27 c8 45 31 9f 31 24 70 c9 0b 1c c6 17 10 dc 58 88 35 b6 f2 b2 cf 36 92 9b c4 6a 9e d1 a9 5f 43 3d c9 2d 2e 2f 89 eb 5f 54 e5 ff 00 ea 8a fa f8 8d eb 42 f3 2a Data Ascii: yR_\|i}:5csf6f#w1tW3,j;qiSvOcxGjkd3H,uA$EK3B?PXJVrhV%,\>IIA!a(Q''E11$pX56j_C=-./_TB