Edit tour

Windows Analysis Report
https://skytechsip.com/supra/

Overview

General Information

Sample URL:https://skytechsip.com/supra/
Analysis ID:1455069
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
HTML page contains hidden URLs or javascript code
HTTP GET or POST without a user agent
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64
  • chrome.exe (PID: 1892 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5068 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2000,i,4317553812843478236,12747802247052141099,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 4480 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://skytechsip.com/supra/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Snort rule has matched

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: https://skytechsip.com/supra/SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering
Source: https://skytechsip.com/supra/HTTP Parser: Base64 decoded: (function(){ var a = function() {try{return !!window.addEventListener} catch(e) {return !1} }, b = function(b, c) {a() ? document.addEventListener("DOMContentLoaded", b, c) : document.attachEvent("onreadystatechange", b)}; b(functi...
Source: https://skytechsip.com/supra/HTTP Parser: No favicon
Source: https://skytechsip.com/supra/HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49732 version: TLS 1.0
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49725 version: TLS 1.2
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: ipinfo.ioConnection: Keep-Alive
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49732 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: ipinfo.ioConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /supra/ HTTP/1.1Host: skytechsip.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /supra/ HTTP/1.1Host: skytechsip.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://skytechsip.com/supra/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU; E-aXC_MivzraE5cPUnIaVDOQX6k=1718101956; koTLINYQ3Bd46qTrh_k3z84etaQ=1718188356; IVO2zVCZifT4dthTCjFiDofJglM=UuQ16har_jER1srR-2tJ0lVY7Fw
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: skytechsip.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://skytechsip.com/supra/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: skytechsip.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js HTTP/1.1Host: skytechsip.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU; E-aXC_MivzraE5cPUnIaVDOQX6k=1718101956; koTLINYQ3Bd46qTrh_k3z84etaQ=1718188356; IVO2zVCZifT4dthTCjFiDofJglM=UuQ16har_jER1srR-2tJ0lVY7Fw
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/jsd/r/8920f035de146c07 HTTP/1.1Host: skytechsip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU; E-aXC_MivzraE5cPUnIaVDOQX6k=1718101956; koTLINYQ3Bd46qTrh_k3z84etaQ=1718188356; IVO2zVCZifT4dthTCjFiDofJglM=UuQ16har_jER1srR-2tJ0lVY7Fw
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficDNS traffic detected: DNS query: skytechsip.com
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownHTTP traffic detected: POST /supra/ HTTP/1.1Host: skytechsip.comConnection: keep-aliveContent-Length: 22sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-TimeStamp-Expire: ihAR1OAkrrOviKTADhQH9FD9Xaw: 30302634sec-ch-ua-mobile: ?0X-Requested-TimeStamp-Combination: X-Requested-Type-Combination: GETContent-type: application/x-www-form-urlencodedX-Requested-Type: GETUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-Requested-with: XMLHttpRequestX-Requested-TimeStamp: sec-ch-ua-platform: "Windows"Accept: */*Origin: https://skytechsip.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://skytechsip.com/supra/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU
Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Tue, 11 Jun 2024 10:32:38 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: HITAge: 87899Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N98ZdLf%2Fzb%2FUNfsxJrpQkOtpt0Z6ve%2BmgENfkNtZ8cbbRulDwB4dbSW374Y21jarfHctAy1tBoi6NPh3svsoqXS1Wr3%2Bpmn1oMlefWJKm%2Bvc%2Fb2xraInETuo4HVFniYYpw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8920f035da336b28-DFWalt-svc: h3=":443"; ma=86400
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 11 Jun 2024 10:32:38 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whXWMUOa3X2cy0H%2BbF6Qca%2FLMRFVew9IV7M5dS08KfqE%2BOkyaFtLwg7mpTzpYTFHy7Y4k4NHVhzYh3cq6gAVMMOiFBp7NIQ7SJnUjXYQjJMYaumyr4Ry8DIZife0dXc2eQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8920f035de146c07-DFWalt-svc: h3=":443"; ma=86400
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 11 Jun 2024 10:32:42 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: RZka+dylHwJ5ypBdhsCAKw==$slKoSjAWjcrl2reYdQ/Waw==cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ag6i99HNobKWBqAKlTiu4n9nipko7E9sdu2Z78qw%2BibrvVwfrYTmEUz%2FjrRMWxDiQxgx9DmbroRFPsRfd9XXAIIXGg5XWHkVB1dLZkW%2Fwq3%2BcsVEULIgkVmVyYEl82SSrQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8920f0539a064792-DFWalt-svc: h3=":443"; ma=86400
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49725 version: TLS 1.2
Source: classification engineClassification label: mal48.win@16/12@10/5
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2000,i,4317553812843478236,12747802247052141099,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://skytechsip.com/supra/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2000,i,4317553812843478236,12747802247052141099,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder
1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder
1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1455069 URL: https://skytechsip.com/supra/ Startdate: 11/06/2024 Architecture: WINDOWS Score: 48 24 Antivirus / Scanner detection for submitted sample 2->24 6 chrome.exe 9 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.5, 443, 49660, 49703 unknown unknown 6->14 16 239.255.255.250 unknown Reserved 6->16 11 chrome.exe 6->11         started        process5 dnsIp6 18 www.google.com 172.217.16.132, 443, 49720, 49740 GOOGLEUS United States 11->18 20 a.nel.cloudflare.com 35.190.80.1, 443, 49713, 49719 GOOGLEUS United States 11->20 22 skytechsip.com 172.67.219.114, 443, 49710, 49711 CLOUDFLARENETUS United States 11->22

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://skytechsip.com/supra/100%SlashNextCredential Stealing type: Phishing & Social Engineering
https://skytechsip.com/supra/0%VirustotalBrowse
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
a.nel.cloudflare.com0%VirustotalBrowse
www.google.com0%VirustotalBrowse
fp2e7a.wpc.phicdn.net0%VirustotalBrowse
SourceDetectionScannerLabelLink
https://ipinfo.io/0%URL Reputationsafe

Download Network PCAP: filteredfull

NameIPActiveMaliciousAntivirus DetectionReputation
a.nel.cloudflare.com
35.190.80.1
truefalseunknown
skytechsip.com
172.67.219.114
truefalse
    unknown
    www.google.com
    172.217.16.132
    truefalseunknown
    fp2e7a.wpc.phicdn.net
    192.229.221.95
    truefalseunknown
    NameMaliciousAntivirus DetectionReputation
    https://skytechsip.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.jsfalse
      unknown
      https://skytechsip.com/cdn-cgi/challenge-platform/h/g/jsd/r/8920f035de146c07false
        unknown
        https://a.nel.cloudflare.com/report/v4?s=WJjYiKnoIRFA3lrjQ%2FwYdyQ14r3yUWYHEIY39ixHGYCSahJCk%2FVeZmV6tqpnt3BjsildoXzUtHohf%2FhEMCi5pWsnlC%2BPcPPinsGdrN53tOcQzQ%2BOpVRdiWquAOtY3z5woA%3D%3Dfalse
          unknown
          https://skytechsip.com/supra/true
            unknown
            https://skytechsip.com/cdn-cgi/challenge-platform/scripts/jsd/main.jsfalse
              unknown
              https://a.nel.cloudflare.com/report/v4?s=IQ3bXQk9PGPFVioMa99z3p9sPK3YR9xde%2FycNq2OozX8LB5MosdxGqx%2F02O4vabrqbKkG%2FgAE6TIZ0FwKRnzHskZPqLABudAmkoTd8Mqizm%2B%2Bf5jqTOcJ32nhBUpE9vdKg%3D%3Dfalse
                unknown
                https://ipinfo.io/false
                • URL Reputation: safe
                unknown
                about:blankfalse
                  unknown
                  https://a.nel.cloudflare.com/report/v4?s=Ag6i99HNobKWBqAKlTiu4n9nipko7E9sdu2Z78qw%2BibrvVwfrYTmEUz%2FjrRMWxDiQxgx9DmbroRFPsRfd9XXAIIXGg5XWHkVB1dLZkW%2Fwq3%2BcsVEULIgkVmVyYEl82SSrQ%3D%3Dfalse
                    unknown
                    https://skytechsip.com/favicon.icofalse
                      unknown
                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs
                      IPDomainCountryFlagASNASN NameMalicious
                      239.255.255.250
                      unknownReserved
                      unknownunknownfalse
                      35.190.80.1
                      a.nel.cloudflare.comUnited States
                      15169GOOGLEUSfalse
                      172.217.16.132
                      www.google.comUnited States
                      15169GOOGLEUSfalse
                      172.67.219.114
                      skytechsip.comUnited States
                      13335CLOUDFLARENETUSfalse
                      IP
                      192.168.2.5
                      Joe Sandbox version:40.0.0 Tourmaline
                      Analysis ID:1455069
                      Start date and time:2024-06-11 12:31:42 +02:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:0h 3m 9s
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:browseurl.jbs
                      Sample URL:https://skytechsip.com/supra/
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Number of analysed new started processes analysed:8
                      Number of new started drivers analysed:0
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:0
                      Technologies:
                      • HCA enabled
                      • EGA enabled
                      • AMSI enabled
                      Analysis Mode:default
                      Analysis stop reason:Timeout
                      Detection:MAL
                      Classification:mal48.win@16/12@10/5
                      EGA Information:Failed
                      HCA Information:
                      • Successful, ratio: 100%
                      • Number of executed functions: 0
                      • Number of non-executed functions: 0
                      • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                      • Excluded IPs from analysis (whitelisted): 142.250.186.67, 142.250.185.110, 142.251.168.84, 34.104.35.123, 40.68.123.157, 93.184.221.240, 192.229.221.95, 52.165.164.15, 20.3.187.198, 142.250.185.227
                      • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
                      • Not all processes where analyzed, report is missing behavior information
                      • Report size getting too big, too many NtSetInformationFile calls found.
                      No simulations
                      InputOutput
                      URL: https://skytechsip.com/supra/ Model: Perplexity: mixtral-8x7b-instruct
                      {
                      "loginform": false,
                      "urgency": false,
                      "captcha": false,
                      "reasons": [
                      "The webpage title '404 Not Found' and text 'Not Found The requested URL was not found on this server. Additionally: a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.' do not contain a login form, do not create a sense of urgency, and do not contain a CAPTCHA or any other anti-robot detection mechanism."
                      ]
                      }
                      Title: 404 Not Found OCR: Not Found The requested URL was not found on this server. Additionally: a 404 Not Found error was encountered while trying to use an ErrorDument to handle the request. 
                      No context
                      No context
                      No context
                      No context
                      No context
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jun 11 09:32:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2677
                      Entropy (8bit):3.98284839764346
                      Encrypted:false
                      SSDEEP:48:87dnT/PuHXidAKZdA19ehwiZUklqehQy+3:8lDe/y
                      MD5:30893EF66F4E6598983E8267C95193A1
                      SHA1:0A00A9C7E322D4E8EA0C8DFD3F59309C8FB9FC2D
                      SHA-256:1BE91931CF58901FAC8BA8B1A991725EA00D5D499679DA58D6075869A3D955B2
                      SHA-512:EF70F2EDFA2B4F9770168E47C434693D948A9A89731EC2ED1426CBDD1500D14CE8DD4B1AD60A6912EDCF99E349AD5B066F573B602B0D443E886A1FB07B712A33
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,....%......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.T....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.T....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.T....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.T..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.T...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........5.[......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jun 11 09:32:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2679
                      Entropy (8bit):4.001527231017291
                      Encrypted:false
                      SSDEEP:48:8ednT/PuHXidAKZdA1weh/iZUkAQkqehvy+2:8qD89QWy
                      MD5:9908A75E43B213B592E424F27DD82566
                      SHA1:1F22A722662758DA6B1E70D347A972B5632910AF
                      SHA-256:A7E3CC5229F0F65363977F3C6A1CADE3F9DEA26DED39FF0BC3EEE7950E2BE447
                      SHA-512:85F12FE10952DA36D18F646CEED2D0B378404C3B42D2571826703253530860ADEB671EA03970EF91273A2CB49921095A6DE3A25F294910D66F6F72115BAB79A3
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.T....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.T....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.T....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.T..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.T...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........5.[......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2693
                      Entropy (8bit):4.010217474511072
                      Encrypted:false
                      SSDEEP:48:8xwdnT/PsHXidAKZdA14tseh7sFiZUkmgqeh7sdy+BX:8xcDWnLy
                      MD5:F66ED3F03617A48A780DA0352E161CA0
                      SHA1:D03528D1B3D169C5DD2ECE84CAB10E81FB154AAB
                      SHA-256:60202B520CBDE1F8479D8F62B5FC38E26796CE45A5D6D671DBB8678860A59C3B
                      SHA-512:E0B017A11623F7F9B466173BF6FDDE8FD347892BA75DF0D4209BAEF7FF9B516325F874E6003EE4D0F61D375C032C69D478E51871CE62A736E0CDC33AEB798F49
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.T....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.T....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.T....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.T..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........5.[......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jun 11 09:32:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2681
                      Entropy (8bit):4.001379872506962
                      Encrypted:false
                      SSDEEP:48:8gdnT/PuHXidAKZdA1vehDiZUkwqehjy+R:8MDHVy
                      MD5:CA81051587F63BAE9DDD50BB1B857A61
                      SHA1:DDB5F72C3735842E682490A7D1FF397B44D4906A
                      SHA-256:FEBCC011D56DF55D0F394847507684331245EE3ED3EC0815A57333FDF59390D1
                      SHA-512:F23C0DE50A62C3E612F13AD0CDA2EE7ECBF117896D138C4FE4F85CFDDB7AC98F27D661A1EE7FCCD6879C1522B8E2A2FCBE7D1E85C341BB96328FAC6496758C12
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,..........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.T....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.T....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.T....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.T..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.T...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........5.[......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jun 11 09:32:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2681
                      Entropy (8bit):3.9871945403994027
                      Encrypted:false
                      SSDEEP:48:8t7dnT/PuHXidAKZdA1hehBiZUk1W1qehJy+C:8/D39py
                      MD5:82DE24FAEFDED61C2D49CFE70402549A
                      SHA1:4A18B1ED0E0FC1B1EA9DE4B7C2F05A3A5924B3C4
                      SHA-256:E7DBB317333D23895C201E830D10AF7BC465E3AB2798B85B37F9955409DB2A54
                      SHA-512:4E22D4147AA293BA8A5B595EB81398D174832F94A44AEAC7D86699C993FFA4AF9347F5CC330C1CBB5CEEE6EBA791026F30D5D6B74FAE49D3004021F4CAD90EB9
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.T....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.T....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.T....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.T..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.T...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........5.[......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jun 11 09:32:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2683
                      Entropy (8bit):3.998117721036449
                      Encrypted:false
                      SSDEEP:48:84dnT/PuHXidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbLy+yT+:8kD/T/TbxWOvTbLy7T
                      MD5:823C9DC63B6BAD48B4522E258EC26497
                      SHA1:864744BCF85BEB579020ACBB646D91C90E58A188
                      SHA-256:A753B39DA4F6AE5FA4A8892E08E9738D4DE7A4AAE7DDD13B19B25379297D2119
                      SHA-512:6BC4E0802359682D34A01A881D80B6D0246FE4D6C8D4580104DCE336A457878701C0ACB526FF94A9F4BF4DA0CDC8701BD247926A8F899CEE24C5B8D50963D0B2
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,.....j....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.T....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.T....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.T....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.T..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.T...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........5.[......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (7793), with no line terminators
                      Category:downloaded
                      Size (bytes):7793
                      Entropy (8bit):5.743781660878607
                      Encrypted:false
                      SSDEEP:192:8AMPfXllqfWhN7Qn3sZDGXWwgqLrC8v8YlqDy:8VPPllqfWhNI8xwgqLrKYlqDy
                      MD5:76EE605049DACA1E374B6157FC8A1E14
                      SHA1:5D464BC1DBD1C3DA90E92E493C9F930D9C763B01
                      SHA-256:4925A797FBF00B66B8176B4D75C8DC412B1E1D23011107EC77F2DD2636911E8E
                      SHA-512:5FB4E7C22AAEB3E4A20804C08786D7FAABE765E2B857A8A902968416FFB96AC69FF327217EB0225C702F7B185D0C815CFC3EBCE47633DE7FC846AB86DBBD4FDC
                      Malicious:false
                      Reputation:low
                      URL:https://skytechsip.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
                      Preview:window._cf_chl_opt={cFPWv:'g'};~function(V,g,h,m,n,o,y,z){V=b,function(c,e,U,f,C){for(U=b,f=c();!![];)try{if(C=-parseInt(U(126))/1+-parseInt(U(152))/2*(parseInt(U(191))/3)+-parseInt(U(205))/4*(parseInt(U(154))/5)+parseInt(U(115))/6+-parseInt(U(157))/7+-parseInt(U(203))/8+parseInt(U(206))/9,C===e)break;else f.push(f.shift())}catch(D){f.push(f.shift())}}(a,877592),g=this||self,h=g[V(134)],m=function(a0,e,f,C){return a0=V,e=String[a0(195)],f={'h':function(D){return null==D?'':f.g(D,6,function(E,a1){return a1=b,a1(111)[a1(189)](E)})},'g':function(D,E,F,a2,G,H,I,J,K,L,M,N,O,P,Q,R,S,T){if(a2=a0,D==null)return'';for(H={},I={},J='',K=2,L=3,M=2,N=[],O=0,P=0,Q=0;Q<D[a2(110)];Q+=1)if(R=D[a2(189)](Q),Object[a2(122)][a2(153)][a2(210)](H,R)||(H[R]=L++,I[R]=!0),S=J+R,Object[a2(122)][a2(153)][a2(210)](H,S))J=S;else{if(Object[a2(122)][a2(153)][a2(210)](I,J)){if(256>J[a2(196)](0)){for(G=0;G<M;O<<=1,P==E-1?(P=0,N[a2(180)](F(O)),O=0):P++,G++);for(T=J[a2(196)](0),G=0;8>G;O=1.74&T|O<<1.87,P==E-1?(P=0,N[a2(1
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:HTML document, ASCII text, with very long lines (1195), with no line terminators
                      Category:downloaded
                      Size (bytes):1195
                      Entropy (8bit):5.224615214492948
                      Encrypted:false
                      SSDEEP:24:kTeRH8eVxvrCJjsuRpRFGLnxbFGWjBu1JJSa7oRW7aRWXCunouOvTMOKFId6J39I:8eFj/e5dHGLrGWsSTw2wptI8Id6w
                      MD5:5AA0E56C83E7BEFCF2B15D839B162FFB
                      SHA1:1AAE48AB128DC454909BDC5881BDCB5A5DF10417
                      SHA-256:F2FEA2CD47C61152A2E2FD5805AFEBA7CF32AC3A52F9FF8E0458D2DE6EE8B38E
                      SHA-512:1E32A7397B56D35338308C3C89723A8EAFC41FAFF247A42C85FBFAC1447FBDDF6BF62ABBE3DCF73CF8BA9876AAEE9D8A38C0407043E30F5E449876F97CB9BC97
                      Malicious:false
                      Reputation:low
                      URL:https://skytechsip.com/supra/
                      Preview:<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><script>(function(){function c(){var b=a.contentDocument||a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'8920f035de146c07',t:'MTcxODEwMTk1OC4wMDAwMDA='};var a=document.createElement('script');a.nonce='';a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);el
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:HTML document, ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):564
                      Entropy (8bit):4.702540958385578
                      Encrypted:false
                      SSDEEP:12:TvgsoCdHiHZogs01lI5r8INGlTF5TF5TF5TF5TF5TFK:cE9+tnDTPTPTPTPTPTc
                      MD5:4DEC45889E09EC3CEB63FD65825D0F11
                      SHA1:D80EAF048573A410CB6C49EBB859280D04B6113C
                      SHA-256:CAB538FD1647961EB35348C1BD84E1FDE389AD89672587D2FE3C007A0BC9E67F
                      SHA-512:6BA9CC945B78B1C1F7B80A2BC3C0D48D3E1C5FC2A481FADA4E9018622664FB7423623B3563A6236BF105621E4A907A9957AF421EF67783F3DC1194B9BC308C7B
                      Malicious:false
                      Reputation:low
                      URL:https://skytechsip.com/favicon.ico
                      Preview:<html>..<head><title>403 Forbidden</title></head>..<body bgcolor="white">..<center><h1>403 Forbidden</h1></center>..<hr><center>nginx</center>..</body>..</html>.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->..
                      No static file info

                      Download Network PCAP: filteredfull

                      • Total Packets: 197
                      • 443 (HTTPS)
                      • 53 (DNS)
                      TimestampSource PortDest PortSource IPDest IP
                      Jun 11, 2024 12:32:27.209876060 CEST49675443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:27.209888935 CEST49674443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:27.319235086 CEST49673443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:36.127372026 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.127422094 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.127502918 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.127793074 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.127898932 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.127958059 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.127989054 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.127990007 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.128175974 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.128209114 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.737488031 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.737850904 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.737938881 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.738806963 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.738887072 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.740330935 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.740394115 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.740833044 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.740853071 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.746253967 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.746520996 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.746587038 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.748230934 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.748307943 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.749413967 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.749512911 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.786907911 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.790277004 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.790287018 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:36.818172932 CEST49675443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:36.819071054 CEST49674443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:36.834541082 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:36.931870937 CEST49673443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:37.210752964 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.210946083 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.211042881 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.211045980 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.211134911 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.211200953 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.211220026 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.211308002 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.211369038 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.211389065 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.211620092 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.211678028 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.272272110 CEST49711443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.272341967 CEST44349711172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.321499109 CEST49713443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:37.321594000 CEST4434971335.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:37.321706057 CEST49713443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:37.322173119 CEST49713443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:37.322212934 CEST4434971335.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:37.347815990 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.365214109 CEST49714443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.365310907 CEST44349714172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.365430117 CEST49714443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.365880013 CEST49715443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.365931034 CEST44349715172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.366003990 CEST49715443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.366372108 CEST49714443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.366410017 CEST44349714172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.366751909 CEST49715443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.366784096 CEST44349715172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.392508030 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.815327883 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.815550089 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.815622091 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.817348003 CEST49710443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.817397118 CEST44349710172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.873332024 CEST49717443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.873414993 CEST44349717172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.873497009 CEST49717443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.873739958 CEST49717443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.873790026 CEST44349717172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.946041107 CEST4434971335.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:37.971896887 CEST49713443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:37.971930981 CEST4434971335.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:37.974236012 CEST4434971335.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:37.974355936 CEST49713443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:37.982104063 CEST44349715172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.982479095 CEST44349714172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.982592106 CEST49715443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.982609987 CEST44349715172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.983083963 CEST44349715172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.984285116 CEST49715443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.984366894 CEST44349715172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.985713959 CEST49714443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.985734940 CEST44349714172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.986088991 CEST49713443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:37.986233950 CEST44349714172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.986243963 CEST4434971335.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:37.986416101 CEST49715443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.986609936 CEST49713443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:37.986629009 CEST4434971335.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:37.987330914 CEST49714443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:37.987421036 CEST44349714172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:37.988204002 CEST49714443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.028538942 CEST44349714172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.032506943 CEST44349715172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.039530993 CEST49713443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.126822948 CEST44349714172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.126954079 CEST44349714172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.127012014 CEST49714443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.128256083 CEST4434971335.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.129164934 CEST4434971335.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.129225969 CEST49713443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.195321083 CEST49713443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.195358038 CEST4434971335.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.208583117 CEST49719443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.208625078 CEST4434971935.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.208690882 CEST49719443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.209121943 CEST49719443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.209151030 CEST4434971935.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.213471889 CEST49714443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.213495970 CEST44349714172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.394679070 CEST49720443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:32:38.394721031 CEST44349720172.217.16.132192.168.2.5
                      Jun 11, 2024 12:32:38.394778967 CEST49720443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:32:38.395387888 CEST49720443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:32:38.395406008 CEST44349720172.217.16.132192.168.2.5
                      Jun 11, 2024 12:32:38.476700068 CEST44349717172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.482848883 CEST49717443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.482892036 CEST44349717172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.485287905 CEST44349717172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.485364914 CEST49717443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.488363981 CEST49717443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.488508940 CEST44349717172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.488864899 CEST49717443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.488883018 CEST44349717172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.537755013 CEST49717443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.620507956 CEST44349717172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.620672941 CEST44349717172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.620738029 CEST49717443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.637171030 CEST49717443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.637211084 CEST44349717172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.665473938 CEST44349715172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.665757895 CEST44349715172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.665832043 CEST49715443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.667905092 CEST4434970323.1.237.91192.168.2.5
                      Jun 11, 2024 12:32:38.667988062 CEST49703443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:38.692606926 CEST49715443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:38.692639112 CEST44349715172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:38.828095913 CEST4434971935.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.828592062 CEST49719443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.828661919 CEST4434971935.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.829747915 CEST4434971935.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.830502987 CEST49719443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.830621958 CEST4434971935.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.830650091 CEST49719443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.876507998 CEST4434971935.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.885509014 CEST49719443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.977622032 CEST4434971935.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.978859901 CEST4434971935.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:38.978921890 CEST49719443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.982578993 CEST49719443192.168.2.535.190.80.1
                      Jun 11, 2024 12:32:38.982630968 CEST4434971935.190.80.1192.168.2.5
                      Jun 11, 2024 12:32:39.247428894 CEST44349720172.217.16.132192.168.2.5
                      Jun 11, 2024 12:32:39.247824907 CEST49720443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:32:39.247837067 CEST44349720172.217.16.132192.168.2.5
                      Jun 11, 2024 12:32:39.249511003 CEST44349720172.217.16.132192.168.2.5
                      Jun 11, 2024 12:32:39.249730110 CEST49720443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:32:39.251719952 CEST49720443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:32:39.251802921 CEST44349720172.217.16.132192.168.2.5
                      Jun 11, 2024 12:32:39.296045065 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:39.296139002 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:39.296237946 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:39.296541929 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:39.296578884 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:39.304069042 CEST49720443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:32:39.304083109 CEST44349720172.217.16.132192.168.2.5
                      Jun 11, 2024 12:32:39.349838972 CEST49720443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:32:39.912647009 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:39.961960077 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:40.086133957 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:40.086184025 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.087677956 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.103260040 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:40.103460073 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.104310036 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:40.144526958 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.235240936 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.235328913 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.235392094 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.235449076 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.235521078 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:40.235549927 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.235650063 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.235719919 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.235805035 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:40.235821962 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.235861063 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.235924006 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:40.260061026 CEST49721443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:40.260092020 CEST44349721172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:40.753948927 CEST49722443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:40.754036903 CEST44349722184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:40.754131079 CEST49722443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:40.757050037 CEST49722443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:40.757090092 CEST44349722184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:41.154827118 CEST49723443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:41.154921055 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:41.155015945 CEST49723443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:41.155635118 CEST49723443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:41.155663013 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:41.606842995 CEST44349722184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:41.607027054 CEST49722443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:41.613404036 CEST49722443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:41.613445997 CEST44349722184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:41.613841057 CEST44349722184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:41.780261040 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:41.783061981 CEST49722443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:41.828310966 CEST49723443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:41.828356981 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:41.829554081 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:41.853693008 CEST49723443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:41.853892088 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:41.854271889 CEST49723443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:41.854271889 CEST49723443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:41.854338884 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:41.854449034 CEST49723443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:41.896523952 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:41.901761055 CEST49722443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:41.944521904 CEST44349722184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:42.075211048 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.075378895 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.075472116 CEST49723443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.077646971 CEST49723443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.077681065 CEST44349723172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.135476112 CEST49724443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.135577917 CEST44349724172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.135867119 CEST49724443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.137135029 CEST49724443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.137171984 CEST44349724172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.145303011 CEST44349722184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:42.145389080 CEST44349722184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:42.145626068 CEST49722443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:42.146595955 CEST49722443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:42.146636963 CEST44349722184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:42.273446083 CEST49725443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:42.273499012 CEST44349725184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:42.273606062 CEST49725443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:42.274190903 CEST49725443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:42.274205923 CEST44349725184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:42.743949890 CEST44349724172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.744580984 CEST49724443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.744647980 CEST44349724172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.746119022 CEST44349724172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.746195078 CEST49724443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.747551918 CEST49724443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.747642994 CEST44349724172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.748939037 CEST49724443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.748958111 CEST44349724172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.883476019 CEST44349724172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:42.883562088 CEST49724443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.884535074 CEST49724443192.168.2.5172.67.219.114
                      Jun 11, 2024 12:32:42.884584904 CEST44349724172.67.219.114192.168.2.5
                      Jun 11, 2024 12:32:43.124967098 CEST44349725184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:43.125042915 CEST49725443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:43.127346039 CEST49725443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:43.127361059 CEST44349725184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:43.127696037 CEST44349725184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:43.129302025 CEST49725443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:43.176495075 CEST44349725184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:43.371504068 CEST44349725184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:43.371663094 CEST44349725184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:43.371725082 CEST49725443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:43.377090931 CEST49725443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:43.377118111 CEST44349725184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:43.377130985 CEST49725443192.168.2.5184.28.90.27
                      Jun 11, 2024 12:32:43.377136946 CEST44349725184.28.90.27192.168.2.5
                      Jun 11, 2024 12:32:49.231518984 CEST44349720172.217.16.132192.168.2.5
                      Jun 11, 2024 12:32:49.231606960 CEST44349720172.217.16.132192.168.2.5
                      Jun 11, 2024 12:32:49.231693983 CEST49720443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:32:50.107851028 CEST49703443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:50.107949018 CEST49703443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:50.108344078 CEST49732443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:50.108434916 CEST4434973223.1.237.91192.168.2.5
                      Jun 11, 2024 12:32:50.108724117 CEST49732443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:50.109045982 CEST49732443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:50.109085083 CEST4434973223.1.237.91192.168.2.5
                      Jun 11, 2024 12:32:50.113768101 CEST4434970323.1.237.91192.168.2.5
                      Jun 11, 2024 12:32:50.114172935 CEST4434970323.1.237.91192.168.2.5
                      Jun 11, 2024 12:32:50.788935900 CEST4434973223.1.237.91192.168.2.5
                      Jun 11, 2024 12:32:50.789015055 CEST49732443192.168.2.523.1.237.91
                      Jun 11, 2024 12:32:50.840188980 CEST49720443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:32:50.840220928 CEST44349720172.217.16.132192.168.2.5
                      Jun 11, 2024 12:33:09.932051897 CEST4434973223.1.237.91192.168.2.5
                      Jun 11, 2024 12:33:09.932121038 CEST49732443192.168.2.523.1.237.91
                      Jun 11, 2024 12:33:37.257985115 CEST49736443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.258078098 CEST4434973635.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.258157969 CEST49736443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.258627892 CEST49736443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.258663893 CEST4434973635.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.265321970 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.265351057 CEST4434973735.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.265414000 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.265655041 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.265667915 CEST4434973735.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.864717960 CEST4434973635.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.865051985 CEST49736443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.865084887 CEST4434973635.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.865456104 CEST4434973635.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.865972996 CEST49736443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.866044044 CEST4434973635.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.866426945 CEST49736443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.869632959 CEST4434973735.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.870099068 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.870117903 CEST4434973735.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.871570110 CEST4434973735.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.871714115 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.872195959 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.872282028 CEST4434973735.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.908528090 CEST4434973635.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.928208113 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.928226948 CEST4434973735.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:37.974998951 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:37.982475042 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.009834051 CEST4434973635.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.010824919 CEST4434973635.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.013386011 CEST49736443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.015909910 CEST49736443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.015933990 CEST4434973635.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.017569065 CEST49738443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.017604113 CEST4434973835.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.017668962 CEST49738443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.018121958 CEST49738443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.018131971 CEST4434973835.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.028495073 CEST4434973735.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.123291016 CEST4434973735.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.123754978 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.123800039 CEST4434973735.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.123892069 CEST49737443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.124381065 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.124428034 CEST4434973935.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.124569893 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.124836922 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.124865055 CEST4434973935.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.429461956 CEST49740443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:33:38.429550886 CEST44349740172.217.16.132192.168.2.5
                      Jun 11, 2024 12:33:38.429650068 CEST49740443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:33:38.429928064 CEST49740443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:33:38.429965973 CEST44349740172.217.16.132192.168.2.5
                      Jun 11, 2024 12:33:38.620625019 CEST4434973835.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.621001005 CEST49738443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.621020079 CEST4434973835.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.621495962 CEST4434973835.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.621968031 CEST49738443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.622040033 CEST4434973835.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.622122049 CEST49738443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.664503098 CEST4434973835.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.729160070 CEST4434973935.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.729471922 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.729512930 CEST4434973935.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.733155012 CEST4434973935.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.733241081 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.733620882 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.733781099 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.733793974 CEST4434973935.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.733815908 CEST4434973935.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.764767885 CEST4434973835.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.765085936 CEST49738443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.765127897 CEST4434973835.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.765239954 CEST49738443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.787429094 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.787467003 CEST4434973935.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.834305048 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.879857063 CEST4434973935.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.880120039 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:38.880223989 CEST4434973935.190.80.1192.168.2.5
                      Jun 11, 2024 12:33:38.880295038 CEST49739443192.168.2.535.190.80.1
                      Jun 11, 2024 12:33:39.290695906 CEST44349740172.217.16.132192.168.2.5
                      Jun 11, 2024 12:33:39.291002989 CEST49740443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:33:39.291083097 CEST44349740172.217.16.132192.168.2.5
                      Jun 11, 2024 12:33:39.291551113 CEST44349740172.217.16.132192.168.2.5
                      Jun 11, 2024 12:33:39.291943073 CEST49740443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:33:39.292032957 CEST44349740172.217.16.132192.168.2.5
                      Jun 11, 2024 12:33:39.334408045 CEST49740443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:33:49.283624887 CEST44349740172.217.16.132192.168.2.5
                      Jun 11, 2024 12:33:49.283704042 CEST44349740172.217.16.132192.168.2.5
                      Jun 11, 2024 12:33:49.283878088 CEST49740443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:33:50.823736906 CEST49740443192.168.2.5172.217.16.132
                      Jun 11, 2024 12:33:50.823756933 CEST44349740172.217.16.132192.168.2.5
                      TimestampSource PortDest PortSource IPDest IP
                      Jun 11, 2024 12:32:34.386481047 CEST53582281.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:34.579596996 CEST53577621.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:35.930756092 CEST53630351.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:36.091850042 CEST5988253192.168.2.51.1.1.1
                      Jun 11, 2024 12:32:36.092427969 CEST5650953192.168.2.51.1.1.1
                      Jun 11, 2024 12:32:36.108421087 CEST53598821.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:36.132509947 CEST53565091.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:37.215727091 CEST6138253192.168.2.51.1.1.1
                      Jun 11, 2024 12:32:37.215888023 CEST5675953192.168.2.51.1.1.1
                      Jun 11, 2024 12:32:37.222867012 CEST53613821.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:37.223140955 CEST53567591.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:38.374763012 CEST5197953192.168.2.51.1.1.1
                      Jun 11, 2024 12:32:38.375602007 CEST5483653192.168.2.51.1.1.1
                      Jun 11, 2024 12:32:38.382198095 CEST53519791.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:38.383070946 CEST53548361.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:42.095124006 CEST6086653192.168.2.51.1.1.1
                      Jun 11, 2024 12:32:42.095124006 CEST5440153192.168.2.51.1.1.1
                      Jun 11, 2024 12:32:42.107177973 CEST53608661.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:42.136209965 CEST53544011.1.1.1192.168.2.5
                      Jun 11, 2024 12:32:52.994940042 CEST53496601.1.1.1192.168.2.5
                      Jun 11, 2024 12:33:11.952682972 CEST53508191.1.1.1192.168.2.5
                      Jun 11, 2024 12:33:34.337122917 CEST53633631.1.1.1192.168.2.5
                      Jun 11, 2024 12:33:34.533047915 CEST53603441.1.1.1192.168.2.5
                      Jun 11, 2024 12:33:37.256900072 CEST6325153192.168.2.51.1.1.1
                      Jun 11, 2024 12:33:37.257299900 CEST5444753192.168.2.51.1.1.1
                      Jun 11, 2024 12:33:37.264313936 CEST53632511.1.1.1192.168.2.5
                      Jun 11, 2024 12:33:37.264817953 CEST53544471.1.1.1192.168.2.5
                      TimestampSource IPDest IPChecksumCodeType
                      Jun 11, 2024 12:32:36.134999037 CEST192.168.2.51.1.1.1c22e(Port unreachable)Destination Unreachable
                      Jun 11, 2024 12:32:42.136329889 CEST192.168.2.51.1.1.1c22e(Port unreachable)Destination Unreachable
                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                      Jun 11, 2024 12:32:36.091850042 CEST192.168.2.51.1.1.10x31f7Standard query (0)skytechsip.comA (IP address)IN (0x0001)false
                      Jun 11, 2024 12:32:36.092427969 CEST192.168.2.51.1.1.10x3d03Standard query (0)skytechsip.com65IN (0x0001)false
                      Jun 11, 2024 12:32:37.215727091 CEST192.168.2.51.1.1.10x6c5aStandard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                      Jun 11, 2024 12:32:37.215888023 CEST192.168.2.51.1.1.10xb780Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
                      Jun 11, 2024 12:32:38.374763012 CEST192.168.2.51.1.1.10xf34Standard query (0)www.google.comA (IP address)IN (0x0001)false
                      Jun 11, 2024 12:32:38.375602007 CEST192.168.2.51.1.1.10x8610Standard query (0)www.google.com65IN (0x0001)false
                      Jun 11, 2024 12:32:42.095124006 CEST192.168.2.51.1.1.10x4d0Standard query (0)skytechsip.comA (IP address)IN (0x0001)false
                      Jun 11, 2024 12:32:42.095124006 CEST192.168.2.51.1.1.10xed0cStandard query (0)skytechsip.com65IN (0x0001)false
                      Jun 11, 2024 12:33:37.256900072 CEST192.168.2.51.1.1.10x2278Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                      Jun 11, 2024 12:33:37.257299900 CEST192.168.2.51.1.1.10xb2acStandard query (0)a.nel.cloudflare.com65IN (0x0001)false
                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                      Jun 11, 2024 12:32:36.108421087 CEST1.1.1.1192.168.2.50x31f7No error (0)skytechsip.com172.67.219.114A (IP address)IN (0x0001)false
                      Jun 11, 2024 12:32:36.108421087 CEST1.1.1.1192.168.2.50x31f7No error (0)skytechsip.com104.21.70.41A (IP address)IN (0x0001)false
                      Jun 11, 2024 12:32:36.132509947 CEST1.1.1.1192.168.2.50x3d03No error (0)skytechsip.com65IN (0x0001)false
                      Jun 11, 2024 12:32:37.222867012 CEST1.1.1.1192.168.2.50x6c5aNo error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                      Jun 11, 2024 12:32:38.382198095 CEST1.1.1.1192.168.2.50xf34No error (0)www.google.com172.217.16.132A (IP address)IN (0x0001)false
                      Jun 11, 2024 12:32:38.383070946 CEST1.1.1.1192.168.2.50x8610No error (0)www.google.com65IN (0x0001)false
                      Jun 11, 2024 12:32:42.107177973 CEST1.1.1.1192.168.2.50x4d0No error (0)skytechsip.com172.67.219.114A (IP address)IN (0x0001)false
                      Jun 11, 2024 12:32:42.107177973 CEST1.1.1.1192.168.2.50x4d0No error (0)skytechsip.com104.21.70.41A (IP address)IN (0x0001)false
                      Jun 11, 2024 12:32:42.136209965 CEST1.1.1.1192.168.2.50xed0cNo error (0)skytechsip.com65IN (0x0001)false
                      Jun 11, 2024 12:32:49.133240938 CEST1.1.1.1192.168.2.50x9cc0No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Jun 11, 2024 12:32:49.133240938 CEST1.1.1.1192.168.2.50x9cc0No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                      Jun 11, 2024 12:33:03.092900991 CEST1.1.1.1192.168.2.50x81acNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Jun 11, 2024 12:33:03.092900991 CEST1.1.1.1192.168.2.50x81acNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                      Jun 11, 2024 12:33:27.082957029 CEST1.1.1.1192.168.2.50x4bdeNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Jun 11, 2024 12:33:27.082957029 CEST1.1.1.1192.168.2.50x4bdeNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                      Jun 11, 2024 12:33:37.264313936 CEST1.1.1.1192.168.2.50x2278No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                      Jun 11, 2024 12:33:48.030868053 CEST1.1.1.1192.168.2.50xaf8fNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Jun 11, 2024 12:33:48.030868053 CEST1.1.1.1192.168.2.50xaf8fNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                      • ipinfo.io
                      • skytechsip.com
                      • https:
                      • a.nel.cloudflare.com
                      • fs.microsoft.com
                      Session IDSource IPSource PortDestination IPDestination Port
                      0192.168.2.54970434.117.186.192443
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:24 UTC59OUTGET / HTTP/1.1
                      Host: ipinfo.io
                      Connection: Keep-Alive
                      2024-06-11 10:32:24 UTC513INHTTP/1.1 200 OK
                      server: nginx/1.24.0
                      date: Tue, 11 Jun 2024 10:32:24 GMT
                      content-type: application/json; charset=utf-8
                      Content-Length: 314
                      access-control-allow-origin: *
                      x-frame-options: SAMEORIGIN
                      x-xss-protection: 1; mode=block
                      x-content-type-options: nosniff
                      referrer-policy: strict-origin-when-cross-origin
                      x-envoy-upstream-service-time: 2
                      via: 1.1 google
                      strict-transport-security: max-age=2592000; includeSubDomains
                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                      Connection: close
                      2024-06-11 10:32:24 UTC314INData Raw: 7b 0a 20 20 22 69 70 22 3a 20 22 31 37 33 2e 32 35 34 2e 32 35 30 2e 39 31 22 2c 0a 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 31 37 33 2e 32 35 34 2e 32 35 30 2e 39 31 2e 73 74 61 74 69 63 2e 71 75 61 64 72 61 6e 65 74 2e 63 6f 6d 22 2c 0a 20 20 22 63 69 74 79 22 3a 20 22 44 61 6c 6c 61 73 22 2c 0a 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 54 65 78 61 73 22 2c 0a 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 22 6c 6f 63 22 3a 20 22 33 32 2e 38 31 35 32 2c 2d 39 36 2e 38 37 30 33 22 2c 0a 20 20 22 6f 72 67 22 3a 20 22 41 53 38 31 30 30 20 51 75 61 64 72 61 4e 65 74 20 45 6e 74 65 72 70 72 69 73 65 73 20 4c 4c 43 22 2c 0a 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 37 35 32 34 37 22 2c 0a 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a 20 22 41 6d 65 72
                      Data Ascii: { "ip": "173.254.250.91", "hostname": "173.254.250.91.static.quadranet.com", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.8152,-96.8703", "org": "AS8100 QuadraNet Enterprises LLC", "postal": "75247", "timezone": "Amer


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      1192.168.2.549711172.67.219.1144435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:36 UTC663OUTGET /supra/ HTTP/1.1
                      Host: skytechsip.com
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      sec-ch-ua-platform: "Windows"
                      Upgrade-Insecure-Requests: 1
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: navigate
                      Sec-Fetch-User: ?1
                      Sec-Fetch-Dest: document
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-06-11 10:32:37 UTC1351INHTTP/1.1 503 Service Temporarily Unavailable
                      Date: Tue, 11 Jun 2024 10:32:37 GMT
                      Content-Type: text/html; charset=utf-8
                      Transfer-Encoding: chunked
                      Connection: close
                      X-Content-Type-Options: nosniff
                      X-Content-Type-Options: nosniff
                      X-XSS-Protection: 1; mode=block
                      X-XSS-Protection: 1; mode=block
                      Set-Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; path=/; expires=Wed, 12-Jun-24 10:29:50 GMT; Max-Age=86400;
                      Set-Cookie: MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; path=/; expires=Wed, 12-Jun-24 10:29:50 GMT; Max-Age=86400;
                      Set-Cookie: SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; path=/; expires=Wed, 12-Jun-24 10:29:50 GMT; Max-Age=86400;
                      Set-Cookie: eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; path=/; expires=Wed, 12-Jun-24 10:29:50 GMT; Max-Age=86400;
                      X-Frame-Options: SAMEORIGIN
                      Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                      Pragma: no-cache
                      Expires: 0
                      CF-Cache-Status: DYNAMIC
                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQ3bXQk9PGPFVioMa99z3p9sPK3YR9xde%2FycNq2OozX8LB5MosdxGqx%2F02O4vabrqbKkG%2FgAE6TIZ0FwKRnzHskZPqLABudAmkoTd8Mqizm%2B%2Bf5jqTOcJ32nhBUpE9vdKg%3D%3D"}],"group":"cf-nel","max_age":604800}
                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                      Server: cloudflare
                      CF-RAY: 8920f02e0934286f-DFW
                      2024-06-11 10:32:37 UTC32INData Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a
                      Data Ascii: alt-svc: h3=":443"; ma=86400
                      2024-06-11 10:32:37 UTC1355INData Raw: 31 63 63 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d
                      Data Ascii: 1ccb<!DOCTYPE html><html><head><meta charset="utf-8" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" /><meta name="viewport" content="width=device-width, initial-
                      2024-06-11 10:32:37 UTC1369INData Raw: 4f 79 42 77 59 58 52 6f 50 53 38 6e 4f 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 76 4c 32 70 68 64 6d 46 7a 59 33 4a 70 63 48 51 67 63 48 56 36 65 6d 78 6c 49 47 5a 76 63 69 42 69 63 6d 39 33 63 32 56 79 49 48 52 76 49 47 5a 70 5a 33 56 79 5a 53 42 76 64 58 51 67 64 47 38 67 5a 32 56 30 49 47 46 75 63 33 64 6c 63 67 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 70 5a 69 67 68 64 32 6c 75 5a 47 39 33 4c 6c 39 77 61 47 46 75 64 47 39 74 49 48 78 38 49 43 46 33 61 57 35 6b 62 33 63 75 59 32 46 73 62 46 42 6f 59 57 35 30 62 32 30 70 65 79 38 71 63 47 68 68 62 6e 52 76 62 57 70 7a 4b 69 38 4b 61 57 59 6f 49 58 64 70 62 6d 52 76 64 79 35 66 58 33 42
                      Data Ascii: OyBwYXRoPS8nOwogICAgICAgICAgICAgICAgICAgICAgICAvL2phdmFzY3JpcHQgcHV6emxlIGZvciBicm93c2VyIHRvIGZpZ3VyZSBvdXQgdG8gZ2V0IGFuc3dlcgogICAgICAgICAgICAgICAgICAgICAgICBpZighd2luZG93Ll9waGFudG9tIHx8ICF3aW5kb3cuY2FsbFBoYW50b20pey8qcGhhbnRvbWpzKi8KaWYoIXdpbmRvdy5fX3B
                      2024-06-11 10:32:37 UTC1369INData Raw: 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 76 4c 32 56 75 5a 43 42 71 59 58 5a 68 63 32 4e 79 61 58 42 30 49 48 42 31 65 6e 70 73 5a 51 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 32 59 58 49 67 65 47 68 30 64 48 41 67 50 53 42 75 5a 58 63 67 57 45 31 4d 53 48 52 30 63 46 4a 6c 63 58 56 6c 63 33 51 6f 4b 54 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 65 47 68 30 64 48 41 75 62 32 35 79 5a 57 46 6b 65 58 4e 30 59 58 52 6c 59 32 68 68 62 6d 64 6c 49 44 30 67 5a 6e 56 75 59 33 52 70 62 32 34 6f 4b 53 42 37 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67
                      Data Ascii: CAgICAgICAgICAgICAvL2VuZCBqYXZhc2NyaXB0IHB1enpsZQogICAgICAgICAgICAgICAgICAgICAgICB2YXIgeGh0dHAgPSBuZXcgWE1MSHR0cFJlcXVlc3QoKTsKICAgICAgICAgICAgICAgICAgICAgICAgeGh0dHAub25yZWFkeXN0YXRlY2hhbmdlID0gZnVuY3Rpb24oKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
                      2024-06-11 10:32:37 UTC1369INData Raw: 41 67 49 43 41 67 66 53 42 6c 62 48 4e 6c 49 48 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 33 61 57 35 6b 62 33 63 75 62 47 39 6a 59 58 52 70 62 32 34 75 63 6d 56 73 62 32 46 6b 4b 43 6b 37 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 39 43 6e 30 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 39 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 48 30 37 43 69 41 67 49
                      Data Ascii: AgICAgfSBlbHNlIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB3aW5kb3cubG9jYXRpb24ucmVsb2FkKCk7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9Cn0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgIH07CiAgI
                      2024-06-11 10:32:37 UTC1369INData Raw: 75 61 47 56 70 5a 32 68 30 4f 77 70 33 64 79 41 39 49 48 64 70 62 6d 52 76 64 79 35 70 62 6d 35 6c 63 6c 64 70 5a 48 52 6f 49 48 78 38 49 47 52 76 59 33 56 74 5a 57 35 30 4c 6d 52 76 59 33 56 74 5a 57 35 30 52 57 78 6c 62 57 56 75 64 43 35 6a 62 47 6c 6c 62 6e 52 58 61 57 52 30 61 43 42 38 66 43 42 6b 62 32 4e 31 62 57 56 75 64 43 35 69 62 32 52 35 4c 6d 4e 73 61 57 56 75 64 46 64 70 5a 48 52 6f 49 48 78 38 49 44 41 37 43 6e 64 6f 49 44 30 67 64 32 6c 75 5a 47 39 33 4c 6d 6c 75 62 6d 56 79 53 47 56 70 5a 32 68 30 49 48 78 38 49 47 52 76 59 33 56 74 5a 57 35 30 4c 6d 52 76 59 33 56 74 5a 57 35 30 52 57 78 6c 62 57 56 75 64 43 35 6a 62 47 6c 6c 62 6e 52 49 5a 57 6c 6e 61 48 51 67 66 48 77 67 5a 47 39 6a 64 57 31 6c 62 6e 51 75 59 6d 39 6b 65 53 35 6a 62 47
                      Data Ascii: uaGVpZ2h0Owp3dyA9IHdpbmRvdy5pbm5lcldpZHRoIHx8IGRvY3VtZW50LmRvY3VtZW50RWxlbWVudC5jbGllbnRXaWR0aCB8fCBkb2N1bWVudC5ib2R5LmNsaWVudFdpZHRoIHx8IDA7CndoID0gd2luZG93LmlubmVySGVpZ2h0IHx8IGRvY3VtZW50LmRvY3VtZW50RWxlbWVudC5jbGllbnRIZWlnaHQgfHwgZG9jdW1lbnQuYm9keS5jbG
                      2024-06-11 10:32:37 UTC548INData Raw: 65 6e 64 43 68 69 6c 64 28 64 29 7d 7d 69 66 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 7b 76 61 72 20 61 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 69 66 72 61 6d 65 27 29 3b 61 2e 68 65 69 67 68 74 3d 31 3b 61 2e 77 69 64 74 68 3d 31 3b 61 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 3d 27 61 62 73 6f 6c 75 74 65 27 3b 61 2e 73 74 79 6c 65 2e 74 6f 70 3d 30 3b 61 2e 73 74 79 6c 65 2e 6c 65 66 74 3d 30 3b 61 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 3d 27 6e 6f 6e 65 27 3b 61 2e 73 74 79 6c 65 2e 76 69 73 69 62 69 6c 69 74 79 3d 27 68 69 64 64 65 6e 27 3b 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 61 29 3b 69 66 28 27 6c 6f 61 64 69 6e 67 27 21 3d 3d 64 6f 63 75 6d 65 6e 74 2e 72 65 61 64
                      Data Ascii: endChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.read
                      2024-06-11 10:32:37 UTC5INData Raw: 30 0d 0a 0d 0a
                      Data Ascii: 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      2192.168.2.549710172.67.219.1144435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:37 UTC1107OUTPOST /supra/ HTTP/1.1
                      Host: skytechsip.com
                      Connection: keep-alive
                      Content-Length: 22
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      X-Requested-TimeStamp-Expire:
                      ihAR1OAkrrOviKTADhQH9FD9Xaw: 30302634
                      sec-ch-ua-mobile: ?0
                      X-Requested-TimeStamp-Combination:
                      X-Requested-Type-Combination: GET
                      Content-type: application/x-www-form-urlencoded
                      X-Requested-Type: GET
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      X-Requested-with: XMLHttpRequest
                      X-Requested-TimeStamp:
                      sec-ch-ua-platform: "Windows"
                      Accept: */*
                      Origin: https://skytechsip.com
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Referer: https://skytechsip.com/supra/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU
                      2024-06-11 10:32:37 UTC22OUTData Raw: 6e 61 6d 65 31 3d 48 65 6e 72 79 26 6e 61 6d 65 32 3d 46 6f 72 64
                      Data Ascii: name1=Henry&name2=Ford
                      2024-06-11 10:32:37 UTC1326INHTTP/1.1 204 No Content
                      Date: Tue, 11 Jun 2024 10:32:37 GMT
                      Connection: close
                      X-Content-Type-Options: nosniff
                      X-Content-Type-Options: nosniff
                      X-XSS-Protection: 1; mode=block
                      X-XSS-Protection: 1; mode=block
                      Set-Cookie: 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU; path=/; expires=Wed, 12-Jun-24 10:32:36 GMT; Max-Age=86400;
                      Set-Cookie: E-aXC_MivzraE5cPUnIaVDOQX6k=1718101956; path=/; expires=Wed, 12-Jun-24 10:32:36 GMT; Max-Age=86400;
                      Set-Cookie: koTLINYQ3Bd46qTrh_k3z84etaQ=1718188356; path=/; expires=Wed, 12-Jun-24 10:32:36 GMT; Max-Age=86400;
                      Set-Cookie: IVO2zVCZifT4dthTCjFiDofJglM=UuQ16har_jER1srR-2tJ0lVY7Fw; path=/; expires=Wed, 12-Jun-24 10:32:36 GMT; Max-Age=86400;
                      X-Frame-Options: SAMEORIGIN
                      Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                      Pragma: no-cache
                      Expires: 0
                      X-Server-Powered-By: Engintron
                      CF-Cache-Status: DYNAMIC
                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYFDWg7iPp5gpLmxAxeFfXYPkZZXici%2FYqwbr5Yrdy13IlU%2B5A79iuDF%2Bn056RLLo%2BvTSOjleqMUnCLsjtQfCokWJvOI9P%2B0247U1BLJ7Ygdp8kWrjweWpjVIQMYDmkoqg%3D%3D"}],"group":"cf-nel","max_age":604800}
                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                      Server: cloudflare
                      CF-RAY: 8920f031dc8f2d39-DFW
                      alt-svc: h3=":443"; ma=86400


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      3192.168.2.549715172.67.219.1144435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:37 UTC1086OUTGET /supra/ HTTP/1.1
                      Host: skytechsip.com
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      sec-ch-ua-platform: "Windows"
                      Upgrade-Insecure-Requests: 1
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: navigate
                      Sec-Fetch-Dest: document
                      Referer: https://skytechsip.com/supra/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU; E-aXC_MivzraE5cPUnIaVDOQX6k=1718101956; koTLINYQ3Bd46qTrh_k3z84etaQ=1718188356; IVO2zVCZifT4dthTCjFiDofJglM=UuQ16har_jER1srR-2tJ0lVY7Fw
                      2024-06-11 10:32:38 UTC723INHTTP/1.1 404 Not Found
                      Date: Tue, 11 Jun 2024 10:32:38 GMT
                      Content-Type: text/html
                      Transfer-Encoding: chunked
                      Connection: close
                      Vary: Accept-Encoding
                      X-Content-Type-Options: nosniff
                      X-Content-Type-Options: nosniff
                      X-XSS-Protection: 1; mode=block
                      X-XSS-Protection: 1; mode=block
                      CF-Cache-Status: DYNAMIC
                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whXWMUOa3X2cy0H%2BbF6Qca%2FLMRFVew9IV7M5dS08KfqE%2BOkyaFtLwg7mpTzpYTFHy7Y4k4NHVhzYh3cq6gAVMMOiFBp7NIQ7SJnUjXYQjJMYaumyr4Ry8DIZife0dXc2eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                      Server: cloudflare
                      CF-RAY: 8920f035de146c07-DFW
                      alt-svc: h3=":443"; ma=86400
                      2024-06-11 10:32:38 UTC646INData Raw: 34 61 62 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 3c 73 63 72 69 70 74
                      Data Ascii: 4ab<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><script
                      2024-06-11 10:32:38 UTC556INData Raw: 61 64 27 29 5b 30 5d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 64 29 7d 7d 69 66 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 7b 76 61 72 20 61 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 69 66 72 61 6d 65 27 29 3b 61 2e 68 65 69 67 68 74 3d 31 3b 61 2e 77 69 64 74 68 3d 31 3b 61 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 3d 27 61 62 73 6f 6c 75 74 65 27 3b 61 2e 73 74 79 6c 65 2e 74 6f 70 3d 30 3b 61 2e 73 74 79 6c 65 2e 6c 65 66 74 3d 30 3b 61 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 3d 27 6e 6f 6e 65 27 3b 61 2e 73 74 79 6c 65 2e 76 69 73 69 62 69 6c 69 74 79 3d 27 68 69 64 64 65 6e 27 3b 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 61 29 3b 69 66 28 27 6c 6f 61 64 69 6e 67 27 21 3d 3d 64 6f
                      Data Ascii: ad')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==do
                      2024-06-11 10:32:38 UTC5INData Raw: 30 0d 0a 0d 0a
                      Data Ascii: 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      4192.168.2.54971335.190.80.14435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:37 UTC541OUTOPTIONS /report/v4?s=IQ3bXQk9PGPFVioMa99z3p9sPK3YR9xde%2FycNq2OozX8LB5MosdxGqx%2F02O4vabrqbKkG%2FgAE6TIZ0FwKRnzHskZPqLABudAmkoTd8Mqizm%2B%2Bf5jqTOcJ32nhBUpE9vdKg%3D%3D HTTP/1.1
                      Host: a.nel.cloudflare.com
                      Connection: keep-alive
                      Origin: https://skytechsip.com
                      Access-Control-Request-Method: POST
                      Access-Control-Request-Headers: content-type
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-06-11 10:32:38 UTC336INHTTP/1.1 200 OK
                      content-length: 0
                      access-control-max-age: 86400
                      access-control-allow-methods: OPTIONS, POST
                      access-control-allow-origin: *
                      access-control-allow-headers: content-type, content-length
                      date: Tue, 11 Jun 2024 10:32:37 GMT
                      Via: 1.1 google
                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                      Connection: close


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      5192.168.2.549714172.67.219.1144435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:37 UTC849OUTGET /favicon.ico HTTP/1.1
                      Host: skytechsip.com
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: image
                      Referer: https://skytechsip.com/supra/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU
                      2024-06-11 10:32:38 UTC866INHTTP/1.1 403 Forbidden
                      Date: Tue, 11 Jun 2024 10:32:38 GMT
                      Content-Type: text/html
                      Transfer-Encoding: chunked
                      Connection: close
                      Vary: Accept-Encoding
                      X-Content-Type-Options: nosniff
                      X-Content-Type-Options: nosniff
                      X-XSS-Protection: 1; mode=block
                      X-XSS-Protection: 1; mode=block
                      Cache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
                      Pragma: public
                      CF-Cache-Status: HIT
                      Age: 87899
                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N98ZdLf%2Fzb%2FUNfsxJrpQkOtpt0Z6ve%2BmgENfkNtZ8cbbRulDwB4dbSW374Y21jarfHctAy1tBoi6NPh3svsoqXS1Wr3%2Bpmn1oMlefWJKm%2Bvc%2Fb2xraInETuo4HVFniYYpw%3D%3D"}],"group":"cf-nel","max_age":604800}
                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                      Server: cloudflare
                      CF-RAY: 8920f035da336b28-DFW
                      alt-svc: h3=":443"; ma=86400
                      2024-06-11 10:32:38 UTC503INData Raw: 32 33 34 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73
                      Data Ascii: 234<html><head><title>403 Forbidden</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to dis
                      2024-06-11 10:32:38 UTC68INData Raw: 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 0d 0a
                      Data Ascii: !-- a padding to disable MSIE and Chrome friendly error page -->
                      2024-06-11 10:32:38 UTC5INData Raw: 30 0d 0a 0d 0a
                      Data Ascii: 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      6192.168.2.549717172.67.219.1144435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:38 UTC784OUTGET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
                      Host: skytechsip.com
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: */*
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: script
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU
                      2024-06-11 10:32:38 UTC650INHTTP/1.1 302 Found
                      Date: Tue, 11 Jun 2024 10:32:38 GMT
                      Content-Length: 0
                      Connection: close
                      cache-control: max-age=300, public
                      access-control-allow-origin: *
                      location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQqhQrPmd2QC4ORAoQ%2FAn762nA%2B6qur%2B1D1FCiOhf%2B4LyTuRd02Zf4ycwKJvqkgQNmMiILLDuVhRPv8tpBsaASqYJqdq54qzKKOADIKY7LZh898I9zdy2sfPlZDs7kebxg%3D%3D"}],"group":"cf-nel","max_age":604800}
                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                      Server: cloudflare
                      CF-RAY: 8920f038fbb66b51-DFW
                      alt-svc: h3=":443"; ma=86400


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      7192.168.2.54971935.190.80.14435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:38 UTC484OUTPOST /report/v4?s=IQ3bXQk9PGPFVioMa99z3p9sPK3YR9xde%2FycNq2OozX8LB5MosdxGqx%2F02O4vabrqbKkG%2FgAE6TIZ0FwKRnzHskZPqLABudAmkoTd8Mqizm%2B%2Bf5jqTOcJ32nhBUpE9vdKg%3D%3D HTTP/1.1
                      Host: a.nel.cloudflare.com
                      Connection: keep-alive
                      Content-Length: 392
                      Content-Type: application/reports+json
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-06-11 10:32:38 UTC392OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 31 31 35 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 32 31 39 2e 31 31 34 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 35 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 73 6b 79 74 65 63 68 73 69 70 2e 63 6f 6d
                      Data Ascii: [{"age":0,"body":{"elapsed_time":1115,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"172.67.219.114","status_code":503,"type":"http.error"},"type":"network-error","url":"https://skytechsip.com
                      2024-06-11 10:32:38 UTC168INHTTP/1.1 200 OK
                      content-length: 0
                      date: Tue, 11 Jun 2024 10:32:38 GMT
                      Via: 1.1 google
                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                      Connection: close


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      8192.168.2.549721172.67.219.1144435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:40 UTC938OUTGET /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js HTTP/1.1
                      Host: skytechsip.com
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: */*
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: script
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU; E-aXC_MivzraE5cPUnIaVDOQX6k=1718101956; koTLINYQ3Bd46qTrh_k3z84etaQ=1718188356; IVO2zVCZifT4dthTCjFiDofJglM=UuQ16har_jER1srR-2tJ0lVY7Fw
                      2024-06-11 10:32:40 UTC634INHTTP/1.1 200 OK
                      Date: Tue, 11 Jun 2024 10:32:40 GMT
                      Content-Type: application/javascript; charset=UTF-8
                      Content-Length: 7793
                      Connection: close
                      x-content-type-options: nosniff
                      cache-control: max-age=14400, public
                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjkJCSx9Meak5Os%2F9%2FPYBQJNVEDvtEcitVg9jswCts4I3cfm6o7y46G3q9JmOW7p40jMT%2B47%2F9bw3mwxsB4U%2FbOIuwi4%2FfkdEQsJQxr72cEHkhWyMDQN4Q7dMvv3Ddf0Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                      Server: cloudflare
                      CF-RAY: 8920f0431e7346c6-DFW
                      alt-svc: h3=":443"; ma=86400
                      2024-06-11 10:32:40 UTC735INData Raw: 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 3d 7b 63 46 50 57 76 3a 27 67 27 7d 3b 7e 66 75 6e 63 74 69 6f 6e 28 56 2c 67 2c 68 2c 6d 2c 6e 2c 6f 2c 79 2c 7a 29 7b 56 3d 62 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 65 2c 55 2c 66 2c 43 29 7b 66 6f 72 28 55 3d 62 2c 66 3d 63 28 29 3b 21 21 5b 5d 3b 29 74 72 79 7b 69 66 28 43 3d 2d 70 61 72 73 65 49 6e 74 28 55 28 31 32 36 29 29 2f 31 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 31 35 32 29 29 2f 32 2a 28 70 61 72 73 65 49 6e 74 28 55 28 31 39 31 29 29 2f 33 29 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 32 30 35 29 29 2f 34 2a 28 70 61 72 73 65 49 6e 74 28 55 28 31 35 34 29 29 2f 35 29 2b 70 61 72 73 65 49 6e 74 28 55 28 31 31 35 29 29 2f 36 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 31 35 37 29 29 2f 37 2b 2d 70 61
                      Data Ascii: window._cf_chl_opt={cFPWv:'g'};~function(V,g,h,m,n,o,y,z){V=b,function(c,e,U,f,C){for(U=b,f=c();!![];)try{if(C=-parseInt(U(126))/1+-parseInt(U(152))/2*(parseInt(U(191))/3)+-parseInt(U(205))/4*(parseInt(U(154))/5)+parseInt(U(115))/6+-parseInt(U(157))/7+-pa
                      2024-06-11 10:32:40 UTC1369INData Raw: 29 7c 7c 28 48 5b 52 5d 3d 4c 2b 2b 2c 49 5b 52 5d 3d 21 30 29 2c 53 3d 4a 2b 52 2c 4f 62 6a 65 63 74 5b 61 32 28 31 32 32 29 5d 5b 61 32 28 31 35 33 29 5d 5b 61 32 28 32 31 30 29 5d 28 48 2c 53 29 29 4a 3d 53 3b 65 6c 73 65 7b 69 66 28 4f 62 6a 65 63 74 5b 61 32 28 31 32 32 29 5d 5b 61 32 28 31 35 33 29 5d 5b 61 32 28 32 31 30 29 5d 28 49 2c 4a 29 29 7b 69 66 28 32 35 36 3e 4a 5b 61 32 28 31 39 36 29 5d 28 30 29 29 7b 66 6f 72 28 47 3d 30 3b 47 3c 4d 3b 4f 3c 3c 3d 31 2c 50 3d 3d 45 2d 31 3f 28 50 3d 30 2c 4e 5b 61 32 28 31 38 30 29 5d 28 46 28 4f 29 29 2c 4f 3d 30 29 3a 50 2b 2b 2c 47 2b 2b 29 3b 66 6f 72 28 54 3d 4a 5b 61 32 28 31 39 36 29 5d 28 30 29 2c 47 3d 30 3b 38 3e 47 3b 4f 3d 31 2e 37 34 26 54 7c 4f 3c 3c 31 2e 38 37 2c 50 3d 3d 45 2d 31 3f 28
                      Data Ascii: )||(H[R]=L++,I[R]=!0),S=J+R,Object[a2(122)][a2(153)][a2(210)](H,S))J=S;else{if(Object[a2(122)][a2(153)][a2(210)](I,J)){if(256>J[a2(196)](0)){for(G=0;G<M;O<<=1,P==E-1?(P=0,N[a2(180)](F(O)),O=0):P++,G++);for(T=J[a2(196)](0),G=0;8>G;O=1.74&T|O<<1.87,P==E-1?(
                      2024-06-11 10:32:40 UTC1369INData Raw: 28 27 27 29 7d 2c 27 6a 27 3a 66 75 6e 63 74 69 6f 6e 28 44 2c 61 33 29 7b 72 65 74 75 72 6e 20 61 33 3d 61 30 2c 6e 75 6c 6c 3d 3d 44 3f 27 27 3a 44 3d 3d 27 27 3f 6e 75 6c 6c 3a 66 2e 69 28 44 5b 61 33 28 31 31 30 29 5d 2c 33 32 37 36 38 2c 66 75 6e 63 74 69 6f 6e 28 45 2c 61 34 29 7b 72 65 74 75 72 6e 20 61 34 3d 61 33 2c 44 5b 61 34 28 31 39 36 29 5d 28 45 29 7d 29 7d 2c 27 69 27 3a 66 75 6e 63 74 69 6f 6e 28 44 2c 45 2c 46 2c 61 35 2c 47 2c 48 2c 49 2c 4a 2c 4b 2c 4c 2c 4d 2c 4e 2c 4f 2c 50 2c 51 2c 52 2c 54 2c 53 29 7b 66 6f 72 28 61 35 3d 61 30 2c 47 3d 5b 5d 2c 48 3d 34 2c 49 3d 34 2c 4a 3d 33 2c 4b 3d 5b 5d 2c 4e 3d 46 28 30 29 2c 4f 3d 45 2c 50 3d 31 2c 4c 3d 30 3b 33 3e 4c 3b 47 5b 4c 5d 3d 4c 2c 4c 2b 3d 31 29 3b 66 6f 72 28 51 3d 30 2c 52 3d
                      Data Ascii: ('')},'j':function(D,a3){return a3=a0,null==D?'':D==''?null:f.i(D[a3(110)],32768,function(E,a4){return a4=a3,D[a4(196)](E)})},'i':function(D,E,F,a5,G,H,I,J,K,L,M,N,O,P,Q,R,T,S){for(a5=a0,G=[],H=4,I=4,J=3,K=[],N=F(0),O=E,P=1,L=0;3>L;G[L]=L,L+=1);for(Q=0,R=
                      2024-06-11 10:32:40 UTC1369INData Raw: 28 61 61 3d 56 2c 6e 75 6c 6c 3d 3d 3d 44 7c 7c 44 3d 3d 3d 76 6f 69 64 20 30 29 72 65 74 75 72 6e 20 46 3b 66 6f 72 28 48 3d 78 28 44 29 2c 43 5b 61 61 28 31 32 39 29 5d 5b 61 61 28 31 31 33 29 5d 26 26 28 48 3d 48 5b 61 61 28 32 30 38 29 5d 28 43 5b 61 61 28 31 32 39 29 5d 5b 61 61 28 31 31 33 29 5d 28 44 29 29 29 2c 48 3d 43 5b 61 61 28 31 37 34 29 5d 5b 61 61 28 31 35 35 29 5d 26 26 43 5b 61 61 28 31 38 34 29 5d 3f 43 5b 61 61 28 31 37 34 29 5d 5b 61 61 28 31 35 35 29 5d 28 6e 65 77 20 43 5b 28 61 61 28 31 38 34 29 29 5d 28 48 29 29 3a 66 75 6e 63 74 69 6f 6e 28 4e 2c 61 62 2c 4f 29 7b 66 6f 72 28 61 62 3d 61 61 2c 4e 5b 61 62 28 31 33 33 29 5d 28 29 2c 4f 3d 30 3b 4f 3c 4e 5b 61 62 28 31 31 30 29 5d 3b 4e 5b 4f 5d 3d 3d 3d 4e 5b 4f 2b 31 5d 3f 4e 5b
                      Data Ascii: (aa=V,null===D||D===void 0)return F;for(H=x(D),C[aa(129)][aa(113)]&&(H=H[aa(208)](C[aa(129)][aa(113)](D))),H=C[aa(174)][aa(155)]&&C[aa(184)]?C[aa(174)][aa(155)](new C[(aa(184))](H)):function(N,ab,O){for(ab=aa,N[ab(133)](),O=0;O<N[ab(110)];N[O]===N[O+1]?N[
                      2024-06-11 10:32:40 UTC1369INData Raw: 69 28 2e 30 31 29 29 72 65 74 75 72 6e 21 5b 5d 3b 44 3d 5b 5a 28 31 31 39 29 2b 66 2c 5a 28 31 36 30 29 2b 4a 53 4f 4e 5b 5a 28 31 37 36 29 5d 28 43 29 5d 5b 5a 28 31 37 38 29 5d 28 5a 28 31 38 31 29 29 3b 74 72 79 7b 69 66 28 45 3d 67 5b 5a 28 31 36 36 29 5d 2c 46 3d 5a 28 31 31 38 29 2b 67 5b 5a 28 31 37 33 29 5d 5b 5a 28 31 39 32 29 5d 2b 5a 28 31 33 31 29 2b 31 2b 5a 28 31 35 39 29 2b 45 2e 72 2b 5a 28 31 38 35 29 2c 47 3d 6e 65 77 20 67 5b 28 5a 28 31 31 37 29 29 5d 28 29 2c 21 47 29 72 65 74 75 72 6e 3b 48 3d 5a 28 31 33 30 29 2c 47 5b 5a 28 31 34 39 29 5d 28 48 2c 46 2c 21 21 5b 5d 29 2c 47 5b 5a 28 31 33 35 29 5d 3d 32 35 30 30 2c 47 5b 5a 28 31 34 38 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 47 5b 5a 28 31 35 38 29 5d 28 5a 28 31 31 36 29
                      Data Ascii: i(.01))return![];D=[Z(119)+f,Z(160)+JSON[Z(176)](C)][Z(178)](Z(181));try{if(E=g[Z(166)],F=Z(118)+g[Z(173)][Z(192)]+Z(131)+1+Z(159)+E.r+Z(185),G=new g[(Z(117))](),!G)return;H=Z(130),G[Z(149)](H,F,!![]),G[Z(135)]=2500,G[Z(148)]=function(){},G[Z(158)](Z(116)
                      2024-06-11 10:32:40 UTC1369INData Raw: 2d 20 2c 65 72 72 6f 72 20 6f 6e 20 63 66 5f 63 68 6c 5f 70 72 6f 70 73 2c 72 65 61 64 79 53 74 61 74 65 2c 53 65 74 2c 2f 69 6e 76 69 73 69 62 6c 65 2f 6a 73 64 2c 69 73 4e 61 4e 2c 69 6e 64 65 78 4f 66 2c 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 2c 63 68 61 72 41 74 2c 74 61 62 49 6e 64 65 78 2c 32 32 36 38 36 38 37 4a 48 74 7a 48 69 2c 63 46 50 57 76 2c 61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 2d 77 77 77 2d 66 6f 72 6d 2d 75 72 6c 65 6e 63 6f 64 65 64 2c 73 70 6c 69 74 2c 66 72 6f 6d 43 68 61 72 43 6f 64 65 2c 63 68 61 72 43 6f 64 65 41 74 2c 63 6f 6e 74 65 6e 74 44 6f 63 75 6d 65 6e 74 2c 67 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 2c 6d 73 67 2c 6e 61 76 69 67 61 74 6f 72 2c 5b 6e 61 74 69 76 65 20 63 6f 64 65 5d 2c 73 79 6d 62 6f 6c 2c 31 33 36
                      Data Ascii: - ,error on cf_chl_props,readyState,Set,/invisible/jsd,isNaN,indexOf,addEventListener,charAt,tabIndex,2268687JHtzHi,cFPWv,application/x-www-form-urlencoded,split,fromCharCode,charCodeAt,contentDocument,getPrototypeOf,msg,navigator,[native code],symbol,136
                      2024-06-11 10:32:40 UTC213INData Raw: 5b 61 64 28 32 31 31 29 5d 5b 61 64 28 31 34 30 29 5d 28 43 29 2c 44 3d 43 5b 61 64 28 31 37 35 29 5d 2c 45 3d 7b 7d 2c 45 3d 67 6e 49 45 38 28 44 2c 44 2c 27 27 2c 45 29 2c 45 3d 67 6e 49 45 38 28 44 2c 44 5b 61 64 28 32 30 39 29 5d 7c 7c 44 5b 61 64 28 32 30 30 29 5d 2c 27 6e 2e 27 2c 45 29 2c 45 3d 67 6e 49 45 38 28 44 2c 43 5b 61 64 28 31 39 37 29 5d 2c 27 64 2e 27 2c 45 29 2c 68 5b 61 64 28 32 31 31 29 5d 5b 61 64 28 31 33 37 29 5d 28 43 29 2c 46 3d 7b 7d 2c 46 2e 72 3d 45 2c 46 2e 65 3d 6e 75 6c 6c 2c 46 7d 63 61 74 63 68 28 48 29 7b 72 65 74 75 72 6e 20 47 3d 7b 7d 2c 47 2e 72 3d 7b 7d 2c 47 2e 65 3d 48 2c 47 7d 7d 7d 28 29
                      Data Ascii: [ad(211)][ad(140)](C),D=C[ad(175)],E={},E=gnIE8(D,D,'',E),E=gnIE8(D,D[ad(209)]||D[ad(200)],'n.',E),E=gnIE8(D,C[ad(197)],'d.',E),h[ad(211)][ad(137)](C),F={},F.r=E,F.e=null,F}catch(H){return G={},G.r={},G.e=H,G}}}()


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      9192.168.2.549723172.67.219.1144435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:41 UTC1012OUTPOST /cdn-cgi/challenge-platform/h/g/jsd/r/8920f035de146c07 HTTP/1.1
                      Host: skytechsip.com
                      Connection: keep-alive
                      Content-Length: 15768
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-platform: "Windows"
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Content-Type: application/json
                      Accept: */*
                      Origin: https://skytechsip.com
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU; E-aXC_MivzraE5cPUnIaVDOQX6k=1718101956; koTLINYQ3Bd46qTrh_k3z84etaQ=1718188356; IVO2zVCZifT4dthTCjFiDofJglM=UuQ16har_jER1srR-2tJ0lVY7Fw
                      2024-06-11 10:32:41 UTC15768OUTData Raw: 7b 22 77 70 22 3a 22 30 70 55 2d 50 62 45 72 50 2b 55 50 7a 4d 68 45 35 45 46 57 31 2d 62 56 57 74 6a 57 4a 48 4a 6b 6b 62 72 45 32 71 57 54 76 56 24 76 63 55 57 4b 54 4f 58 68 76 2b 45 39 57 7a 35 55 34 36 70 70 57 74 61 6b 57 6d 57 6b 56 6b 55 45 57 67 6b 45 77 68 6e 2d 61 2b 70 66 38 4c 2d 54 76 51 70 6a 74 78 39 46 4d 34 6f 2d 77 51 50 73 6a 49 45 78 71 54 61 4a 57 50 55 55 52 4a 4b 62 66 36 57 53 34 36 63 4e 66 57 4e 2d 4d 4b 57 62 73 55 57 4a 2d 62 62 2d 51 7a 2d 4a 57 45 76 57 31 2b 41 57 45 49 66 57 5a 33 72 74 34 70 4f 45 74 61 36 55 57 62 33 66 57 62 68 58 31 57 58 62 57 45 66 67 63 6c 55 4c 39 6a 56 62 34 62 45 4e 77 6a 70 71 50 51 43 44 4e 54 57 48 2d 62 4a 42 75 70 57 72 41 70 76 4d 63 54 79 67 34 57 58 44 4e 61 51 48 74 2d 57 6c 61 48 63 4a
                      Data Ascii: {"wp":"0pU-PbErP+UPzMhE5EFW1-bVWtjWJHJkkbrE2qWTvV$vcUWKTOXhv+E9Wz5U46ppWtakWmWkVkUEWgkEwhn-a+pf8L-TvQpjtx9FM4o-wQPsjIExqTaJWPUURJKbf6WS46cNfWN-MKWbsUWJ-bb-Qz-JWEvW1+AWEIfWZ3rt4pOEta6UWb3fWbhX1WXbWEfgclUL9jVb4bENwjpqPQCDNTWH-bJBupWrApvMcTyg4WXDNaQHt-WlaHcJ
                      2024-06-11 10:32:42 UTC966INHTTP/1.1 200 OK
                      Date: Tue, 11 Jun 2024 10:32:42 GMT
                      Content-Type: text/plain; charset=UTF-8
                      Content-Length: 0
                      Connection: close
                      Set-Cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.skytechsip.com; HttpOnly; Secure; SameSite=None
                      Set-Cookie: cf_clearance=vEFWEk2y0mFgTz.u014UxfLu_1ZiV7T5xrrhg1H3NOo-1718101962-1.0.1.1-rU6fxs5EcJet3u2Lu2yECjQuSsgnCwxfOHQaMHcwgEbQ4w3z7PFAcK6FxjCHDfnTgjG8fpGvugss_G6.KwoWtQ; Path=/; Expires=Wed, 11-Jun-25 10:32:42 GMT; Domain=.skytechsip.com; HttpOnly; Secure; SameSite=None; Partitioned
                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJjYiKnoIRFA3lrjQ%2FwYdyQ14r3yUWYHEIY39ixHGYCSahJCk%2FVeZmV6tqpnt3BjsildoXzUtHohf%2FhEMCi5pWsnlC%2BPcPPinsGdrN53tOcQzQ%2BOpVRdiWquAOtY3z5woA%3D%3D"}],"group":"cf-nel","max_age":604800}
                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                      Server: cloudflare
                      CF-RAY: 8920f04df83a2cd7-DFW
                      alt-svc: h3=":443"; ma=86400


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      10192.168.2.549722184.28.90.27443
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:41 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                      Connection: Keep-Alive
                      Accept: */*
                      Accept-Encoding: identity
                      User-Agent: Microsoft BITS/7.8
                      Host: fs.microsoft.com
                      2024-06-11 10:32:42 UTC467INHTTP/1.1 200 OK
                      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                      Content-Type: application/octet-stream
                      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                      Server: ECAcc (lpl/EF06)
                      X-CID: 11
                      X-Ms-ApiVersion: Distribute 1.2
                      X-Ms-Region: prod-neu-z1
                      Cache-Control: public, max-age=193074
                      Date: Tue, 11 Jun 2024 10:32:42 GMT
                      Connection: close
                      X-CID: 2


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      11192.168.2.549724172.67.219.1144435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:42 UTC787OUTGET /cdn-cgi/challenge-platform/h/g/jsd/r/8920f035de146c07 HTTP/1.1
                      Host: skytechsip.com
                      Connection: keep-alive
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept: */*
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      Cookie: moBqkspfv3K3cHrHrpFYdDizgMM=FP55huUU2r0xcBrOvrDu45h2ksU; MDoRYW6TdgYl8yXTV9IE53DTBVA=1718101790; SYSDXifBDyJjJWugDPbrpdXF9b0=1718188190; eM_i2HF9sskb279Hhbpfkds4rTg=8vvT2QWLOCAjq8CjbVRfFHlhoQo; 4XRs6mj0zYbdffazgQCT_wLFz0U=oeesLesJYOZumz65K6LnqNvOUmU; E-aXC_MivzraE5cPUnIaVDOQX6k=1718101956; koTLINYQ3Bd46qTrh_k3z84etaQ=1718188356; IVO2zVCZifT4dthTCjFiDofJglM=UuQ16har_jER1srR-2tJ0lVY7Fw
                      2024-06-11 10:32:42 UTC704INHTTP/1.1 404 Not Found
                      Date: Tue, 11 Jun 2024 10:32:42 GMT
                      Content-Type: application/json
                      Content-Length: 7
                      Connection: close
                      cf-chl-out: RZka+dylHwJ5ypBdhsCAKw==$slKoSjAWjcrl2reYdQ/Waw==
                      cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ag6i99HNobKWBqAKlTiu4n9nipko7E9sdu2Z78qw%2BibrvVwfrYTmEUz%2FjrRMWxDiQxgx9DmbroRFPsRfd9XXAIIXGg5XWHkVB1dLZkW%2Fwq3%2BcsVEULIgkVmVyYEl82SSrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                      Server: cloudflare
                      CF-RAY: 8920f0539a064792-DFW
                      alt-svc: h3=":443"; ma=86400
                      2024-06-11 10:32:42 UTC7INData Raw: 69 6e 76 61 6c 69 64
                      Data Ascii: invalid


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      12192.168.2.549725184.28.90.27443
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:32:43 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                      Connection: Keep-Alive
                      Accept: */*
                      Accept-Encoding: identity
                      If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                      Range: bytes=0-2147483646
                      User-Agent: Microsoft BITS/7.8
                      Host: fs.microsoft.com
                      2024-06-11 10:32:43 UTC515INHTTP/1.1 200 OK
                      ApiVersion: Distribute 1.1
                      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                      Content-Type: application/octet-stream
                      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                      Server: ECAcc (lpl/EF06)
                      X-CID: 11
                      X-Ms-ApiVersion: Distribute 1.2
                      X-Ms-Region: prod-weu-z1
                      Cache-Control: public, max-age=193076
                      Date: Tue, 11 Jun 2024 10:32:43 GMT
                      Content-Length: 55
                      Connection: close
                      X-CID: 2
                      2024-06-11 10:32:43 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                      Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      13192.168.2.54973635.190.80.14435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:33:37 UTC541OUTOPTIONS /report/v4?s=WJjYiKnoIRFA3lrjQ%2FwYdyQ14r3yUWYHEIY39ixHGYCSahJCk%2FVeZmV6tqpnt3BjsildoXzUtHohf%2FhEMCi5pWsnlC%2BPcPPinsGdrN53tOcQzQ%2BOpVRdiWquAOtY3z5woA%3D%3D HTTP/1.1
                      Host: a.nel.cloudflare.com
                      Connection: keep-alive
                      Origin: https://skytechsip.com
                      Access-Control-Request-Method: POST
                      Access-Control-Request-Headers: content-type
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-06-11 10:33:38 UTC336INHTTP/1.1 200 OK
                      Content-Length: 0
                      access-control-max-age: 86400
                      access-control-allow-methods: POST, OPTIONS
                      access-control-allow-origin: *
                      access-control-allow-headers: content-type, content-length
                      date: Tue, 11 Jun 2024 10:33:37 GMT
                      Via: 1.1 google
                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                      Connection: close


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      14192.168.2.54973735.190.80.14435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:33:37 UTC539OUTOPTIONS /report/v4?s=Ag6i99HNobKWBqAKlTiu4n9nipko7E9sdu2Z78qw%2BibrvVwfrYTmEUz%2FjrRMWxDiQxgx9DmbroRFPsRfd9XXAIIXGg5XWHkVB1dLZkW%2Fwq3%2BcsVEULIgkVmVyYEl82SSrQ%3D%3D HTTP/1.1
                      Host: a.nel.cloudflare.com
                      Connection: keep-alive
                      Origin: https://skytechsip.com
                      Access-Control-Request-Method: POST
                      Access-Control-Request-Headers: content-type
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-06-11 10:33:38 UTC336INHTTP/1.1 200 OK
                      content-length: 0
                      access-control-max-age: 86400
                      access-control-allow-methods: OPTIONS, POST
                      access-control-allow-origin: *
                      access-control-allow-headers: content-length, content-type
                      date: Tue, 11 Jun 2024 10:33:37 GMT
                      Via: 1.1 google
                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                      Connection: close


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      15192.168.2.54973835.190.80.14435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:33:38 UTC484OUTPOST /report/v4?s=WJjYiKnoIRFA3lrjQ%2FwYdyQ14r3yUWYHEIY39ixHGYCSahJCk%2FVeZmV6tqpnt3BjsildoXzUtHohf%2FhEMCi5pWsnlC%2BPcPPinsGdrN53tOcQzQ%2BOpVRdiWquAOtY3z5woA%3D%3D HTTP/1.1
                      Host: a.nel.cloudflare.com
                      Connection: keep-alive
                      Content-Length: 852
                      Content-Type: application/reports+json
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-06-11 10:33:38 UTC852OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 38 35 38 33 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 38 30 30 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 73 6b 79 74 65 63 68 73 69 70 2e 63 6f 6d 2f 73 75 70 72 61 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 32 31 39 2e 31 31 34 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f
                      Data Ascii: [{"age":58583,"body":{"elapsed_time":800,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://skytechsip.com/supra/","sampling_fraction":1.0,"server_ip":"172.67.219.114","status_code":404,"type":"http.error"},"type":"network-erro
                      2024-06-11 10:33:38 UTC168INHTTP/1.1 200 OK
                      content-length: 0
                      date: Tue, 11 Jun 2024 10:33:38 GMT
                      Via: 1.1 google
                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                      Connection: close


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      16192.168.2.54973935.190.80.14435068C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-06-11 10:33:38 UTC482OUTPOST /report/v4?s=Ag6i99HNobKWBqAKlTiu4n9nipko7E9sdu2Z78qw%2BibrvVwfrYTmEUz%2FjrRMWxDiQxgx9DmbroRFPsRfd9XXAIIXGg5XWHkVB1dLZkW%2Fwq3%2BcsVEULIgkVmVyYEl82SSrQ%3D%3D HTTP/1.1
                      Host: a.nel.cloudflare.com
                      Connection: keep-alive
                      Content-Length: 442
                      Content-Type: application/reports+json
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-06-11 10:33:38 UTC442OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 34 33 37 32 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 37 38 39 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 32 31 39 2e 31 31 34 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 73 6b 79 74 65 63 68 73 69 70 2e
                      Data Ascii: [{"age":54372,"body":{"elapsed_time":789,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"172.67.219.114","status_code":404,"type":"http.error"},"type":"network-error","url":"https://skytechsip.
                      2024-06-11 10:33:38 UTC168INHTTP/1.1 200 OK
                      content-length: 0
                      date: Tue, 11 Jun 2024 10:33:38 GMT
                      Via: 1.1 google
                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                      Connection: close


                      020406080s020406080100

                      Click to jump to process

                      020406080s0.0050100MB

                      Click to jump to process

                      Target ID:0
                      Start time:06:32:28
                      Start date:11/06/2024
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                      Imagebase:0x7ff715980000
                      File size:3'242'272 bytes
                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:false

                      Target ID:2
                      Start time:06:32:32
                      Start date:11/06/2024
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2000,i,4317553812843478236,12747802247052141099,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                      Imagebase:0x7ff715980000
                      File size:3'242'272 bytes
                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:false

                      Target ID:3
                      Start time:06:32:35
                      Start date:11/06/2024
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://skytechsip.com/supra/"
                      Imagebase:0x7ff715980000
                      File size:3'242'272 bytes
                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:true
                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                      No disassembly