Edit tour

Windows Analysis Report
https://365214tesauppeortbasd132.z26.web.core.windows.net/#

Overview

General Information

Sample URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/#
Analysis ID:	1560653
Infos:

Detection

TechSupportScam

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Yara detected TechSupportScam

AI detected landing page (webpage, office document or email)

AI detected suspicious URL

Classification

Process Tree

System is w10x64native

chrome.exe (PID: 7464 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: BB7C48CDDDE076E7EB44022520F40F77)

chrome.exe (PID: 2476 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-subproc-heap-profiling --field-trial-handle=2212,i,2975576958291642428,16294002062310823096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=2224 /prefetch:3 MD5: BB7C48CDDDE076E7EB44022520F40F77)

chrome.exe (PID: 7676 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --no-subproc-heap-profiling --field-trial-handle=4648,i,2975576958291642428,16294002062310823096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=5796 /prefetch:8 MD5: BB7C48CDDDE076E7EB44022520F40F77)

chrome.exe (PID: 6500 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://365214tesauppeortbasd132.z26.web.core.windows.net/#" MD5: BB7C48CDDDE076E7EB44022520F40F77)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_79	JoeSecurity_TechSupportScam	Yara detected TechSupportScam	Joe Security

HTML

Source	Rule	Description	Author
0.1.pages.csv	JoeSecurity_TechSupportScam	Yara detected TechSupportScam	Joe Security
0.0.pages.csv	JoeSecurity_TechSupportScam	Yara detected TechSupportScam	Joe Security
0.12.pages.csv	JoeSecurity_TechSupportScam	Yara detected TechSupportScam	Joe Security
0.9.pages.csv	JoeSecurity_TechSupportScam	Yara detected TechSupportScam	Joe Security
0.10.pages.csv	JoeSecurity_TechSupportScam	Yara detected TechSupportScam	Joe Security
0.6.pages.csv	JoeSecurity_TechSupportScam	Yara detected TechSupportScam	Joe Security
Click to see the 1 entries

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

AI detected phishing page

Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL '365214tesauppeortbasd132.z26.web.core.windows.net' does not match the legitimate domain for Microsoft., The URL uses a subdomain of 'web.core.windows.net', which is a common hosting service, but the prefix '365214tesauppeortbasd132' is suspicious and does not relate to Microsoft., The URL contains random alphanumeric characters and misspellings, which are common indicators of phishing., The use of a cloud service provider's domain with a suspicious subdomain is a common tactic in phishing attempts. DOM: 0.1.pages.csv
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Score: 8 Reasons: The URL uses a subdomain of 'web.core.windows.net', which is a legitimate Microsoft Azure domain used for hosting static websites., The main domain 'web.core.windows.net' is associated with Microsoft Azure, a cloud service by Microsoft., The subdomain '365214tesauppeortbasd132' is suspicious due to its random characters and does not clearly relate to any known Microsoft service., The presence of random characters in the subdomain is a common tactic used in phishing to confuse users., The brand 'Microsoft' is well-known and typically associated with domains like 'microsoft.com' or 'office.com'., The input fields labeled as 'u, n, k, n, o, w, n' do not provide clear context and could be a tactic to gather sensitive information. DOM: 0.9.pages.csv
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL '365214tesauppeortbasd132.z26.web.core.windows.net' does not match the legitimate domain for Microsoft., The URL uses a subdomain structure under 'web.core.windows.net', which is a common hosting service used by Microsoft Azure, but the subdomain '365214tesauppeortbasd132' is suspicious and does not clearly relate to Microsoft., The subdomain contains random characters and misspellings, which are common indicators of phishing attempts., The presence of '365' in the subdomain could be an attempt to mimic 'Office 365', a Microsoft product, which is a common phishing tactic. DOM: 0.11.pages.csv
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Score: 8 Reasons: The URL uses a subdomain of 'web.core.windows.net', which is a legitimate Microsoft Azure domain used for hosting static websites., The main domain does not match the typical domain associated with Microsoft services, which is 'microsoft.com'., The subdomain '365214tesauppeortbasd132' is suspicious due to its random characters and does not clearly relate to any known Microsoft service., The presence of '365' in the subdomain could be an attempt to mimic 'Office 365', a well-known Microsoft product, which is a common phishing tactic., The brand 'Microsoft' is classified as 'wellknown', and any deviation from its standard domain should be treated with caution. DOM: 0.10.pages.csv
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL '365214tesauppeortbasd132.z26.web.core.windows.net' does not match the legitimate domain for Microsoft., The URL uses a subdomain structure under 'web.core.windows.net', which is a common hosting service used by Microsoft Azure, but the subdomain '365214tesauppeortbasd132' is suspicious and not recognizable as a legitimate Microsoft service., The subdomain contains random characters and misspellings, which are common indicators of phishing attempts., The use of '365' in the subdomain may be attempting to mimic 'Office 365', a Microsoft product, which is a common phishing tactic. DOM: 0.12.pages.csv

Yara detected TechSupportScam

Source: Yara match	File source: 0.1.pages.csv, type: HTML
Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: 0.12.pages.csv, type: HTML
Source: Yara match	File source: 0.9.pages.csv, type: HTML
Source: Yara match	File source: 0.10.pages.csv, type: HTML
Source: Yara match	File source: 0.6.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_79, type: DROPPED

AI detected landing page (webpage, office document or email)

Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Page contains button: 'Scan now' Source: '0.0.pages.csv'
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Page contains button: 'Scan now' Source: '0.1.pages.csv'
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Page contains button: 'Scan now' Source: '0.3.pages.csv'
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Page contains button: 'Scan now' Source: '0.2.pages.csv'
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Page contains button: 'Scan now' Source: '0.6.pages.csv'
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Page contains button: 'Scan now' Source: '0.7.pages.csv'
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Page contains button: 'Scan now' Source: '0.8.pages.csv'
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	Joe Sandbox AI: Page contains button: 'Scan now' Source: '0.9.pages.csv'

AI detected suspicious URL

Source: Email	Joe Sandbox AI: AI detected Brand spoofing attempt in URL: https://365214tesauppeortbasd132.z26.web.core.windows.net
Source: Email	Joe Sandbox AI: AI detected Typosquatting in URL: https://365214tesauppeortbasd132.z26.web.core.windows.net

Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	HTTP Parser: No favicon
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	HTTP Parser: No favicon
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	HTTP Parser: No favicon
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	HTTP Parser: No favicon
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	HTTP Parser: No favicon
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	HTTP Parser: No favicon
Source: https://365214tesauppeortbasd132.z26.web.core.windows.net/#	HTTP Parser: No favicon

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\scoped_dir7464_730077795			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_BITS_7464_977693316			Jump to behavior

Source: unknown	TCP traffic detected without corresponding DNS query: 23.44.203.73
Source: unknown	TCP traffic detected without corresponding DNS query: 23.57.90.141
Source: unknown	TCP traffic detected without corresponding DNS query: 146.19.181.36
Source: unknown	TCP traffic detected without corresponding DNS query: 146.19.181.36
Source: unknown	TCP traffic detected without corresponding DNS query: 146.19.181.36
Source: unknown	TCP traffic detected without corresponding DNS query: 146.19.181.36
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.35.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.35.163
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://365214tesauppeortbasd132.z26.web.core.windows.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /emojione/assets/png/1f44b.png?v=2.2.7 HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /emojione/assets/png/1f44b.png?v=2.2.7 HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: embed.tawk.to
Source: global traffic	DNS traffic detected: DNS query: va.tawk.to
Source: global traffic	DNS traffic detected: DNS query: vsa20.tawk.to
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net

Source: global traffic	TCP traffic: 192.168.11.20:61825 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:61825 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:61825 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:61825 -> 239.255.255.250:1900

Source: chromecache_96.1.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_96.1.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_79.1.dr	String found in binary or memory: https://embed.tawk.to/666f8536981b6c56477dfe5c/1i0hq0o9u
Source: chromecache_127.1.dr	String found in binary or memory: https://ezgif.com/optimize
Source: chromecache_142.1.dr, chromecache_101.1.dr, chromecache_78.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_142.1.dr, chromecache_101.1.dr, chromecache_78.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_142.1.dr, chromecache_78.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800

Spam, unwanted Advertisements and Ransom Demands

Yara detected TechSupportScam

Source: Yara match	File source: 0.1.pages.csv, type: HTML
Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: 0.12.pages.csv, type: HTML
Source: Yara match	File source: 0.9.pages.csv, type: HTML
Source: Yara match	File source: 0.10.pages.csv, type: HTML
Source: Yara match	File source: 0.6.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_79, type: DROPPED

Source: classification engine

Classification label: mal72.phis.win@18/146@16/8

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\scoped_dir7464_730077795

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-subproc-heap-profiling --field-trial-handle=2212,i,2975576958291642428,16294002062310823096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=2224 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://365214tesauppeortbasd132.z26.web.core.windows.net/#"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --no-subproc-heap-profiling --field-trial-handle=4648,i,2975576958291642428,16294002062310823096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=5796 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-subproc-heap-profiling --field-trial-handle=2212,i,2975576958291642428,16294002062310823096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=2224 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --no-subproc-heap-profiling --field-trial-handle=4648,i,2975576958291642428,16294002062310823096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=5796 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\scoped_dir7464_730077795			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\chrome_BITS_7464_977693316			Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	2 Browser Extensions	1 Process Injection	2 Masquerading	OS Credential Dumping	1 Network Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://365214tesauppeortbasd132.z26.web.core.windows.net/#	0%	Avira URL Cloud	safe
https://365214tesauppeortbasd132.z26.web.core.windows.net/#	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
embed.tawk.to	104.22.45.142	true	false	high
va.tawk.to	104.22.44.142	true	false	high
jsdelivr.map.fastly.net	151.101.193.229	true	false	high
vsa20.tawk.to	104.22.44.142	true	false	high
www.google.com	142.251.40.132	true	false	high
cdn.jsdelivr.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js	false		high
https://cdn.jsdelivr.net/emojione/assets/png/1f44b.png?v=2.2.7	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Reputation
http://fontawesome.io	chromecache_96.1.dr	false	high
https://embed.tawk.to/666f8536981b6c56477dfe5c/1i0hq0o9u	chromecache_79.1.dr	false	high
https://github.com/twbs/bootstrap/graphs/contributors)	chromecache_142.1.dr, chromecache_78.1.dr	false	high
https://getbootstrap.com/)	chromecache_142.1.dr, chromecache_101.1.dr, chromecache_78.1.dr	false	high
https://github.com/twbs/bootstrap/blob/main/LICENSE)	chromecache_142.1.dr, chromecache_101.1.dr, chromecache_78.1.dr	false	high
https://ezgif.com/optimize	chromecache_127.1.dr	false	high
http://fontawesome.io/license	chromecache_96.1.dr	false	high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
151.101.1.229	unknown	United States	54113	FASTLYUS	false
172.67.15.14	unknown	United States	13335	CLOUDFLARENETUS	false
151.101.193.229	jsdelivr.map.fastly.net	United States	54113	FASTLYUS	false
104.22.45.142	embed.tawk.to	United States	13335	CLOUDFLARENETUS	false
142.251.40.132	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.22.44.142	va.tawk.to	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.11.20

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1560653
Start date and time:	2024-11-22 04:42:43 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 45s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/#
Analysis system description:	Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, Chrome 128, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
Number of analysed new started processes analysed:	12
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal72.phis.win@18/146@16/8
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, audiodg.exe, CompPkgSrv.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.80.99, 142.250.80.110, 142.251.179.84, 34.104.35.123, 20.60.32.33, 142.251.41.10, 142.250.80.10, 142.250.72.106, 142.250.65.202, 142.250.80.106, 142.251.32.106, 142.250.80.74, 142.250.65.234, 142.250.65.170, 142.251.40.106, 142.250.80.42, 142.251.35.170, 142.250.81.234, 142.251.40.202, 142.250.176.202, 142.251.40.234, 142.251.40.170, 172.217.165.138, 142.250.64.106, 142.250.64.74, 142.251.40.138, 142.251.40.195
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, 365214tesauppeortbasd132.z26.web.core.windows.net, web.mel23prdstr09a.store.core.windows.net, update.googleapis.com, clientservices.googleapis.com, clients.l.google.com, www.googleapis.com, dns.msftncsi.com
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net Model: Joe Sandbox AI	{ "typosquatting": true, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": true, "malicious_keywords": true, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": true, "third_party_hosting": true }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Virus Alert !!", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Your system has been reported to be infected with Trojan-type spyware.", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Your system has been reported to be infected with Trojan-type spyware.", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Your system has been reported to be infected with Trojan-type spyware.", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Your system has been reported to be infected with Trojan-type spyware.", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Your system has been reported to be infected with Trojan-type spyware.", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Your system has been reported to be infected with Trojan-type spyware. For assistance, contact Microsoft Support", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Your system has been reported to be infected with Trojan-type spyware.", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Virus Alert!!", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Virus Alert!!", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Virus Alert!!", "prominent_button_name": "Scan now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": true, "has_visible_qrcode": false }

URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.", "The URL '365214tesauppeortbasd132.z26.web.core.windows.net' does not match the legitimate domain for Microsoft.", "The URL uses a subdomain of 'web.core.windows.net', which is a common hosting service, but the prefix '365214tesauppeortbasd132' is suspicious and does not relate to Microsoft.", "The URL contains random alphanumeric characters and misspellings, which are common indicators of phishing.", "The use of a cloud service provider's domain with a suspicious subdomain is a common tactic in phishing attempts." ], "riskscore": 9} Google indexed: False
URL: 365214tesauppeortbasd132.z26.web.core.windows.net Brands: Microsoft Input Fields: u, n, k, n, o, w, n
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The URL uses a subdomain of 'web.core.windows.net', which is a legitimate Microsoft Azure domain used for hosting static websites.", "The main domain 'web.core.windows.net' is associated with Microsoft Azure, a cloud service by Microsoft.", "The subdomain '365214tesauppeortbasd132' is suspicious due to its random characters and does not clearly relate to any known Microsoft service.", "The presence of random characters in the subdomain is a common tactic used in phishing to confuse users.", "The brand 'Microsoft' is well-known and typically associated with domains like 'microsoft.com' or 'office.com'.", "The input fields labeled as 'u, n, k, n, o, w, n' do not provide clear context and could be a tactic to gather sensitive information." ], "riskscore": 8} Google indexed: False
URL: 365214tesauppeortbasd132.z26.web.core.windows.net Brands: Microsoft Input Fields: u, n, k, n, o, w, n
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.", "The URL '365214tesauppeortbasd132.z26.web.core.windows.net' does not match the legitimate domain for Microsoft.", "The URL uses a subdomain structure under 'web.core.windows.net', which is a common hosting service used by Microsoft Azure, but the subdomain '365214tesauppeortbasd132' is suspicious and does not clearly relate to Microsoft.", "The subdomain contains random characters and misspellings, which are common indicators of phishing attempts.", "The presence of '365' in the subdomain could be an attempt to mimic 'Office 365', a Microsoft product, which is a common phishing tactic." ], "riskscore": 9} Google indexed: False
URL: 365214tesauppeortbasd132.z26.web.core.windows.net Brands: Microsoft Input Fields: u, n, k, n, o, w, n
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The URL uses a subdomain of 'web.core.windows.net', which is a legitimate Microsoft Azure domain used for hosting static websites.", "The main domain does not match the typical domain associated with Microsoft services, which is 'microsoft.com'.", "The subdomain '365214tesauppeortbasd132' is suspicious due to its random characters and does not clearly relate to any known Microsoft service.", "The presence of '365' in the subdomain could be an attempt to mimic 'Office 365', a well-known Microsoft product, which is a common phishing tactic.", "The brand 'Microsoft' is classified as 'wellknown', and any deviation from its standard domain should be treated with caution." ], "riskscore": 8} Google indexed: False
URL: 365214tesauppeortbasd132.z26.web.core.windows.net Brands: Microsoft Input Fields: u, n, k, n, o, w, n
URL: https://365214tesauppeortbasd132.z26.web.core.windows.net/# Model: Joe Sandbox AI	```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.", "The URL '365214tesauppeortbasd132.z26.web.core.windows.net' does not match the legitimate domain for Microsoft.", "The URL uses a subdomain structure under 'web.core.windows.net', which is a common hosting service used by Microsoft Azure, but the subdomain '365214tesauppeortbasd132' is suspicious and not recognizable as a legitimate Microsoft service.", "The subdomain contains random characters and misspellings, which are common indicators of phishing attempts.", "The use of '365' in the subdomain may be attempting to mimic 'Office 365', a Microsoft product, which is a common phishing tactic." ], "riskscore": 9} Google indexed: False
URL: 365214tesauppeortbasd132.z26.web.core.windows.net Brands: Microsoft Input Fields: u, n, k, n, o, w, n

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	99
Entropy (8bit):	4.358388465510877
Encrypted:	false
SSDEEP:	3:CFFwTbqA2FJB/QR+rcXFA/F3dNQ+5fCQ:C/wTO/JBI+dF3fQw
MD5:	894AF36EC36119261A35CE05DFA6B1D0
SHA1:	B7726E977BD1F28AB0D302A4C7341B13122D033C
SHA-256:	36C93ECCA4EA10ED850A8B04465A4141F6AFC135419D644181E63A98DA87A376
SHA-512:	0B97EAA5562BC0AD43AF4494416EBF94F72D95873E55E4713818A5E39D08C334499BF13062E28FC08469DC097ED920FC9F824253B97709BF8FA841BE31D2B872
Malicious:	false
Reputation:	low
Preview:	.. navigator.keyboard.lock();.. document.onkeydown = function (e) {.. return false;.. }

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65335)
Category:	downloaded
Size (bytes):	220820
Entropy (8bit):	4.982129906232361
Encrypted:	false
SSDEEP:	1536:u1tfA98f66e7K5wlP72J9S3I17sYciHKVOpz600I4V9:ytfA98fLpKVOpz600I4V9
MD5:	251DA3D8871806DD59094234B5A24C33
SHA1:	AA4318C4378D5943C18D5993BC0534E4CE7B6D4D
SHA-256:	0CFD94F6DF34DC8EA6B0BF28CFDB2541582FB1C843C1437963EE0C1B7C4ABF1A
SHA-512:	722F10FA4B9FF3A8ACAB2B23B67237D2083F74E41B3DF782BD73E2F2072BA47352E0A02D92776073B5587FB9965FD27523442833FC129434F25F52F1F728A6FF
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/bootstrap.min.css
Preview:	@charset "UTF-8";/!. Bootstrap v5.3.0-alpha1 (https://getbootstrap.com/). * Copyright 2011-2022 The Bootstrap Authors. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */:root,[data-bs-theme=light]{--bs-blue:#0d6efd;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#dc3545;--bs-orange:#fd7e14;--bs-yellow:#ffc107;--bs-green:#198754;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-black:#000;--bs-white:#fff;--bs-gray:#6c757d;--bs-gray-dark:#343a40;--bs-gray-100:#f8f9fa;--bs-gray-200:#e9ecef;--bs-gray-300:#dee2e6;--bs-gray-400:#ced4da;--bs-gray-500:#adb5bd;--bs-gray-600:#6c757d;--bs-gray-700:#495057;--bs-gray-800:#343a40;--bs-gray-900:#212529;--bs-primary:#0d6efd;--bs-secondary:#6c757d;--bs-success:#198754;--bs-info:#0dcaf0;--bs-warning:#ffc107;--bs-danger:#dc3545;--bs-light:#f8f9fa;--bs-dark:#212529;--bs-primary-rgb:13,110,253;--bs-secondary-rgb:108,117,125;--bs-success-rgb:25,135,84;--bs-info-rgb:13,202,240;--bs-warning-rgb:255,193,7;--bs-danger-r

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 728 x 380
Category:	dropped
Size (bytes):	2057751
Entropy (8bit):	7.995462750651246
Encrypted:	true
SSDEEP:	49152:iab0XGbzoM4PVwTuwFHtUQovwvVHpXfenw4ZnNAt7DgVJNdC75s:hb0Wby2Ehvihenw4Nkwb+s
MD5:	88874AD1F6F5A230430FF32AFC08CAB1
SHA1:	BC6CFADD52B2DCA7D046DEFD992B0BB8B319D064
SHA-256:	ED4839B2D2E560BEDA5FAAF35719F08A05768C884615576B10D524E6CE43A456
SHA-512:	6CD83AA326435CB0981E503633641D53F3B76DC9B9E1B9ED2D3F7C2F73D33C875C96C626DF6C8A0B0D931FBB83954924609D2D60BB2B4EE72ACFC04B5E40F05D
Malicious:	false
Reputation:	low
Preview:	GIF89a..\|................... )+.%&.... !"........... ...')...$%&............. !%,....#%&....)+............+%&..."........... . .... !.&(....#$.&(.$%.)+.,.##$...."#................')............ ..).... .%&...#..%..!..........."%&........................... .."...!".)+.(&!")+-... ........!..."#.(.03/8<.........!...%'./1...#.. ...#$.[Z.fd............................................................... ..!..".. .. ..'.."..)..#..%..7..>...$... .$&.,.,..-/."#.%'.+-.+-.(./2..1./2.02.02.47.6:$"'&%&+ !''(-+,+-8$&5,#25 8<'9=I..B'(@,1=@,BE+PS/^_[MPDY[mEH~~}.&&.46...."".&%.32.CF.@B.nn.qq.nm.DD.RQ.nld..q..h.....2..=..G..P..a..v..............................................................#$&#$%...$%%........#...............&'.((.......+....#$#.........#$(.....!...!..NETSCAPE2.0.....!..Optimized using ezgif.com.!.......,......\|...........................%'.+-..........%&.').............!".(*............. !.#$.02.........."#.$&.+-..... .')..0................47.....................

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32478)
Category:	dropped
Size (bytes):	84817
Entropy (8bit):	5.373777901642572
Encrypted:	false
SSDEEP:	1536:AP1Wk7i6GUHdXXeyQazBu+4HhiO2Id0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrb:K4UdeJiz6UAIJ8pa98Hrb
MD5:	20C129BEDB4A26DB02FC0F54D026C3F5
SHA1:	093B9D2728788DE24A728742070A348B2848573F
SHA-256:	436ECC90FAB5ED1034B68A4A0E924E0132D93D9E7FB59B4FE23018EB7D9242C1
SHA-512:	1997641A1DBA92AF7C28FE67C14FC3F89C1E49BE14DD8A8903C3C5D4A4AAE6161B00BF37D02EDA6E8B45F88936C0A7871C1D465036D6F1D18C36ED8D419B78DE
Malicious:	false
Reputation:	low
Preview:	/! jQuery v2.1.3 \| (c) 2005, 2014 jQuery Foundation, Inc. \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l=a.document,m="2.1.3",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return n.each(this,a,b)},map:function(a){return this.pushStack(n.map(this,functi

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1920 x 2782, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	837596
Entropy (8bit):	7.980000068689989
Encrypted:	false
SSDEEP:	12288:CTndmEEysWubd076tQJ1PCBPuISZDof39tenhdkq/EVthERA6r0qeIiFJ:9EETWsdUS81sPGDse5JWdJ
MD5:	5E4ED5E1CB3341E575D44011C36409F1
SHA1:	EC381F1D76A53E7398C771EC480A8E953185D4E4
SHA-256:	AB73C43DF3EB40F77EC6D37C19C60CE231E0EA68E812EEDA663619E11C4A95CD
SHA-512:	276D31F05CD85648A9CA9DC76612D3B7B98B6C2847CC61F3F3FB2DE0613C271F2F32D7BD29821FD67EE51B5CAE9BB9189DB18A968A8B8AB08640DDA6018EE651
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164460, 2020/05/12-16:04:17 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:2fd93e2d-689d-1640-b769-aacaa4e24e8c" xmpMM:DocumentID="xmp.did:4D95C46DCD7311ECA1D6CB60B1578EB7" xmpMM:InstanceID="xmp.iid:4D95C46CCD7311ECA1D6CB60B1578EB7" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:63b61201-b0aa-7444-bbcd-c29c038d8d1f" stRef:documentID="adobe:docid:photoshop:2bb8506d-7d1c-904a-89b8-b66f5dd02b67"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>9R`.....IDATx..}......s..

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 1260, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	35689
Entropy (8bit):	7.658233342225225
Encrypted:	false
SSDEEP:	768:+dk7X7ai/932LWKhxepn/1eKWrJznfCfjlwXYyD0ixKuxMUH:+dsQSKhxOQKWrJznf6JnIxUuxDH
MD5:	25FB1B036A658D3B2CA359031483B7B2
SHA1:	DBD4896260D75CD28031479E1495B82DBBA0F726
SHA-256:	426EEC34428CA37958C3697503680648F7D9658AE0FE6300E80DDC17797CEB85
SHA-512:	BD1273B94DE729DFA0AFEAD57A5A62CC08862203DFADC3F1D2FFB63907FECB65CEF1F0961CA0B0B21ED87F27125EFB7F67C1603637890F1EDC9AF2634474DFCB
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............m{C....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...y..W]'..y.zM.b.Q.....a.#..e`.T.E3n.2H...CW.F).C.;...DE.\F.."..3,....*.$@.. {wW/U.....Y.rk..>..~." MU..]...=.I.............................................................................................................................`U.......>1I.~.H.&.....$.,.`.L.Y...........i.I...&.....6k.zc[...zcjnJSoJ[o..s9...xoj..K.....I.}....h....$.H..%..6.jj.J.rU..+._..e^...JS`....9.<!..>8iNI.)Mm.\KyPj....IN^.........=kv...Z...K.N..\QJ.o.+.ry.......:....0...`....)k.d.nk.lJi.\SNIrJ..Ro..55%..gV..u...,.W[...S..5.~2Z......LN_}.r..\..^.#k..y...'......X...>1u.DJ..i.).............Vm0.&.S2{..U.n.O..k..o.[m..#....I.....M.'..M.....L.J.......p...4.'R.7%....yXjNL.&.T.T,@=!.#k..,...u>...dzoI....M.'..KLl..hS`..w.....<"....%yx..$m.$UI..'$yTM.U.-...dr..I.xM.D.\|".\|"..\|U^.0..X.0.^t..3WOk.Vk9-%.%...0..;).].'.h..LN.-.\|.4.x..H..../....G.......~G...0..V....Gf

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 42689
Category:	downloaded
Size (bytes):	9856
Entropy (8bit):	7.9749025468623485
Encrypted:	false
SSDEEP:	192:7zSXg7QbvgbtaSQMuAZzPeClGfajpbNYWbeBZl/jYEZucSIj:7zSXgZb4S9Z7VlGfajpZuZlLYEAcSI
MD5:	2A2350D27CC96AE0FC06F2B563BF2B7A
SHA1:	CE7E3091B35A0717F4A99DD9FE407D6FB0413479
SHA-256:	C0352CC6655C3085CF95D2B232F50E842D679263914E243343612793B20F531F
SHA-512:	FD1EF516D10A35575F22B9D425AEA94FDD2169AC17FCDCBDC5D284241D41461CC3AA3080C66AAD032ECB8BD34E52DCAB29349F9236D68488B270CEA77AF74467
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css
Preview:	...........=m..Fo..+.;...H>..r.6....HQ.E..y...-...-.$..f..^...".\._..]l...p8.....uU.oi.f_..u.-.:.g....o...z.~t....3..._Z..Z...vS...m...MQ.N...i.m.6y].f.[S..O.u.._..q.NoF.YYls ....w..Y..-...E.}.n.z.....i[..]V..v&.Nn..Y.UY..\|.=.0.f..\.....m...v::d.l...y.M..s^.U......9......>..^.MU..........0$.A..${[...:.U....u`.M...]..G........S...F...\|^...m...6.j...m...:.o8O.....<1..yU....m?.....E.....\|..5.fw......Z..\|5..'....i..._.lw.7o...6ojb.VK......`.4H.8.>.G...m2..'..i..z..T7.k.O.6+.....)%I..}wh.......~......lW5..I..09....-.Y.....t.59M.bj..4.......F35...l.,.d.m..&)Vu..b.4..s..7..X.K....4`.M..~-..z:........m5.W/..p.X.y9@?4.S\.Wo(....:]C7......4.....).EY... [..i.e....\6y....u.Te.K@..}........6.....#...=.......W.>EF.....%....q.}..>.t.o..w.........F....K.... ..z..z,BDjk....UT..<I...x..qy...3.....<.....M..Q.....RoL_...V...iA..`P....wyps.i./.l.aSlE...F...7;s.'QK..f..2.r.....N.\|.N.UU.X.?..a.`.?..l.~Q~...a.4sNxG..:Y.\.Y...{......F3.dhq..}Y...5lu..l1...:^..\|`Q...

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1060 x 900, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	82975
Entropy (8bit):	7.926144470679955
Encrypted:	false
SSDEEP:	1536:XTnSoUmpbFWDxrDuW7rHUiEa8D26u6NiWIxu12ri/:LrUWWJiW7rnEJD2cIYSi/
MD5:	4B59EDF47CD6BE2AB34FFCCB7B1B6FA2
SHA1:	7C9AEE51611747206B5019C431DEF5E7AD65E32C
SHA-256:	83A132D9141372A3C75799BD6194A5752B3DB074EF77A9E9A3249FF9FBC38D23
SHA-512:	A455D49822641B303354DA971FFF1E90C54A890031D40BDD9020574AE2FD9947C9F0BD37EBFF473CC84C15C683A49152C63BF16C3DFA89ABBC4AAEF1F258FF91
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...$.........y-.i....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 122430
Category:	downloaded
Size (bytes):	31497
Entropy (8bit):	7.992522151278081
Encrypted:	true
SSDEEP:	768:dXEs5PRAZHqcK81fYmbiNxoTM8hoTQP+m2g7Rtb1cnRG0J+aM:JEs5TcK8tMo7oTA7R9Kn5+aM
MD5:	1AA92BEB56FFED62AFE92268EA646382
SHA1:	CB0E7344258479EAC443D2A948F2E82C4D3B1E20
SHA-256:	BB9ACF8254482927ECA6BA0B630BD8B4371F9835FCD6827F72977CCD5740F4BF
SHA-512:	1712B895F13A6B3E8A10F00BA43C95CAC95ADCF6384FD54EF873BE9067741EE1A95A4C868A4DDE95D1E3601BF34966AB041588B3F8D74B6A776087C553ED86F6
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-24d8db78.js
Preview:	...........{..G.%....P.[..@....(.c..X;v...w..W."P$...\..........z..,....c.YYY..........n..L.q6[f.\|v<_..E>.u.Y..e.u.wo.......'.&G_>..c9...7....Y.....\|6.....7.s9............jy.=8H....E.3.y...W.1..-.Y?.]$+v.X.."..O{.o.E'.......I.....;G;.{..'.{..=.}...........\|w2..S.=9.........g..\|....;g.w...b.=.%.<.............\|z.v..?...y.-.b......v.......N.6.?W.....j5F...u....../....w}....0.+?.S..Nr:zq.l\..d......w..$+^......g..~p.f].6....G..8.bB....6..M\|.-.....>......z4.z.^?."...............1....%.e...I.8A3.b9.f...t/.s....No.\|...p?.1.....tw.......vz.\|.Y:>.Gv...6z........$;.g..t.a....n.A.Z:.....k>...z....`...'..u..R.....%.F.b.......{\.tT.(....O..,/..!...<.tv@.82.`.....L0{.jZ`.W>...'..t1..e.:..C.-......=.T.l.,:..:.....t...7..'...;......Y..e..e..........av'I..g/.u.F*.E.p..!..o..>....d%...-.........(..W. .]..l.#9-...\|......l9<X..C.tv>.qg./..B.n...A...t.-.c..t>.0...7h...<[..+\.....b.........C.~....j.>v.."[.......z.S.U..W..U.M...+#.n>.

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 2123
Category:	dropped
Size (bytes):	716
Entropy (8bit):	7.7494142394945005
Encrypted:	false
SSDEEP:	12:XuD5G7Rqcu3NbLlJfPByB+TiLsmh6csRV9Rynoq8jy4eJkLnPJ3l6aKS9n9V/YbC:XoswNbLlp8oTiLsmh6cG9+AlLVga39Vv
MD5:	CFCB94E24B7301CD2130D5BABC80311B
SHA1:	600BD4C0C3CA5B5D9117EA893AA3E5C24E6DEF73
SHA-256:	B5730E386E4A6BFA01B2752117A068D3420292D29A743FA3012E474D87FFB8C4
SHA-512:	DAD34FC6550705E55727226299EB1BAC471F689BC9A275225440899FBDB31C6B8AFB684029615936EC20578755E7FCB7784B700BEFD5FA47349EFB216CFEDE2C
Malicious:	false
Reputation:	low
Preview:	...........UmO.0..\~E.&9.m..Z.X>..i...h..B.si....V.....e.$^..].{.{..B..Z..T.y..h.o...S>..<.B...A...p........x(....8..`...~.x..5.X_...{zT..t.,.q.Q.S..?{..n..z7...=......o{d.dB_....I....mF.W.... .#[..0.@[..z<..yh."G_g.x.L....e.)bn?.!dc..tI..K..vB...pw{.3.}..G..q~..T..e....8..A.i..@.....2..U....E..v..~Q......t..4:....4.V"`.......S.....y...uZ.Z.x.W..C...:...i{- ....6o.xY.i.?.W 0..F:......>......Q7..\|t0.;..+.C.:"....[........".....jeu..Q...1..H...'.^.o.YnL....-w..^.kQd.w......=,O..g.3+....{..N.l..UR.{..............j.PU.S..0...2.........F;..K..rc.#vv....V...H...H4...j#'R..{....97T.X.@s..C.%.o...k6..\.V4.e\. Q..C.m..B...x.....WM..#r1..^..\|.U.y.:^z'..............U....W2......BKK...

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 48 kbps, 22.05 kHz, Monaural
Category:	downloaded
Size (bytes):	110229
Entropy (8bit):	7.858088385110094
Encrypted:	false
SSDEEP:	3072:HYT6JU/gx58z+zxQWTKMMY4xUPoHalFAMyq:4T6LuyKlhdal+MH
MD5:	A4377C5FD4E6589312346A1108B07132
SHA1:	D73499B6F2D05EC302E6A775EE42ACEB8D8494BA
SHA-256:	9FA4F2AD709FF397D792AFA42087C38AC2D13AC10EE104E557F594FFBF93A603
SHA-512:	3F4BE0E75C77954CA3F7FEC019C8587913E7FB1332B7DDBFD57DE929DF4E4FF39F8873A19DC4C4E73BE23816A4696A138DF01B05A9DCB78F3662986DF81BC9D8
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/eng.mp3:2f860e7de65c1d:0
Preview:	ID3......#TSSE.......Lavf58.76.100.............`.......C....N..........]..;....."""......]........."".s.....~....[."""..B.......#...................D...ww$DB..ws..!8......r...C....H$..._.5..T:....'.F...b..&:^.].....>B.u..)...l.1.t8........T...`...s..V...t.y......'..$?.e.......2/...?.d... .5sB..........ZkOS9.....}H2..Z......1.y.x..1.'0.,..sn.T./&...5..b..$4..?.P..P.EtKf.!.l==.8.<f.8..p...z".@63.....f@i.........v.X......k!R.g.H?.............w.W!&duG .........">..".d...R......eS.u..r.2.E.N.$.2.:W...b..#...V..$.......f.Xx\0.......r..v...pX#..\|.2.S..........D..7G.!.7.#T.A..c.F:..F....".I.0M.o....G?...... 8..Y7(.....)..%.(.........E.6(.)wB. ..Y....`..#......2".2$.EP.../.@z..k..Z.."..B..}.;<..K.Y$y".h..n...P..0Z%..&T\|......4`...,a....hb. L..`n.K.....u?.....V.....O.dc..5DC.H#.!.:.$.....s..;...R...b..#.~.>zZ.B.:...4...M.O....OA.r..4O..X....N....&zz.....H.L.....B.... .,..ca............d..lJ...N..4/.".Q.(.....H............,.C....!.P4a.iIW......I...b..#.........

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 2306
Category:	downloaded
Size (bytes):	1176
Entropy (8bit):	7.844126923347547
Encrypted:	false
SSDEEP:	24:X8qVhRLdgXk6QsfOkU3DUPDbgwEO5s6Dn/pFn409kTaCJjtuW:XHlKXWkU3DKbHEO5BT/paAkTaCttuW
MD5:	E27BBED8F51FF4E932744650DA1CFCA2
SHA1:	00174F783F6BF7BC875C55F6765DAC63B1109392
SHA-256:	164F32713A3AB58C362C21481E2FD503D4702411E8AE85C0591D310409873415
SHA-512:	0FEA394DCB47B99112F897C8C1A80A498B74DF403CEF51BB99A756582A420054F7BFF9B64063B925D17521A02EE6F0941E857D0730A7270B4786B90B3355028A
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Preview:	...........V.n.7........).u.X."(...-R yS..^.,&...%.!.wfW......%9.g.....&..9..q=.<.S....#/..:/.K..g....\-e..2..n_[....M...h.h....gh.jc.!..6&....bh!.{...x.FTUX.eU%..../...zZ..?.~..O.t.K......D.a]Uk..NG.".......u.\.....2m..y.....qD...5.pb.dF\|.u9.....4..K........u<.t..u:..^h...9.x}&:...R.l.<_^....7...#..d....}'......\|..B.9.6.Q...!..)..\|kC.&/Q...y.n~1............G[..ym./.(..^g...:.we.'#F...q..Q.".... ..D..A...v#...&....c.......e'D......`.V.)[.Y5.L.w...D.f&j......f%./_1i...J...4.7Ue...#.hoK..\|....P.A..h.l....4./.l...F...b....:......\|.c.u9......5.\0+.s.q`...%o./....Ar^g..#{...j..CZ..wl>l.............BJ..4........e..0f....V._........&..f.Fo.2Y.q.>......+...2b..Nt$..5..h.2$....8F\|.....'GsvH......D'....)...X.I..0+j..Wo7..=..A\|..E...j......z.t.%.mT.."...o.`m=.. ..=x.d4...X3H.<"V......?X.....z..~{.\U....(I....U.Ko.....r.9.;....<.d.>}.t.v4...p...^3.Hi.@.......T..t.B?$P.......o:..-..n(aN..)]cg.....G.=S\f..........z..$.8.A.A 0.<J/.....0>.7v...U..;.i.DJ..A

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 82913
Category:	dropped
Size (bytes):	32291
Entropy (8bit):	7.992956800740905
Encrypted:	true
SSDEEP:	768:mj9RoWkwWgfFSi3wtpy418DzXUU7rhI7vCjH1NDtC:KRZkw9bAXyXDzXUUS7ktC
MD5:	A8CA491377C975B5759B6560E3E77610
SHA1:	01113C62963A36AEB721412B8CB2BD9E95D7E676
SHA-256:	AF372C80315337F1044A0A6D093EF0F811DFA2A0A21037621F0FBF509BA4F033
SHA-512:	E3F711361168840A689EE2327147FF4007D8C8AB740B14DD7448F7796146042E4C21CDC77643CD651720C9076C2F05C0DE932179E3C8405595662025F53369D4
Malicious:	false
Reputation:	low
Preview:	............iw.G...~>......K....A.q..-.d..j^..(.e.(..)Z.\|.y~.k............%2..\|..[.^4.{.zTM..zz......M.!E......t.......o...^>}....{.....^.^.-....[4.Y.^p}..7[-..?v\#...K.....?YMG.ZwYT.....'..z...t.....[..a.H./.j..O..4.......{....o.h.w2..?..^......^.......MLW.IY.o......."=../[...F2=...jV5'............W...]v.4..4+L}[e....Xqrk..rg.....oh.N.....Q....;.B..Y...{n..i.<...'.j..Xo............]...."V_..;;.....I..U.....z.....E62-...0.{.jz..p9:K.<[.*.m...[.C..k....2.F=....{n..+.......L.9..G.ct.....Q.x[......dU..T.h..-.....L.`......vsW3?.+;.WC&R..+..ro1...n..h...4..{.jz.<;hvw{....a....i.oJ.r......j.......d;;m......ng1i..9.5.j...[.n.<.T]...J.s.1jfUQ/:....n.np........o.=.qz..a....D_..I...=pX.../..xu.5..Kn~FUw^<....k..7..p..r..^..z.n-.....KZ.iu=..W(Lz.r..6.....u..\2h......\....o.....c.W..A}.Pi.(..e.....w:.W./>....l8.......2...].........._....w6.......~.Q..\|.l.[........Y..J....3.9.O.'..{S...#......\....7..~8X..g...$)....n.E..u.&l..

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 82913
Category:	downloaded
Size (bytes):	32291
Entropy (8bit):	7.992956800740905
Encrypted:	true
SSDEEP:	768:mj9RoWkwWgfFSi3wtpy418DzXUU7rhI7vCjH1NDtC:KRZkw9bAXyXDzXUUS7ktC
MD5:	A8CA491377C975B5759B6560E3E77610
SHA1:	01113C62963A36AEB721412B8CB2BD9E95D7E676
SHA-256:	AF372C80315337F1044A0A6D093EF0F811DFA2A0A21037621F0FBF509BA4F033
SHA-512:	E3F711361168840A689EE2327147FF4007D8C8AB740B14DD7448F7796146042E4C21CDC77643CD651720C9076C2F05C0DE932179E3C8405595662025F53369D4
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-vendor.js
Preview:	............iw.G...~>......K....A.q..-.d..j^..(.e.(..)Z.\|.y~.k............%2..\|..[.^4.{.zTM..zz......M.!E......t.......o...^>}....{.....^.^.-....[4.Y.^p}..7[-..?v\#...K.....?YMG.ZwYT.....'..z...t.....[..a.H./.j..O..4.......{....o.h.w2..?..^......^.......MLW.IY.o......."=../[...F2=...jV5'............W...]v.4..4+L}[e....Xqrk..rg.....oh.N.....Q....;.B..Y...{n..i.<...'.j..Xo............]...."V_..;;.....I..U.....z.....E62-...0.{.jz..p9:K.<[.*.m...[.C..k....2.F=....{n..+.......L.9..G.ct.....Q.x[......dU..T.h..-.....L.`......vsW3?.+;.WC&R..+..ro1...n..h...4..{.jz.<;hvw{....a....i.oJ.r......j.......d;;m......ng1i..9.5.j...[.n.<.T]...J.s.1jfUQ/:....n.np........o.=.qz..a....D_..I...=pX.../..xu.5..Kn~FUw^<....k..7..p..r..^..z.n-.....KZ.iu=..W(Lz.r..6.....u..\2h......\....o.....c.W..A}.Pi.(..e.....w:.W./>....l8.......2...].........._....w6.......~.Q..\|.l.[........Y..J....3.9.O.'..{S...#......\....7..~8X..g...$)....n.E..u.&l..

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	downloaded
Size (bytes):	94
Entropy (8bit):	6.176825287801812
Encrypted:	false
SSDEEP:	3:nlUJU2ZO5CQwDUrD9In:nQO5TwDUrhI
MD5:	913B447EC871AB7EEC8BEC1005FF8E77
SHA1:	F95D547853CA5C389299636DFC202157042BB4C5
SHA-256:	49AEE71BB91DB74830CB43C94AD5AEAF0D1E4E82DE7006266707BCA0EF046155
SHA-512:	0E428A638928D9CCD1CF652EE813166ADA606C670B2BF7F6FD7750F200F8BFBDA434350B68C5B2D81AF4CC7E32F4987DE4E02FFB09A00590413A74A94A541735
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-main.js
Preview:	.... ..9.Gw+...._d......j...A....{ru.6.....O.W.c.......H.HDP.\.....f( .,.\|Z!!....e#.i...A.p.

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 11134
Category:	downloaded
Size (bytes):	3815
Entropy (8bit):	7.95178933837025
Encrypted:	false
SSDEEP:	96:SOAfcoDTFtkhsJtSWB1AJobDCiaq4NlYXBYIcuF2+LXaYm1ao:hAkoDTFSsJtB1iWlaJIBYiFvXEao
MD5:	633F18E5E79FED93227FCF15D553EC34
SHA1:	0582B7EB11254C1CFD750EB37FE04E840614D8FC
SHA-256:	6C1D14E4D56E82543D2F0B556C6DA1C5C4B1879CD780A586C9ACEB025D00AC2A
SHA-512:	8282898D2B3A00DA02AAEE622AA0FB3F6F7E9DCD699021672C3B884B645D17F6D283C46A458E16525FF8990EB25591DEEE853535FCD0A9A7DCDA232FEDFCF61C
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-f1565420.js
Preview:	...........Z{s.6..2.M...%...:.:M;....i...y<...$.).GB~..w....K..i{.]2#. ........t......[..y.=..tu....\:WW,^...o><;?;...5.d..,f.\|..Jf.....}d.R.JU.X....G....e.t.....s...4..#..?N.-b.~.:.wj..#.T.Z..P..J......j].=.0..h%.........#..2x...;..`.>.R=$.`.lk...L-1.......<l6...f..h.1.......Dxq..H..`..)..N..<...'g.W.Y".6]+....h.Q.....g)..N..."....B(.s..F.....#.\...s.a!s_..3o.A.z...g"Ut.....}.'.I.N.-d~...CoxT,.+l.....)q.X.BX.=......1....p.LY..J~5..^.Y...y~.Y..3.6...:(....[O.s.....5?Z.+9.%P3.4...r0E._e...._.=.F..,Z...~.p.^...<.sUm+...K:..;..uO..k%.......3...".R}.8K...Z.A..r..B,.l...D.R.:...d..6$2........FT3Y...[Q.W.).....DI....~....W..6J.G....P@..-.3.D.^.....>/DY.&V...=........Ho.{...^.@/...\[..M......_i.dw.9.E......E.00}.8kA..dQ!#/.."....0...M...CG..v.O@.Am..v.p....Zi..........V...z^rH.....W..U.$P.....SJd.r...E{=.y..a.2..u.&.28..v..7......)..\.Z........R..A.3.`.W`...E4.R.B4r..P....k~4.:`.?.X.31...S.. +T..<..4..2...m....l2...Hg6....4........... .8

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 31 x 30, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	168
Entropy (8bit):	5.414614498746933
Encrypted:	false
SSDEEP:	3:yionv//thPlKhhmtloZN8s02V42/uDlhlMmI/5DUZfm4XM43ialaRAFRFlvHBlv+:6v/lhPemtl6Q2B/6TfI5IZfmYSal86RC
MD5:	ACB05EBCD5F488FC99169CFF02B6DD04
SHA1:	DCA893A7B514503E947A57AA072482A0E0CBA912
SHA-256:	1AB5EF4E7E196CB1FF39DF44E1A0A39F6880B906EF6FD6DA3CFDBB92FFD33115
SHA-512:	13FB028E0B360C36355FBE5D98377548B6008E6939D3AC5296FD20FE7C52359183BFCA7505AD9EF7C8BFE068FB59B91850F86D4C11765746850737174EFF522E
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/msmm.png
Preview:	.PNG........IHDR.............&......sRGB...,.....pHYs.................PLTE.P!............]2.....tRNS......../...!IDATx.c`..A%..`........1...@......"@M........IEND.B`.

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 140 x 30, 1-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	187
Entropy (8bit):	6.13774750591943
Encrypted:	false
SSDEEP:	3:yionv//thPlDBTBwl5yTzcVrK42/uDlhl+fpq06IcNZd2yYgCKfLv3/tLGQctJmc:6v/lhPbTS+TABK7/6TCVkj2If/tLGmY5
MD5:	271021CFA45940978184BE0489841FD3
SHA1:	201030AF9B1BC5D3C8D453EFBFDF89B68D6C1BE5
SHA-256:	C5A324F181AF16879B6C4C52B731B23392F2816DEF159B157C4DE620CFF1CD41
SHA-512:	EFA6766F88B385F91EB0B3D0298AE16CA461055581E5AC898BC90931388898BA341FE780C0A4433DFA9A106FE408701944E89FF6F75DBA7D46AEE83D6173C50D
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............d5....PLTEvvv.../.......pHYs................[IDAT(.....@...&....;......!8D....P@..&h./..5....e..%:.h)@.E'..st.......*..iq.5.A...w......piK.G....IEND.B`.

Chrome Cache Entry: 118

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 4910
Category:	dropped
Size (bytes):	1777
Entropy (8bit):	7.8830718535710895
Encrypted:	false
SSDEEP:	48:XfAIHJeoRBhl362Q02S7IM+KzOX9gH+D/ygXT7dTlgQFOFlYCBw:PAIpr722QJjMzZHCq63dZY3zw
MD5:	B567CFE87686110F057950A397D68AE4
SHA1:	A595D1E77ADEF8526DE2F8827E0037A082FD7162
SHA-256:	EB39EAA271ECFB3E01708C26148AFD20B37166A35F1C6A7F9655AB841E11485E
SHA-512:	B164A8C289886DF80483B78A82B7BCD7A6D9A6F5C630D058981B01401D1B34AD3B8FB634A3BE483A9ECD3AC1A4C12D6CCB99A216D8600BD68708CB1B94126585
Malicious:	false
Reputation:	low
Preview:	...........W{s.F.....!.M.F ...4i....?D.....w.tr.....0....ad.n......}>..M.~..%.\|c./.v..17Q...1.V..i.y.....M....sk.qO..cN.ed...5B%}O...+...rw.,.F...F...zb...q.Z.`.O.R.[..Eg.A.,.c..b.t...Uw.f..........'.8.k.Vb..+...v......I.j..S...F!...>$.!.I."..6.~<;C.F...w...t..........Z.U67. kaN..d......-..P.....7.-..n.P...W....U..$.}A7......Y.:...Y..A....Z.[(D].$.....(.. ..s..-.......^Z.G.L.J.&nm.:.....5...8&..%1!..O:..']. (...L.L.e#..c.^..g.^...\|....e.Q.V.@.......#.{..,M#l....L;.....o.<..@x....9F.27..Y...........ly.e....5.;N.8.&...OD...J.U2\|M..............L&M..8.N>.A.....H.~"$}%#.!.0.&l.K..j.A.c%.{.5.].1.....D.K.....lZ0hG8....U.elA...t!...h?..'.....5...Z..L0...L.I3'_....&d.^...4..k.@.......F.!.l\|g.&...i'k.....4V.W.d...X..@..).....(.........$P}(....0Y....N;Y....,.X....C....r.......e6.b.....X..F-......I..#b..@.i.......TKh.kL......B..4a...V...B.b..jc.P.8..6...,.V..nF5_2.s.O..;&<!....y...qw..j....K..:1.....0...&....".B.Js#6.P.j.. ......?D.'..BO.

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 217391
Category:	downloaded
Size (bytes):	72721
Entropy (8bit):	7.995289190734769
Encrypted:	true
SSDEEP:	1536:McVnei/P5bAsEmKQ/5PJHQyja8e49l2OUCyZriLP9Li42c63+Lyj5R:McVneiZhEmKQ/lJHQyja8z9lZXyZWLPS
MD5:	3C562EEF90015EFAA52CE307DAAF8985
SHA1:	53F7B71B0F4687BF75EEDC894796EA7565F254B3
SHA-256:	2CAABC121320A88A0A7C0B90A21956EF74C456D841E02FB3A2D5BFAE53C234F9
SHA-512:	A9314021FB559C34E17529426180C39EF2BF3D5C5C3A6B42F75C71EB6C8FC98013197F764E3A1A7E20569505EE55502CAFBD2677E51B2F2EB022A19DFC11E4C4
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js
Preview:	............v.H....>.....D..m..2.U..+.[...IPB."T$(Y%..y..d..........Yw.L.....v.y...J..l...d:OZ.t....<...I...<IZ.....b.e.2............Z..........y\|...lz.Uo....w....Ypt....>.o..I....!...a.N;7......a.._.V.....i...mo.;A;...\|z.)>mw..._.a.M.^d.\|.....o.0o....E.....].......A7..M~..gI<....$..<N'r.qu/fY....It..F.t:7.=n.yr...i.5..[.4r.......EI..V.}(..O...X.........3K..l...0..+..;..z....E.....K.L;{{K-..dwo.q...".~.,..w...#..4H..@J._l....3....^f...'.y/......q./.&.A....y2..;L...;~...G..v..gv...n..U....^ ...x.5.0...Y~}x}>.&...Y.x....#}....5Jr..pow.:......]..s\..y.O.I6n..\|.....\|u5...w..:..{..S~....{..[.k..<...6....=...p/.o@{.7w.~..[.6.z...1.E...&..g.E...Iw...g...!.Fsn~.M...v....3...a...ss..C.g.>...Yw..f..%....x..l.......w....d...ip...p..:.v...{+.w!.7.N...ww.9O...x.9..5..wJ. .N..i~....n/.}.t....S.^..O........./.a....^.f..=...g......$Q..f...b.m.g.T..E...4H.....'...^..,.J..(>...E.S...^".L.[..`v>...~8..].O:.X.4..}..Y8.%.t.X,.d8E.%V......o.(..9...

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	downloaded
Size (bytes):	320
Entropy (8bit):	7.274313358853958
Encrypted:	false
SSDEEP:	6:8RLKftxrrX7mUhNCztoSkpWcaq8gIeHf1bf2SVmXPvqLDM+jkm0l:8RLwtxr/maWcaq/fHf1bf2SEGDM+J0l
MD5:	36D548D5E49779FE72D4B5CBE63618A7
SHA1:	9739B0C049903567BA22D1D049CEE947231E2186
SHA-256:	158F149301095CDBD8577813FEBD3B9FAA807A1EA63F890D8B52197E014071C8
SHA-512:	FC05560DCA866494F3BEE1CB73AE2AD8AAEB2C888322FB44764AFAA7D42B83EBDA805C437A8B9DFFE912DBAB9A6B971E4845EC6D393A37460507F18F96194A55
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-2d0b9454.js
Preview:	.... .:..T.}....o..KJ..;T.@...z..`.^..oE.h@Y............,.,..B..W..r.j=.v.My....1..[...;......s0.4PR....pd...v...D..O.9e~.......D7e..A.....W...(gH+.....4".nw....(1.D...G....qJ...b\|..*."@.SD.4.9[...."...#K.....b.....`R._.@.sd..?...\._A..........(&.8.Ab.....O.9.._$....h.,E.#1.sl.~j.s.50?..8.c14....A....1

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 17231
Category:	dropped
Size (bytes):	4471
Entropy (8bit):	7.956828305135419
Encrypted:	false
SSDEEP:	96:lVLiy1C3cFnUHRyuzB0kCSzlqFTe5YU2ATwfWC6tKNl:lJwOqRyuzBiSz4csfWRtKl
MD5:	9498202055CE65116AD28B0BEB0F3CD7
SHA1:	DA8E2A8DFE3143C763997D714950847D55CC7DBC
SHA-256:	816AE38854CFE5719D02E182366F59DF8C1CA5B706105EFD78E045DA431774F2
SHA-512:	270F58B1D652F550833E7D2235C1D01608A42A769B07BD55A3B78CAF9481219CCB0EDA4B39468890174715A8A1EAC3F85CCC85AFE759A39B2DC9A585CB664C20
Malicious:	false
Reputation:	low
Preview:	...........\mo.6...........r../w..A.8.5El.b7A...v..U...z......3Cj%.#;As..M...y.pfH...-.Mn........o.i.^..MWZ=U....O..'.m.Viqb......D./.........z...zl..t.V...RO.....g..Y...d..dKLcy.....k..m.S.....F.5......T...G.]..M..!.SJ.MZ5..T@.!.R...s...]..'.R.(L=....c....t..,(..OP../6i^...^.".....S..,.`$..?...#...........l&.=.[.}......Z.z.l?@.;.N.b...c..E..t._T.....Rm.Qs.....3.I.Ze....uZ..l...B..(0.. {J....y%.I.P.......i..b.`...$e.F..8-1......V!..R..&.hI...e.......@.7.2/.eZ ..c.\.f....x.a....U.....F...;......$u\|0C5..(.i.r.vy..5.^C.t^h..X6.r.."/E.\|./i..}v......+.......oM]..H.%......:Zhw.J...N..1......4.=Y..bv$....b...l.../B8...L.Oq.~i(8.9.Mg......0.2#.......&:...[..]j..1.y7....x.x...XxI.d.."...........Cv.lK#T.n....-^S...O..v=\|W......g.......~..#.C.....j...1...Dh....z^.s...L....(...} ..w.]X.f.-.~......`#..7.q..@.n!.f'.....U@...>...B.,D(....(.ta$.........7.p~...R...tvR......s.Fg.H.V...#Z21C!...&.`\....P.K..W..c.............].I.H.vL...]........7n.G.

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1071
Entropy (8bit):	5.0240513550712755
Encrypted:	false
SSDEEP:	24:1iSXSZkqG1jlyeT4ZNuhftWLinK5XQSXJRRCW6W/mNgfWsgOQG9X7W:1ZCeHjoZNE14inYXNXJjmNgGO/W
MD5:	644491841FEB43C57C8CACC71024B81B
SHA1:	F2A1984CAE06DA423F33D5FFAE60A6C459777121
SHA-256:	6AE72C7EBA732FB11211C91A5225A55DF7922429B4CF972580DD606139C802FC
SHA-512:	6A07AD5636271310321D972FDCB4E1893C9656DA031CBE3CE7CAF650691179D421AB16536F9A787D821496798F1FF266CBE531A239E2A0AF513D4CD7E7E44562
Malicious:	false
Reputation:	low
Preview:	..function addEvent(obj, evt, fn) {....if (obj.addEventListener) {......obj.addEventListener(evt, fn, false);....}....else if (obj.attachEvent) {......obj.attachEvent("on" + evt, fn);....}..}..addEvent(window,"load",function(e) {....addEvent(document, "mouseout", function(e) {......e = e ? e : window.event;......var from = e.relatedTarget \|\| e.toElement;......if (!from \|\| from.nodeName == "HTML") {........// stop your drag event here........// for now we can just use an alert...... //alert("hello");....... modal.style.display = "block";........}....});..});.....$(document).mousemove(function(){...var canvas = document.getElementById('mycanvas');..canvas.requestPointerLock = canvas.requestPointerLock \|\| canvas.mozRequestPointerLock \|\| canvas.webkitRequestPointerLock;..canvas.requestPointerLock();.....//capture mouse movement event.... // remove our layover from the DOM...});.... // $(document).mousemove(function(){.. // alert("move detect");...//capture mouse movement event.. // $("#

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	320
Entropy (8bit):	7.274313358853958
Encrypted:	false
SSDEEP:	6:8RLKftxrrX7mUhNCztoSkpWcaq8gIeHf1bf2SVmXPvqLDM+jkm0l:8RLwtxr/maWcaq/fHf1bf2SEGDM+J0l
MD5:	36D548D5E49779FE72D4B5CBE63618A7
SHA1:	9739B0C049903567BA22D1D049CEE947231E2186
SHA-256:	158F149301095CDBD8577813FEBD3B9FAA807A1EA63F890D8B52197E014071C8
SHA-512:	FC05560DCA866494F3BEE1CB73AE2AD8AAEB2C888322FB44764AFAA7D42B83EBDA805C437A8B9DFFE912DBAB9A6B971E4845EC6D393A37460507F18F96194A55
Malicious:	false
Reputation:	low
Preview:	.... .:..T.}....o..KJ..;T.@...z..`.^..oE.h@Y............,.,..B..W..r.j=.v.My....1..[...;......s0.4PR....pd...v...D..O.9e~.......D7e..A.....W...(gH+.....4".nw....(1.D...G....qJ...b\|..*."@.SD.4.9[...."...#K.....b.....`R._.@.sd..?...\._A..........(&.8.Ab.....O.9.._$....h.,E.#1.sl.~j.s.50?..8.c14....A....1

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 4153
Category:	dropped
Size (bytes):	1752
Entropy (8bit):	7.867519713804755
Encrypted:	false
SSDEEP:	48:XzY7Im9CsXYI8XvTblkt5DbktnKXWXOpsnl/:4ksp8bblC3KKXWbl/
MD5:	23C7739CB1523CC8E7A4A711C5BFD542
SHA1:	919C22022D6AB32A4583BAE7A3A0348B73634409
SHA-256:	B5ABDC54C97C32D72FA64B45890E6AFFF67949E3374ED25EDC9AA9E430C95A23
SHA-512:	27C745198CD595AFBB3A9F2D5C8A03E0D92B1CAAE2626C9616F304B63C05DD0B27CB0692B043C519B00A99DD988925E1313C78436175D654AFB621F9EF4620C4
Malicious:	false
Reputation:	low
Preview:	...........Ko#E...J.l`Q.G..$...H !!.6rz.E.$r......;...3#!...J..}.{n.r:.r..q:..Z..W...j.....x..o..7..j..p..^?>>.......5..-....7.\|jc..~m.l.ZU+..O....w.q..+.....~3l.V...=..........C.........v.6.h.Y...M..T.M.mn.M.j......hSq......\.j._nw...p8.....o....7+7`p.1t....y.D......x..i..v8.....Y$.....j..3.w$a7.=^.N..p;nM.H..\|e.^o...Zv....q...8~.HJ7_....Fj.....D*8+...s.......y.).....xu.......],!..9...."(..p....c.z....G..kCs......X..b.f.x.mH...'oC.>....%...8..X!+u.....J.5.w.&$..XX.%.'...;d.b..{5.H.:\8......#.2...../u..l.Z......F'......h.Q`JKzF_w2...w.)s.$:.HD....]vm.....}..;$.G....X...n.T..i...q.. ...\D.....mB.\|.1H."yk..=5..."..J0Y3F&.....4... ..... ..Ty.....O..ld!..bd)..S.a.mf..l\|6\|.?.......$.7..........:..Zu4q2......w .s...u^.......N%...u.Tn%..6.......H...C>G.....j.K4.U...Y..W{........b.....w..wI..9v..f.`s...Cb.CUQ....!a.=.X.!...1.2..XjB...Q. .....FR.lASe..a.eF...p.X.G.F._..T0{Mf9@.`#.Ld...M..e.....(...P../... ...$....A6G.E5......FS...Q.b'Cd...Q.

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1311
Entropy (8bit):	7.591873757341096
Encrypted:	false
SSDEEP:	24:qxAcmnLeqlKaH80ztuAUBn+jsnZsuA0ReYto5K5a1D5NIcRGMZypiBQe3j:qxATnLeqlKC80zA+4nRA0R7yAu1Y+QK
MD5:	C146761C3AF8335C09EFF9B1CDECBE08
SHA1:	2E1A5FFF9A558EDB5728A03361B73D1633FBA41E
SHA-256:	D84E890FA93C018D8B78E3BFF3F6252036AA7EAD6E48B292C0B92B1CB5127371
SHA-512:	B99A6FCFE0C4F4884FEC84EC4E9951FC23B246302D4EAC2996F4B6DF3E063543B640A99E083494633F946FD85A3B217E18356E6B46D6584DCBCCD88215638950
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/emojione/assets/png/1f44b.png?v=2.2.7
Preview:	.PNG........IHDR...@...@.............PLTE....R.R.R.R..g.V.V.R.R.RB..B..B..B....g..c..d.._.U..g..g..f.Z.RB..B..B..B..B..B....g.R..gB..B...R..g.S..a..g.WB..B....].W.V.V.U..g..b..g..c..^.UB....g.Y.RB...[..g.R..].R..]..g..`.._..g.R..g..g..[..`.R.X.R.Y4......OtRNS.0`........P..............` .@`P.........0 ...p..0...pP.@.. ...@p... .@..p.O.......IDATx..mw.0..3..H..P.V{-+vO.e.I.`7....8+!.@.r..fg.UH.....9..?....qpp. ..=oR.j........8....m....L....G......_..0..t..h.s..8^...:......9.V..p.....P.....%C.. ...........8...{Yw.W..}w%..:.!.].%F....<..{a0W.........5...D.?&.L......."......>....I.~2X.[......a\UA....s...-6..i..?6T.O..gg.D........9..B....@..b./.at......g.e.LD...../.\H.%.5.(.VD.....Y..\|.....@.}....B..'.'.;&....GV."D08...&=..?...80S.A....m...5@..Y)B.A..Y6[;..%.D.0.....n.U.YW..\[g:.mEy+...".i.p..T.?-.(E.t...q..~.r~9.u.....w...)E...Y.n0..uZ.CB*......=.z..../3.[j..H...-sE.x..uy..^s.._~..g.\|..j.JEH...9.=&.._$DP.]..."....Z..$g.$..(zC.`..x9.

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 728 x 380
Category:	downloaded
Size (bytes):	2057751
Entropy (8bit):	7.995462750651246
Encrypted:	true
SSDEEP:	49152:iab0XGbzoM4PVwTuwFHtUQovwvVHpXfenw4ZnNAt7DgVJNdC75s:hb0Wby2Ehvihenw4Nkwb+s
MD5:	88874AD1F6F5A230430FF32AFC08CAB1
SHA1:	BC6CFADD52B2DCA7D046DEFD992B0BB8B319D064
SHA-256:	ED4839B2D2E560BEDA5FAAF35719F08A05768C884615576B10D524E6CE43A456
SHA-512:	6CD83AA326435CB0981E503633641D53F3B76DC9B9E1B9ED2D3F7C2F73D33C875C96C626DF6C8A0B0D931FBB83954924609D2D60BB2B4EE72ACFC04B5E40F05D
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/rasm.gif
Preview:	GIF89a..\|................... )+.%&.... !"........... ...')...$%&............. !%,....#%&....)+............+%&..."........... . .... !.&(....#$.&(.$%.)+.,.##$...."#................')............ ..).... .%&...#..%..!..........."%&........................... .."...!".)+.(&!")+-... ........!..."#.(.03/8<.........!...%'./1...#.. ...#$.[Z.fd............................................................... ..!..".. .. ..'.."..)..#..%..7..>...$... .$&.,.,..-/."#.%'.+-.+-.(./2..1./2.02.02.47.6:$"'&%&+ !''(-+,+-8$&5,#25 8<'9=I..B'(@,1=@,BE+PS/^_[MPDY[mEH~~}.&&.46...."".&%.32.CF.@B.nn.qq.nm.DD.RQ.nld..q..h.....2..=..G..P..a..v..............................................................#$&#$%...$%%........#...............&'.((.......+....#$#.........#$(.....!...!..NETSCAPE2.0.....!..Optimized using ezgif.com.!.......,......\|...........................%'.+-..........%&.').............!".(*............. !.#$.02.........."#.$&.+-..... .')..0................47.....................

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 193 x 71
Category:	dropped
Size (bytes):	14751
Entropy (8bit):	7.927919850442063
Encrypted:	false
SSDEEP:	384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH
MD5:	6FCB78E0CD7933A70EEA2CF071F82118
SHA1:	70364BFFD62FE33360ABE70ECC7F7C0541B3B54C
SHA-256:	4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86
SHA-512:	AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961
Malicious:	false
Reputation:	low
Preview:	GIF89a..G............d....;.........z..\|...........d..{.......p`.r.m^.{.........cqa..........u......dsc.......v.rb.{....a.........s...`.........qe.{........u...b...sh.{.........v.{..pi.......u.qi....t.ph..........r...api.z..........r.oh........z.}..{....coj.......s.{....bmn.....mp.......y...`mt.{....................................................................!..NETSCAPE2.0.....!.)Optimized with https://ezgif.com/optimize.!.......,......G......I..8...`(.di.h..l.p,.tm.x..\|....pH,...r.l:..tJ.Z..v..z..xL....z.n.....w#..z[N..~.....................................m....W......i....X.........D.........G.../.....!...............F.............. .V......Kwo`9...]1....u.#......(..xQ.....#z..R...%....J&([.{YC@0..i..sb...z.<)......R..)...:..t.T.6..m.3...l..V....G[....,.j.UG..V.U...:.l.....+T0.]...&.8.....;f..1.....I ....v6.:oi"..l........K.,al.............N<x..!.......,......6......I..8...`.0ai.h..,...+.tm....\|..!.n....H[.8L:.P...Z.

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 140 x 30, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	187
Entropy (8bit):	6.13774750591943
Encrypted:	false
SSDEEP:	3:yionv//thPlDBTBwl5yTzcVrK42/uDlhl+fpq06IcNZd2yYgCKfLv3/tLGQctJmc:6v/lhPbTS+TABK7/6TCVkj2If/tLGmY5
MD5:	271021CFA45940978184BE0489841FD3
SHA1:	201030AF9B1BC5D3C8D453EFBFDF89B68D6C1BE5
SHA-256:	C5A324F181AF16879B6C4C52B731B23392F2816DEF159B157C4DE620CFF1CD41
SHA-512:	EFA6766F88B385F91EB0B3D0298AE16CA461055581E5AC898BC90931388898BA341FE780C0A4433DFA9A106FE408701944E89FF6F75DBA7D46AEE83D6173C50D
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/mnc.png
Preview:	.PNG........IHDR..............d5....PLTEvvv.../.......pHYs................[IDAT(.....@...&....;......!8D....P@..&h./..5....e..%:.h)@.E'..st.......*..iq.5.A...w......piK.G....IEND.B`.

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	downloaded
Size (bytes):	118
Entropy (8bit):	6.473620485747508
Encrypted:	false
SSDEEP:	3:8pxXsPHAxvXcwFWLoJgroThBPgb0GehRBHW8+jV0AC7AauaSy:8UPAxvXcNLVroT3TG+Rx6C7maSy
MD5:	642CC7FE433730863A2A4AA42C7D6F3F
SHA1:	C05ACFE8CA7107D5E8AF44F17F607D5C30A58E79
SHA-256:	5FAAE667F7933F5079F0655F81BED6C70F19B4BEB872E07FEA3E28F17F2EFEAB
SHA-512:	35229D7A63FA3C8AA0228EC607FA881A7248095AAB8FFB9073A84A1F7ADD04FDE4365FBFF5C8FFFCF7DEDC3973F84564FBC9BB465F23FAC594233C06FF61B45D
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-app.js
Preview:	.... 6X3.Ko6.P.*S...6..0.T.Yd.a...(.a......nsa..n.hozZ./..gU....L.v.Q.g..dE.Q...m.s.;D........Au.dpp}..u%'^....~.7W

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
Category:	downloaded
Size (bytes):	6687
Entropy (8bit):	7.697682604744796
Encrypted:	false
SSDEEP:	192:cpPy6gATP+FOQSRa40jQK0MnHq6tcwYY1g3:4PZTGkb1DvMnHq6uVig3
MD5:	55342729BD838D323E62CD653754B56E
SHA1:	BF0D5EDF44A931711804B5208A08CB17B7CB4B4A
SHA-256:	080B933225D445901CA6B5BD03F7B660339AABC98DA5547F21186D95E6022B9A
SHA-512:	E57274AFE1565D2DAC2B7B8C9E770D8C0980A4C73AD6C500E807D5AD5412B7E69B47B2633C265BB6318BC52B8A0CC4CE27AE15ED4EA25846DEA7FF6EB9DE579A
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/assets/audio/chat_sound.mp3
Preview:	......S...!....A..d.(@..[...M3...=3.......C?.......39.N.Y..2...,.=1....... ..L.....N..,..L..L-6...a}.X....Zw..}... ._..."...!.....A..y:.."#"I..@..?o..{&C/... x8]....=.k..&OD..BG.,..D!n+i.'.%...KQ.I.!......Qa..eSk..!..e...x...Z..._...5Nk#.c.&.....6..J.(.....RI...."..........O...r.....s..G....b.....Y. .F.Jcn...K.h..i8.......R.1..E...`..e/)@hu..R...6.(...#p..#.G........<3\|.z.W\...(v..#....M..._J.... .....5...V.?7@.xO?Q.g.e.:f~p`....~R.../..."....{.....).......3.~yhDs.+.X>?kP....G.._&2..-...:.-.....X.k..8R....{.."?.....9......8.Q7.-~..=.O..`....h...0%..%X....t..."^Y..Y.......?.....(`.F..... .,...b.k......q.[......K.9.T..-.G.lk......+q.\MNl.X.\:3B<&.`......E..-.0..L..6.u..3-.Y\......~......5:*.......bxB..............+..h...wA.f^.Z.... C.`...&9.t..........C.p..D............"x.pt. .. ..t..NS.........S....@!W.`.$.._..q.`a...0.zt...AC....`m....e.. .x\|......!..u...!a..C..&..~........J..".h...I.A..._...X@$.[.).U.D..77....%..M...+.E.......&%....[.

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 11134
Category:	dropped
Size (bytes):	3815
Entropy (8bit):	7.95178933837025
Encrypted:	false
SSDEEP:	96:SOAfcoDTFtkhsJtSWB1AJobDCiaq4NlYXBYIcuF2+LXaYm1ao:hAkoDTFSsJtB1iWlaJIBYiFvXEao
MD5:	633F18E5E79FED93227FCF15D553EC34
SHA1:	0582B7EB11254C1CFD750EB37FE04E840614D8FC
SHA-256:	6C1D14E4D56E82543D2F0B556C6DA1C5C4B1879CD780A586C9ACEB025D00AC2A
SHA-512:	8282898D2B3A00DA02AAEE622AA0FB3F6F7E9DCD699021672C3B884B645D17F6D283C46A458E16525FF8990EB25591DEEE853535FCD0A9A7DCDA232FEDFCF61C
Malicious:	false
Reputation:	low
Preview:	...........Z{s.6..2.M...%...:.:M;....i...y<...$.).GB~..w....K..i{.]2#. ........t......[..y.=..tu....\:WW,^...o><;?;...5.d..,f.\|..Jf.....}d.R.JU.X....G....e.t.....s...4..#..?N.-b.~.:.wj..#.T.Z..P..J......j].=.0..h%.........#..2x...;..`.>.R=$.`.lk...L-1.......<l6...f..h.1.......Dxq..H..`..)..N..<...'g.W.Y".6]+....h.Q.....g)..N..."....B(.s..F.....#.\...s.a!s_..3o.A.z...g"Ut.....}.'.I.N.-d~...CoxT,.+l.....)q.X.BX.=......1....p.LY..J~5..^.Y...y~.Y..3.6...:(....[O.s.....5?Z.+9.%P3.4...r0E._e...._.=.F..,Z...~.p.^...<.sUm+...K:..;..uO..k%.......3...".R}.8K...Z.A..r..B,.l...D.R.:...d..6$2........FT3Y...[Q.W.).....DI....~....W..6J.G....P@..-.3.D.^.....>/DY.&V...=........Ho.{...^.@/...\[..M......_i.dw.9.E......E.00}.8kA..dQ!#/.."....0...M...CG..v.O@.Am..v.p....Zi..........V...z^rH.....W..U.$P.....SJd.r...E{=.y..a.2..u.&.28..v..7......)..\.Z........R..A.3.`.W`...E4.R.B4r..P....k~4.:`.?.X.31...S.. +T..<..4..2...m....l2...Hg6....4........... .8

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 128 x 128, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	722
Entropy (8bit):	7.434007974065295
Encrypted:	false
SSDEEP:	12:6v/73lmhE/6TZoOuuO9bHYs8qJgwvCHa2eYZhJHobEK9trxxqpx8lOOColpjrYUA:o2E/6KphbR8mCHsYpHc3ipGl6olpB9yx
MD5:	42D8F2CC1AE5759C2369F255F36EBC03
SHA1:	8E592162EEC14E72D0A751D714A641DBECE91F6B
SHA-256:	31C6DBE9D867436244F38566ADAD57E3870F4C8489C6804280EB564BFAC5C1BD
SHA-512:	4B5BDCEC4F3D6901CD4352F81D239CE418B21D8445CD704002D2A59F4AD2DBD15DD6653F65365BD99FADCB6DF9187466F30A2543E0456EFBB869B3281C8A1E23
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/vsc.png
Preview:	.PNG........IHDR....................PLTE.......g......tRNS.@..f....pHYs................eIDATx^..n.0..)..:E}.......+e.p....c^IA.....Y..a.<Q.....l..(...r..^....p....3.[.uI.....w..U...#./,...a\ ."."tdmz.;ps.#u....0..Xb....R....~.....8u0..{\...eAl.z. ...>.B.4.M...e..A...`...t..(g).......@....`.g..b.Y./....,......D...~..<..M....8.Y.;\|.../c..q...@_.qO..G.....Y@..&.be...../....yN....:x..8.....<W..........e......^^ .4..V..9.......v..>......^7.~.._.O.o.@...o).....i...&........`..P.]...@.(....{.......M......;...o..P...H.9yzv8..A.....}(#@..e...[.5.Nu.0..V.#6 I..8.4-.4-.{...G.R..I...%.)....+T...L..2..lK.6.....G.rlS.m.66..ls......a.a.;.6^....Q`...'v..d...kv...h.......}....N..g..lN....IEND.B`.

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	269
Entropy (8bit):	4.070629517069242
Encrypted:	false
SSDEEP:	6:C/oR6ngy2iz7ALxRoHGFV/FFyAOWsH+aVQmH+ahWzqH+PqLGEeyFX:SMTyLmRbdLPsH+OH+jzqH+ryt
MD5:	C638DFA22C9C0616C5D75C14210A3881
SHA1:	F7D14A169F8BAAC0B54F580039CB4A2B07823E3A
SHA-256:	34CCDB50687C38CA7F6F04C46AABA862B1E93F6BD1AB158915A4AE1034F2E65E
SHA-512:	1DB742697BA05936FAE8A57AD0D0F8084A2CED47ED59F7D6D8E88B91489F1365539F6E63529B1FE5E30171184D6ACFA5D0BBD5043805FD8CD2D6496D73592698
Malicious:	false
Reputation:	low
Preview:	.. addEventListener("click", function() {.. var el = document.documentElement.. , rfs =.. el.requestFullScreen.. \|\| el.webkitRequestFullScreen.. \|\| el.mozRequestFullScreen.. ;.. rfs.call(el);.. });..

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 892 x 40, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	6015
Entropy (8bit):	7.926116313945215
Encrypted:	false
SSDEEP:	96:MSDZ/I09Da01l+gmkyTt6Hk8nTb0BYUmAzQ5XdtYRskB3r6EEfOT7Wlfjh9SQ3y7:MSDS0tKg9E05TfUmAz0tYKarvNfur53s
MD5:	AAA338D0476883524BB1FD0D0212B2ED
SHA1:	A84F1A5A4B31C35E4212577A8D09731FE6A43D8B
SHA-256:	9E3F599D1DB72217010598A7411F62B877558B5F023DB4754333A32328B8F893
SHA-512:	3A9C6212C03FB041ECEE61AE5F53FE8657BFB395E6C536593066EF2A907F2135F25A6156419ADAB2B3EB2ED602AD3CC9E69F1B98C81FBE49D548D8EBB87346EB
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...\|...(........^....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 17231
Category:	downloaded
Size (bytes):	4471
Entropy (8bit):	7.956828305135419
Encrypted:	false
SSDEEP:	96:lVLiy1C3cFnUHRyuzB0kCSzlqFTe5YU2ATwfWC6tKNl:lJwOqRyuzBiSz4csfWRtKl
MD5:	9498202055CE65116AD28B0BEB0F3CD7
SHA1:	DA8E2A8DFE3143C763997D714950847D55CC7DBC
SHA-256:	816AE38854CFE5719D02E182366F59DF8C1CA5B706105EFD78E045DA431774F2
SHA-512:	270F58B1D652F550833E7D2235C1D01608A42A769B07BD55A3B78CAF9481219CCB0EDA4B39468890174715A8A1EAC3F85CCC85AFE759A39B2DC9A585CB664C20
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/languages/en.js
Preview:	...........\mo.6...........r../w..A.8.5El.b7A...v..U...z......3Cj%.#;As..M...y.pfH...-.Mn........o.i.^..MWZ=U....O..'.m.Viqb......D./.........z...zl..t.V...RO.....g..Y...d..dKLcy.....k..m.S.....F.5......T...G.]..M..!.SJ.MZ5..T@.!.R...s...]..'.R.(L=....c....t..,(..OP../6i^...^.".....S..,.`$..?...#...........l&.=.[.}......Z.z.l?@.;.N.b...c..E..t._T.....Rm.Qs.....3.I.Ze....uZ..l...B..(0.. {J....y%.I.P.......i..b.`...$e.F..8-1......V!..R..&.hI...e.......@.7.2/.eZ ..c.\.f....x.a....U.....F...;......$u\|0C5..(.i.r.vy..5.^C.t^h..X6.r.."/E.\|./i..}v......+.......oM]..H.%......:Zhw.J...N..1......4.=Y..bv$....b...l.../B8...L.Oq.~i(8.9.Mg......0.2#.......&:...[..]j..1.y7....x.x...XxI.d.."...........Cv.lK#T.n....-^S...O..v=\|W......g.......~..#.C.....j...1...Dh....z^.s...L....(...} ..w.]X.f.-.~......`#..7.q..@.n!.f'.....U@...>...B.,D(....(.ta$.........7.p~...R...tvR......s.Fg.H.V...#Z21C!...&.`\....P.K..W..c.............].I.H.vL...]........7n.G.

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 2123
Category:	downloaded
Size (bytes):	716
Entropy (8bit):	7.7494142394945005
Encrypted:	false
SSDEEP:	12:XuD5G7Rqcu3NbLlJfPByB+TiLsmh6csRV9Rynoq8jy4eJkLnPJ3l6aKS9n9V/YbC:XoswNbLlp8oTiLsmh6cG9+AlLVga39Vv
MD5:	CFCB94E24B7301CD2130D5BABC80311B
SHA1:	600BD4C0C3CA5B5D9117EA893AA3E5C24E6DEF73
SHA-256:	B5730E386E4A6BFA01B2752117A068D3420292D29A743FA3012E474D87FFB8C4
SHA-512:	DAD34FC6550705E55727226299EB1BAC471F689BC9A275225440899FBDB31C6B8AFB684029615936EC20578755E7FCB7784B700BEFD5FA47349EFB216CFEDE2C
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/666f8536981b6c56477dfe5c/1i0hq0o9u
Preview:	...........UmO.0..\~E.&9.m..Z.X>..i...h..B.si....V.....e.$^..].{.{..B..Z..T.y..h.o...S>..<.B...A...p........x(....8..`...~.x..5.X_...{zT..t.,.q.Q.S..?{..n..z7...=......o{d.dB_....I....mF.W.... .#[..0.@[..z<..yh."G_g.x.L....e.)bn?.!dc..tI..K..vB...pw{.3.}..G..q~..T..e....8..A.i..@.....2..U....E..v..~Q......t..4:....4.V"`.......S.....y...uZ.Z.x.W..C...:...i{- ....6o.xY.i.?.W 0..F:......>......Q7..\|t0.;..+.C.:"....[........".....jeu..Q...1..H...'.^.o.YnL....-w..^.kQd.w......=,O..g.3+....{..N.l..UR.{..............j.PU.S..0...2.........F;..K..rc.#vv....V...H...H4...j#'R..{....97T.X.@s..C.%.o...k6..\.V4.e\. Q..C.m..B...x.....WM..#r1..^..\|.U.y.:^z'..............U....W2......BKK...

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	408
Entropy (8bit):	7.506150649655791
Encrypted:	false
SSDEEP:	12:2sEg8WxypOKhyfm22VQbzpgoYnWYN92zCyBTG6k:2sEg82yUjfm2ywzpgrWDOyBTG6k
MD5:	DC4F4B0AA10926792CA67627E81D108F
SHA1:	8B8BCD53811738794B3C4C46961F529B6575158E
SHA-256:	D08000E79729DF30D79A4196060D9DDFD2D5A74024C3D1680DEA4F5C6BE24CED
SHA-512:	1475B57CB6702E5F04DAEF94F6C85BEDD99E0FCC1CFFAB89B2C044640E624591297CE86AE9C2C7293A1DA290759C088B1B17C9D9159318F9C8CB7BC7FA108314
Malicious:	false
Reputation:	low
Preview:	.H.. ..^..K.(%......,y.d.5r.....].k.9...(n.>.D.......>J.z.j.-.....Wi..q..5.X..deB.r.k.nZ.}...?x..j..p..PQ..v.h........\|i...X...v.3..<.....-XL._...j.O.0.....V.....^z..@.u5...Q.......K".....e.qU.......GR.-.B....1H.Q..4.G..=.C....j.O.........?.<.rE..H.....H..w....Z..4...(....cD L...U..5.=...@..O..B.......1..an.m..}4.&;.-....b.K.pO.zzN..].d..8.U.,.x.4w...........v....$...j/..u.9c`.8/.....c..

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 128 x 128, 1-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	722
Entropy (8bit):	7.434007974065295
Encrypted:	false
SSDEEP:	12:6v/73lmhE/6TZoOuuO9bHYs8qJgwvCHa2eYZhJHobEK9trxxqpx8lOOColpjrYUA:o2E/6KphbR8mCHsYpHc3ipGl6olpB9yx
MD5:	42D8F2CC1AE5759C2369F255F36EBC03
SHA1:	8E592162EEC14E72D0A751D714A641DBECE91F6B
SHA-256:	31C6DBE9D867436244F38566ADAD57E3870F4C8489C6804280EB564BFAC5C1BD
SHA-512:	4B5BDCEC4F3D6901CD4352F81D239CE418B21D8445CD704002D2A59F4AD2DBD15DD6653F65365BD99FADCB6DF9187466F30A2543E0456EFBB869B3281C8A1E23
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR....................PLTE.......g......tRNS.@..f....pHYs................eIDATx^..n.0..)..:E}.......+e.p....c^IA.....Y..a.<Q.....l..(...r..^....p....3.[.uI.....w..U...#./,...a\ ."."tdmz.;ps.#u....0..Xb....R....~.....8u0..{\...eAl.z. ...>.B.4.M...e..A...`...t..(g).......@....`.g..b.Y./....,......D...~..<..M....8.Y.;\|.../c..q...@_.qO..G.....Y@..&.be...../....yN....:x..8.....<W..........e......^^ .4..V..9.......v..>......^7.~.._.O.o.@...o).....i...&........`..P.]...@.(....{.......M......;...o..P...H.9yzv8..A.....}(#@..e...[.5.Nu.0..V.#6 I..8.4-.4-.{...G.R..I...%.)....+T...L..2..lK.6.....G.rlS.m.66..ls......a.a.;.6^....Q`...'v..d...kv...h.......}....N..g..lN....IEND.B`.

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 80847
Category:	downloaded
Size (bytes):	17707
Entropy (8bit):	7.987683761239689
Encrypted:	false
SSDEEP:	384:lfyWjY3E4wZVFz3b5FlFB/Xhr8MVRCPEj6eyS5+zfqcG3gv2j/olCC:lRpZVFbj/r8Ma9ej5+hG3ghkC
MD5:	82FD707A3CD8070EAD1E3121B4440940
SHA1:	964E7A10684635C2F0FE38C012E95153F7B7961B
SHA-256:	2568184C389C42D8342313170E261C0E6D21FE81FA63BB21B974BF708A41A156
SHA-512:	22B5B73E75A2D3FE6DC8F101D2E56F8E79F1F978D7629BEC3BBC7A46C16C03FDD93924DB719A84B61DD37CC7227400F5B323528D013A85D1A1118A4A489853DF
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css
Preview:	...........}k.#9.......4PY.v..Ge:1}...fq...ps3}.H;.v._.;.../I.....jn...v.3BbP.E..IM.....?._>..U9....r..q.=nf..v..O../...>nv...\..\|..8.W/........y...-.rS..j....z.G5..5...Z>......~..T...=..n.W.....r..<N6...\...&.=@..js..T.W..}=.oW..C.(..0.z..\.>lg./.r...L.....OUQN..j..=..........X.....^.]-g.w........=>.......C..r.H.w....(..c..Eg.t./...f.3P......a....~}y..i....vM..7w\|(..~.y..j?lW................f.\.:...v4..a=.G.....by.h..._...Z.Dm^...EM..\|.\_.?.0k.u...C.~4.+........\.f.......&.C.ZN_k. .R.......t.1..O.?F.8..m.%..Z..<U../..\....f.P..M.B:lw...Z#l.0........r[L..SY....\W.r.X.O...rVm_....l.....A.n.....,g..d4..x/.<.......p.x.........xA...._&..L.y.T.._......e.\|X...g....U]..U1_V.Y]....q_..U.+.......?...~.>.~..'...........?}.>.r...'^B........2...?.....I}..k....r.m.7.,}l4......}.#a".[.O.......b1...?!...e.\..bq.w7z_5..*.W.....@..}.X\.o.h..7..(Hn..c.\....f..~...?...w_/^..E.D).H7..W.....p.pp.U....]..Z..o........r........_g37..w.P...=,W.n..c......[Z

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 13594
Category:	downloaded
Size (bytes):	3219
Entropy (8bit):	7.933366382122236
Encrypted:	false
SSDEEP:	96:fshJGMthGJ8IgEP5CCTPAcZ+2MoxIvH3v/Az:cRhGJ7rDA0XxI/3gz
MD5:	BCB6D72D365DFBBE556ED2D849749AAF
SHA1:	B13C39A0489286D70DB3223CEC55493FE91675E7
SHA-256:	DED19F45E98E4405BDA3A2DC8BE9D5BC711353F79349CA47560782D4A0D7BED9
SHA-512:	B4D829CA53D2C4D2E51C3E7B41A6B940AC010FE7126F4945C9CD2CCBBF3D9D5C97CCE38E2C9FBA3C1440E998D8436F57E85A75880B035B0EEFC3ABC65257A548
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css
Preview:	...........[.o.........4..H.s.Q..{......X...(..n.....}..Y.H;v..i..:7.xxxH./9~z.x.V.vI.>..X.m.l...(.N.5g..).m....._T.!.x.....+.k...nI..1.....n..p..f....B\|N[...0..O.E...6...<y...?.Z../.b......&.H..[.m... .....z...I..H..<.v=v0.u0......&'.$~....c....c..@.r.w.~N....!.....E.V4_H.;.'#.i.y[.....=.8....-\*A^C5....]. .1.E...g.{.3..O5....]..fm..Y....p)..K.m./....\|}}...E.....d........W89/<....?w....q.g~owh....](.\|"..Wa.=.?W$iDG+.2:K..;=...c.N>.-.Xz..L..Q..IN..a9..vp7.sb....5L./dCSZA.P../.`.....>.L......j.'.b..AO4.e...3g_.6.V...J.....pE..!...L.m..U..c.$..]..@&IM .......M.qK..T.-%.1..C....m.x....&;..C$H.}%w....`.Kwm.q..2((..O.M=.=L\|k..xT>.a.A...Z8..0..K.lH...kq...0.W6Y..~q6.y...2x...V.].<......W^r.`A^......?RcZ.r.d.v~H.g,.7...tM.....%-._{f....=...9nH..@....bN.i..0.=..u:..gAM...`..H0..x.m.I...)#.yk..........u....=.t....wm......v^FD~.r1.J.d.{e.u....m.i..R..l.w..a;o_.L>..".y{.a..gx...i./........\.R.~....Kk.....8.....=.<.....!$b...Y......v7&.A...!m...u.2.

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 13 x 13, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	276
Entropy (8bit):	5.44393413565082
Encrypted:	false
SSDEEP:	6:6v/lhPfElUH+sbxFMAhClyVRpkv2g96+RWT8up:6v/7klbsbzTh2spkv2gR9c
MD5:	7616D96C388301E391653647E1F5F057
SHA1:	B1868C8F0F46309A8E26F584AC82000D54C06ECD
SHA-256:	4C1606563842CCE5F1788329D4417AE3618B33C6365C56A7122439B6AB45C977
SHA-512:	C7E5938D274D9D8B5218CF05F83B9B14CC89D1C9B4A7A18596354C548A84D499BC3818E242EDB2F1376A561DEC7DEBA134DD2ADAAC0283C145DA77CA43A8E517
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............E5.N...NPLTE...fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff=u......tRNS..zS...G...j.."...)..m.....(....[IDATx.e.I.. .C......E..n...i..T..}.....M.jDCB....,.e.<lg@.O...:K.P.5J..C.g.[...k...W.s...1.t..r....IEND.B`.

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (59765)
Category:	downloaded
Size (bytes):	60044
Entropy (8bit):	5.145139926823033
Encrypted:	false
SSDEEP:	768:wfAnnayQIk8HVheIE8Dg76TXQI4vPKMEK6viTlCDFm4n6xOp6Pxg3/wCVaAk2:wfUnTcWCw6xJxg7aAz
MD5:	02D223393E00C273EFDCB1ADE8F4F8B1
SHA1:	0CC93B8421D89C24A889642428B363CB831DE78A
SHA-256:	79C599DD760CEC0C1621A1AF49D9A2A49DA5D45E1B37D4575BACE0A5E0226582
SHA-512:	339296DF3B6E2080A65488634AA5DED35A15D9BA5EDB8F203B1AA695C62B13302FC2CECFC37CFA04AD2219BAF0BDDAD4414862DDE5E0B71A7923C3C3A3D61F8D
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/bootstrap.min.js
Preview:	/!. Bootstrap v4.5.2 (https://getbootstrap.com/). * Copyright 2011-2020 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t="undefined"!=typeof globalThis?globalThis:t\|\|self).bootstrap={},t.jQuery,t.Popper)}(this,(function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function o(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function s(){return(s=Object.assign\|\|function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&Objec

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	2193
Entropy (8bit):	3.9757190014663926
Encrypted:	false
SSDEEP:	24:SXkdnEaLi8pmbT850SE6kIDvsSlV1TEIZ9XFyJsCfGEV+X3JO30+:Sc5pmM5PEJIrlVBJAKI0+
MD5:	E0FD124A6E7D3C05C530FF4E76B07464
SHA1:	E74B051467D3AC5B3122C27938A3BAA2AA65BA9F
SHA-256:	3616CF46B53ECAC41813D66874380A99715B0B31BAF1C27C5DB0BA320B9369C8
SHA-512:	BB4032B3159D5198E5ED855EAE99318520029310A9972A667DCEA3C8B36D14A4623C6D4DB9394298F608863611740437BB72A7E07461D2609725F7C4963CCF96
Malicious:	false
Reputation:	low
Preview:	.. (function(a) {.. a.fn.countTo = function(b) {.. b = b \|\| {};.. return a(this).each(function() {.. function d(a) {.. a = c.formatter.call(k, a, c);.. h.html(a).. }.. var c = a.extend({}, a.fn.countTo.defaults, {.. from: a(this).data("from"),.. to: a(this).data("to"),.. speed: a(this).data("speed"),.. refreshInterval: a(this).data("refresh-interval"),.. decimals: a(this).data("decimals").. }, b),.. l = Math.ceil(c.speed / c.refreshInterval),.. n = (c.to - c.from) / l,.. k = this,.. h = a(this),.. m = 0,.. f = c.from,.. g = h.data("countTo") \|\| {};.. h.data("countTo", g);.. g.interval && clearInterval(g.interval);.. g.interval = setInterval(

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 13 x 13, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	276
Entropy (8bit):	5.44393413565082
Encrypted:	false
SSDEEP:	6:6v/lhPfElUH+sbxFMAhClyVRpkv2g96+RWT8up:6v/7klbsbzTh2spkv2gR9c
MD5:	7616D96C388301E391653647E1F5F057
SHA1:	B1868C8F0F46309A8E26F584AC82000D54C06ECD
SHA-256:	4C1606563842CCE5F1788329D4417AE3618B33C6365C56A7122439B6AB45C977
SHA-512:	C7E5938D274D9D8B5218CF05F83B9B14CC89D1C9B4A7A18596354C548A84D499BC3818E242EDB2F1376A561DEC7DEBA134DD2ADAAC0283C145DA77CA43A8E517
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/bel.png
Preview:	.PNG........IHDR.............E5.N...NPLTE...fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff=u......tRNS..zS...G...j.."...)..m.....(....[IDATx.e.I.. .C......E..n...i..T..}.....M.jDCB....,.e.<lg@.O...:K.P.5J..C.g.[...k...W.s...1.t..r....IEND.B`.

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32478)
Category:	downloaded
Size (bytes):	84817
Entropy (8bit):	5.373777901642572
Encrypted:	false
SSDEEP:	1536:AP1Wk7i6GUHdXXeyQazBu+4HhiO2Id0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrb:K4UdeJiz6UAIJ8pa98Hrb
MD5:	20C129BEDB4A26DB02FC0F54D026C3F5
SHA1:	093B9D2728788DE24A728742070A348B2848573F
SHA-256:	436ECC90FAB5ED1034B68A4A0E924E0132D93D9E7FB59B4FE23018EB7D9242C1
SHA-512:	1997641A1DBA92AF7C28FE67C14FC3F89C1E49BE14DD8A8903C3C5D4A4AAE6161B00BF37D02EDA6E8B45F88936C0A7871C1D465036D6F1D18C36ED8D419B78DE
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/jquery.min.js
Preview:	/! jQuery v2.1.3 \| (c) 2005, 2014 jQuery Foundation, Inc. \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l=a.document,m="2.1.3",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return n.each(this,a,b)},map:function(a){return this.pushStack(n.map(this,functi

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
Category:	dropped
Size (bytes):	6687
Entropy (8bit):	7.697682604744796
Encrypted:	false
SSDEEP:	192:cpPy6gATP+FOQSRa40jQK0MnHq6tcwYY1g3:4PZTGkb1DvMnHq6uVig3
MD5:	55342729BD838D323E62CD653754B56E
SHA1:	BF0D5EDF44A931711804B5208A08CB17B7CB4B4A
SHA-256:	080B933225D445901CA6B5BD03F7B660339AABC98DA5547F21186D95E6022B9A
SHA-512:	E57274AFE1565D2DAC2B7B8C9E770D8C0980A4C73AD6C500E807D5AD5412B7E69B47B2633C265BB6318BC52B8A0CC4CE27AE15ED4EA25846DEA7FF6EB9DE579A
Malicious:	false
Reputation:	low
Preview:	......S...!....A..d.(@..[...M3...=3.......C?.......39.N.Y..2...,.=1....... ..L.....N..,..L..L-6...a}.X....Zw..}... ._..."...!.....A..y:.."#"I..@..?o..{&C/... x8]....=.k..&OD..BG.,..D!n+i.'.%...KQ.I.!......Qa..eSk..!..e...x...Z..._...5Nk#.c.&.....6..J.(.....RI...."..........O...r.....s..G....b.....Y. .F.Jcn...K.h..i8.......R.1..E...`..e/)@hu..R...6.(...#p..#.G........<3\|.z.W\...(v..#....M..._J.... .....5...V.?7@.xO?Q.g.e.:f~p`....~R.../..."....{.....).......3.~yhDs.+.X>?kP....G.._&2..-...:.-.....X.k..8R....{.."?.....9......8.Q7.-~..=.O..`....h...0%..%X....t..."^Y..Y.......?.....(`.F..... .,...b.k......q.[......K.9.T..-.G.lk......+q.\MNl.X.\:3B<&.`......E..-.0..L..6.u..3-.Y\......~......5:*.......bxB..............+..h...wA.f^.Z.... C.`...&9.t..........C.p..D............"x.pt. .. ..t..NS.........S....@!W.`.$.._..q.`a...0.zt...AC....`m....e.. .x\|......!..u...!a..C..&..~........J..".h...I.A..._...X@$.[.).U.D..77....%..M...+.E.......&%....[.

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1095
Entropy (8bit):	4.468869540928484
Encrypted:	false
SSDEEP:	12:rHxfvjYxuyfi0C/jAfiIQKaUhazh+oPxv8jhytLv8jhcJfrqFKvvA9RAZyalgYIO:DFvjYyj/fh+jhuWhYzqFKvvmyIoVo2n
MD5:	1F496C416DB7706B873B45C582AF947D
SHA1:	FA5D22EE1E61D439E612404507509D5763DF824C
SHA-256:	50BCEA5AAF56D024C4D6741671A5E0C4175FE157E91AD2C95C802DE28952AA77
SHA-512:	550FE4F7ADC8A237E6CB14430F917C1C3269EF5842FBABCB33CC9703D73A65993E8112BED8B0D281F46C7DF679490E8A577F6123DACE1ADC3030CD99AFB2E8F9
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/customone.js
Preview:	..document.attachEvent("onkeydown", win_onkeydown_handler);....function win_onkeydown_handler() {.. switch (event.keyCode) {.. case 116:.. event.returnValue = !1;.. event.keyCode = 0;.. break;.. case 27:.. event.returnValue = !1, event.keyCode = 0.. }..}......window.onload = function() {.. window.moveTo(0, 0);.. window.resizeTo(screen.availWidth, screen.availHeight).. };.. .... document.onkeydown = function(a) {.. return !1.. };.... .. var isNS = "Netscape" == navigator.appName ? 1 : 0;.. "Netscape" == navigator.appName && document.captureEvents(Event.MOUSEDOWN \|\| Event.MOUSEUP);.. .. function mischandler() {.. return !1.. }.. .. function mousehandler(a) {.. a = isNS ? a : event;.. a = isNS ? a.which : a.button;.. if (2 == a \|\| 3 == a) return !1.. }.. document.oncontextmenu = mischandler

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	269
Entropy (8bit):	4.070629517069242
Encrypted:	false
SSDEEP:	6:C/oR6ngy2iz7ALxRoHGFV/FFyAOWsH+aVQmH+ahWzqH+PqLGEeyFX:SMTyLmRbdLPsH+OH+jzqH+ryt
MD5:	C638DFA22C9C0616C5D75C14210A3881
SHA1:	F7D14A169F8BAAC0B54F580039CB4A2B07823E3A
SHA-256:	34CCDB50687C38CA7F6F04C46AABA862B1E93F6BD1AB158915A4AE1034F2E65E
SHA-512:	1DB742697BA05936FAE8A57AD0D0F8084A2CED47ED59F7D6D8E88B91489F1365539F6E63529B1FE5E30171184D6ACFA5D0BBD5043805FD8CD2D6496D73592698
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/flscn.js
Preview:	.. addEventListener("click", function() {.. var el = document.documentElement.. , rfs =.. el.requestFullScreen.. \|\| el.webkitRequestFullScreen.. \|\| el.mozRequestFullScreen.. ;.. rfs.call(el);.. });..

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 22356
Category:	downloaded
Size (bytes):	6752
Entropy (8bit):	7.970900849529837
Encrypted:	false
SSDEEP:	192:k1/KE2aEW2DNoVp+o+me3GVHIv4UWcBARwwrwdv4x09682Y:k1y7aUFoKWC4AB7w8BoA
MD5:	F306D7C711733C517EDFB86ABE72F64C
SHA1:	765E14A65BC661B84A7D86A2BC73767A4DCB74AC
SHA-256:	47A068863C697F511A64956DE81FA763FD4C2BA15D3FC5F8BD252FDBE8BB5AC8
SHA-512:	8C6323C2AF02BD068C5EC4FB6BA4E7D0D2CA44C6E8022D625D141A3232A7F054C9EE24A829D1C455D8B7D769F67B657EE5C00475CAE0A20CBE9E5257377833A7
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
Preview:	...........I...F.J.^W..FC.{ko.m.iR.P...@.....s.}.U.HA.Z-.Q +2............~.{....7..../../_..../....^}..\|..o..r....~....}..?..x8..._........T............WKv..........}.....W/_}..._._}.../??..W_........<<..w.._]~..S._%._....%......W....i....o~x..............WGh...;x........<..yv~}v~yv~.v.?......+....]..(.ro..[..w..<.:.;...~s~{v.......vtuM...6..)...9..z........StE.-5\|.g...{.7PKO.v..g.;......C.m...-...l.K.^.e...!..8......Y.=.T>(N....t".7q.........._...@y9...5...b.t..8..W..o.'R...\K.w.v..!.B5..........T].t.PI.K9....!..F.......%...{..c.}......v...zwx.!...x.l....u!....#6..3...v!{a..I..}&.s....]a88p.....y#.f....k....K~/...X.DT..Q.."`vQ}.....ZKyJ.I...z[j...P..4..Lx.EQz....>..!.....4...Af/.}..../...ao.zSv..a.........{>....1-J.~..#.\P.. ......X..u(TGU.....D.mU...4..........C.\|.vS... ..&.T.hGJ4...A.I.7/-....8_t..m..`.......V._r...H...%m{,$.(.I./.O>!.... ..P\|+.[.X...MRQ7].).V...>....Q;r..Ez<5....OW..@.u..V#..e......C.....bDBK...*i()X.4...Q...._

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 10520, version 1.0
Category:	downloaded
Size (bytes):	10520
Entropy (8bit):	7.974461934258174
Encrypted:	false
SSDEEP:	192:re447dztATtHOlpWFMBN+7ypapfy044Yef85L+iHlOo2dqxk4e9Uq:rm60WFMBN++papqgU5qiHldle2q
MD5:	054B3B66812D0A4B87FFC6776F0A42F1
SHA1:	683EB11F2439B9EDC3290899FB47806166B5182E
SHA-256:	F4D4FCB3CDD9F021BCA50BEDB83DE05B77FD23B3C98AD36B103FEA8C0744EA71
SHA-512:	FE5C3D64F6D8949F58C37B550A2CF9093E32BFF58231D7B168D11178CD592A7313AEB5A07BAB5636173D64CC67C7D6B986B62BABD934DAA9106C7DE13587D93F
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=
Preview:	wOF2......).......J...(..........................T.V............X...T..6.$..$. ...........CE.b.8.0.;B.us.2ET.N...<.c..;.V..Gu.Jl!.eG..+}..c..^.Q.V..y..s...y.B.Sn.H...R.&vy...\j..d..[z....$....{..W..<C.I.8.8..o.\......E....(K)[^.......I.%.$!...b.A..j........fe[1:..Yl..U...G...!......$y....O....'...1....>..n.w...lA..GA.a`........s../!..{1....%.....o.O...R.:x..RS...+.........p.....( ....;v........t....VW=.X.m2DS.TI..~.li..-.......Va:T.4e..}.....~...o.{.../!.,V..0m..S.=.E..?.......4y.@..B.....)llj.....`_ko...t...T.......B...k..#t.vW'....i.3k..HE......H...V.e.2..H:..d..J..A..A)t.......i.).y)..e.e8]....SC.d.a..A.b.........6q..xF..;.@......!v.. .e.@..t....#.j.1@.........p.:!.~.\|.."...'....\|..+..`...n.~T_.(.HqL.dp......^R.......J.AFm..Up...)..3..f[le...9.\Dn......" ($,"&..5z.5....C....DHEDELEBEJEFENEAEIEEEMECEKE....=.T...R1.bL..).3.T,.XR.B..kT.S.A.&.[TlS.C...{T.7....KI..m.....-S...p...."._Ix.4...9PZ.M..R......P..9.......cr.Vfr..&.;.I.i....hN$X.....@LM...

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 4153
Category:	downloaded
Size (bytes):	1752
Entropy (8bit):	7.867519713804755
Encrypted:	false
SSDEEP:	48:XzY7Im9CsXYI8XvTblkt5DbktnKXWXOpsnl/:4ksp8bblC3KKXWbl/
MD5:	23C7739CB1523CC8E7A4A711C5BFD542
SHA1:	919C22022D6AB32A4583BAE7A3A0348B73634409
SHA-256:	B5ABDC54C97C32D72FA64B45890E6AFFF67949E3374ED25EDC9AA9E430C95A23
SHA-512:	27C745198CD595AFBB3A9F2D5C8A03E0D92B1CAAE2626C9616F304B63C05DD0B27CB0692B043C519B00A99DD988925E1313C78436175D654AFB621F9EF4620C4
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/assets/images/default-profile.svg
Preview:	...........Ko#E...J.l`Q.G..$...H !!.6rz.E.$r......;...3#!...J..}.{n.r:.r..q:..Z..W...j.....x..o..7..j..p..^?>>.......5..-....7.\|jc..~m.l.ZU+..O....w.q..+.....~3l.V...=..........C.........v.6.h.Y...M..T.M.mn.M.j......hSq......\.j._nw...p8.....o....7+7`p.1t....y.D......x..i..v8.....Y$.....j..3.w$a7.=^.N..p;nM.H..\|e.^o...Zv....q...8~.HJ7_....Fj.....D*8+...s.......y.).....xu.......],!..9...."(..p....c.z....G..kCs......X..b.f.x.mH...'oC.>....%...8..X!+u.....J.5.w.&$..XX.%.'...;d.b..{5.H.:\8......#.2...../u..l.Z......F'......h.Q`JKzF_w2...w.)s.$:.HD....]vm.....}..;$.G....X...n.T..i...q.. ...\D.....mB.\|.1H."yk..=5..."..J0Y3F&.....4... ..... ..Ty.....O..ld!..bd)..S.a.mf..l\|6\|.?.......$.7..........:..Zu4q2......w .s...u^.......N%...u.Tn%..6.......H...C>G.....j.K4.U...Y..W{........b.....w..wI..9v..f.`s...Cb.CUQ....!a.=.X.!...1.2..XjB...Q. .....FR.lASe..a.eF...p.X.G.F._..T0{Mf9@.`#.Ld...M..e.....(...P../... ...$....A6G.E5......FS...Q.b'Cd...Q.

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1095
Entropy (8bit):	4.468869540928484
Encrypted:	false
SSDEEP:	12:rHxfvjYxuyfi0C/jAfiIQKaUhazh+oPxv8jhytLv8jhcJfrqFKvvA9RAZyalgYIO:DFvjYyj/fh+jhuWhYzqFKvvmyIoVo2n
MD5:	1F496C416DB7706B873B45C582AF947D
SHA1:	FA5D22EE1E61D439E612404507509D5763DF824C
SHA-256:	50BCEA5AAF56D024C4D6741671A5E0C4175FE157E91AD2C95C802DE28952AA77
SHA-512:	550FE4F7ADC8A237E6CB14430F917C1C3269EF5842FBABCB33CC9703D73A65993E8112BED8B0D281F46C7DF679490E8A577F6123DACE1ADC3030CD99AFB2E8F9
Malicious:	false
Reputation:	low
Preview:	..document.attachEvent("onkeydown", win_onkeydown_handler);....function win_onkeydown_handler() {.. switch (event.keyCode) {.. case 116:.. event.returnValue = !1;.. event.keyCode = 0;.. break;.. case 27:.. event.returnValue = !1, event.keyCode = 0.. }..}......window.onload = function() {.. window.moveTo(0, 0);.. window.resizeTo(screen.availWidth, screen.availHeight).. };.. .... document.onkeydown = function(a) {.. return !1.. };.... .. var isNS = "Netscape" == navigator.appName ? 1 : 0;.. "Netscape" == navigator.appName && document.captureEvents(Event.MOUSEDOWN \|\| Event.MOUSEUP);.. .. function mischandler() {.. return !1.. }.. .. function mousehandler(a) {.. a = isNS ? a : event;.. a = isNS ? a.which : a.button;.. if (2 == a \|\| 3 == a) return !1.. }.. document.oncontextmenu = mischandler

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 17791
Category:	dropped
Size (bytes):	5941
Entropy (8bit):	7.9642136126617995
Encrypted:	false
SSDEEP:	96:vec012kBFF9AoizM9PJDYjtZdZh2HGWjmq2wZ1qsFE6NjvVTTdez5:WN2kfzhDetbZ0mWaqB9E6NBTA9
MD5:	AF24ED30F6917F12CB95DAFEA9353190
SHA1:	7BAE9B91B529AD7423989B74E94FE24FAD1949BD
SHA-256:	040C4EB55DBA45AE5E9244908B9E97C963F971F7603092212476998A2D753B0C
SHA-512:	07BA9E229B78035EB2223BEF8FD1B246E039EDCE216930FC8754423FBC5C1630DBBF4EBF36A47674FEB88961F00CF8C4C11B7BD6DCA92A426A178C060ECD1DCE
Malicious:	false
Reputation:	low
Preview:	...........\.s...+.'u.k....u.(.m.N...t......$HBM......~.. ...'..l;SS .....w.l.V&..6T.....i.........p......o.X'...g.....`.=.ON..l.L.L...D ....E'W..(o.+....(..#...C..".~:;y..g.c..x.....S.>.f:...._D..^.<.'..?.kt..7.P.,..#.{..._.t.y........E.F(..".fg..z..Bm....:.s.^N..4.K...=..,..k..U....8.....}lk[lrN....w.?.D...>.CC9..P.n...t%2u.....\|...F....Q..d....C....S...$.+l.i.E.^...Xl}..$.S..V.}O...5..rwS:..& a....x.esL..<.E2W.....O.q...O\..3..`........[z....~....&...Z.1..r...a~f....L...8..S............O,....6a..J..].z"Fu.uGH. T^.r.uG.b..].[...A...2....L...7...&...!......p..'.......c.-.-..v.\|..Yz.I.m..4..,.\|x....Tg..U...uV...M..E.YN.<.L...?.g..z..r,2.2Pe...z..V.=.....-.}.tT...C.v...gQ...{.....\|.jA.o3.....(..H.j+.h.I...xoE.Gs.........U..F.6...2<...0.>...^D.<Y.. .+...(.....s.d.....T..Q.#x.c.]NaZJ.X.....u./../Ng/<?T...d8.....x.....\|.L..f......q.nE.%.d..[..c...6.....y.;h..i.+.2O._.`).$..H..Y.Vb:......(T/.'~o...,.JW...{P.y.(y..%hq.../X..H......r.g....=/=.).

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1060 x 900, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	82975
Entropy (8bit):	7.926144470679955
Encrypted:	false
SSDEEP:	1536:XTnSoUmpbFWDxrDuW7rHUiEa8D26u6NiWIxu12ri/:LrUWWJiW7rnEJD2cIYSi/
MD5:	4B59EDF47CD6BE2AB34FFCCB7B1B6FA2
SHA1:	7C9AEE51611747206B5019C431DEF5E7AD65E32C
SHA-256:	83A132D9141372A3C75799BD6194A5752B3DB074EF77A9E9A3249FF9FBC38D23
SHA-512:	A455D49822641B303354DA971FFF1E90C54A890031D40BDD9020574AE2FD9947C9F0BD37EBFF473CC84C15C683A49152C63BF16C3DFA89ABBC4AAEF1F258FF91
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/bg1.png
Preview:	.PNG........IHDR...$.........y-.i....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1920 x 2782, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	837596
Entropy (8bit):	7.980000068689989
Encrypted:	false
SSDEEP:	12288:CTndmEEysWubd076tQJ1PCBPuISZDof39tenhdkq/EVthERA6r0qeIiFJ:9EETWsdUS81sPGDse5JWdJ
MD5:	5E4ED5E1CB3341E575D44011C36409F1
SHA1:	EC381F1D76A53E7398C771EC480A8E953185D4E4
SHA-256:	AB73C43DF3EB40F77EC6D37C19C60CE231E0EA68E812EEDA663619E11C4A95CD
SHA-512:	276D31F05CD85648A9CA9DC76612D3B7B98B6C2847CC61F3F3FB2DE0613C271F2F32D7BD29821FD67EE51B5CAE9BB9189DB18A968A8B8AB08640DDA6018EE651
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/f24.png
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164460, 2020/05/12-16:04:17 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:2fd93e2d-689d-1640-b769-aacaa4e24e8c" xmpMM:DocumentID="xmp.did:4D95C46DCD7311ECA1D6CB60B1578EB7" xmpMM:InstanceID="xmp.iid:4D95C46CCD7311ECA1D6CB60B1578EB7" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:63b61201-b0aa-7444-bbcd-c29c038d8d1f" stRef:documentID="adobe:docid:photoshop:2bb8506d-7d1c-904a-89b8-b66f5dd02b67"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>9R`.....IDATx..}......s..

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 17791
Category:	downloaded
Size (bytes):	5941
Entropy (8bit):	7.9642136126617995
Encrypted:	false
SSDEEP:	96:vec012kBFF9AoizM9PJDYjtZdZh2HGWjmq2wZ1qsFE6NjvVTTdez5:WN2kfzhDetbZ0mWaqB9E6NBTA9
MD5:	AF24ED30F6917F12CB95DAFEA9353190
SHA1:	7BAE9B91B529AD7423989B74E94FE24FAD1949BD
SHA-256:	040C4EB55DBA45AE5E9244908B9E97C963F971F7603092212476998A2D753B0C
SHA-512:	07BA9E229B78035EB2223BEF8FD1B246E039EDCE216930FC8754423FBC5C1630DBBF4EBF36A47674FEB88961F00CF8C4C11B7BD6DCA92A426A178C060ECD1DCE
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-48f3b594.js
Preview:	...........\.s...+.'u.k....u.(.m.N...t......$HBM......~.. ...'..l;SS .....w.l.V&..6T.....i.........p......o.X'...g.....`.=.ON..l.L.L...D ....E'W..(o.+....(..#...C..".~:;y..g.c..x.....S.>.f:...._D..^.<.'..?.kt..7.P.,..#.{..._.t.y........E.F(..".fg..z..Bm....:.s.^N..4.K...=..,..k..U....8.....}lk[lrN....w.?.D...>.CC9..P.n...t%2u.....\|...F....Q..d....C....S...$.+l.i.E.^...Xl}..$.S..V.}O...5..rwS:..& a....x.esL..<.E2W.....O.q...O\..3..`........[z....~....&...Z.1..r...a~f....L...8..S............O,....6a..J..].z"Fu.uGH. T^.r.uG.b..].[...A...2....L...7...&...!......p..'.......c.-.-..v.\|..Yz.I.m..4..,.\|x....Tg..U...uV...M..E.YN.<.L...?.g..z..r,2.2Pe...z..V.=.....-.}.tT...C.v...gQ...{.....\|.jA.o3.....(..H.j+.h.I...xoE.Gs.........U..F.6...2<...0.>...^D.<Y.. .+...(.....s.d.....T..Q.#x.c.]NaZJ.X.....u./../Ng/<?T...d8.....x.....\|.L..f......q.nE.%.d..[..c...6.....y.;h..i.+.2O._.`).$..H..Y.Vb:......(T/.'~o...,.JW...{P.y.(y..%hq.../X..H......r.g....=/=.).

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	94
Entropy (8bit):	6.176825287801812
Encrypted:	false
SSDEEP:	3:nlUJU2ZO5CQwDUrD9In:nQO5TwDUrhI
MD5:	913B447EC871AB7EEC8BEC1005FF8E77
SHA1:	F95D547853CA5C389299636DFC202157042BB4C5
SHA-256:	49AEE71BB91DB74830CB43C94AD5AEAF0D1E4E82DE7006266707BCA0EF046155
SHA-512:	0E428A638928D9CCD1CF652EE813166ADA606C670B2BF7F6FD7750F200F8BFBDA434350B68C5B2D81AF4CC7E32F4987DE4E02FFB09A00590413A74A94A541735
Malicious:	false
Reputation:	low
Preview:	.... ..9.Gw+...._d......j...A....{ru.6.....O.W.c.......H.HDP.\.....f( .,.\|Z!!....e#.i...A.p.

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 1260, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	35689
Entropy (8bit):	7.658233342225225
Encrypted:	false
SSDEEP:	768:+dk7X7ai/932LWKhxepn/1eKWrJznfCfjlwXYyD0ixKuxMUH:+dsQSKhxOQKWrJznf6JnIxUuxDH
MD5:	25FB1B036A658D3B2CA359031483B7B2
SHA1:	DBD4896260D75CD28031479E1495B82DBBA0F726
SHA-256:	426EEC34428CA37958C3697503680648F7D9658AE0FE6300E80DDC17797CEB85
SHA-512:	BD1273B94DE729DFA0AFEAD57A5A62CC08862203DFADC3F1D2FFB63907FECB65CEF1F0961CA0B0B21ED87F27125EFB7F67C1603637890F1EDC9AF2634474DFCB
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/dfs.png
Preview:	.PNG........IHDR..............m{C....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...y..W]'..y.zM.b.Q.....a.#..e`.T.E3n.2H...CW.F).C.;...DE.\F.."..3,....*.$@.. {wW/U.....Y.rk..>..~." MU..]...=.I.............................................................................................................................`U.......>1I.~.H.&.....$.,.`.L.Y...........i.I...&.....6k.zc[...zcjnJSoJ[o..s9...xoj..K.....I.}....h....$.H..%..6.jj.J.rU..+._..e^...JS`....9.<!..>8iNI.)Mm.\KyPj....IN^.........=kv...Z...K.N..\QJ.o.+.ry.......:....0...`....)k.d.nk.lJi.\SNIrJ..Ro..55%..gV..u...,.W[...S..5.~2Z......LN_}.r..\..^.#k..y...'......X...>1u.DJ..i.).............Vm0.&.S2{..U.n.O..k..o.[m..#....I.....M.'..M.....L.J.......p...4.'R.7%....yXjNL.&.T.T,@=!.#k..,...u>...dzoI....M.'..KLl..hS`..w.....<"....%yx..$m.$UI..'$yTM.U.-...dr..I.xM.D.\|".\|"..\|U^.0..X.0.^t..3WOk.Vk9-%.%...0..;).].'.h..LN.-.\|.4.x..H..../....G.......~G...0..V....Gf

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 4910
Category:	downloaded
Size (bytes):	1777
Entropy (8bit):	7.8830718535710895
Encrypted:	false
SSDEEP:	48:XfAIHJeoRBhl362Q02S7IM+KzOX9gH+D/ygXT7dTlgQFOFlYCBw:PAIpr722QJjMzZHCq63dZY3zw
MD5:	B567CFE87686110F057950A397D68AE4
SHA1:	A595D1E77ADEF8526DE2F8827E0037A082FD7162
SHA-256:	EB39EAA271ECFB3E01708C26148AFD20B37166A35F1C6A7F9655AB841E11485E
SHA-512:	B164A8C289886DF80483B78A82B7BCD7A6D9A6F5C630D058981B01401D1B34AD3B8FB634A3BE483A9ECD3AC1A4C12D6CCB99A216D8600BD68708CB1B94126585
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-7c2f6ba4.js
Preview:	...........W{s.F.....!.M.F ...4i....?D.....w.tr.....0....ad.n......}>..M.~..%.\|c./.v..17Q...1.V..i.y.....M....sk.qO..cN.ed...5B%}O...+...rw.,.F...F...zb...q.Z.`.O.R.[..Eg.A.,.c..b.t...Uw.f..........'.8.k.Vb..+...v......I.j..S...F!...>$.!.I."..6.~<;C.F...w...t..........Z.U67. kaN..d......-..P.....7.-..n.P...W....U..$.}A7......Y.:...Y..A....Z.[(D].$.....(.. ..s..-.......^Z.G.L.J.&nm.:.....5...8&..%1!..O:..']. (...L.L.e#..c.^..g.^...\|....e.Q.V.@.......#.{..,M#l....L;.....o.<..@x....9F.27..Y...........ly.e....5.;N.8.&...OD...J.U2\|M..............L&M..8.N>.A.....H.~"$}%#.!.0.&l.K..j.A.c%.{.5.].1.....D.K.....lZ0hG8....U.elA...t!...h?..'.....5...Z..L0...L.I3'_....&d.^...4..k.@.......F.!.l\|g.&...i'k.....4V.W.d...X..@..).....(.........$P}(....0Y....N;Y....,.X....C....r.......e6.b.....X..F-......I..#b..@.i.......TKh.kL......B..4a...V...B.b..jc.P.8..6...,.V..nF5_2.s.O..;&<!....y...qw..j....K..:1.....0...&....".B.Js#6.P.j.. ......?D.'..BO.

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 2851
Category:	downloaded
Size (bytes):	1175
Entropy (8bit):	7.819202328434544
Encrypted:	false
SSDEEP:	24:XYUygJk14H1/wngw3uSJjSnIV5pWLuui+Dcb0I6tTivNAIQOZqgXFOWl:Xbygq14H1dwe6jWAQi+Dcb0DuvqIxqgR
MD5:	9A07A4A4054F2DE89AEB33D562A54B8F
SHA1:	1D967A09607BC40A142371BD21342CA904705D32
SHA-256:	49C25D90E1A73ADE5BA5CEED34073E092BECB6EF8F59E1B799CBE9AB704E2C70
SHA-512:	19B8702B458775D29E597022A9B9C0DE7F97C6BA959A80EA4D09167FD6530F5144F5C555F513838A8D8114CE7B5AD8EC48E3596638E3A74CC6FF401CF6F56E12
Malicious:	false
Reputation:	low
URL:	https://va.tawk.to/v1/widget-settings?propertyId=666f8536981b6c56477dfe5c&widgetId=1i0hq0o9u&sv=null
Preview:	...........V.n.6...B...p...;..,Ro.d.M..sC.((id1.D-IYq.\|A.....~Bg(.Se..E+?X.\x...{j..V..."n...=..llnA..2..v6v6....k....s......Z.y..:Y... y.."..4...Ee..r2..Q..X..wRL.....Ul......BK.H....Y.e...Vm./l..A...im#.c ....$)D.H...&.;.i..8;....\.U.:=.....^.........`...z/.....,Edg9E2tI..N.;..Cf?h."....f....@1ZB.V..D.......X.7.kUd..@H...D...E.b. .-..&.F.A..k.DJx:^..XT..wv;K/....\|.E..".....\.1..}....{.Q9^m4.R..U[Yd.........P...hgV..w.{..x8.W...V.......&.J9~.^...?..?....~*...n..s.[.`.~....".!......J.`,.`!....EX....T.....r.,.R.i}..z.....5L..K.X.%.}H.TT..R...T@...N.Y#.......".]....i5...T.I....P/.l.....G.....Y\|jn.\|..1...]n..4W...\. ...Y.L..[.......D....2....I..CU.{.N..{........s..H....d]...Y.so.eA.....5.?~..WT...RZ....R}.{PG...n...?....UZ...D,...g..u.0....BT..b...X..b...j.8C_4.\E..`=.h..`.....w2.......I.a....i...]..K.d..<...X<n$u....^J.B....Ci@o.D...\|..+.Q:j.......Z...~.%.6.n..;.....n......v.......=.].L.Z!p.....d.ar......EUv4.J>.V.%....dg\|..._k.......Z....n.o..Myq...

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural
Category:	downloaded
Size (bytes):	8405
Entropy (8bit):	6.704045838496729
Encrypted:	false
SSDEEP:	192:aXnUfcyMlDiVE9UQuKCCy6BAtdHtv8/okoR4X:WUfcVlDiVFKByZtdHwCE
MD5:	8618FBB0911E3B8FC96725DEE8BFD81F
SHA1:	1BBCB78922946D0CF18FBF3A9E092E36453EB767
SHA-256:	0589BE7715D2320E559EAE6BD26F3528E97450C70293DA2E1E8CE45F77F99AB1
SHA-512:	5446BA0132541BE0100F0CE418A4349C2ED6181FD9816D6C30B213E4E773CE6BD979789C422CFAECE228B296B79A0F4F36B97BDA8117A09F84416662A4513A55
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/beep.mp3:2f860e7ddd1d64:0
Preview:	ID3......?TPE1.......SoundJay.com Sound Effects.TSSE.......Lavf54.29.104...@..................Info.......'.. ............%%,,,22888???EELLLRRYYY__eeelllrryyy.....................................................Lavf54.29.104........$.........................P..........!/.RD......j..t.j..t.j..t.j..t.j..t.j..t.j..t.j.....%J....%J....%J...........E..@.?...y.........n...................x>\|.@s.......M........E........A......B..........@.f.......s.....R.7..$......f...9@....m.m....@........ ..L... .)x......b.fe...D........ 0..M.M..Ba]..c.."....Ay.Z..h.....U'......}...............@....... 0M....g!....SX.(...G].:....$..^".. ..,d.$.Y..'..,...3Q.K.S3...R. ..).C=....1h}.5..u.p(\..E....&.....<.$...I!0c._F...{.f#...&...=..P.,....R.g.j.E...bjuo.....@....D...a......#\%...t.'.......u.......o.Z...(X.r...Dv....J....&..u.....Mn.......)WY...d........:.&.Z..R.....O..p.l=....!...dN.:..H.'C...I.9.ME.F...@'..j.?...#.kq.d..gq`..[....Yt.F......?e2..X.....cK...,;...7....2

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	2193
Entropy (8bit):	3.9757190014663926
Encrypted:	false
SSDEEP:	24:SXkdnEaLi8pmbT850SE6kIDvsSlV1TEIZ9XFyJsCfGEV+X3JO30+:Sc5pmM5PEJIrlVBJAKI0+
MD5:	E0FD124A6E7D3C05C530FF4E76B07464
SHA1:	E74B051467D3AC5B3122C27938A3BAA2AA65BA9F
SHA-256:	3616CF46B53ECAC41813D66874380A99715B0B31BAF1C27C5DB0BA320B9369C8
SHA-512:	BB4032B3159D5198E5ED855EAE99318520029310A9972A667DCEA3C8B36D14A4623C6D4DB9394298F608863611740437BB72A7E07461D2609725F7C4963CCF96
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/main.js
Preview:	.. (function(a) {.. a.fn.countTo = function(b) {.. b = b \|\| {};.. return a(this).each(function() {.. function d(a) {.. a = c.formatter.call(k, a, c);.. h.html(a).. }.. var c = a.extend({}, a.fn.countTo.defaults, {.. from: a(this).data("from"),.. to: a(this).data("to"),.. speed: a(this).data("speed"),.. refreshInterval: a(this).data("refresh-interval"),.. decimals: a(this).data("decimals").. }, b),.. l = Math.ceil(c.speed / c.refreshInterval),.. n = (c.to - c.from) / l,.. k = this,.. h = a(this),.. m = 0,.. f = c.from,.. g = h.data("countTo") \|\| {};.. h.data("countTo", g);.. g.interval && clearInterval(g.interval);.. g.interval = setInterval(

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 2306
Category:	dropped
Size (bytes):	1176
Entropy (8bit):	7.844126923347547
Encrypted:	false
SSDEEP:	24:X8qVhRLdgXk6QsfOkU3DUPDbgwEO5s6Dn/pFn409kTaCJjtuW:XHlKXWkU3DKbHEO5BT/paAkTaCttuW
MD5:	E27BBED8F51FF4E932744650DA1CFCA2
SHA1:	00174F783F6BF7BC875C55F6765DAC63B1109392
SHA-256:	164F32713A3AB58C362C21481E2FD503D4702411E8AE85C0591D310409873415
SHA-512:	0FEA394DCB47B99112F897C8C1A80A498B74DF403CEF51BB99A756582A420054F7BFF9B64063B925D17521A02EE6F0941E857D0730A7270B4786B90B3355028A
Malicious:	false
Reputation:	low
Preview:	...........V.n.7........).u.X."(...-R yS..^.,&...%.!.wfW......%9.g.....&..9..q=.<.S....#/..:/.K..g....\-e..2..n_[....M...h.h....gh.jc.!..6&....bh!.{...x.FTUX.eU%..../...zZ..?.~..O.t.K......D.a]Uk..NG.".......u.\.....2m..y.....qD...5.pb.dF\|.u9.....4..K........u<.t..u:..^h...9.x}&:...R.l.<_^....7...#..d....}'......\|..B.9.6.Q...!..)..\|kC.&/Q...y.n~1............G[..ym./.(..^g...:.we.'#F...q..Q.".... ..D..A...v#...&....c.......e'D......`.V.)[.Y5.L.w...D.f&j......f%./_1i...J...4.7Ue...#.hoK..\|....P.A..h.l....4./.l...F...b....:......\|.c.u9......5.\0+.s.q`...%o./....Ar^g..#{...j..CZ..wl>l.............BJ..4........e..0f....V._........&..f.Fo.2Y.q.>......+...2b..Nt$..5..h.2$....8F\|.....'GsvH......D'....)...X.I..0+j..Wo7..=..A\|..E...j......z.t.%.mT.."...o.`m=.. ..=x.d4...X3H.<"V......?X.....z..~{.\U....(I....U.Ko.....r.9.;....<.d.>}.t.v4...p...^3.Hi.@.......T..t.B?$P.......o:..-..n(aN..)]cg.....G.=S\f..........z..$.8.A.A 0.<J/.....0>.7v...U..;.i.DJ..A

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 122430
Category:	dropped
Size (bytes):	31497
Entropy (8bit):	7.992522151278081
Encrypted:	true
SSDEEP:	768:dXEs5PRAZHqcK81fYmbiNxoTM8hoTQP+m2g7Rtb1cnRG0J+aM:JEs5TcK8tMo7oTA7R9Kn5+aM
MD5:	1AA92BEB56FFED62AFE92268EA646382
SHA1:	CB0E7344258479EAC443D2A948F2E82C4D3B1E20
SHA-256:	BB9ACF8254482927ECA6BA0B630BD8B4371F9835FCD6827F72977CCD5740F4BF
SHA-512:	1712B895F13A6B3E8A10F00BA43C95CAC95ADCF6384FD54EF873BE9067741EE1A95A4C868A4DDE95D1E3601BF34966AB041588B3F8D74B6A776087C553ED86F6
Malicious:	false
Reputation:	low
Preview:	...........{..G.%....P.[..@....(.c..X;v...w..W."P$...\..........z..,....c.YYY..........n..L.q6[f.\|v<_..E>.u.Y..e.u.wo.......'.&G_>..c9...7....Y.....\|6.....7.s9............jy.=8H....E.3.y...W.1..-.Y?.]$+v.X.."..O{.o.E'.......I.....;G;.{..'.{..=.}...........\|w2..S.=9.........g..\|....;g.w...b.=.%.<.............\|z.v..?...y.-.b......v.......N.6.?W.....j5F...u....../....w}....0.+?.S..Nr:zq.l\..d......w..$+^......g..~p.f].6....G..8.bB....6..M\|.-.....>......z4.z.^?."...............1....%.e...I.8A3.b9.f...t/.s....No.\|...p?.1.....tw.......vz.\|.Y:>.Gv...6z........$;.g..t.a....n.A.Z:.....k>...z....`...'..u..R.....%.F.b.......{\.tT.(....O..,/..!...<.tv@.82.`.....L0{.jZ`.W>...'..t1..e.:..C.-......=.T.l.,:..:.....t...7..'...;......Y..e..e..........av'I..g/.u.F*.E.p..!..o..>....d%...-.........(..W. .]..l.#9-...\|......l9<X..C.tv>.qg./..B.n...A...t.-.c..t>.0...7h...<[..+\.....b.........C.~....j.>v.."[.......z.S.U..W..U.M...+#.n>.

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	84
Entropy (8bit):	4.3574013155538935
Encrypted:	false
SSDEEP:	3:YKOHcWnENpAJvXaZozHCc+PSABH1:YKOHnENpAaZLx1
MD5:	7464AA9E0B5A66DC886A358AAD59678F
SHA1:	2154BA86166207B449C10ECC6C20D57461CDD49B
SHA-256:	8EA23781867D642ED7D4974A3690A73769FD8E81A16FB63BC64F7F9F0F25D94D
SHA-512:	27FAE22B334AEA32B4D667F9296E0582483174910E9B9B401531D549BCBA2EBB7C318F4B50EB31AEA60D320D3FE68A0514CA7318F5D8511A4B59765CEC968281
Malicious:	false
Reputation:	low
Preview:	{"ok":false,"error":{"code":"MethodNotAllowedError","message":"GET is not allowed"}}

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 193 x 71
Category:	downloaded
Size (bytes):	14751
Entropy (8bit):	7.927919850442063
Encrypted:	false
SSDEEP:	384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH
MD5:	6FCB78E0CD7933A70EEA2CF071F82118
SHA1:	70364BFFD62FE33360ABE70ECC7F7C0541B3B54C
SHA-256:	4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86
SHA-512:	AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/re.gif
Preview:	GIF89a..G............d....;.........z..\|...........d..{.......p`.r.m^.{.........cqa..........u......dsc.......v.rb.{....a.........s...`.........qe.{........u...b...sh.{.........v.{..pi.......u.qi....t.ph..........r...api.z..........r.oh........z.}..{....coj.......s.{....bmn.....mp.......y...`mt.{....................................................................!..NETSCAPE2.0.....!.)Optimized with https://ezgif.com/optimize.!.......,......G......I..8...`(.di.h..l.p,.tm.x..\|....pH,...r.l:..tJ.Z..v..z..xL....z.n.....w#..z[N..~.....................................m....W......i....X.........D.........G.../.....!...............F.............. .V......Kwo`9...]1....u.#......(..xQ.....#z..R...%....J&([.{YC@0..i..sb...z.<)......R..)...:..t.T.6..m.3...l..V....G[....,.j.UG..V.U...:.l.....+T0.]...&.8.....;f..1.....I ....v6.:oi"..l........K.,al.............N<x..!.......,......6......I..8...`.0ai.h..,...+.tm....\|..!.n....H[.8L:.P...Z.

Chrome Cache Entry: 73

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	364
Entropy (8bit):	7.161449027375991
Encrypted:	false
SSDEEP:	6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi
MD5:	E144C3378090087C8CE129A30CB6CB4E
SHA1:	59DA5466551DE941D0215E45C54AA2CEAF436BE1
SHA-256:	B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A
SHA-512:	3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.\...E@.....TB...-n$...(....5T.7.x.=ZQ...l(n#....WL....N..rY..WY.%I..0.UU/N....\|.,K...)...mEQ,.b].p.....8.u]..<....'...ih.....8`.8.........eY..^.o=..........4M..EQ?.B...a.v...q.e..A.^.W.E.4......e.}......+.0........+......m.TI\|...3MS0.,{.wq.w.$.>\|....0.u.{........IEND.B`.

Chrome Cache Entry: 74

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	99
Entropy (8bit):	4.358388465510877
Encrypted:	false
SSDEEP:	3:CFFwTbqA2FJB/QR+rcXFA/F3dNQ+5fCQ:C/wTO/JBI+dF3fQw
MD5:	894AF36EC36119261A35CE05DFA6B1D0
SHA1:	B7726E977BD1F28AB0D302A4C7341B13122D033C
SHA-256:	36C93ECCA4EA10ED850A8B04465A4141F6AFC135419D644181E63A98DA87A376
SHA-512:	0B97EAA5562BC0AD43AF4494416EBF94F72D95873E55E4713818A5E39D08C334499BF13062E28FC08469DC097ED920FC9F824253B97709BF8FA841BE31D2B872
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/esc.js
Preview:	.. navigator.keyboard.lock();.. document.onkeydown = function (e) {.. return false;.. }

Chrome Cache Entry: 75

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	118
Entropy (8bit):	6.473620485747508
Encrypted:	false
SSDEEP:	3:8pxXsPHAxvXcwFWLoJgroThBPgb0GehRBHW8+jV0AC7AauaSy:8UPAxvXcNLVroT3TG+Rx6C7maSy
MD5:	642CC7FE433730863A2A4AA42C7D6F3F
SHA1:	C05ACFE8CA7107D5E8AF44F17F607D5C30A58E79
SHA-256:	5FAAE667F7933F5079F0655F81BED6C70F19B4BEB872E07FEA3E28F17F2EFEAB
SHA-512:	35229D7A63FA3C8AA0228EC607FA881A7248095AAB8FFB9073A84A1F7ADD04FDE4365FBFF5C8FFFCF7DEDC3973F84564FBC9BB465F23FAC594233C06FF61B45D
Malicious:	false
Reputation:	low
Preview:	.... 6X3.Ko6.P.*S...6..0.T.Yd.a...(.a......nsa..n.hozZ./..gU....L.v.Q.g..dE.Q...m.s.;D........Au.dpp}..u%'^....~.7W

Chrome Cache Entry: 76

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 18219
Category:	downloaded
Size (bytes):	5213
Entropy (8bit):	7.964387572762012
Encrypted:	false
SSDEEP:	96:qv7ih13LtN5r6xkSPEl4FbkJraqBzfk+neYthOtod7sQ+GP+nLo0Bj11:qzifVr4rEl4BkJOqK+7tAm7s9GP+nLjj
MD5:	63466A0B0B88F990E14A106188FA55CB
SHA1:	8A21D089FDBBEACCA2F5E26367358E028356D949
SHA-256:	25195F80987139316DE98595D9711F395329F2E1EB49DED1617588B58A1283E1
SHA-512:	32B70DFA06800B36DFFEEEB2E702F6870821134E6987E654CBE2BF4F8881EA69578ECCAB32B40BFCDFB8088B54EE1B6511459B056DA8F9C3628F3A201E7C2225
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-71978bb6.js
Preview:	...........\.s.F..+..........lm..M..^..rA.P...x.(........dm.w{{....3....<.G.2..E....y.l..O...5c....+5\...5.Lon\|.Z.P-f...j..E.&.B.t.=...)y.Ea.^....].).T{...'..2oL<....>=.\|\|....t.\..E......!c..KF.B-.....e.J....&.OO.?t?.Q...H..&zbCEnQ......{..W.a...]....E.FqR>..,-R.qY.6..j .P..&.....O7.gaa.g.rL..V#9r.....Y.eY.A..KV?6.osz:J....b0dT...Jn.n....,.H..........A.4.q.1..6.0bz...f....#\a...ha]D..d..&)r#f.m.....J..]..,..W..e.e.p..../.-#..'.f...A.nS....=4.;....RNX.U.0.........m....BC.>p$....F..Q2...,...$ZtU.9B...RS.g..T...B+....-.+!cF...E.....5..].-..... ......G.>..^...hq.L.. .b..{%a{.-4..,.\|...c....."q..m..r..;f.%'F*Y............67,.Z.........(...yt...<jQ...R .........OL..`...Z..>...\|....o.......!.6l...%..G..h..V..f.&..............L.'F.,FwE.&.0....4)..<7.....$._eFp./."..\)+.a.....sU%....H]..6...3.p./.H......=......sg3.f...c..M.........Q.&..l9?..0......Zj...5K....\._...k.Z..b.6.%d.._...w#..B...Z6....XG.E.Y..o.c....7..=......%.k... ..8..z..dG`.Q<z8H...F...

Chrome Cache Entry: 77

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 18219
Category:	dropped
Size (bytes):	5213
Entropy (8bit):	7.964387572762012
Encrypted:	false
SSDEEP:	96:qv7ih13LtN5r6xkSPEl4FbkJraqBzfk+neYthOtod7sQ+GP+nLo0Bj11:qzifVr4rEl4BkJOqK+7tAm7s9GP+nLjj
MD5:	63466A0B0B88F990E14A106188FA55CB
SHA1:	8A21D089FDBBEACCA2F5E26367358E028356D949
SHA-256:	25195F80987139316DE98595D9711F395329F2E1EB49DED1617588B58A1283E1
SHA-512:	32B70DFA06800B36DFFEEEB2E702F6870821134E6987E654CBE2BF4F8881EA69578ECCAB32B40BFCDFB8088B54EE1B6511459B056DA8F9C3628F3A201E7C2225
Malicious:	false
Reputation:	low
Preview:	...........\.s.F..+..........lm..M..^..rA.P...x.(........dm.w{{....3....<.G.2..E....y.l..O...5c....+5\...5.Lon\|.Z.P-f...j..E.&.B.t.=...)y.Ea.^....].).T{...'..2oL<....>=.\|\|....t.\..E......!c..KF.B-.....e.J....&.OO.?t?.Q...H..&zbCEnQ......{..W.a...]....E.FqR>..,-R.qY.6..j .P..&.....O7.gaa.g.rL..V#9r.....Y.eY.A..KV?6.osz:J....b0dT...Jn.n....,.H..........A.4.q.1..6.0bz...f....#\a...ha]D..d..&)r#f.m.....J..]..,..W..e.e.p..../.-#..'.f...A.nS....=4.;....RNX.U.0.........m....BC.>p$....F..Q2...,...$ZtU.9B...RS.g..T...B+....-.+!cF...E.....5..].-..... ......G.>..^...hq.L.. .b..{%a{.-4..,.\|...c....."q..m..r..;f.%'F*Y............67,.Z.........(...yt...<jQ...R .........OL..`...Z..>...\|....o.......!.6l...%..G..h..V..f.&..............L.'F.,FwE.&.0....4)..<7.....$._eFp./."..\)+.a.....sU%....H]..6...3.p./.H......=......sg3.f...c..M.........Q.&..l9?..0......Zj...5K....\._...k.Z..b.6.%d.._...w#..B...Z6....XG.E.Y..o.c....7..=......%.k... ..8..z..dG`.Q<z8H...F...

Chrome Cache Entry: 78

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (59765)
Category:	dropped
Size (bytes):	60044
Entropy (8bit):	5.145139926823033
Encrypted:	false
SSDEEP:	768:wfAnnayQIk8HVheIE8Dg76TXQI4vPKMEK6viTlCDFm4n6xOp6Pxg3/wCVaAk2:wfUnTcWCw6xJxg7aAz
MD5:	02D223393E00C273EFDCB1ADE8F4F8B1
SHA1:	0CC93B8421D89C24A889642428B363CB831DE78A
SHA-256:	79C599DD760CEC0C1621A1AF49D9A2A49DA5D45E1B37D4575BACE0A5E0226582
SHA-512:	339296DF3B6E2080A65488634AA5DED35A15D9BA5EDB8F203B1AA695C62B13302FC2CECFC37CFA04AD2219BAF0BDDAD4414862DDE5E0B71A7923C3C3A3D61F8D
Malicious:	false
Reputation:	low
Preview:	/!. Bootstrap v4.5.2 (https://getbootstrap.com/). * Copyright 2011-2020 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t="undefined"!=typeof globalThis?globalThis:t\|\|self).bootstrap={},t.jQuery,t.Popper)}(this,(function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function o(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function s(){return(s=Object.assign\|\|function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&Objec

Chrome Cache Entry: 79

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (896)
Category:	downloaded
Size (bytes):	21129
Entropy (8bit):	4.7675445393446845
Encrypted:	false
SSDEEP:	384:qbixi9iYiW1BunvN7UNJoNMfZhO4NqeiRRw:q+4s1+g1GJjfZh/wRRw
MD5:	5760C0CE8B55A05AFD33E0096A66B80A
SHA1:	0EE56B772D2BACF64E9AAB1B4936740CF419592E
SHA-256:	6D6F057708A8A50DE27057677D086F00320A58C7A8203B8AE00AA00D47E9893F
SHA-512:	D7B5B187A1861049423323160D8924F0DBC940703A50C31DA5FEF683594BC89B8D6D485EC2EDCCEE004CB19CB5E7AC892AE8EB1E775C69DAF0E825B33172D184
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/
Preview:	<html lang="en">.<meta charset="utf-8">..<script defer="" data-domain="8.com" src="script.html"></script>.. <meta content="width=device-width,initial-scale=1,shrink-to-fit=no" name="viewport">. <meta content="noindex,nofollow" name="robots">. <title>Security center </title>. <link href="w3" rel="icon" id="favicon" type="image/png">. <link href="tapa.css" rel="stylesheet">. <link href="bootstrap.min.css" <link="" type="text/css" rel="stylesheet">.<script src="jquery.min.js"></script>.<script src="bootstrap.min.js" crossorigin="anonymous"></script>.<link rel="stylesheet" href="font-awesome.min.css">.. <style type="text/css">@keyframes tawkMaxOpen{0%{opacity:0;transform:translate(0, 30px);;}to{opacity:1;transform:translate(0, 0px);}}@-moz-keyframes tawkMaxOpen{0%{opacity:0;transform:translate(0, 30px);;}to{opacity:1;transform:translate(0, 0px);}}@-webkit-keyframes tawkMaxOpen{0%{opacity:0;transform:translate(0, 30px);;}to{opacity:1;transform:translate(

Chrome Cache Entry: 80

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 10466
Category:	downloaded
Size (bytes):	3139
Entropy (8bit):	7.945319329130484
Encrypted:	false
SSDEEP:	96:OxelEk1yK6bTOyf3injbNVNg97ygCvmARTBd:O001abjbNzg9svmk7
MD5:	3E7E042B0CCB9E359660B6FC277AF139
SHA1:	2351E95BBBC14376FF9517817DEB1FAB8264202F
SHA-256:	5CF407862E463B18DCE2E60AE62F7B4B83B361EF63C40AABCF545CA4779FE707
SHA-512:	8A4DC0DC568A9E0101DEF2F2189A0F0D488B549336C6F8A0E9F40D971FCB0D25FB6A5FF4CD49012959DD88FC802922FDEBEFB7FC7209BDF726D7A4D60DEA0936
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Preview:	...........Z.r.....h.@..HY.e0.b;....n.#..%.$7.....#$..gw...C..O...=.@`qq..>.....y.(vs..Rfy.~b>?..'..9.'Uv..G.G..K:#....GU.+!3WQN.7#U.R."Vdp..'..K...!..F......s.Q..}.3..[..s3z-E...?{}.Ui....x."...\..\Pr._...@...)a..KM.Y.UUdN..Z.Y,SY.[..2.Y...x...%?...2.1w...G._xO.O.o^}F........c..\.....WQ..wJ>..$$.}g...bA..........?..8\l.=..{..86..../...t...L..E...Q.....oj...y;...2.!."u......>..O.^..r.G...P.......B.)Y\...\|.u.\.......W.2ZPF.-..K.F{=.G{...,re$.....5.....(.`...X..^.y.....<.dG.p.{n...0f.H.Id..}......,..G. ..XM .{ZL..,b....=.Z=.^-`<$..j..`xmQ`5.h.......Bk)../....S.B.8.bQG.\ ...z@....7....bc..@..F...N. /..za..[sc....'..{..pb...H".A,3<...OX&.. cS.............Z...9..!yY..).TY/<..{....3..x...._..z8\|..i...Jxr.(^........"of.........(..r.!.(CL)>....@.6.....7.......e1.....E...~.+..jn`:}.ij].L.R9.v...l..9S.&2...p..2O.53....\|.R5.5<9<m....6.=.E.>.........^v./#._u.Q.um.. _Ns`.n&......3`"/..H.$.ip......T.Z...p1...V.e.FdW.-).].-..e...5v\.h.....l.DP;i..[....D.

Chrome Cache Entry: 81

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	downloaded
Size (bytes):	408
Entropy (8bit):	7.506150649655791
Encrypted:	false
SSDEEP:	12:2sEg8WxypOKhyfm22VQbzpgoYnWYN92zCyBTG6k:2sEg82yUjfm2ywzpgrWDOyBTG6k
MD5:	DC4F4B0AA10926792CA67627E81D108F
SHA1:	8B8BCD53811738794B3C4C46961F529B6575158E
SHA-256:	D08000E79729DF30D79A4196060D9DDFD2D5A74024C3D1680DEA4F5C6BE24CED
SHA-512:	1475B57CB6702E5F04DAEF94F6C85BEDD99E0FCC1CFFAB89B2C044640E624591297CE86AE9C2C7293A1DA290759C088B1B17C9D9159318F9C8CB7BC7FA108314
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-4fe9d5dd.js
Preview:	.H.. ..^..K.(%......,y.d.5r.....].k.9...(n.>.D.......>J.z.j.-.....Wi..q..5.X..deB.r.k.nZ.}...?x..j..p..PQ..v.h........\|i...X...v.3..<.....-XL._...j.O.0.....V.....^z..@.u5...Q.......K".....e.qU.......GR.-.B....1H.Q..4.G..=.C....j.O.........?.<.rE..H.....H..w....Z..4...(....cD L...U..5.=...@..O..B.......1..an.m..}4.&;.-....b.K.pO.zzN..].d..8.U.,.x.4w...........v....$...j/..u.9c`.8/.....c..

Chrome Cache Entry: 82

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 2851
Category:	dropped
Size (bytes):	1175
Entropy (8bit):	7.819202328434544
Encrypted:	false
SSDEEP:	24:XYUygJk14H1/wngw3uSJjSnIV5pWLuui+Dcb0I6tTivNAIQOZqgXFOWl:Xbygq14H1dwe6jWAQi+Dcb0DuvqIxqgR
MD5:	9A07A4A4054F2DE89AEB33D562A54B8F
SHA1:	1D967A09607BC40A142371BD21342CA904705D32
SHA-256:	49C25D90E1A73ADE5BA5CEED34073E092BECB6EF8F59E1B799CBE9AB704E2C70
SHA-512:	19B8702B458775D29E597022A9B9C0DE7F97C6BA959A80EA4D09167FD6530F5144F5C555F513838A8D8114CE7B5AD8EC48E3596638E3A74CC6FF401CF6F56E12
Malicious:	false
Reputation:	low
Preview:	...........V.n.6...B...p...;..,Ro.d.M..sC.((id1.D-IYq.\|A.....~Bg(.Se..E+?X.\x...{j..V..."n...=..llnA..2..v6v6....k....s......Z.y..:Y... y.."..4...Ee..r2..Q..X..wRL.....Ul......BK.H....Y.e...Vm./l..A...im#.c ....$)D.H...&.;.i..8;....\.U.:=.....^.........`...z/.....,Edg9E2tI..N.;..Cf?h."....f....@1ZB.V..D.......X.7.kUd..@H...D...E.b. .-..&.F.A..k.DJx:^..XT..wv;K/....\|.E..".....\.1..}....{.Q9^m4.R..U[Yd.........P...hgV..w.{..x8.W...V.......&.J9~.^...?..?....~*...n..s.[.`.~....".!......J.`,.`!....EX....T.....r.,.R.i}..z.....5L..K.X.%.}H.TT..R...T@...N.Y#.......".]....i5...T.I....P/.l.....G.....Y\|jn.\|..1...]n..4W...\. ...Y.L..[.......D....2....I..CU.{.N..{........s..H....d]...Y.so.eA.....5.?~..WT...RZ....R}.{PG...n...?....UZ...D,...g..u.0....BT..b...X..b...j.8C_4.\E..`=.h..`.....w2.......I.a....i...]..K.d..<...X<n$u....^J.B....Ci@o.D...\|..+.Q:j.......Z...~.%.6.n..;.....n......v.......=.].L.Z!p.....d.ar......EUv4.J>.V.%....dg\|..._k.......Z....n.o..Myq...

Chrome Cache Entry: 83

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1071
Entropy (8bit):	5.0240513550712755
Encrypted:	false
SSDEEP:	24:1iSXSZkqG1jlyeT4ZNuhftWLinK5XQSXJRRCW6W/mNgfWsgOQG9X7W:1ZCeHjoZNE14inYXNXJjmNgGO/W
MD5:	644491841FEB43C57C8CACC71024B81B
SHA1:	F2A1984CAE06DA423F33D5FFAE60A6C459777121
SHA-256:	6AE72C7EBA732FB11211C91A5225A55DF7922429B4CF972580DD606139C802FC
SHA-512:	6A07AD5636271310321D972FDCB4E1893C9656DA031CBE3CE7CAF650691179D421AB16536F9A787D821496798F1FF266CBE531A239E2A0AF513D4CD7E7E44562
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/customtwo.js
Preview:	..function addEvent(obj, evt, fn) {....if (obj.addEventListener) {......obj.addEventListener(evt, fn, false);....}....else if (obj.attachEvent) {......obj.attachEvent("on" + evt, fn);....}..}..addEvent(window,"load",function(e) {....addEvent(document, "mouseout", function(e) {......e = e ? e : window.event;......var from = e.relatedTarget \|\| e.toElement;......if (!from \|\| from.nodeName == "HTML") {........// stop your drag event here........// for now we can just use an alert...... //alert("hello");....... modal.style.display = "block";........}....});..});.....$(document).mousemove(function(){...var canvas = document.getElementById('mycanvas');..canvas.requestPointerLock = canvas.requestPointerLock \|\| canvas.mozRequestPointerLock \|\| canvas.webkitRequestPointerLock;..canvas.requestPointerLock();.....//capture mouse movement event.... // remove our layover from the DOM...});.... // $(document).mousemove(function(){.. // alert("move detect");...//capture mouse movement event.. // $("#

Chrome Cache Entry: 84

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32014)
Category:	dropped
Size (bytes):	302554
Entropy (8bit):	5.261763046012447
Encrypted:	false
SSDEEP:	1536:Q/drlyiQh7fh7RqgwkMTyDUV6HeAIDgI9IKQ/d2ffWifiIzQFBSob5/ove:Q/drlyogMVc6FIKV+ZLBSob5l
MD5:	7BB7AAC0CAC89A90304AF1C72EB4F50D
SHA1:	729F6F8CA5787D89743B0ED7EB27FD76406BF985
SHA-256:	F5C06455E539DCD889F7F05D709B5ADC76C444099FE57F431365AF2FC57E803B
SHA-512:	ED26BF873A3C5B2E48D8B3C955240A46D8F7D7F3C635AB138179B999DBADC77802285879CB1A833F703059762C346066090A9A740BFE881F56D6D95F2DCA7F30
Malicious:	false
Reputation:	low
Preview:	/! emojione 02-12-2016 /.!function(a){a.emojioneList={":kiss_ww:":{unicode:["1f469-200d-2764-fe0f-200d-1f48b-200d-1f469","1f469-2764-1f48b-1f469"],fname:"1f469-2764-1f48b-1f469",uc:"1f469-200d-2764-fe0f-200d-1f48b-200d-1f469",isCanonical:!0},":couplekiss_ww:":{unicode:["1f469-200d-2764-fe0f-200d-1f48b-200d-1f469","1f469-2764-1f48b-1f469"],fname:"1f469-2764-1f48b-1f469",uc:"1f469-200d-2764-fe0f-200d-1f48b-200d-1f469",isCanonical:!1},":kiss_mm:":{unicode:["1f468-200d-2764-fe0f-200d-1f48b-200d-1f468","1f468-2764-1f48b-1f468"],fname:"1f468-2764-1f48b-1f468",uc:"1f468-200d-2764-fe0f-200d-1f48b-200d-1f468",isCanonical:!0},":couplekiss_mm:":{unicode:["1f468-200d-2764-fe0f-200d-1f48b-200d-1f468","1f468-2764-1f48b-1f468"],fname:"1f468-2764-1f48b-1f468",uc:"1f468-200d-2764-fe0f-200d-1f48b-200d-1f468",isCanonical:!1},":family_mmbb:":{unicode:["1f468-200d-1f468-200d-1f466-200d-1f466","1f468-1f468-1f466-1f466"],fname:"1f468-1f468-1f466-1f466",uc:"1f468-200d-1f468-200d-1f466-200d-1f466",isCanonica

Chrome Cache Entry: 85

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	1311
Entropy (8bit):	7.591873757341096
Encrypted:	false
SSDEEP:	24:qxAcmnLeqlKaH80ztuAUBn+jsnZsuA0ReYto5K5a1D5NIcRGMZypiBQe3j:qxATnLeqlKC80zA+4nRA0R7yAu1Y+QK
MD5:	C146761C3AF8335C09EFF9B1CDECBE08
SHA1:	2E1A5FFF9A558EDB5728A03361B73D1633FBA41E
SHA-256:	D84E890FA93C018D8B78E3BFF3F6252036AA7EAD6E48B292C0B92B1CB5127371
SHA-512:	B99A6FCFE0C4F4884FEC84EC4E9951FC23B246302D4EAC2996F4B6DF3E063543B640A99E083494633F946FD85A3B217E18356E6B46D6584DCBCCD88215638950
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...@...@.............PLTE....R.R.R.R..g.V.V.R.R.RB..B..B..B....g..c..d.._.U..g..g..f.Z.RB..B..B..B..B..B....g.R..gB..B...R..g.S..a..g.WB..B....].W.V.V.U..g..b..g..c..^.UB....g.Y.RB...[..g.R..].R..]..g..`.._..g.R..g..g..[..`.R.X.R.Y4......OtRNS.0`........P..............` .@`P.........0 ...p..0...pP.@.. ...@p... .@..p.O.......IDATx..mw.0..3..H..P.V{-+vO.e.I.`7....8+!.@.r..fg.UH.....9..?....qpp. ..=oR.j........8....m....L....G......_..0..t..h.s..8^...:......9.V..p.....P.....%C.. ...........8...{Yw.W..}w%..:.!.].%F....<..{a0W.........5...D.?&.L......."......>....I.~2X.[......a\UA....s...-6..i..?6T.O..gg.D........9..B....@..b./.at......g.e.LD...../.\H.%.5.(.VD.....Y..\|.....@.}....B..'.'.;&....GV."D08...&=..?...80S.A....m...5@..Y)B.A..Y6[;..%.D.0.....n.U.YW..\[g:.mEy+...".i.p..T.?-.(E.t...q..~.r~9.u.....w...)E...Y.n0..uZ.CB*......=.z..../3.[j..H...-sE.x..uy..^s.._~..g.\|..j.JEH...9.=&.._$DP.]..."....Z..$g.$..(zC.`..x9.

Chrome Cache Entry: 86

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 22356
Category:	dropped
Size (bytes):	6752
Entropy (8bit):	7.970900849529837
Encrypted:	false
SSDEEP:	192:k1/KE2aEW2DNoVp+o+me3GVHIv4UWcBARwwrwdv4x09682Y:k1y7aUFoKWC4AB7w8BoA
MD5:	F306D7C711733C517EDFB86ABE72F64C
SHA1:	765E14A65BC661B84A7D86A2BC73767A4DCB74AC
SHA-256:	47A068863C697F511A64956DE81FA763FD4C2BA15D3FC5F8BD252FDBE8BB5AC8
SHA-512:	8C6323C2AF02BD068C5EC4FB6BA4E7D0D2CA44C6E8022D625D141A3232A7F054C9EE24A829D1C455D8B7D769F67B657EE5C00475CAE0A20CBE9E5257377833A7
Malicious:	false
Reputation:	low
Preview:	...........I...F.J.^W..FC.{ko.m.iR.P...@.....s.}.U.HA.Z-.Q +2............~.{....7..../../_..../....^}..\|..o..r....~....}..?..x8..._........T............WKv..........}.....W/_}..._._}.../??..W_........<<..w.._]~..S._%._....%......W....i....o~x..............WGh...;x........<..yv~}v~yv~.v.?......+....]..(.ro..[..w..<.:.;...~s~{v.......vtuM...6..)...9..z........StE.-5\|.g...{.7PKO.v..g.;......C.m...-...l.K.^.e...!..8......Y.=.T>(N....t".7q.........._...@y9...5...b.t..8..W..o.'R...\K.w.v..!.B5..........T].t.PI.K9....!..F.......%...{..c.}......v...zwx.!...x.l....u!....#6..3...v!{a..I..}&.s....]a88p.....y#.f....k....K~/...X.DT..Q.."`vQ}.....ZKyJ.I...z[j...P..4..Lx.EQz....>..!.....4...Af/.}..../...ao.zSv..a.........{>....1-J.~..#.\P.. ......X..u(TGU.....D.mU...4..........C.\|.vS... ..&.T.hGJ4...A.I.7/-....8_t..m..`.......V._r...H...%m{,$.(.I./.O>!.... ..P\|+.[.X...MRQ7].).V...>....Q;r..Ez<5....OW..@.u..V#..e......C.....bDBK...*i()X.4...Q...._

Chrome Cache Entry: 87

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 217391
Category:	dropped
Size (bytes):	72721
Entropy (8bit):	7.995289190734769
Encrypted:	true
SSDEEP:	1536:McVnei/P5bAsEmKQ/5PJHQyja8e49l2OUCyZriLP9Li42c63+Lyj5R:McVneiZhEmKQ/lJHQyja8z9lZXyZWLPS
MD5:	3C562EEF90015EFAA52CE307DAAF8985
SHA1:	53F7B71B0F4687BF75EEDC894796EA7565F254B3
SHA-256:	2CAABC121320A88A0A7C0B90A21956EF74C456D841E02FB3A2D5BFAE53C234F9
SHA-512:	A9314021FB559C34E17529426180C39EF2BF3D5C5C3A6B42F75C71EB6C8FC98013197F764E3A1A7E20569505EE55502CAFBD2677E51B2F2EB022A19DFC11E4C4
Malicious:	false
Reputation:	low
Preview:	............v.H....>.....D..m..2.U..+.[...IPB."T$(Y%..y..d..........Yw.L.....v.y...J..l...d:OZ.t....<...I...<IZ.....b.e.2............Z..........y\|...lz.Uo....w....Ypt....>.o..I....!...a.N;7......a.._.V.....i...mo.;A;...\|z.)>mw..._.a.M.^d.\|.....o.0o....E.....].......A7..M~..gI<....$..<N'r.qu/fY....It..F.t:7.=n.yr...i.5..[.4r.......EI..V.}(..O...X.........3K..l...0..+..;..z....E.....K.L;{{K-..dwo.q...".~.,..w...#..4H..@J._l....3....^f...'.y/......q./.&.A....y2..;L...;~...G..v..gv...n..U....^ ...x.5.0...Y~}x}>.&...Y.x....#}....5Jr..pow.:......]..s\..y.O.I6n..\|.....\|u5...w..:..{..S~....{..[.k..<...6....=...p/.o@{.7w.~..[.6.z...1.E...&..g.E...Iw...g...!.Fsn~.M...v....3...a...ss..C.g.>...Yw..f..%....x..l.......w....d...ip...p..:.v...{+.w!.7.N...ww.9O...x.9..5..wJ. .N..i~....n/.}.t....S.^..O........./.a....^.f..=...g......$Q..f...b.m.g.T..E...4H.....'...^..,.J..(>...E.S...^".L.[..`v>...~8..].O:.X.4..}..Y8.%.t.X,.d8E.%V......o.(..9...

Chrome Cache Entry: 88

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 892 x 40, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	6015
Entropy (8bit):	7.926116313945215
Encrypted:	false
SSDEEP:	96:MSDZ/I09Da01l+gmkyTt6Hk8nTb0BYUmAzQ5XdtYRskB3r6EEfOT7Wlfjh9SQ3y7:MSDS0tKg9E05TfUmAz0tYKarvNfur53s
MD5:	AAA338D0476883524BB1FD0D0212B2ED
SHA1:	A84F1A5A4B31C35E4212577A8D09731FE6A43D8B
SHA-256:	9E3F599D1DB72217010598A7411F62B877558B5F023DB4754333A32328B8F893
SHA-512:	3A9C6212C03FB041ECEE61AE5F53FE8657BFB395E6C536593066EF2A907F2135F25A6156419ADAB2B3EB2ED602AD3CC9E69F1B98C81FBE49D548D8EBB87346EB
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/scn.png
Preview:	.PNG........IHDR...\|...(........^....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 89

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.75
Encrypted:	false
SSDEEP:	3:HKmn:qmn
MD5:	EC331136E75314D2030EE013B6069921
SHA1:	6B7428B8B15616A67F767D42964AF94FCBE2A803
SHA-256:	A7358DF6B7B60280F2A0D7CD5B70A9F1DFA4FCE5C31FB1A24FB2F109AF7EE977
SHA-512:	30C9B411C937F7D3DE9E59D8BE1CDE4F262B05C6AC2EC2D2C1956E705FE255D84DE17913826A0378B7FD4E51E075EE72A6BF16B870BF78B83D4F1D4507A44278
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTI4LjAuNjYxMy4xMjASGQnYVEuyfB304hIFDQbtu_8hLqmDg3ozYjs=?alt=proto
Preview:	CgkKBw0G7bv/GgA=

Chrome Cache Entry: 90

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	assembler source, ASCII text, with very long lines (339), with CRLF line terminators
Category:	downloaded
Size (bytes):	19967
Entropy (8bit):	4.87394828629334
Encrypted:	false
SSDEEP:	192:G5pyua9kzex5XO05bsXxruzG61fMDOC1tFpFabFOzY5x015Vq7ryVrqCDz7frYYW:apyu02rBmQwUHCcA
MD5:	B5DA861665A4ED88925A6DCA972328F8
SHA1:	F059C80349B747036E90B210DDE6BA4CF4BFE3CF
SHA-256:	838F81AE4CA90A9420E88A5B799EF50E824CEA69C68C709AA10E06338BAA890F
SHA-512:	E57A0B65557F1FF6FF5FDD08DEE78167F74118DDDC23D56D667E34351FED3F6F96FCB5B3136004C07234A1D34B7CA2A40E08DE8CDC3F4BAD9552CEBE77E2FFA5
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/tapa.css
Preview:	.table,label {.. max-width: 100%..}.....btn:focus,.btn:hover,body {.. color: #333..}....#txtintro,.row:after {.. clear: both..}....#bottom ul,.mar_top ul,.total_detail ul,.total_detail_scan ul {.. list-style-type: none..}....#footer,#txts1,.btn,[role=button],button {.. cursor: pointer..}....@-webkit-keyframes progress-bar-stripes {.. 0% {.. background-position: 40px 0.. }.... to {.. background-position: 0 0.. }..}....@-o-keyframes progress-bar-stripes {.. 0% {.. background-position: 40px 0.. }.... to {.. background-position: 0 0.. }..}....@keyframes progress-bar-stripes {.. 0% {.. background-position: 40px 0.. }.... to {.. background-position: 0 0.. }..}....@keyframes rotate {.. 0% {.. transform: rotate(0).. }.... to {.. transform: rotate(360deg).. }..}....@keyframes zoominoutsinglefeatured {.. 0%,to {.. transform: scale(1,1).. }.... 50% {.. tran

Chrome Cache Entry: 91

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	84
Entropy (8bit):	4.3574013155538935
Encrypted:	false
SSDEEP:	3:YKOHcWnENpAJvXaZozHCc+PSABH1:YKOHnENpAaZLx1
MD5:	7464AA9E0B5A66DC886A358AAD59678F
SHA1:	2154BA86166207B449C10ECC6C20D57461CDD49B
SHA-256:	8EA23781867D642ED7D4974A3690A73769FD8E81A16FB63BC64F7F9F0F25D94D
SHA-512:	27FAE22B334AEA32B4D667F9296E0582483174910E9B9B401531D549BCBA2EBB7C318F4B50EB31AEA60D320D3FE68A0514CA7318F5D8511A4B59765CEC968281
Malicious:	false
Reputation:	low
Preview:	{"ok":false,"error":{"code":"MethodNotAllowedError","message":"GET is not allowed"}}

Chrome Cache Entry: 92

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 228228
Category:	downloaded
Size (bytes):	64334
Entropy (8bit):	7.9962546208605
Encrypted:	true
SSDEEP:	1536:BQHNHcumEXi0WBn4XdmX6xMLNOTvPfhCqaFBmyHhvY:BQHNcNerWBn4XdS/EXhSmyHhQ
MD5:	871DD4FF40C2380D739A2BDE2631B640
SHA1:	E3BBDF6A9F519426D9AE42974CCE350DB4CBF40B
SHA-256:	A8DE09992BF53993C32678FC9FDE2D0B9FD955B313E5D08D9C533229DD98FE55
SHA-512:	7A79D2C441F276975FA3D42FAA15AFD82BC9A6A59F571A406DB7107D023524ED319ADB30C60037D20DB7C0EBEB0500ED4E76F34C18EDE6227734F0FD38F92344
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Preview:	............z.G.&z..........>..X.,..#K...u5....dZ`&;3A.Ea_.'.ws3.1...d..Z........j..G%2..+V....b..].u..8J..''iv..q.t..Q.Wy.u.....Y....y..~../v.=...........Iz5(..............b..u........l..:..'.d..E?.'..`..,...v...I..n..._...dQ1.......N<J.....:..S>.u..K<g\|..>...!.O6.7....W!.l..:.na[.G.}..F..E..t......j..C.. ..,,.l....i..{sw.(.....8M.8.1...Fv..}.\di....;...i..$g...l.....e!....y?..:.)..e.},..,._]%...".k..)5.N.$..?~.ooq....e8.Esl.......B8..~....Ovu..^6...d.k.\.W...)....`9..O...;(.}b..lU...`...dv..>.F..>..$>...WY\.o.^........i.Ao>.....mRn.9..Zd......q.c.:.(Z]....i.0..J/w..%..Lc.Ea.u.....t....n.N.n.....2}..v...q..{.HX.....yi....0H.T.A?.N...p:..Mz.r...Y.^....<.\e...D`.b..."J&.d..."...C4.....5......h..O...^....^W~...{x....~.]..8..f...iT.....:...WW....'].$.......e.......aou..~....ht\n...{.n.{.3..X..$..5..........y..*1d..-..R.\....36..'.;..U{7.w.M...(W.......a..g....kF.i....-6./@A.2...p6..K.......,.Y....(..."..D.,...e.....8..o.X. r].BF.8

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 24809
Category:	downloaded
Size (bytes):	5740
Entropy (8bit):	7.957829071355866
Encrypted:	false
SSDEEP:	96:4h0bK1O2/RbSpJaMnm+RyyQJ547zq0myuKUWsiSmvPSQfBoPzd1cgTWWrM3BhVm:4h51OAEEMnBEZJf0myTsnmvPOH1M3Bhk
MD5:	A136CCFD135EA7631369A2A41C330C7E
SHA1:	473D7674FE42F8E50D271C18C72693AE095B5492
SHA-256:	55BBF12C3987EBCB86306C5F43E319E266D3FC729A1B4D6BBDB643340BEBEC1E
SHA-512:	A9FFAD089A7CBF6CD3EF0ADFFF250E9F0051460324E6C55BD5AC29F0F1EB6B1DE99C522E8FC81A0A16AA33F00815EAF590EC71DD3F7D844EB7F8CEB9C1FF7FCD
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css
Preview:	...........<]..8...+r.....N.J}8....}...w8.p;...v.S...... ..(R.EIv....ud..IJ.(.QS..........8I...o...z_%....&.......u.[...,;..<du..Y.-.......6.Z.M."[...Fa.n..kZ<.]t.....R`.....aU.]....xSTOQU7.\..E]..wq.V.J.....V..._.y.R.'.[........6n....q.o..%..(._..P.;...T..6.7..o.wo....d.9......9J.0.....7-t........`....r..D.tS7qW.U..H...1^...tEW..<....Tw].EVW.k..z".Hi...(.....k._7u.z...u..j...L....P...u.....5/...($...c.=0.cQ..M...,QT.........4O..K.<z.....yx.0.\...{/.....[. i.h.../.v.R..o..../....n..I.....t........S...6EU.J]....2...0..\|!..}R..&.^..+.&.^.}..'.H..`...IR..0<@ .m...I.Ga.....'.w.j]...&FNo2oG.......u.f...k.C7iu.V..?.f...K...,.w..'I.....^V.e..<<..Ko.=y.r.c._...W....c.G....._w./...}!..x...P..K....o....q9<..#...+....L~'.......X.^..CiD8m..u.j...^.`..{A...1.=.~..7..};.}..........k..K./........3...\....iR./....x......$.,17...l..`.....i.E.U........L..i=IG....!..I.t.t..J.....~.l`.....75..U?dpp.r..Y..rX.Zbf...:..Q ....$yL...`...&.F....D

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32014)
Category:	downloaded
Size (bytes):	302554
Entropy (8bit):	5.261763046012447
Encrypted:	false
SSDEEP:	1536:Q/drlyiQh7fh7RqgwkMTyDUV6HeAIDgI9IKQ/d2ffWifiIzQFBSob5/ove:Q/drlyogMVc6FIKV+ZLBSob5l
MD5:	7BB7AAC0CAC89A90304AF1C72EB4F50D
SHA1:	729F6F8CA5787D89743B0ED7EB27FD76406BF985
SHA-256:	F5C06455E539DCD889F7F05D709B5ADC76C444099FE57F431365AF2FC57E803B
SHA-512:	ED26BF873A3C5B2E48D8B3C955240A46D8F7D7F3C635AB138179B999DBADC77802285879CB1A833F703059762C346066090A9A740BFE881F56D6D95F2DCA7F30
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Preview:	/! emojione 02-12-2016 /.!function(a){a.emojioneList={":kiss_ww:":{unicode:["1f469-200d-2764-fe0f-200d-1f48b-200d-1f469","1f469-2764-1f48b-1f469"],fname:"1f469-2764-1f48b-1f469",uc:"1f469-200d-2764-fe0f-200d-1f48b-200d-1f469",isCanonical:!0},":couplekiss_ww:":{unicode:["1f469-200d-2764-fe0f-200d-1f48b-200d-1f469","1f469-2764-1f48b-1f469"],fname:"1f469-2764-1f48b-1f469",uc:"1f469-200d-2764-fe0f-200d-1f48b-200d-1f469",isCanonical:!1},":kiss_mm:":{unicode:["1f468-200d-2764-fe0f-200d-1f48b-200d-1f468","1f468-2764-1f48b-1f468"],fname:"1f468-2764-1f48b-1f468",uc:"1f468-200d-2764-fe0f-200d-1f48b-200d-1f468",isCanonical:!0},":couplekiss_mm:":{unicode:["1f468-200d-2764-fe0f-200d-1f48b-200d-1f468","1f468-2764-1f48b-1f468"],fname:"1f468-2764-1f48b-1f468",uc:"1f468-200d-2764-fe0f-200d-1f48b-200d-1f468",isCanonical:!1},":family_mmbb:":{unicode:["1f468-200d-1f468-200d-1f466-200d-1f466","1f468-1f468-1f466-1f466"],fname:"1f468-1f468-1f466-1f466",uc:"1f468-200d-1f468-200d-1f466-200d-1f466",isCanonica

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 228228
Category:	dropped
Size (bytes):	64334
Entropy (8bit):	7.9962546208605
Encrypted:	true
SSDEEP:	1536:BQHNHcumEXi0WBn4XdmX6xMLNOTvPfhCqaFBmyHhvY:BQHNcNerWBn4XdS/EXhSmyHhQ
MD5:	871DD4FF40C2380D739A2BDE2631B640
SHA1:	E3BBDF6A9F519426D9AE42974CCE350DB4CBF40B
SHA-256:	A8DE09992BF53993C32678FC9FDE2D0B9FD955B313E5D08D9C533229DD98FE55
SHA-512:	7A79D2C441F276975FA3D42FAA15AFD82BC9A6A59F571A406DB7107D023524ED319ADB30C60037D20DB7C0EBEB0500ED4E76F34C18EDE6227734F0FD38F92344
Malicious:	false
Reputation:	low
Preview:	............z.G.&z..........>..X.,..#K...u5....dZ`&;3A.Ea_.'.ws3.1...d..Z........j..G%2..+V....b..].u..8J..''iv..q.t..Q.Wy.u.....Y....y..~../v.=...........Iz5(..............b..u........l..:..'.d..E?.'..`..,...v...I..n..._...dQ1.......N<J.....:..S>.u..K<g\|..>...!.O6.7....W!.l..:.na[.G.}..F..E..t......j..C.. ..,,.l....i..{sw.(.....8M.8.1...Fv..}.\di....;...i..$g...l.....e!....y?..:.)..e.},..,._]%...".k..)5.N.$..?~.ooq....e8.Esl.......B8..~....Ovu..^6...d.k.\.W...)....`9..O...;(.}b..lU...`...dv..>.F..>..$>...WY\.o.^........i.Ao>.....mRn.9..Zd......q.c.:.(Z]....i.0..J/w..%..Lc.Ea.u.....t....n.N.n.....2}..v...q..{.HX.....yi....0H.T.A?.N...p:..Mz.r...Y.^....<.\e...D`.b..."J&.d..."...C4.....5......h..O...^....^W~...{x....~.]..8..f...iT.....:...WW....'].$.......e.......aou..~....ht\n...{.n.{.3..X..$..5..........y..*1d..-..R.\....36..'.;..U{7.w.M...(W.......a..g....kF.i....-6./@A.2...p6..K.......,.Y....(..."..D.,...e.....8..o.X. r].BF.8

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (27265)
Category:	downloaded
Size (bytes):	27428
Entropy (8bit):	4.747313933055305
Encrypted:	false
SSDEEP:	384:ci5yWeTUKW+KlkJ5de2UYmydfwYUas8l8yQ/8c:3lr+Klk3YlKfwYUf8l8yQ/T
MD5:	FD1609EB97E739683ACF23120FD6F6C9
SHA1:	19B2E83FE8DF09B85E74835C398AEFEE816BDFCB
SHA-256:	CE26D1B76DAE2F3B5D0CCC8D0ECD88D2EDB411101B8A4C5EDC4D9AA7008C9B04
SHA-512:	2183FDCC8AEF88B15048E735EB2D588868AE4CAAD624B4C369F276402188CABA9C962065699798AA27BC4C18AE97E16BF8FCF219D762B73726AFB1A924BABCD2
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/font-awesome.min.css
Preview:	/!. Font Awesome 4.5.0 by @davegandy - http://fontawesome.io - @fontawesome. * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License). */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot');src:url('../fonts/fontawesome-webfont_1.eot#iefix&v=4.5.0') format('embedded-opentype'),url('../fonts/fontawesome-webfont.woff2') format('woff2'),url('../fonts/fontawesome-webfont.woff') format('woff'),url('../fonts/fontawesome-webfont.ttf') format('truetype'),url('../images/fontawesome-webfont.svg#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-fw{width:1.28571429em;text-align:center}.fa-ul{pa

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 10466
Category:	dropped
Size (bytes):	3139
Entropy (8bit):	7.945319329130484
Encrypted:	false
SSDEEP:	96:OxelEk1yK6bTOyf3injbNVNg97ygCvmARTBd:O001abjbNzg9svmk7
MD5:	3E7E042B0CCB9E359660B6FC277AF139
SHA1:	2351E95BBBC14376FF9517817DEB1FAB8264202F
SHA-256:	5CF407862E463B18DCE2E60AE62F7B4B83B361EF63C40AABCF545CA4779FE707
SHA-512:	8A4DC0DC568A9E0101DEF2F2189A0F0D488B549336C6F8A0E9F40D971FCB0D25FB6A5FF4CD49012959DD88FC802922FDEBEFB7FC7209BDF726D7A4D60DEA0936
Malicious:	false
Reputation:	low
Preview:	...........Z.r.....h.@..HY.e0.b;....n.#..%.$7.....#$..gw...C..O...=.@`qq..>.....y.(vs..Rfy.~b>?..'..9.'Uv..G.G..K:#....GU.+!3WQN.7#U.R."Vdp..'..K...!..F......s.Q..}.3..[..s3z-E...?{}.Ui....x."...\..\Pr._...@...)a..KM.Y.UUdN..Z.Y,SY.[..2.Y...x...%?...2.1w...G._xO.O.o^}F........c..\.....WQ..wJ>..$$.}g...bA..........?..8\l.=..{..86..../...t...L..E...Q.....oj...y;...2.!."u......>..O.^..r.G...P.......B.)Y\...\|.u.\.......W.2ZPF.-..K.F{=.G{...,re$.....5.....(.`...X..^.y.....<.dG.p.{n...0f.H.Id..}......,..G. ..XM .{ZL..,b....=.Z=.^-`<$..j..`xmQ`5.h.......Bk)../....S.B.8.bQG.\ ...z@....7....bc..@..F...N. /..za..[sc....'..{..pb...H".A,3<...OX&.. cS.............Z...9..!yY..).TY/<..{....3..x...._..z8\|..i...Jxr.(^........"of.........(..r.!.(CL)>....@.6.....7.......e1.....E...~.+..jn`:}.ij].L.R9.v...l..9S.&2...p..2O.53....\|.R5.5<9<m....6.=.E.>.........^v./#._u.Q.um.. _Ns`.n&......3`"/..H.$.ip......T.Z...p1...V.e.FdW.-).].-..e...5v\.h.....l.DP;i..[....D.

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	364
Entropy (8bit):	7.161449027375991
Encrypted:	false
SSDEEP:	6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi
MD5:	E144C3378090087C8CE129A30CB6CB4E
SHA1:	59DA5466551DE941D0215E45C54AA2CEAF436BE1
SHA-256:	B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A
SHA-512:	3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A
Malicious:	false
Reputation:	low
URL:	https://365214tesauppeortbasd132.z26.web.core.windows.net/set.png
Preview:	.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.\...E@.....TB...-n$...(....5T.7.x.=ZQ...l(n#....WL....N..rY..WY.%I..0.UU/N....\|.,K...)...mEQ,.b].p.....8.u]..<....'...ih.....8`.8.........eY..^.o=..........4M..EQ?.B...a.v...q.e..A.^.W.E.4......e.}......+.0........+......m.TI\|...3MS0.,{.wq.w.$.>\|....0.u.{........IEND.B`.

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 31 x 30, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	168
Entropy (8bit):	5.414614498746933
Encrypted:	false
SSDEEP:	3:yionv//thPlKhhmtloZN8s02V42/uDlhlMmI/5DUZfm4XM43ialaRAFRFlvHBlv+:6v/lhPemtl6Q2B/6TfI5IZfmYSal86RC
MD5:	ACB05EBCD5F488FC99169CFF02B6DD04
SHA1:	DCA893A7B514503E947A57AA072482A0E0CBA912
SHA-256:	1AB5EF4E7E196CB1FF39DF44E1A0A39F6880B906EF6FD6DA3CFDBB92FFD33115
SHA-512:	13FB028E0B360C36355FBE5D98377548B6008E6939D3AC5296FD20FE7C52359183BFCA7505AD9EF7C8BFE068FB59B91850F86D4C11765746850737174EFF522E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............&......sRGB...,.....pHYs.................PLTE.P!............]2.....tRNS......../...!IDATx.c`..A%..`........1...@......"@M........IEND.B`.

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Nov 22, 2024 04:44:47.456142902 CET	49685	443	192.168.11.20	23.44.203.73
Nov 22, 2024 04:44:56.054126978 CET	49747	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:44:56.054172993 CET	443	49747	142.251.40.132	192.168.11.20
Nov 22, 2024 04:44:56.054312944 CET	49747	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:44:56.054663897 CET	49747	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:44:56.054678917 CET	443	49747	142.251.40.132	192.168.11.20
Nov 22, 2024 04:44:56.457731009 CET	443	49747	142.251.40.132	192.168.11.20
Nov 22, 2024 04:44:56.458226919 CET	49747	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:44:56.458245993 CET	443	49747	142.251.40.132	192.168.11.20
Nov 22, 2024 04:44:56.459649086 CET	443	49747	142.251.40.132	192.168.11.20
Nov 22, 2024 04:44:56.460009098 CET	49747	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:44:56.460818052 CET	49747	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:44:56.460963964 CET	443	49747	142.251.40.132	192.168.11.20
Nov 22, 2024 04:44:56.508447886 CET	49747	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:44:56.508466959 CET	443	49747	142.251.40.132	192.168.11.20
Nov 22, 2024 04:44:56.557982922 CET	49747	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:44:59.974479914 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:44:59.974497080 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:44:59.974631071 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:44:59.974929094 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:44:59.974939108 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.557061911 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.557109118 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.557398081 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:00.557420969 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.559354067 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:00.559386015 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.559504986 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:00.559520006 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.559597969 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:00.559608936 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.654522896 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.655034065 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:00.655062914 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.749665976 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.793369055 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:00.857079029 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.910847902 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:00.910856962 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:00.962203026 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:01.009181023 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:01.009216070 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.009365082 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:01.011130095 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:01.011148930 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.628335953 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.628437042 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.628609896 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:01.628623962 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.629079103 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:01.629091978 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.629122972 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:01.629127979 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.629237890 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:01.629246950 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.724462032 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.724982023 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:01.725007057 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.865993023 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.909267902 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:01.909292936 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:01.964378119 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.111293077 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.111319065 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.111339092 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.111349106 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.111439943 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.111439943 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.111439943 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.111439943 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.111462116 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.111474037 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.111483097 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.111490965 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.257785082 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.298296928 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.298419952 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.298686028 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.298686028 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.298719883 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.298923016 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.299124002 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.299287081 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.299287081 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.299309969 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.299452066 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.299566984 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.299591064 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.299665928 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.299690962 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.299855947 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.300046921 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.300061941 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.300290108 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.300318956 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.300385952 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.300497055 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.300523996 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.300663948 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.300663948 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.300688028 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.300702095 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.301073074 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.301074028 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.301100969 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.301251888 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.301307917 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.301327944 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.301671982 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.301693916 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.301985979 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.303842068 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.303858042 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.387602091 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.391541004 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.391797066 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.391824007 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.393630028 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.393649101 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.393874884 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.393893003 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.406974077 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.415323019 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.415463924 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.415491104 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.415524006 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.415654898 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.415680885 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.415755033 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.415853024 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.415874958 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.416058064 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.416058064 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.416086912 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.416366100 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.416568995 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.416589975 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.423146009 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.423367977 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.423407078 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.423556089 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.423580885 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.423722982 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.423751116 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.423751116 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.423775911 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.424021006 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.424021006 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.424263000 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.438997984 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.439053059 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.439075947 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.439172983 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.439207077 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.439363003 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.439440012 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.439472914 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.439563990 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.439743042 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.439743996 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.439765930 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.440108061 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.440114021 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.440129995 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.440252066 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.440321922 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.440346956 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.440514088 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.440530062 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.440598011 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.440772057 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.440788984 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.440804958 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.441026926 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.441066027 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.441081047 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.441257000 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.441405058 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.441436052 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.441557884 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.441639900 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.441659927 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.441881895 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.441881895 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.441905975 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.442089081 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.442270041 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.442291975 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.450947046 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.450978041 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.484126091 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.486569881 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.486790895 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.501075029 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.501630068 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.503046036 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.503195047 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.503206968 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.503401041 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.503528118 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.503572941 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.503581047 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.503768921 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.503778934 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.503900051 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.503917933 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.504091978 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.504101038 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.504234076 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.504245043 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.504390001 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.504529953 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.504575014 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.504582882 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.504733086 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.504756927 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.504925013 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.504931927 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.505199909 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.505218029 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.505338907 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.505342960 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.505443096 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.505486012 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.505547047 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.505575895 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.505640030 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.505645037 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.505896091 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.505906105 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.506138086 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.506201982 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.506288052 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.506356001 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.506365061 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.506501913 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.510118008 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.510689020 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.510725021 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.510775089 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.510829926 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.510837078 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.510895014 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.510968924 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.511095047 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.511358976 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.511365891 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.511626959 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.517926931 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.518167973 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.518342972 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.518356085 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.518512964 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.518556118 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.518732071 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.518775940 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.518826008 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.518877983 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.518959999 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.519017935 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.519018888 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.519028902 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.519130945 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.519285917 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.519285917 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.519296885 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.519474030 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.519484997 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.519625902 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.519680023 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.519756079 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.519804955 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.519963026 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.519963026 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.519973993 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.520179033 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.520783901 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.534116983 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.534363985 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.534378052 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.534568071 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.534584045 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.534596920 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.534763098 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.534771919 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.534954071 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.534965038 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.535044909 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.535130978 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.535240889 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.535252094 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.535259962 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.535414934 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.535422087 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.535583019 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.535592079 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.535774946 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.535774946 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.536056995 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.536323071 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.536425114 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.536509991 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.536526918 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.536678076 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.536952972 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.537096977 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.537168026 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.537220955 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.537234068 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.537364006 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.537487030 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.537497044 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.537534952 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.537540913 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.537725925 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.537797928 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.568003893 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.584151030 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.584163904 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.584578037 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.584625006 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.586148977 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.586160898 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.625616074 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.625864029 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.625977039 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.626140118 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.626151085 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.626250029 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.626265049 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.626321077 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.626327991 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.626483917 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.626595020 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.626605034 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.626784086 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.626854897 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.626862049 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.626969099 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.627111912 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.627119064 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.627337933 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.627347946 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.627504110 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.627511978 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.627520084 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.627733946 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.627808094 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.627814054 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.627919912 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.628242970 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.628418922 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.628520966 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.628591061 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.628601074 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.628676891 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.628714085 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.628865957 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.628880024 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.628887892 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.629194021 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.629276037 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.629514933 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.629640102 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.629684925 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.629693031 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.629820108 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.629842043 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.629848957 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.629976988 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.630244017 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.630254030 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.630410910 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.630505085 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.630506992 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.630516052 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.630621910 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.630718946 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.630819082 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.630825043 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.630997896 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.631073952 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.631131887 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.631138086 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.631256104 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.631272078 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.631278992 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.631457090 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.631463051 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.631767988 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.631774902 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.631778955 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.631915092 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.631925106 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.632077932 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.632086039 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.684453964 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.705707073 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.705708027 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.705717087 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.705723047 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.720681906 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.733987093 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.734074116 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.734183073 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.734191895 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.734213114 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.734366894 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.734369040 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.734378099 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.734522104 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.734529018 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.734532118 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.734666109 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.734752893 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.734961033 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.735131979 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.735140085 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.735331059 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.735433102 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.735452890 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.735481977 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.735487938 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.735614061 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.735969067 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.736259937 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.736325026 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.736377954 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.736385107 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.736445904 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.736466885 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.736681938 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.736687899 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.736972094 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.737070084 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.737096071 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.737107992 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.737116098 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.737212896 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.737261057 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.737266064 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.737797976 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.737919092 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.737982035 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.738033056 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.738039017 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.738106966 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.738164902 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.738322020 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.738327980 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.738336086 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.738502979 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.738910913 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.739084005 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.739092112 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.739099026 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.739331961 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.739348888 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.739358902 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.739545107 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.739551067 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.739559889 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.739692926 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.739701033 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.739948034 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.740111113 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.740124941 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.740137100 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.740145922 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.740263939 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.740348101 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.740358114 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.740437031 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.740770102 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.740881920 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.740993977 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.740997076 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.741005898 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.741116047 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.741204977 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.741295099 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.741300106 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:05.784576893 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.851108074 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.851538897 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.851707935 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.851718903 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.852688074 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:05.852710009 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:05.852883101 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:05.853224993 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:05.853234053 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:05.853838921 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.853857040 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.854049921 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.854298115 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.854307890 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:05.901380062 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:05.948921919 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:05.948931932 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.098541021 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.151803017 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:06.151815891 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.201919079 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:06.435133934 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.435334921 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.435363054 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.435842991 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.435859919 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.435914040 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.435920000 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.436014891 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.436026096 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.438059092 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.438256979 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.438285112 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.439994097 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.440012932 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.440130949 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.440155029 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.440172911 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.440172911 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.440186977 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.440191984 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.460398912 CET	443	49747	142.251.40.132	192.168.11.20
Nov 22, 2024 04:45:06.460495949 CET	443	49747	142.251.40.132	192.168.11.20
Nov 22, 2024 04:45:06.460602045 CET	49747	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:45:06.530822992 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.531172991 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.531214952 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.535095930 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.535516024 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.535567045 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.623275042 CET	49747	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:45:06.623310089 CET	443	49747	142.251.40.132	192.168.11.20
Nov 22, 2024 04:45:06.625592947 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.630045891 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.642000914 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.642208099 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.642246962 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.642349958 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.642378092 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.642556906 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.642596960 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.642869949 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.644757986 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:06.644805908 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.685353041 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.750761986 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.750953913 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.751060009 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.751152992 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:06.751184940 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.751362085 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:06.751386881 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.751661062 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:06.751671076 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.776179075 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.819147110 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.819155931 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.821688890 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:06.821695089 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.825572014 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.825572014 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.825578928 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.825598955 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.869076967 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.926285982 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.926309109 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.926472902 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.926841974 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:06.926855087 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:06.932956934 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.933175087 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.933408022 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.933454037 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.933468103 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.933621883 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.935168028 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:06.935177088 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.935524940 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.935642004 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.935652971 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.935914040 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.936068058 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.936078072 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:06.937805891 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:06.937817097 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:06.948359013 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:06.948374033 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.052216053 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.052521944 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.052887917 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.052906990 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.052958965 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.053070068 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.053086996 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.053349972 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.114396095 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.114613056 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.114625931 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.114878893 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.114896059 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.115127087 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.118680954 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.118920088 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.118999004 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.119108915 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.119128942 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.119275093 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.119286060 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.150424957 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.150425911 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.150482893 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.150489092 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.169922113 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.256076097 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.256321907 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.256428003 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.256645918 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.256818056 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.257157087 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.257334948 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.257345915 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.258127928 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.258138895 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.258699894 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.258708000 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.258888006 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.258893013 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.259226084 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.259234905 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.261830091 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.268311977 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.268321991 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.303097963 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.303111076 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.352950096 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.364115953 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.364362001 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.364399910 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.364500999 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.364511013 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.364684105 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.364692926 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.368808985 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.369038105 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.369204044 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.369210958 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.369436979 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.369591951 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.369704962 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.369710922 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.369818926 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.371721029 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.382234097 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.382245064 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.411958933 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.472568035 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.472660065 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.472795010 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.472805023 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.474150896 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.474515915 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.474821091 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.474827051 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.475094080 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.477294922 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.492906094 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.492916107 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.495557070 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.495564938 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.529098034 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:07.529330015 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:07.529484987 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:07.529495955 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:07.531280041 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:07.531287909 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:07.531434059 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:07.531438112 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:07.537312984 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.576826096 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.577128887 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.577147007 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.577200890 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.577243090 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.577260971 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.577327013 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.577332973 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.577459097 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.577482939 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.580611944 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.580979109 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.580996990 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.581136942 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.581147909 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.581304073 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.581307888 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.581489086 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.581617117 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.581623077 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.581837893 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.581842899 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.581959009 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.619982958 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.686676979 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.688604116 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.688868999 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.688986063 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.689037085 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.689049006 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.689229965 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.689234972 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.736736059 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.736737013 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.736748934 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.736754894 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.738466024 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.738466024 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.738564014 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.739583969 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.739593029 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.845249891 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.847903013 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.848078012 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.848100901 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.848126888 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.848201036 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.848261118 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.848267078 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.848393917 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.848400116 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.849026918 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.849139929 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.849222898 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.849231958 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.849311113 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.849498987 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.849502087 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.849662066 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.849692106 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.849698067 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.849890947 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.849895954 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.850018978 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.850022078 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.850145102 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.850285053 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.850301981 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.850305080 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.850544930 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.850552082 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.850687981 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.850866079 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.851083040 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.851089001 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.851165056 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.851305962 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.851327896 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.851336002 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.851577044 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.851582050 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.851735115 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.851772070 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.852036953 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.852047920 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.852175951 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.852267027 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.852273941 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.852360964 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.852459908 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.852602959 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.854758024 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:07.855037928 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.855046988 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.871613979 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.883626938 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:07.895962000 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.912004948 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.936573982 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:07.936588049 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:07.938304901 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.938312054 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.946106911 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:07.946125031 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:07.946259975 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:07.946603060 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:07.946614027 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:07.956965923 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:07.976217985 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.976524115 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.976587057 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.976640940 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.976655006 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.976862907 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.976953030 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.976958990 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.977051020 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.977097988 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.977101088 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.977348089 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.977351904 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.977494001 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.977654934 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.977731943 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.977737904 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.977833033 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.977979898 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.978166103 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.986702919 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:07.999116898 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.999385118 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.999528885 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.999547005 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.999566078 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.999722958 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:07.999730110 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.999733925 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:07.999942064 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.000003099 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.000157118 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.000169992 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.003493071 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.003501892 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.020179033 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.020189047 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.053590059 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.053590059 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.053600073 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.063986063 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.064224958 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.064363003 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.064372063 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.064428091 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.064435005 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.064532995 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.064538956 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.064610958 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.064730883 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.064735889 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.064927101 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.064934015 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.065052032 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.065114021 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.065198898 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.065203905 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.065339088 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.065344095 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.065701962 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.065785885 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.065861940 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.065866947 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.065960884 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.066050053 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.066055059 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.066078901 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.066250086 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.066299915 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.066380978 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.066385031 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.066797018 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.066927910 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.066951036 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.066956997 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.067084074 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.067089081 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.070341110 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.103708982 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.103718042 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.104593992 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.104593992 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.104603052 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.104607105 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.120191097 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.120203972 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.170331955 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.242280006 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.286986113 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.287002087 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.289097071 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.289108038 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.337088108 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.344664097 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.345001936 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.345015049 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.346391916 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.346590996 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.347331047 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.347431898 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.347470999 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.403934002 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.403953075 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.421762943 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.438663960 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:08.438682079 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:08.454010010 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.471326113 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.471343994 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.520925045 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.529256105 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.530987978 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.531028032 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.531189919 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.531207085 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.531253099 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.531347036 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.531358004 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.531582117 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.534025908 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.537208080 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.537260056 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.537465096 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.537473917 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.537673950 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.540296078 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.543512106 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.543706894 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.543715954 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.546664953 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.546838045 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.546845913 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.549809933 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.549989939 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.550009012 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.553037882 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.553227901 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.553246021 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.556195974 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.556411982 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.556431055 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.562360048 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.562405109 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.562604904 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.562618017 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.562939882 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.565512896 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.568677902 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.568866014 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.568890095 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.568912983 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:08.620707035 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:08.620723009 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:08.620723009 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.625442028 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.628273964 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.628459930 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.628479004 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.630858898 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.631057978 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.631071091 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.631091118 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.631345987 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.632405043 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.635488987 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.635674000 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.635691881 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.637523890 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.637702942 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.637722015 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.639838934 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.640120983 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.640139103 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.640835047 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.640849113 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.642132044 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.642319918 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.642338037 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.644649982 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.644840956 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.644860029 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.648730993 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.648791075 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.648956060 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.648976088 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.648993015 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.649233103 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.661266088 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.661273003 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.661345959 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.661504984 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.661504984 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.661525011 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.661534071 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.661660910 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.661825895 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.661860943 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:08.672856092 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.672873974 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.673063040 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.673135042 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.673147917 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.673252106 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.720860004 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.726444960 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.726454020 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.726581097 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.726716042 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.726736069 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.726747990 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.726910114 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.735165119 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.735183001 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.735358000 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.735505104 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.735522985 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.735543013 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.735699892 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.743330956 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.743360996 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.743520021 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.743618011 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.743638992 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.743897915 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.747919083 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.748198032 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.748433113 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.748450994 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:08.750236034 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.750248909 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.750600100 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.750617981 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.750783920 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.750783920 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.750953913 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.750972986 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.751142979 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.757477045 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.757496119 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.757787943 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.757807970 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.758124113 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.764161110 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.764189005 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.764394045 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.764394045 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.764415979 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.764427900 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.764704943 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.770143032 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.770165920 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.770368099 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.770387888 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.770399094 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.770541906 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.770786047 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.775471926 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.775490046 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.775702953 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.775790930 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.775810957 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.776089907 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.791862011 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:08.814699888 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.814721107 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.815040112 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.815052986 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.815335989 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.819768906 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.819782972 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.819950104 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.820111990 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.820123911 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.820394993 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.824531078 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.824542999 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.824764013 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.824934006 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.824945927 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.825282097 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.829560995 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.829577923 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.829751968 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.829803944 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.829811096 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.829938889 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.830044031 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.831923008 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.832250118 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.832257986 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.832473040 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.832598925 CET	49799	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.832609892 CET	443	49799	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.856275082 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.856561899 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.856776953 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.856791019 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:08.882250071 CET	49800	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.882277012 CET	443	49800	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.882457972 CET	49800	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.882798910 CET	49800	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:08.882822990 CET	443	49800	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:08.904320955 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:08.931040049 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:08.931066036 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:08.931241035 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:08.931564093 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:08.931583881 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.272741079 CET	443	49800	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:09.273276091 CET	49800	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:09.273294926 CET	443	49800	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:09.273792982 CET	443	49800	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:09.274322987 CET	49800	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:09.274405956 CET	49800	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:09.274442911 CET	443	49800	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:09.322726011 CET	49800	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:09.322741985 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.323275089 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.323287964 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.324717045 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.324933052 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.325284004 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.325304985 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.325403929 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.371298075 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.371308088 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.423096895 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.461081982 CET	443	49800	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:09.461213112 CET	443	49800	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:09.461374998 CET	49800	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:09.461833954 CET	49800	443	192.168.11.20	151.101.193.229
Nov 22, 2024 04:45:09.461853981 CET	443	49800	151.101.193.229	192.168.11.20
Nov 22, 2024 04:45:09.463316917 CET	49803	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.463344097 CET	443	49803	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.463546991 CET	49803	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.463877916 CET	49803	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.463888884 CET	443	49803	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.512705088 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.525352001 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.525361061 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.525425911 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.525434017 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.525437117 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.525580883 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.525603056 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.525711060 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.525717020 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.525793076 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.544579029 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.544650078 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.544656038 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.544693947 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.544755936 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.544775009 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.544895887 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.589772940 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.616940022 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.616946936 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.616986036 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.617007017 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.617104053 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.617130995 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.617295027 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.617315054 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.617515087 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.632524014 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.632530928 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.632621050 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.632713079 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.632816076 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.632836103 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.632884979 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.633049965 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.644562960 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.644582033 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.644754887 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.644781113 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.644793034 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.644942045 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.645065069 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.654517889 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.654536963 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.654889107 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.654910088 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.655133963 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.708084106 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.708103895 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.708293915 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.708293915 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.708414078 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.708431959 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.708739042 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.716751099 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.716769934 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.716993093 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.717010975 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.717077017 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.717226982 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.724908113 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.724926949 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.725155115 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.725155115 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.725155115 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.725178003 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.725347996 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.725368977 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.734524965 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.734544039 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.734750032 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.734777927 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.734791040 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.734930038 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.735011101 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.739847898 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.739867926 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.740061998 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.740171909 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.740190983 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.740490913 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.745922089 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.745940924 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.746113062 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.746113062 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.746215105 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.746232986 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.746373892 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.746438980 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.751844883 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.751863956 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.752080917 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.752094984 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.752223015 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.752310991 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.757045031 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.757065058 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.757375956 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.757376909 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.757396936 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.757540941 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.796044111 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.796056986 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.796295881 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.796308041 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.796374083 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.796650887 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.799474001 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.799554110 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.799670935 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.799762011 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.799768925 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.799946070 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.805022955 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.805037022 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.805188894 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.805243969 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.805255890 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.805331945 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.805432081 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.809943914 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.809957027 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.810163975 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.810174942 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.810241938 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.810373068 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.813620090 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.813666105 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.813843966 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.813921928 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.814047098 CET	49802	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.814057112 CET	443	49802	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.853218079 CET	443	49803	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.853616953 CET	49803	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.853632927 CET	443	49803	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.854167938 CET	443	49803	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.854585886 CET	49803	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.854681015 CET	49803	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:09.854739904 CET	443	49803	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:09.905303955 CET	49803	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:10.041975021 CET	443	49803	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:10.042078972 CET	443	49803	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:10.042252064 CET	49803	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:10.042602062 CET	49803	443	192.168.11.20	151.101.1.229
Nov 22, 2024 04:45:10.042617083 CET	443	49803	151.101.1.229	192.168.11.20
Nov 22, 2024 04:45:22.887003899 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:22.887025118 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:23.014431000 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:23.068620920 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:23.814066887 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:23.814066887 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:23.814075947 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:23.814080000 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:23.909007072 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:23.950289965 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:23.950308084 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:23.950360060 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:23.950449944 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:23.950457096 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:23.950540066 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:23.950647116 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:23.950836897 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:23.950841904 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:23.951090097 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:23.951103926 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:23.952203989 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:23.952203989 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:23.952219009 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:23.952223063 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:24.047333956 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:24.058696985 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:24.058839083 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:24.058866978 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:24.058900118 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:24.066008091 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:24.066037893 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:24.066237926 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:24.066454887 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:45:24.066478968 CET	443	49772	172.67.15.14	192.168.11.20
Nov 22, 2024 04:45:29.920941114 CET	49729	443	192.168.11.20	23.57.90.141
Nov 22, 2024 04:45:30.548789978 CET	80	49730	146.19.181.36	192.168.11.20
Nov 22, 2024 04:45:30.549278021 CET	49730	80	192.168.11.20	146.19.181.36
Nov 22, 2024 04:45:30.549278021 CET	49730	80	192.168.11.20	146.19.181.36
Nov 22, 2024 04:45:30.643507957 CET	80	49730	146.19.181.36	192.168.11.20
Nov 22, 2024 04:45:30.842061996 CET	80	49732	146.19.181.36	192.168.11.20
Nov 22, 2024 04:45:30.842338085 CET	49732	80	192.168.11.20	146.19.181.36
Nov 22, 2024 04:45:30.842338085 CET	49732	80	192.168.11.20	146.19.181.36
Nov 22, 2024 04:45:30.849112034 CET	49731	80	192.168.11.20	142.251.35.163
Nov 22, 2024 04:45:30.936610937 CET	80	49732	146.19.181.36	192.168.11.20
Nov 22, 2024 04:45:30.944051981 CET	80	49731	142.251.35.163	192.168.11.20
Nov 22, 2024 04:45:30.945080042 CET	49731	80	192.168.11.20	142.251.35.163
Nov 22, 2024 04:45:38.018162966 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:38.018203974 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:38.142164946 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:38.183743000 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:51.831892014 CET	49792	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:51.831902027 CET	443	49792	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:53.149327993 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:53.149347067 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:53.273248911 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:45:53.319134951 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:45:53.750550985 CET	49793	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:45:53.750571966 CET	443	49793	104.22.45.142	192.168.11.20
Nov 22, 2024 04:45:56.014447927 CET	49860	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:45:56.014502048 CET	443	49860	142.251.40.132	192.168.11.20
Nov 22, 2024 04:45:56.014710903 CET	49860	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:45:56.015041113 CET	49860	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:45:56.015080929 CET	443	49860	142.251.40.132	192.168.11.20
Nov 22, 2024 04:45:56.416156054 CET	443	49860	142.251.40.132	192.168.11.20
Nov 22, 2024 04:45:56.416508913 CET	49860	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:45:56.416553020 CET	443	49860	142.251.40.132	192.168.11.20
Nov 22, 2024 04:45:56.417785883 CET	443	49860	142.251.40.132	192.168.11.20
Nov 22, 2024 04:45:56.418332100 CET	49860	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:45:56.418669939 CET	443	49860	142.251.40.132	192.168.11.20
Nov 22, 2024 04:45:56.464606047 CET	49860	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:46:06.415582895 CET	443	49860	142.251.40.132	192.168.11.20
Nov 22, 2024 04:46:06.415729046 CET	443	49860	142.251.40.132	192.168.11.20
Nov 22, 2024 04:46:06.415895939 CET	49860	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:46:06.879142046 CET	49860	443	192.168.11.20	142.251.40.132
Nov 22, 2024 04:46:06.879184961 CET	443	49860	142.251.40.132	192.168.11.20
Nov 22, 2024 04:46:08.274379015 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:46:08.274418116 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:46:08.398936033 CET	443	49796	104.22.44.142	192.168.11.20
Nov 22, 2024 04:46:08.452013969 CET	49796	443	192.168.11.20	104.22.44.142
Nov 22, 2024 04:46:08.955627918 CET	49771	443	192.168.11.20	104.22.45.142
Nov 22, 2024 04:46:08.955636978 CET	443	49771	104.22.45.142	192.168.11.20
Nov 22, 2024 04:46:09.081757069 CET	49772	443	192.168.11.20	172.67.15.14
Nov 22, 2024 04:46:09.081767082 CET	443	49772	172.67.15.14	192.168.11.20

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Nov 22, 2024 04:44:43.111715078 CET	137	137	192.168.11.20	192.168.11.255
Nov 22, 2024 04:44:43.847944021 CET	137	137	192.168.11.20	192.168.11.255
Nov 22, 2024 04:44:44.612999916 CET	137	137	192.168.11.20	192.168.11.255
Nov 22, 2024 04:44:51.369338989 CET	53	63845	1.1.1.1	192.168.11.20
Nov 22, 2024 04:44:51.425307035 CET	53	61824	1.1.1.1	192.168.11.20
Nov 22, 2024 04:44:51.491533041 CET	61825	1900	192.168.11.20	239.255.255.250
Nov 22, 2024 04:44:52.242710114 CET	53	60919	1.1.1.1	192.168.11.20
Nov 22, 2024 04:44:52.492619991 CET	61825	1900	192.168.11.20	239.255.255.250
Nov 22, 2024 04:44:53.505686045 CET	61825	1900	192.168.11.20	239.255.255.250
Nov 22, 2024 04:44:54.096662998 CET	53	55445	1.1.1.1	192.168.11.20
Nov 22, 2024 04:44:54.507193089 CET	61825	1900	192.168.11.20	239.255.255.250
Nov 22, 2024 04:44:54.512780905 CET	137	137	192.168.11.20	192.168.11.255
Nov 22, 2024 04:44:55.273575068 CET	137	137	192.168.11.20	192.168.11.255
Nov 22, 2024 04:44:55.958113909 CET	52572	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:44:55.958240986 CET	59682	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:44:56.024097919 CET	137	137	192.168.11.20	192.168.11.255
Nov 22, 2024 04:44:56.052994013 CET	53	59682	1.1.1.1	192.168.11.20
Nov 22, 2024 04:44:56.053411961 CET	53	52572	1.1.1.1	192.168.11.20
Nov 22, 2024 04:44:59.878074884 CET	60551	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:44:59.878175974 CET	53018	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:44:59.973608017 CET	53	53018	1.1.1.1	192.168.11.20
Nov 22, 2024 04:44:59.974050045 CET	53	60551	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:00.913139105 CET	65476	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:00.913295031 CET	54354	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:01.008450985 CET	53	65476	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:01.008644104 CET	53	54354	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:05.608717918 CET	54944	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:05.608822107 CET	54973	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:05.703965902 CET	53	54973	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:05.705096960 CET	53	54944	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:05.853387117 CET	60699	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:05.853486061 CET	55837	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:05.948360920 CET	53	55837	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:05.948374033 CET	53	60699	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:06.829291105 CET	63802	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:06.829395056 CET	58315	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:06.925192118 CET	53	63802	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:06.925817013 CET	53	58315	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:07.784754992 CET	53	53556	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:07.850049019 CET	51785	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:07.850166082 CET	56026	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:07.945050001 CET	53	56026	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:07.945610046 CET	53	51785	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:08.834085941 CET	51037	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:08.834192038 CET	64148	53	192.168.11.20	1.1.1.1
Nov 22, 2024 04:45:08.928544044 CET	53	51037	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:08.930555105 CET	53	64148	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:14.038677931 CET	53	65346	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:21.014081001 CET	53	65076	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:35.894836903 CET	53	64326	1.1.1.1	192.168.11.20
Nov 22, 2024 04:45:51.404181004 CET	53	64856	1.1.1.1	192.168.11.20
Nov 22, 2024 04:46:01.728049994 CET	53	64988	1.1.1.1	192.168.11.20

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Nov 22, 2024 04:45:54.515836954 CET	192.168.11.20	1.1.1.1	cb94	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Nov 22, 2024 04:44:55.958113909 CET	192.168.11.20	1.1.1.1	0x1f20	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:44:55.958240986 CET	192.168.11.20	1.1.1.1	0x8fc0	Standard query (0)	www.google.com	65	IN (0x0001)	false
Nov 22, 2024 04:44:59.878074884 CET	192.168.11.20	1.1.1.1	0x3be	Standard query (0)	embed.tawk.to	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:44:59.878175974 CET	192.168.11.20	1.1.1.1	0xe25b	Standard query (0)	embed.tawk.to	65	IN (0x0001)	false
Nov 22, 2024 04:45:00.913139105 CET	192.168.11.20	1.1.1.1	0x6cf9	Standard query (0)	embed.tawk.to	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:00.913295031 CET	192.168.11.20	1.1.1.1	0x314d	Standard query (0)	embed.tawk.to	65	IN (0x0001)	false
Nov 22, 2024 04:45:05.608717918 CET	192.168.11.20	1.1.1.1	0x7024	Standard query (0)	va.tawk.to	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:05.608822107 CET	192.168.11.20	1.1.1.1	0x326a	Standard query (0)	va.tawk.to	65	IN (0x0001)	false
Nov 22, 2024 04:45:05.853387117 CET	192.168.11.20	1.1.1.1	0x9dc1	Standard query (0)	va.tawk.to	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:05.853486061 CET	192.168.11.20	1.1.1.1	0x3662	Standard query (0)	va.tawk.to	65	IN (0x0001)	false
Nov 22, 2024 04:45:06.829291105 CET	192.168.11.20	1.1.1.1	0x1a50	Standard query (0)	vsa20.tawk.to	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:06.829395056 CET	192.168.11.20	1.1.1.1	0xfc92	Standard query (0)	vsa20.tawk.to	65	IN (0x0001)	false
Nov 22, 2024 04:45:07.850049019 CET	192.168.11.20	1.1.1.1	0x3a86	Standard query (0)	cdn.jsdelivr.net	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:07.850166082 CET	192.168.11.20	1.1.1.1	0xf7db	Standard query (0)	cdn.jsdelivr.net	65	IN (0x0001)	false
Nov 22, 2024 04:45:08.834085941 CET	192.168.11.20	1.1.1.1	0x665c	Standard query (0)	cdn.jsdelivr.net	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:08.834192038 CET	192.168.11.20	1.1.1.1	0x25c5	Standard query (0)	cdn.jsdelivr.net	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Nov 22, 2024 04:44:56.052994013 CET	1.1.1.1	192.168.11.20	0x8fc0	No error (0)	www.google.com			65	IN (0x0001)	false
Nov 22, 2024 04:44:56.053411961 CET	1.1.1.1	192.168.11.20	0x1f20	No error (0)	www.google.com		142.251.40.132	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:44:59.973608017 CET	1.1.1.1	192.168.11.20	0xe25b	No error (0)	embed.tawk.to			65	IN (0x0001)	false
Nov 22, 2024 04:44:59.974050045 CET	1.1.1.1	192.168.11.20	0x3be	No error (0)	embed.tawk.to		104.22.45.142	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:44:59.974050045 CET	1.1.1.1	192.168.11.20	0x3be	No error (0)	embed.tawk.to		104.22.44.142	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:44:59.974050045 CET	1.1.1.1	192.168.11.20	0x3be	No error (0)	embed.tawk.to		172.67.15.14	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:01.008450985 CET	1.1.1.1	192.168.11.20	0x6cf9	No error (0)	embed.tawk.to		172.67.15.14	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:01.008450985 CET	1.1.1.1	192.168.11.20	0x6cf9	No error (0)	embed.tawk.to		104.22.44.142	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:01.008450985 CET	1.1.1.1	192.168.11.20	0x6cf9	No error (0)	embed.tawk.to		104.22.45.142	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:01.008644104 CET	1.1.1.1	192.168.11.20	0x314d	No error (0)	embed.tawk.to			65	IN (0x0001)	false
Nov 22, 2024 04:45:05.703965902 CET	1.1.1.1	192.168.11.20	0x326a	No error (0)	va.tawk.to			65	IN (0x0001)	false
Nov 22, 2024 04:45:05.705096960 CET	1.1.1.1	192.168.11.20	0x7024	No error (0)	va.tawk.to		104.22.44.142	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:05.705096960 CET	1.1.1.1	192.168.11.20	0x7024	No error (0)	va.tawk.to		104.22.45.142	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:05.705096960 CET	1.1.1.1	192.168.11.20	0x7024	No error (0)	va.tawk.to		172.67.15.14	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:05.948360920 CET	1.1.1.1	192.168.11.20	0x3662	No error (0)	va.tawk.to			65	IN (0x0001)	false
Nov 22, 2024 04:45:05.948374033 CET	1.1.1.1	192.168.11.20	0x9dc1	No error (0)	va.tawk.to		104.22.44.142	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:05.948374033 CET	1.1.1.1	192.168.11.20	0x9dc1	No error (0)	va.tawk.to		172.67.15.14	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:05.948374033 CET	1.1.1.1	192.168.11.20	0x9dc1	No error (0)	va.tawk.to		104.22.45.142	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:06.925192118 CET	1.1.1.1	192.168.11.20	0x1a50	No error (0)	vsa20.tawk.to		104.22.44.142	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:06.925192118 CET	1.1.1.1	192.168.11.20	0x1a50	No error (0)	vsa20.tawk.to		172.67.15.14	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:06.925192118 CET	1.1.1.1	192.168.11.20	0x1a50	No error (0)	vsa20.tawk.to		104.22.45.142	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:06.925817013 CET	1.1.1.1	192.168.11.20	0xfc92	No error (0)	vsa20.tawk.to			65	IN (0x0001)	false
Nov 22, 2024 04:45:07.945050001 CET	1.1.1.1	192.168.11.20	0xf7db	No error (0)	cdn.jsdelivr.net	jsdelivr.map.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Nov 22, 2024 04:45:07.945610046 CET	1.1.1.1	192.168.11.20	0x3a86	No error (0)	cdn.jsdelivr.net	jsdelivr.map.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Nov 22, 2024 04:45:07.945610046 CET	1.1.1.1	192.168.11.20	0x3a86	No error (0)	jsdelivr.map.fastly.net		151.101.193.229	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:07.945610046 CET	1.1.1.1	192.168.11.20	0x3a86	No error (0)	jsdelivr.map.fastly.net		151.101.65.229	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:07.945610046 CET	1.1.1.1	192.168.11.20	0x3a86	No error (0)	jsdelivr.map.fastly.net		151.101.129.229	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:07.945610046 CET	1.1.1.1	192.168.11.20	0x3a86	No error (0)	jsdelivr.map.fastly.net		151.101.1.229	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:08.928544044 CET	1.1.1.1	192.168.11.20	0x665c	No error (0)	cdn.jsdelivr.net	jsdelivr.map.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Nov 22, 2024 04:45:08.928544044 CET	1.1.1.1	192.168.11.20	0x665c	No error (0)	jsdelivr.map.fastly.net		151.101.1.229	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:08.928544044 CET	1.1.1.1	192.168.11.20	0x665c	No error (0)	jsdelivr.map.fastly.net		151.101.65.229	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:08.928544044 CET	1.1.1.1	192.168.11.20	0x665c	No error (0)	jsdelivr.map.fastly.net		151.101.129.229	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:08.928544044 CET	1.1.1.1	192.168.11.20	0x665c	No error (0)	jsdelivr.map.fastly.net		151.101.193.229	A (IP address)	IN (0x0001)	false
Nov 22, 2024 04:45:08.930555105 CET	1.1.1.1	192.168.11.20	0x25c5	No error (0)	cdn.jsdelivr.net	jsdelivr.map.fastly.net		CNAME (Canonical name)	IN (0x0001)	false

HTTP Request Dependency Graph

https:

cdn.jsdelivr.net

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.11.20	49799	151.101.193.229	443	2476	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-11-22 03:45:08 UTC	593	OUT	GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1 Host: cdn.jsdelivr.net Connection: keep-alive sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://365214tesauppeortbasd132.z26.web.core.windows.net/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2024-11-22 03:45:08 UTC	725	IN	HTTP/1.1 200 OK Connection: close Content-Length: 302554 Access-Control-Allow-Origin: * Access-Control-Expose-Headers: * Timing-Allow-Origin: * Cache-Control: public, max-age=31536000, s-maxage=31536000, immutable Cross-Origin-Resource-Policy: cross-origin X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Content-Type: application/javascript; charset=utf-8 ETag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU" Accept-Ranges: bytes Age: 235551 Date: Fri, 22 Nov 2024 03:45:08 GMT X-Served-By: cache-fra-etou8220140-FRA, cache-ewr-kewr1740057-EWR X-Cache: HIT, HIT Vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-11-22 03:45:08 UTC	1378	IN	Data Raw: 2f 2a 21 20 65 6d 6f 6a 69 6f 6e 65 20 30 32 2d 31 32 2d 32 30 31 36 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 2e 65 6d 6f 6a 69 6f 6e 65 4c 69 73 74 3d 7b 22 3a 6b 69 73 73 5f 77 77 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 34 36 39 2d 32 30 30 64 2d 32 37 36 34 2d 66 65 30 66 2d 32 30 30 64 2d 31 66 34 38 62 2d 32 30 30 64 2d 31 66 34 36 39 22 2c 22 31 66 34 36 39 2d 32 37 36 34 2d 31 66 34 38 62 2d 31 66 34 36 39 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 34 36 39 2d 32 37 36 34 2d 31 66 34 38 62 2d 31 66 34 36 39 22 2c 75 63 3a 22 31 66 34 36 39 2d 32 30 30 64 2d 32 37 36 34 2d 66 65 30 66 2d 32 30 30 64 2d 31 66 34 38 62 2d 32 30 30 64 2d 31 66 34 36 39 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 63 6f 75 70 6c 65 6b 69 73 Data Ascii: /! emojione 02-12-2016 /!function(a){a.emojioneList={":kiss_ww:":{unicode:["1f469-200d-2764-fe0f-200d-1f48b-200d-1f469","1f469-2764-1f48b-1f469"],fname:"1f469-2764-1f48b-1f469",uc:"1f469-200d-2764-fe0f-200d-1f48b-200d-1f469",isCanonical:!0},":couplekis
2024-11-22 03:45:08 UTC	1378	IN	Data Raw: 22 3a 66 61 6d 69 6c 79 5f 6d 77 62 62 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 34 36 38 2d 32 30 30 64 2d 31 66 34 36 39 2d 32 30 30 64 2d 31 66 34 36 36 2d 32 30 30 64 2d 31 66 34 36 36 22 2c 22 31 66 34 36 38 2d 31 66 34 36 39 2d 31 66 34 36 36 2d 31 66 34 36 36 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 34 36 38 2d 31 66 34 36 39 2d 31 66 34 36 36 2d 31 66 34 36 36 22 2c 75 63 3a 22 31 66 34 36 38 2d 32 30 30 64 2d 31 66 34 36 39 2d 32 30 30 64 2d 31 66 34 36 36 2d 32 30 30 64 2d 31 66 34 36 36 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 66 61 6d 69 6c 79 5f 6d 77 67 62 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 34 36 38 2d 32 30 30 64 2d 31 66 34 36 39 2d 32 30 30 64 2d 31 66 34 36 37 2d 32 30 30 64 2d 31 66 34 36 36 22 2c 22 31 Data Ascii: ":family_mwbb:":{unicode:["1f468-200d-1f469-200d-1f466-200d-1f466","1f468-1f469-1f466-1f466"],fname:"1f468-1f469-1f466-1f466",uc:"1f468-200d-1f469-200d-1f466-200d-1f466",isCanonical:!0},":family_mwgb:":{unicode:["1f468-200d-1f469-200d-1f467-200d-1f466","1
2024-11-22 03:45:08 UTC	1378	IN	Data Raw: 2d 31 66 34 36 39 22 2c 75 63 3a 22 31 66 34 36 39 2d 32 30 30 64 2d 32 37 36 34 2d 66 65 30 66 2d 32 30 30 64 2d 31 66 34 36 39 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 63 6f 75 70 6c 65 5f 6d 6d 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 34 36 38 2d 32 30 30 64 2d 32 37 36 34 2d 66 65 30 66 2d 32 30 30 64 2d 31 66 34 36 38 22 2c 22 31 66 34 36 38 2d 32 37 36 34 2d 31 66 34 36 38 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 34 36 38 2d 32 37 36 34 2d 31 66 34 36 38 22 2c 75 63 3a 22 31 66 34 36 38 2d 32 30 30 64 2d 32 37 36 34 2d 66 65 30 66 2d 32 30 30 64 2d 31 66 34 36 38 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 63 6f 75 70 6c 65 5f 77 69 74 68 5f 68 65 61 72 74 5f 6d 6d 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 Data Ascii: -1f469",uc:"1f469-200d-2764-fe0f-200d-1f469",isCanonical:!1},":couple_mm:":{unicode:["1f468-200d-2764-fe0f-200d-1f468","1f468-2764-1f468"],fname:"1f468-2764-1f468",uc:"1f468-200d-2764-fe0f-200d-1f468",isCanonical:!0},":couple_with_heart_mm:":{unicode:["1f
2024-11-22 03:45:08 UTC	1378	IN	Data Raw: 33 30 38 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 65 79 65 5f 69 6e 5f 73 70 65 65 63 68 5f 62 75 62 62 6c 65 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 34 34 31 2d 32 30 30 64 2d 31 66 35 65 38 22 2c 22 31 66 34 34 31 2d 31 66 35 65 38 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 34 34 31 2d 31 66 35 65 38 22 2c 75 63 3a 22 31 66 34 34 31 2d 32 30 30 64 2d 31 66 35 65 38 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 68 61 73 68 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 30 30 32 33 2d 66 65 30 66 2d 32 30 65 33 22 2c 22 30 30 32 33 2d 32 30 65 33 22 5d 2c 66 6e 61 6d 65 3a 22 30 30 32 33 2d 32 30 65 33 22 2c 75 63 3a 22 30 30 32 33 2d 32 30 65 33 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 7a 65 72 6f 3a 22 3a Data Ascii: 308",isCanonical:!1},":eye_in_speech_bubble:":{unicode:["1f441-200d-1f5e8","1f441-1f5e8"],fname:"1f441-1f5e8",uc:"1f441-200d-1f5e8",isCanonical:!0},":hash:":{unicode:["0023-fe0f-20e3","0023-20e3"],fname:"0023-20e3",uc:"0023-20e3",isCanonical:!0},":zero:":
2024-11-22 03:45:08 UTC	1378	IN	Data Raw: 32 61 2d 32 30 65 33 22 5d 2c 66 6e 61 6d 65 3a 22 30 30 32 61 2d 32 30 65 33 22 2c 75 63 3a 22 30 30 32 61 2d 32 30 65 33 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 68 61 6e 64 62 61 6c 6c 5f 74 6f 6e 65 35 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 65 2d 31 66 33 66 66 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 65 2d 31 66 33 66 66 22 2c 75 63 3a 22 31 66 39 33 65 2d 31 66 33 66 66 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 68 61 6e 64 62 61 6c 6c 5f 74 6f 6e 65 34 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 65 2d 31 66 33 66 65 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 65 2d 31 66 33 66 65 22 2c 75 63 3a 22 31 66 39 33 65 2d 31 66 33 66 65 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a Data Ascii: 2a-20e3"],fname:"002a-20e3",uc:"002a-20e3",isCanonical:!1},":handball_tone5:":{unicode:["1f93e-1f3ff"],fname:"1f93e-1f3ff",uc:"1f93e-1f3ff",isCanonical:!0},":handball_tone4:":{unicode:["1f93e-1f3fe"],fname:"1f93e-1f3fe",uc:"1f93e-1f3fe",isCanonical:!0},":
2024-11-22 03:45:08 UTC	1378	IN	Data Raw: 66 6e 61 6d 65 3a 22 31 66 39 33 63 2d 31 66 33 66 65 22 2c 75 63 3a 22 31 66 39 33 63 2d 31 66 33 66 65 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 77 72 65 73 74 6c 65 72 73 5f 74 6f 6e 65 33 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 63 2d 31 66 33 66 64 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 63 2d 31 66 33 66 64 22 2c 75 63 3a 22 31 66 39 33 63 2d 31 66 33 66 64 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 77 72 65 73 74 6c 69 6e 67 5f 74 6f 6e 65 33 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 63 2d 31 66 33 66 64 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 63 2d 31 66 33 66 64 22 2c 75 63 3a 22 31 66 39 33 63 2d 31 66 33 66 64 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 77 72 65 73 Data Ascii: fname:"1f93c-1f3fe",uc:"1f93c-1f3fe",isCanonical:!1},":wrestlers_tone3:":{unicode:["1f93c-1f3fd"],fname:"1f93c-1f3fd",uc:"1f93c-1f3fd",isCanonical:!0},":wrestling_tone3:":{unicode:["1f93c-1f3fd"],fname:"1f93c-1f3fd",uc:"1f93c-1f3fd",isCanonical:!1},":wres
2024-11-22 03:45:08 UTC	1378	IN	Data Raw: 22 2c 75 63 3a 22 31 66 39 33 39 2d 31 66 33 66 63 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 6a 75 67 67 6c 69 6e 67 5f 74 6f 6e 65 31 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 39 2d 31 66 33 66 62 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 39 2d 31 66 33 66 62 22 2c 75 63 3a 22 31 66 39 33 39 2d 31 66 33 66 62 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 6a 75 67 67 6c 65 72 5f 74 6f 6e 65 31 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 39 2d 31 66 33 66 62 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 39 2d 31 66 33 66 62 22 2c 75 63 3a 22 31 66 39 33 39 2d 31 66 33 66 62 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 63 61 72 74 77 68 65 65 6c 5f 74 6f 6e 65 35 3a 22 3a 7b 75 6e 69 63 6f 64 Data Ascii: ",uc:"1f939-1f3fc",isCanonical:!1},":juggling_tone1:":{unicode:["1f939-1f3fb"],fname:"1f939-1f3fb",uc:"1f939-1f3fb",isCanonical:!0},":juggler_tone1:":{unicode:["1f939-1f3fb"],fname:"1f939-1f3fb",uc:"1f939-1f3fb",isCanonical:!1},":cartwheel_tone5:":{unicod
2024-11-22 03:45:08 UTC	1378	IN	Data Raw: 65 34 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 37 2d 31 66 33 66 65 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 37 2d 31 66 33 66 65 22 2c 75 63 3a 22 31 66 39 33 37 2d 31 66 33 66 65 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 73 68 72 75 67 5f 74 6f 6e 65 33 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 37 2d 31 66 33 66 64 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 37 2d 31 66 33 66 64 22 2c 75 63 3a 22 31 66 39 33 37 2d 31 66 33 66 64 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 73 68 72 75 67 5f 74 6f 6e 65 32 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 37 2d 31 66 33 66 63 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 37 2d 31 66 33 66 63 22 2c 75 63 3a 22 31 66 39 33 37 2d 31 66 33 66 63 22 2c Data Ascii: e4:":{unicode:["1f937-1f3fe"],fname:"1f937-1f3fe",uc:"1f937-1f3fe",isCanonical:!0},":shrug_tone3:":{unicode:["1f937-1f3fd"],fname:"1f937-1f3fd",uc:"1f937-1f3fd",isCanonical:!0},":shrug_tone2:":{unicode:["1f937-1f3fc"],fname:"1f937-1f3fc",uc:"1f937-1f3fc",
2024-11-22 03:45:08 UTC	1378	IN	Data Raw: 7d 2c 22 3a 6d 61 6e 5f 69 6e 5f 74 75 78 65 64 6f 5f 74 6f 6e 65 35 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 35 2d 31 66 33 66 66 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 35 2d 31 66 33 66 66 22 2c 75 63 3a 22 31 66 39 33 35 2d 31 66 33 66 66 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 74 75 78 65 64 6f 5f 74 6f 6e 65 35 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 35 2d 31 66 33 66 66 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 35 2d 31 66 33 66 66 22 2c 75 63 3a 22 31 66 39 33 35 2d 31 66 33 66 66 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 6d 61 6e 5f 69 6e 5f 74 75 78 65 64 6f 5f 74 6f 6e 65 34 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 35 2d 31 66 33 66 65 22 5d 2c 66 6e 61 6d 65 3a 22 Data Ascii: },":man_in_tuxedo_tone5:":{unicode:["1f935-1f3ff"],fname:"1f935-1f3ff",uc:"1f935-1f3ff",isCanonical:!0},":tuxedo_tone5:":{unicode:["1f935-1f3ff"],fname:"1f935-1f3ff",uc:"1f935-1f3ff",isCanonical:!1},":man_in_tuxedo_tone4:":{unicode:["1f935-1f3fe"],fname:"
2024-11-22 03:45:08 UTC	1378	IN	Data Raw: 6e 65 31 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 34 2d 31 66 33 66 62 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 34 2d 31 66 33 66 62 22 2c 75 63 3a 22 31 66 39 33 34 2d 31 66 33 66 62 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 73 65 6c 66 69 65 5f 74 6f 6e 65 35 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 33 2d 31 66 33 66 66 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 33 2d 31 66 33 66 66 22 2c 75 63 3a 22 31 66 39 33 33 2d 31 66 33 66 66 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 73 65 6c 66 69 65 5f 74 6f 6e 65 34 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 33 33 2d 31 66 33 66 65 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 33 33 2d 31 66 33 66 65 22 2c 75 63 3a 22 31 66 39 33 33 2d 31 66 33 66 Data Ascii: ne1:":{unicode:["1f934-1f3fb"],fname:"1f934-1f3fb",uc:"1f934-1f3fb",isCanonical:!0},":selfie_tone5:":{unicode:["1f933-1f3ff"],fname:"1f933-1f3ff",uc:"1f933-1f3ff",isCanonical:!0},":selfie_tone4:":{unicode:["1f933-1f3fe"],fname:"1f933-1f3fe",uc:"1f933-1f3f

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.11.20	49800	151.101.193.229	443	2476	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-11-22 03:45:09 UTC	584	OUT	GET /emojione/assets/png/1f44b.png?v=2.2.7 HTTP/1.1 Host: cdn.jsdelivr.net Connection: keep-alive sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2024-11-22 03:45:09 UTC	657	IN	HTTP/1.1 200 OK Connection: close Content-Length: 1311 Access-Control-Allow-Origin: * Access-Control-Expose-Headers: * Timing-Allow-Origin: * cache-control: public, max-age=31536000 Cross-Origin-Resource-Policy: cross-origin X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000; includeSubDomains; preload content-type: image/png ETag: W/"51f-Lhpf/5pVjttXKKAzYbc9FjP7pB4" Accept-Ranges: bytes Age: 1799830 Date: Fri, 22 Nov 2024 03:45:09 GMT X-Served-By: cache-fra-eddf8230054-FRA, cache-lga21988-LGA X-Cache: HIT, HIT Vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-11-22 03:45:09 UTC	1311	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 40 00 00 00 40 08 03 00 00 00 9d b7 81 ec 00 00 00 ed 50 4c 54 45 00 00 00 eb a3 52 eb a3 52 eb a3 52 eb a3 52 ff dd 67 ef af 56 ef ae 56 eb a3 52 eb a3 52 eb a3 52 42 ad e2 42 ad e2 42 ad e2 42 ad e2 ff dd 67 fb d2 63 fd d6 64 f8 c7 5f ee aa 55 ff dd 67 ff dd 67 fe d9 66 f3 b9 5a eb a3 52 42 ad e2 42 ad e2 42 ad e2 42 ad e2 42 ad e2 42 ad e2 ff dd 67 eb a3 52 ff dd 67 42 ad e2 42 ad e2 eb a3 52 ff dd 67 ec a7 53 fa ce 61 ff dd 67 f0 b2 57 42 ad e2 42 ad e2 f5 c0 5d ef b0 57 ee ad 56 ef ae 56 ee ab 55 ff dd 67 fa cf 62 ff dd 67 fb d1 63 f6 c4 5e ee ab 55 42 ad e2 ff dd 67 f1 b5 59 eb a3 52 42 ad e2 f3 bb 5b ff dd 67 eb a3 52 f5 c0 5d eb a3 52 f5 c0 5d ff dd 67 f8 c8 60 f7 c6 5f ff dd 67 eb a3 52 ff Data Ascii: PNGIHDR@@PLTERRRRgVVRRRBBBBgcd_UggfZRBBBBBBgRgBBRgSagWBB]WVVUgbgc^UBgYRB[gR]R]g`_gR

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.11.20	49802	151.101.1.229	443	2476	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-11-22 03:45:09 UTC	383	OUT	GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1 Host: cdn.jsdelivr.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2024-11-22 03:45:09 UTC	725	IN	HTTP/1.1 200 OK Connection: close Content-Length: 302554 Access-Control-Allow-Origin: * Access-Control-Expose-Headers: * Timing-Allow-Origin: * Cache-Control: public, max-age=31536000, s-maxage=31536000, immutable Cross-Origin-Resource-Policy: cross-origin X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Content-Type: application/javascript; charset=utf-8 ETag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU" Accept-Ranges: bytes Date: Fri, 22 Nov 2024 03:45:09 GMT Age: 235552 X-Served-By: cache-fra-etou8220140-FRA, cache-ewr-kewr1740032-EWR X-Cache: HIT, HIT Vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-11-22 03:45:09 UTC	16384	IN	Data Raw: 2f 2a 21 20 65 6d 6f 6a 69 6f 6e 65 20 30 32 2d 31 32 2d 32 30 31 36 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 2e 65 6d 6f 6a 69 6f 6e 65 4c 69 73 74 3d 7b 22 3a 6b 69 73 73 5f 77 77 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 34 36 39 2d 32 30 30 64 2d 32 37 36 34 2d 66 65 30 66 2d 32 30 30 64 2d 31 66 34 38 62 2d 32 30 30 64 2d 31 66 34 36 39 22 2c 22 31 66 34 36 39 2d 32 37 36 34 2d 31 66 34 38 62 2d 31 66 34 36 39 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 34 36 39 2d 32 37 36 34 2d 31 66 34 38 62 2d 31 66 34 36 39 22 2c 75 63 3a 22 31 66 34 36 39 2d 32 30 30 64 2d 32 37 36 34 2d 66 65 30 66 2d 32 30 30 64 2d 31 66 34 38 62 2d 32 30 30 64 2d 31 66 34 36 39 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 63 6f 75 70 6c 65 6b 69 73 Data Ascii: /! emojione 02-12-2016 /!function(a){a.emojioneList={":kiss_ww:":{unicode:["1f469-200d-2764-fe0f-200d-1f48b-200d-1f469","1f469-2764-1f48b-1f469"],fname:"1f469-2764-1f48b-1f469",uc:"1f469-200d-2764-fe0f-200d-1f48b-200d-1f469",isCanonical:!0},":couplekis
2024-11-22 03:45:09 UTC	16384	IN	Data Raw: 66 33 66 65 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 31 64 2d 31 66 33 66 65 22 2c 75 63 3a 22 31 66 39 31 64 2d 31 66 33 66 65 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 73 68 61 6b 69 6e 67 5f 68 61 6e 64 73 5f 74 6f 6e 65 34 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 31 64 2d 31 66 33 66 65 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 31 64 2d 31 66 33 66 65 22 2c 75 63 3a 22 31 66 39 31 64 2d 31 66 33 66 65 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 68 61 6e 64 73 68 61 6b 65 5f 74 6f 6e 65 33 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 31 64 2d 31 66 33 66 64 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 31 64 2d 31 66 33 66 64 22 2c 75 63 3a 22 31 66 39 31 64 2d 31 66 33 66 64 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c Data Ascii: f3fe"],fname:"1f91d-1f3fe",uc:"1f91d-1f3fe",isCanonical:!0},":shaking_hands_tone4:":{unicode:["1f91d-1f3fe"],fname:"1f91d-1f3fe",uc:"1f91d-1f3fe",isCanonical:!1},":handshake_tone3:":{unicode:["1f91d-1f3fd"],fname:"1f91d-1f3fd",uc:"1f91d-1f3fd",isCanonical
2024-11-22 03:45:09 UTC	16384	IN	Data Raw: 66 33 66 63 22 2c 75 63 3a 22 31 66 35 37 61 2d 31 66 33 66 63 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 6d 61 6c 65 5f 64 61 6e 63 65 72 5f 74 6f 6e 65 32 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 35 37 61 2d 31 66 33 66 63 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 35 37 61 2d 31 66 33 66 63 22 2c 75 63 3a 22 31 66 35 37 61 2d 31 66 33 66 63 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 6d 61 6e 5f 64 61 6e 63 69 6e 67 5f 74 6f 6e 65 31 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 35 37 61 2d 31 66 33 66 62 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 35 37 61 2d 31 66 33 66 62 22 2c 75 63 3a 22 31 66 35 37 61 2d 31 66 33 66 62 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 6d 61 6c 65 5f 64 61 6e 63 65 72 5f 74 6f Data Ascii: f3fc",uc:"1f57a-1f3fc",isCanonical:!0},":male_dancer_tone2:":{unicode:["1f57a-1f3fc"],fname:"1f57a-1f3fc",uc:"1f57a-1f3fc",isCanonical:!1},":man_dancing_tone1:":{unicode:["1f57a-1f3fb"],fname:"1f57a-1f3fb",uc:"1f57a-1f3fb",isCanonical:!0},":male_dancer_to
2024-11-22 03:45:09 UTC	16384	IN	Data Raw: 69 63 6f 64 65 3a 5b 22 31 66 34 34 64 2d 31 66 33 66 62 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 34 34 64 2d 31 66 33 66 62 22 2c 75 63 3a 22 31 66 34 34 64 2d 31 66 33 66 62 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 6f 6b 5f 68 61 6e 64 5f 74 6f 6e 65 35 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 34 34 63 2d 31 66 33 66 66 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 34 34 63 2d 31 66 33 66 66 22 2c 75 63 3a 22 31 66 34 34 63 2d 31 66 33 66 66 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 6f 6b 5f 68 61 6e 64 5f 74 6f 6e 65 34 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 34 34 63 2d 31 66 33 66 65 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 34 34 63 2d 31 66 33 66 65 22 2c 75 63 3a 22 31 66 34 34 63 2d 31 66 33 66 65 22 2c 69 73 43 61 Data Ascii: icode:["1f44d-1f3fb"],fname:"1f44d-1f3fb",uc:"1f44d-1f3fb",isCanonical:!1},":ok_hand_tone5:":{unicode:["1f44c-1f3ff"],fname:"1f44c-1f3ff",uc:"1f44c-1f3ff",isCanonical:!0},":ok_hand_tone4:":{unicode:["1f44c-1f3fe"],fname:"1f44c-1f3fe",uc:"1f44c-1f3fe",isCa
2024-11-22 03:45:09 UTC	16384	IN	Data Raw: 61 67 5f 73 6b 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 31 66 38 2d 31 66 31 66 30 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 31 66 38 2d 31 66 31 66 30 22 2c 75 63 3a 22 31 66 31 66 38 2d 31 66 31 66 30 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 73 6b 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 31 66 38 2d 31 66 31 66 30 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 31 66 38 2d 31 66 31 66 30 22 2c 75 63 3a 22 31 66 31 66 38 2d 31 66 31 66 30 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 66 6c 61 67 5f 73 6a 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 31 66 38 2d 31 66 31 65 66 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 31 66 38 2d 31 66 31 65 66 22 2c 75 63 3a 22 31 66 31 66 38 2d 31 66 31 65 66 22 2c 69 73 43 61 6e 6f 6e 69 63 61 Data Ascii: ag_sk:":{unicode:["1f1f8-1f1f0"],fname:"1f1f8-1f1f0",uc:"1f1f8-1f1f0",isCanonical:!0},":sk:":{unicode:["1f1f8-1f1f0"],fname:"1f1f8-1f1f0",uc:"1f1f8-1f1f0",isCanonical:!1},":flag_sj:":{unicode:["1f1f8-1f1ef"],fname:"1f1f8-1f1ef",uc:"1f1f8-1f1ef",isCanonica
2024-11-22 03:45:09 UTC	16384	IN	Data Raw: 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 31 65 65 2d 31 66 31 66 38 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 31 65 65 2d 31 66 31 66 38 22 2c 75 63 3a 22 31 66 31 65 65 2d 31 66 31 66 38 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 69 73 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 31 65 65 2d 31 66 31 66 38 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 31 65 65 2d 31 66 31 66 38 22 2c 75 63 3a 22 31 66 31 65 65 2d 31 66 31 66 38 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 66 6c 61 67 5f 69 72 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 31 65 65 2d 31 66 31 66 37 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 31 65 65 2d 31 66 31 66 37 22 2c 75 63 3a 22 31 66 31 65 65 2d 31 66 31 66 37 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 Data Ascii: :{unicode:["1f1ee-1f1f8"],fname:"1f1ee-1f1f8",uc:"1f1ee-1f1f8",isCanonical:!0},":is:":{unicode:["1f1ee-1f1f8"],fname:"1f1ee-1f1f8",uc:"1f1ee-1f1f8",isCanonical:!1},":flag_ir:":{unicode:["1f1ee-1f1f7"],fname:"1f1ee-1f1f7",uc:"1f1ee-1f1f7",isCanonical:!0},"
2024-11-22 03:45:09 UTC	16384	IN	Data Raw: 5b 22 31 66 31 65 37 2d 31 66 31 65 62 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 31 65 37 2d 31 66 31 65 62 22 2c 75 63 3a 22 31 66 31 65 37 2d 31 66 31 65 62 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 66 6c 61 67 5f 62 65 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 31 65 37 2d 31 66 31 65 61 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 31 65 37 2d 31 66 31 65 61 22 2c 75 63 3a 22 31 66 31 65 37 2d 31 66 31 65 61 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 62 65 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 31 65 37 2d 31 66 31 65 61 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 31 65 37 2d 31 66 31 65 61 22 2c 75 63 3a 22 31 66 31 65 37 2d 31 66 31 65 61 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 66 6c 61 67 5f 62 64 3a 22 Data Ascii: ["1f1e7-1f1eb"],fname:"1f1e7-1f1eb",uc:"1f1e7-1f1eb",isCanonical:!1},":flag_be:":{unicode:["1f1e7-1f1ea"],fname:"1f1e7-1f1ea",uc:"1f1e7-1f1ea",isCanonical:!0},":be:":{unicode:["1f1e7-1f1ea"],fname:"1f1e7-1f1ea",uc:"1f1e7-1f1ea",isCanonical:!1},":flag_bd:"
2024-11-22 03:45:09 UTC	16384	IN	Data Raw: 75 63 3a 22 31 66 36 65 39 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 63 72 75 69 73 65 5f 73 68 69 70 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 36 66 33 2d 66 65 30 66 22 2c 22 31 66 36 66 33 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 36 66 33 22 2c 75 63 3a 22 31 66 36 66 33 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 70 61 73 73 65 6e 67 65 72 5f 73 68 69 70 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 36 66 33 2d 66 65 30 66 22 2c 22 31 66 36 66 33 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 36 66 33 22 2c 75 63 3a 22 31 66 36 66 33 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 77 68 69 74 65 5f 73 75 6e 5f 73 6d 61 6c 6c 5f 63 6c 6f 75 64 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 33 32 34 2d 66 65 30 66 Data Ascii: uc:"1f6e9",isCanonical:!1},":cruise_ship:":{unicode:["1f6f3-fe0f","1f6f3"],fname:"1f6f3",uc:"1f6f3",isCanonical:!0},":passenger_ship:":{unicode:["1f6f3-fe0f","1f6f3"],fname:"1f6f3",uc:"1f6f3",isCanonical:!1},":white_sun_small_cloud:":{unicode:["1f324-fe0f
2024-11-22 03:45:09 UTC	16384	IN	Data Raw: 62 31 2d 66 65 30 66 22 2c 22 32 36 62 31 22 5d 2c 66 6e 61 6d 65 3a 22 32 36 62 31 22 2c 75 63 3a 22 32 36 62 31 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 66 75 6e 65 72 61 6c 5f 75 72 6e 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 32 36 62 31 2d 66 65 30 66 22 2c 22 32 36 62 31 22 5d 2c 66 6e 61 6d 65 3a 22 32 36 62 31 22 2c 75 63 3a 22 32 36 62 31 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 74 68 75 6e 64 65 72 5f 63 6c 6f 75 64 5f 72 61 69 6e 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 32 36 63 38 2d 66 65 30 66 22 2c 22 32 36 63 38 22 5d 2c 66 6e 61 6d 65 3a 22 32 36 63 38 22 2c 75 63 3a 22 32 36 63 38 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 74 68 75 6e 64 65 72 5f 63 6c 6f 75 64 5f 61 6e 64 5f 72 61 Data Ascii: b1-fe0f","26b1"],fname:"26b1",uc:"26b1",isCanonical:!0},":funeral_urn:":{unicode:["26b1-fe0f","26b1"],fname:"26b1",uc:"26b1",isCanonical:!1},":thunder_cloud_rain:":{unicode:["26c8-fe0f","26c8"],fname:"26c8",uc:"26c8",isCanonical:!0},":thunder_cloud_and_ra
2024-11-22 03:45:09 UTC	16384	IN	Data Raw: 33 22 2c 75 63 3a 22 31 66 33 38 33 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 6c 65 66 74 5f 66 61 63 69 6e 67 5f 66 69 73 74 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 31 62 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 31 62 22 2c 75 63 3a 22 31 66 39 31 62 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 30 7d 2c 22 3a 6c 65 66 74 5f 66 69 73 74 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 31 62 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 31 62 22 2c 75 63 3a 22 31 66 39 31 62 22 2c 69 73 43 61 6e 6f 6e 69 63 61 6c 3a 21 31 7d 2c 22 3a 72 69 67 68 74 5f 66 61 63 69 6e 67 5f 66 69 73 74 3a 22 3a 7b 75 6e 69 63 6f 64 65 3a 5b 22 31 66 39 31 63 22 5d 2c 66 6e 61 6d 65 3a 22 31 66 39 31 63 22 2c 75 63 3a 22 31 66 39 31 63 22 2c 69 73 43 61 Data Ascii: 3",uc:"1f383",isCanonical:!0},":left_facing_fist:":{unicode:["1f91b"],fname:"1f91b",uc:"1f91b",isCanonical:!0},":left_fist:":{unicode:["1f91b"],fname:"1f91b",uc:"1f91b",isCanonical:!1},":right_facing_fist:":{unicode:["1f91c"],fname:"1f91c",uc:"1f91c",isCa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.11.20	49803	151.101.1.229	443	2476	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-11-22 03:45:09 UTC	383	OUT	GET /emojione/assets/png/1f44b.png?v=2.2.7 HTTP/1.1 Host: cdn.jsdelivr.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2024-11-22 03:45:10 UTC	657	IN	HTTP/1.1 200 OK Connection: close Content-Length: 1311 Access-Control-Allow-Origin: * Access-Control-Expose-Headers: * Timing-Allow-Origin: * cache-control: public, max-age=31536000 Cross-Origin-Resource-Policy: cross-origin X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000; includeSubDomains; preload content-type: image/png ETag: W/"51f-Lhpf/5pVjttXKKAzYbc9FjP7pB4" Accept-Ranges: bytes Date: Fri, 22 Nov 2024 03:45:09 GMT Age: 1799830 X-Served-By: cache-fra-eddf8230054-FRA, cache-lga21993-LGA X-Cache: HIT, HIT Vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-11-22 03:45:10 UTC	1311	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 40 00 00 00 40 08 03 00 00 00 9d b7 81 ec 00 00 00 ed 50 4c 54 45 00 00 00 eb a3 52 eb a3 52 eb a3 52 eb a3 52 ff dd 67 ef af 56 ef ae 56 eb a3 52 eb a3 52 eb a3 52 42 ad e2 42 ad e2 42 ad e2 42 ad e2 ff dd 67 fb d2 63 fd d6 64 f8 c7 5f ee aa 55 ff dd 67 ff dd 67 fe d9 66 f3 b9 5a eb a3 52 42 ad e2 42 ad e2 42 ad e2 42 ad e2 42 ad e2 42 ad e2 ff dd 67 eb a3 52 ff dd 67 42 ad e2 42 ad e2 eb a3 52 ff dd 67 ec a7 53 fa ce 61 ff dd 67 f0 b2 57 42 ad e2 42 ad e2 f5 c0 5d ef b0 57 ee ad 56 ef ae 56 ee ab 55 ff dd 67 fa cf 62 ff dd 67 fb d1 63 f6 c4 5e ee ab 55 42 ad e2 ff dd 67 f1 b5 59 eb a3 52 42 ad e2 f3 bb 5b ff dd 67 eb a3 52 f5 c0 5d eb a3 52 f5 c0 5d ff dd 67 f8 c8 60 f7 c6 5f ff dd 67 eb a3 52 ff Data Ascii: PNGIHDR@@PLTERRRRgVVRRRBBBBgcd_UggfZRBBBBBBgRgBBRgSagWBB]WVVUgbgc^UBgYRB[gR]R]g`_gR

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 7464, Parent PID: 6148

General

Target ID:	0
Start time:	22:44:49
Start date:	21/11/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff69ce00000
File size:	2'742'376 bytes
MD5 hash:	BB7C48CDDDE076E7EB44022520F40F77
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2476, Parent PID: 7464

General

Target ID:	1
Start time:	22:44:50
Start date:	21/11/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-subproc-heap-profiling --field-trial-handle=2212,i,2975576958291642428,16294002062310823096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=2224 /prefetch:3
Imagebase:	0x7ff69ce00000
File size:	2'742'376 bytes
MD5 hash:	BB7C48CDDDE076E7EB44022520F40F77
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6500, Parent PID: 6148

General

Target ID:	2
Start time:	22:44:52
Start date:	21/11/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://365214tesauppeortbasd132.z26.web.core.windows.net/#"
Imagebase:	0x7ff69ce00000
File size:	2'742'376 bytes
MD5 hash:	BB7C48CDDDE076E7EB44022520F40F77
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 7676, Parent PID: 7464

General

Target ID:	6
Start time:	22:45:23
Start date:	21/11/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --no-subproc-heap-profiling --field-trial-handle=4648,i,2975576958291642428,16294002062310823096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20240909-180142.416000 --mojo-platform-channel-handle=5796 /prefetch:8
Imagebase:	0x7ff69ce00000
File size:	2'742'376 bytes
MD5 hash:	BB7C48CDDDE076E7EB44022520F40F77
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may abuse Internet browser extensions to establish persistent access to victim systems. Browser extensions or plugins are small programs that can add functionality and customize aspects of Internet browsers. They can be installed directly or through a browser's app store and generally have access and permissions to everything that the browser can access.
Tactics:	Persistence
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Process: Process Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of services running on remote hosts and local network infrastructure devices, including those that may be vulnerable to remote software exploitation. Common methods to acquire this information include port and/or vulnerability scans using tools that are brought onto a system.
Tactics:	Discovery
Data Sources:	Cloud Service: Cloud Service Enumeration, Command: Command Execution, Network Traffic: Network Traffic Flow
Platforms:	Containers, IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://365214tesauppeortbasd132.z26.web.core.windows.net/#

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Dropped Files

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

Spam, unwanted Advertisements and Ransom Demands

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Windows Analysis Report
https://365214tesauppeortbasd132.z26.web.core.windows.net/#