Edit tour

Windows Analysis Report
https://1wbapm.life

Overview

General Information

Sample URL:	https://1wbapm.life
Analysis ID:	1567597
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

HTML body contains low number of good links

HTML title does not match URL

Classification

Process Tree

System is w10x64

chrome.exe (PID: 2120 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2020 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2244,i,5928367224194996811,14827070889716050842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6556 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5216 --field-trial-handle=2244,i,5928367224194996811,14827070889716050842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6576 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 --field-trial-handle=2244,i,5928367224194996811,14827070889716050842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6536 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://1wbapm.life" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

HTTP traffic detected: POST /g/collect?v=2&tid=G-548949LWLW&gtm=45je4bk0v894728184z8894400803za200zb894400803&_p=1733239123238&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1573909494.1733239129&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733239128&sct=1&seg=0&dl=https%3A%2F%2F1wbapm.life%2F&dt=1win%20-%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=25355 HTTP/1.1Host: analytics.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://1wbapm.lifeX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://1wbapm.life/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: http://hilios.github.io/jQuery.countdown/)
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: http://jquery.com/
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_145.2.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_167.2.dr	String found in binary or memory: https://1win.com/
Source: chromecache_128.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_145.2.dr	String found in binary or memory: https://bcrw.apple.com/urn:biz:
Source: chromecache_144.2.dr, chromecache_146.2.dr, chromecache_133.2.dr, chromecache_155.2.dr, chromecache_113.2.dr, chromecache_128.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://chats.viber.com/
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/CSS/linear-gradient
Source: chromecache_170.2.dr, chromecache_124.2.dr	String found in binary or memory: https://devtools.vuejs.org/guide/installation.html.
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://drafts.csswg.org/css-images-3/#gradients
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://github.com/Modernizr/Modernizr/issues/202)
Source: chromecache_170.2.dr, chromecache_124.2.dr	String found in binary or memory: https://github.com/Yaffle/EventSource/
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://github.com/carhartl/jquery-cookie
Source: chromecache_170.2.dr, chromecache_124.2.dr	String found in binary or memory: https://github.com/js-cookie/js-cookie
Source: chromecache_128.2.dr	String found in binary or memory: https://google.com
Source: chromecache_128.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/interaction.html#contenteditable
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://join.skype.com/bot/
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://modernizr.com/download?-audio-contenteditable-cssgradients-websockets-hasevent-mq-setclasses
Source: chromecache_139.2.dr, chromecache_97.2.dr	String found in binary or memory: https://oauth.mail.ru/login?client_id=$
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://ok.ru/messages/group/
Source: chromecache_128.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_144.2.dr, chromecache_146.2.dr, chromecache_133.2.dr, chromecache_155.2.dr, chromecache_113.2.dr, chromecache_128.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_124.2.dr	String found in binary or memory: https://pinia.vuejs.org
Source: chromecache_124.2.dr	String found in binary or memory: https://pinia.vuejs.org/logo.svg
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://static.cdn-apple.com
Source: chromecache_144.2.dr, chromecache_155.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://t.me/
Source: chromecache_167.2.dr	String found in binary or memory: https://t.me/$
Source: chromecache_144.2.dr, chromecache_146.2.dr, chromecache_133.2.dr, chromecache_155.2.dr, chromecache_113.2.dr, chromecache_128.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_167.2.dr	String found in binary or memory: https://telegram.org/js/telegram-web-app.js
Source: chromecache_167.2.dr	String found in binary or memory: https://us.v1.bundlecdn.com
Source: chromecache_167.2.dr	String found in binary or memory: https://v1.bundlecdn.com
Source: chromecache_167.2.dr	String found in binary or memory: https://v1.bundlecdn.com/css/desktop.079ecccda.css
Source: chromecache_167.2.dr	String found in binary or memory: https://v1.bundlecdn.com/css/mobile.dad55baf1.css
Source: chromecache_167.2.dr	String found in binary or memory: https://v1.bundlecdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2
Source: chromecache_167.2.dr	String found in binary or memory: https://v1.bundlecdn.com/font/SFNSText-latin.f09aa5229.woff2
Source: chromecache_167.2.dr	String found in binary or memory: https://v1.bundlecdn.com/js/desktop.815aece8e.js
Source: chromecache_167.2.dr	String found in binary or memory: https://v1.bundlecdn.com/js/mobile.755f2472a.js
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://vk.me/public
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://wa.me/
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://webkit.org/blog/175/introducing-css-gradients/
Source: chromecache_128.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_177.2.dr, chromecache_105.2.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/16482547739/?random
Source: chromecache_128.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_128.2.dr, chromecache_167.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_146.2.dr, chromecache_133.2.dr, chromecache_113.2.dr, chromecache_128.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_167.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_146.2.dr, chromecache_133.2.dr, chromecache_113.2.dr, chromecache_128.2.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: https://www.gupshup.io/whatsapp/optin
Source: chromecache_144.2.dr, chromecache_155.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49910 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49912 version: TLS 1.2

Source: classification engine

Classification label: mal56.win@23/135@64/20

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2244,i,5928367224194996811,14827070889716050842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://1wbapm.life"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5216 --field-trial-handle=2244,i,5928367224194996811,14827070889716050842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 --field-trial-handle=2244,i,5928367224194996811,14827070889716050842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2244,i,5928367224194996811,14827070889716050842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5216 --field-trial-handle=2244,i,5928367224194996811,14827070889716050842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 --field-trial-handle=2244,i,5928367224194996811,14827070889716050842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://1wbapm.life	100%	Avira URL Cloud	phishing

Source	Detection	Scanner	Label
https://1win.com/	0%	Avira URL Cloud	safe
https://html.spec.whatwg.org/multipage/interaction.html#contenteditable	0%	Avira URL Cloud	safe
https://win2.webim.ru./v/fonts/Roboto.ttf	0%	Avira URL Cloud	safe
https://win2.webim.ru./v/images/ui-icons_222222_256x240.png	0%	Avira URL Cloud	safe
https://win2.webim.ru./l/v/js-error?error=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27fetch%27)%0ATypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27fetch%27)%0A%20%20%20%20at%20child.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1910%3A710)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1670%3A1101)%0A%20%20%20%20at%20fire%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A214%3A223)%0A%20%20%20%20at%20Object.fireWith%20%5Bas%20resolveWith%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A220%3A181)%0A%20%20%20%20at%20deferred.%3Ccomputed%3E%20%5Bas%20resolve%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A222%3A56)%0A%20%20%20%20at%20child.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1802%3A216)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1670%3A1101)%0A%20%20%20%20at%20fire%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A214%3A223)%0A%20%20%20%20at%20Object.fireWith%20%5Bas%20resolveWith%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A220%3A181)%0A%20%20%20%20at%20deferred.%3Ccomputed%3E%20%5Bas%20resolve%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A222%3A56)&callback=webimRequestCallback73062177131020420	0%	Avira URL Cloud	safe
https://modernizr.com/download?-audio-contenteditable-cssgradients-websockets-hasevent-mq-setclasses	0%	Avira URL Cloud	safe
https://win2.webim.ru./js/button.js	0%	Avira URL Cloud	safe
https://1wbapm.life/img/logo/main/1win-normal.svg	100%	Avira URL Cloud	phishing
https://win2.webim.ru./v/ui-resources.php?location=location_en&mode=desktop&lang=en&decca9d4&callback=getWebimUIResourcesCallback	0%	Avira URL Cloud	safe
https://www.gupshup.io/whatsapp/optin	0%	Avira URL Cloud	safe
https://us.v1.bundlecdn.com	100%	Avira URL Cloud	malware
https://win2.webim.ru./l/v/poll?action=chat.start&visit-session-id=2ddb663fdf6a49579880b7972d7fa9ea&page-id=c1a084c66f27473db4b08cba4402b3db&since=1&auth-token=f77fda3cac2cb88daff66e6896693dd6&lang=en&callback=webimRequestCallback41732540428715330&current_ts=1733239149.37777	0%	Avira URL Cloud	safe
https://win2.webim.ru./v/images/default-auto-invite-operator.gif	0%	Avira URL Cloud	safe
https://win2.webim.ru/v/images/file.svg	0%	Avira URL Cloud	safe
https://win2.webim.ru./l/v/get-online-status?callback=webimApplyOnlineStatusResponse	0%	Avira URL Cloud	safe
https://win2.webim.ru./l/v/init?action=init&visit-session-id=&url=https%3A%2F%2F1wbapm.life%2F&referer=&title=1win%20-%20Loading&version=10.6.63&since=0&visitor-ext=%7B%7D&location=location_en&callback=webimRequestCallback70403610990343290	0%	Avira URL Cloud	safe
https://win2.webim.ru./v/fonts/Ubuntu-Bold.ttf	0%	Avira URL Cloud	safe
https://win2.webim.ru./l/v/js-error?error=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27set%27)%0ATypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27set%27)%0A%20%20%20%20at%20child.sessionStateUpdateHandler%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1928%3A157)%0A%20%20%20%20at%20child.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1908%3A808)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1670%3A1101)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A221%3A681)%0A%20%20%20%20at%20fire%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A214%3A223)%0A%20%20%20%20at%20Object.fireWith%20%5Bas%20resolveWith%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A220%3A181)%0A%20%20%20%20at%20deferred.%3Ccomputed%3E%20%5Bas%20resolve%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A222%3A56)%0A%20%20%20%20at%20child.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1802%3A216)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1670%3A1101)%0A%20%20%20%20at%20fire%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A214%3A223)&callback=webimRequestCallback86225262956823310	0%	Avira URL Cloud	safe
https://1wbapm.life/threatmetrix/v5/fp-clientlib-v5.js	100%	Avira URL Cloud	phishing
https://3fb27s7bk5ltvtf2kf36edxosyzyv4qryse6ztjzb46334d8edd8e0adam1.e.aa.online-metrix.net/avS7eyGTlLEBCF-t?fc74a419bc32cc2e=4Jcu-L8GDBIi78e2uvYMOUj2IJ0SCMCLTFPxTkrmSAZoCmtJ-l1arWHqml_CWJEd3KCWC2i7jRsENAPpHTLdFgOL1D8jZsL0xSlXA-1Qn6MH5zwHfspl3YzOn7T3mQzNN4W68rZa4e2UeaYBJkXYABUDRRxmrXcEtKC2	0%	Avira URL Cloud	safe
https://1wbapm.life/firebase/8.1.1/firebase-app.js	100%	Avira URL Cloud	phishing
https://win2.webim.ru./images/chat_logo/win2_default.png?1717000249188955	0%	Avira URL Cloud	safe
https://win2.webim.ru./v/fonts/Ubuntu.ttf	0%	Avira URL Cloud	safe
https://drafts.csswg.org/css-images-3/#gradients	0%	Avira URL Cloud	safe
https://win2.webim.ru./v/fonts/Roboto-Bold.ttf	0%	Avira URL Cloud	safe
https://win2.webim.ru./api/visitor/v1/configs/location_en?jsonp=true	0%	Avira URL Cloud	safe
https://win2.webim.ru./l/v/get-online-status?location=location_en&callback=webimApplyOnlineStatusResponse	0%	Avira URL Cloud	safe
https://win2.webim.ru./images/win2_site_logo.png?1717002226673364	0%	Avira URL Cloud	safe
https://1wbapm.life/img/icons/android-chrome-192x192.png	100%	Avira URL Cloud	phishing
https://1wbapm.life/core-js/3.33.3/minified.js	100%	Avira URL Cloud	phishing
https://1wbapm.life/firebase/8.1.1/firebase-messaging.js	100%	Avira URL Cloud	phishing
https://win2.webim.ru/v/images/files.svg	0%	Avira URL Cloud	safe
https://1wbapm.life/fss/web-app-manifest	100%	Avira URL Cloud	phishing
https://win2.webim.ru/v/images/upload.png	0%	Avira URL Cloud	safe
https://1wbapm.life/img/icons/favicon-32x32.png	100%	Avira URL Cloud	phishing
https://chats.viber.com/	0%	Avira URL Cloud	safe
https://win2.webim.ru./api/visitor/v1/configs/default?jsonp=true	0%	Avira URL Cloud	safe
https://win2.webim.ru./webim/images/cursor.png	0%	Avira URL Cloud	safe
https://win2.webim.ru/v/images/default-department-logo.png	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
v1.bundlecdn.com	154.197.121.128	true	false	high
vc-live-cf.hotjar.io	18.66.161.34	true	false	high
3fb27s7bk5ltvtf2kf36edxosyzyv4qryse6ztjzb46334d8edd8e0adam1.e.aa.online-metrix.net	91.235.134.131	true	false	unknown
1wbapm.life	186.2.162.102	true	false	unknown
eu-aa.online-metrix.net	91.235.132.129	true	false	high
stats.g.doubleclick.net	66.102.1.154	true	false	high
win2.webim.ru	185.73.212.248	true	false	high
analytics-alv.google.com	216.239.32.181	true	false	high
script.hotjar.com	108.158.75.109	true	false	high
googleads.g.doubleclick.net	172.217.17.66	true	false	high
www.google.com	142.250.181.68	true	false	high
td.doubleclick.net	142.250.181.66	true	false	high
h64.online-metrix.net	192.225.158.1	true	false	high
h.online-metrix.net	91.235.132.130	true	false	high
aa.online-metrix.net	91.235.132.129	true	false	high
static-cdn.hotjar.com	108.158.75.120	true	false	high
vc.hotjar.io	unknown	unknown	false	high
static.hotjar.com	unknown	unknown	false	high
analytics.google.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://v1.bundlecdn.com/css/desktop.079ecccda.css	false		high
https://win2.webim.ru./v/images/ui-icons_222222_256x240.png	false	Avira URL Cloud: safe	unknown
https://h.online-metrix.net/MdgId_AJx6zr_PoY?2ce7a47860616510=19k89cfor9EOYoyNtve1TZt_YoqV8NkqC33_F_RLy0lTuHRrz8zVmVuZbT1-TqnEILp7BV-fFIiaBFE649WgY8k94fy4O_oL-pMPN8s2hHjAPENEH38NJgfZHbrTKNo8r70JFbBKivmInjqX8nh8nMyA0dg&jf=3134246e73623d616d673131356b616b63336b363535343161646363303a63676c3531613b3467	false		high
https://h.online-metrix.net/xaZVfRk6SCTeB7R7?99711de1facaaa5f=OnvzXehuHutX6QM3qVcVyfNB-01yo3pn14TLi4bMfIIj2qtAw3bD2lT8O-GQEY053a61iKK07Ao_YaLTChudoBsMcAXI_sU58rgcOgaKG_nPd9-RqC69V65xzkyjLWrdxXeU6774Z1Tfof2IQ89uXJo3d90&jac=1&je=3037242477696d3f7f676270746b5f616e766d706c616c576f646e71	false		high
https://1wbapm.life/	true		unknown
https://win2.webim.ru./v/fonts/Roboto.ttf	false	Avira URL Cloud: safe	unknown
https://v1.bundlecdn.com/js/chunk-common.58138f620.js	false		high
https://win2.webim.ru./v/ui-resources.php?location=location_en&mode=desktop&lang=en&decca9d4&callback=getWebimUIResourcesCallback	false	Avira URL Cloud: safe	unknown
https://1wbapm.life/img/logo/main/1win-normal.svg	true	Avira URL Cloud: phishing	unknown
https://h.online-metrix.net/vTeZ15kEk5yR2p7j?3e049cb4d58299c9=vX3tuNPEAq4SDFjFaaeC7SU0OF7siFwJq1ami_4cWQ0iTDAckfLGK7XOR3aUuBJequu-d5JWs-gvKrfvzWjft8k4I1dD9EQ41I9mV2uDrMuOg1Uu_9OxTSnLiqjVt2F3PJ9-dLGlu2-77YCCZgls6g	false		high
https://h.online-metrix.net/zYRZoz58gHGov98M?940406f9532e1ffb=8feWlQTtt-LOU5L0re5TCLHF4TW66Y6T4soW93iRhiLyzXm6A2aLcMwp1fATKUVLxrYzI31VMyx95vCJmc4z0j4XdXO02AeD0Ga7m3tjynM50yU9zUj7dFYqEg_WKX9ht132DAkJ4pBbT8x31bTU99fh6fbnbnWhHt3aFRtfbtWwt_w	false		high
https://win2.webim.ru./js/button.js	false	Avira URL Cloud: safe	unknown
https://h.online-metrix.net/tXWH9tuVXRet6tyC?4343dcb70e70b8ae=C68qlWisGzoR66A_4l55-PyVGQvYy2fOi35wGpoQq8G2VPnfWV1GKhyLiW8vBZjBbSAz7h9ZupbcnmSgtbmBsp_BpGP_yoMJzisysvkmQozRMtlEkqGVvPkXJ02DpxahuaDrMvm1ztO24NZAEjQM9g&fr	false		high
https://win2.webim.ru./l/v/js-error?error=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27fetch%27)%0ATypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27fetch%27)%0A%20%20%20%20at%20child.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1910%3A710)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1670%3A1101)%0A%20%20%20%20at%20fire%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A214%3A223)%0A%20%20%20%20at%20Object.fireWith%20%5Bas%20resolveWith%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A220%3A181)%0A%20%20%20%20at%20deferred.%3Ccomputed%3E%20%5Bas%20resolve%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A222%3A56)%0A%20%20%20%20at%20child.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1802%3A216)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1670%3A1101)%0A%20%20%20%20at%20fire%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A214%3A223)%0A%20%20%20%20at%20Object.fireWith%20%5Bas%20resolveWith%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A220%3A181)%0A%20%20%20%20at%20deferred.%3Ccomputed%3E%20%5Bas%20resolve%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A222%3A56)&callback=webimRequestCallback73062177131020420	false	Avira URL Cloud: safe	unknown
https://win2.webim.ru./l/v/init?action=init&visit-session-id=&url=https%3A%2F%2F1wbapm.life%2F&referer=&title=1win%20-%20Loading&version=10.6.63&since=0&visitor-ext=%7B%7D&location=location_en&callback=webimRequestCallback70403610990343290	false	Avira URL Cloud: safe	unknown
https://win2.webim.ru./v/fonts/Ubuntu-Bold.ttf	false	Avira URL Cloud: safe	unknown
https://h.online-metrix.net/fp/clear.png	false		high
https://h.online-metrix.net/xaZVfRk6SCTeB7R7?99711de1facaaa5f=OnvzXehuHutX6QM3qVcVyfNB-01yo3pn14TLi4bMfIIj2qtAw3bD2lT8O-GQEY053a61iKK07Ao_YaLTChudoBsMcAXI_sU58rgcOgaKG_nPd9-RqC69V65xzkyjLWrdxXeU6774Z1Tfof2IQ89uXJo3d90&jac=1&je=33303037262662637c71743f253f422d3230646774656c2d3032253141392e3238273a4327303071746174777b273230253b412d32306b6a637267616c672530322d37462e637d646a3f6167666261673c353834373f663832646a606639373b34313734393a64606c3b6b3636373260663536363934363b656a656e313731376362373c37613233313f26677031353260606661663337346c633636323d353838313f603038363a6639373b343c34636a603d65673631246578343f6b353835343a323061636e3b3037343863336264356d303b6a676e3635646132266a736d3555696c6467777b25303833322675696a3d2535422d323069706b686b766761747572672d3032273349253a327a30342732322d30432530326a697666677b7327303027334125303a343427323a253a43273a306072616666732530322d33432d374a25354027303262726366662530322d334925303a456d6f6764672532324360726d65672d3230273041253232746d70736b6f66253a32273b432732323933372530322d37462d304b25354027303262726366662530322d334925303a4c6d74253b40412531444a726366662d3230273041253232746d70736b6f66253a32273b432732323027323227374c25304b273f422730306072616e662d3032273349253a324160706d6d697d6f253230253a43273a307e6570716b6d6e2532302d314127323a313937273a302737442d37442530432d32306e77646c54677071696f6e4e61717427323a253b41273d402737422d30326270616664273a302d3343273030476f6f6564672530304b687a6f6f6d273032253a41253230766d7271616d662530302731412532303933372c30263531333a26333132253a30253746253a43273f402d32306070636e6425303a273343253a32466f762d314041253b464272636e6c25303a273a43273030746572736b676c2530322d334925303a3a2c302e382c302530322d37462d304b25354027303262726366662530322d334925303a416a726f656b756d27323a25304b273a3274677071696f6e273a302531412d323a31333f2c322e353131382e33333a25303a273f4427374627324325303a6f6f606964652d32302d314366616471652530432d3230656d6c656e273030253341273a302530322d324b25303a726e61746e6d726d27323a253149273a32556b6c666f7773273a302530432d323a706e6976646f72655465727169676e273a302d334327303031302e3226322530322d324b25303a756d77363c273232273349666364716d2535462477616c3d273f402530326a72696e667b273032253b43253540253f42273a306a72636c6627323225314927323047676f6f6c672d303243687a6d6d6527323a25304b273a3274677071696f6e273a302531412d323a31333f273032253f46253241253f42273a306a72636c662732322531492732304e67742d334049273144427a636e6427323a25304b273a3274677071696f6e273a302531412d323a38273a302737442d30432535422d32306a70696e66273030253341273a30436a72676d61756f2d303025324b27323274657a736b676c2d32302731432532323339352530322d374c25374c273043253a306d6f60696465273a302d334364636e736525304b2732307064617c666d7a6f2732322d31412530325f696c6c6d7f73273030273744	false		high
https://h.online-metrix.net/xaZVfRk6SCTeB7R7?99711de1facaaa5f=OnvzXehuHutX6QM3qVcVyfNB-01yo3pn14TLi4bMfIIj2qtAw3bD2lT8O-GQEY053a61iKK07Ao_YaLTChudoBsMcAXI_sU58rgcOgaKG_nPd9-RqC69V65xzkyjLWrdxXeU6774Z1Tfof2IQ89uXJo3d90&jac=1&je=343524246a666e3f393132246a6e683537313137326662303561353b363130303a3369363a3b6732306538676b3062332662667c6e3f3838303333383831333026786d3f666d	false		high
https://win2.webim.ru./l/v/js-error?error=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27set%27)%0ATypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27set%27)%0A%20%20%20%20at%20child.sessionStateUpdateHandler%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1928%3A157)%0A%20%20%20%20at%20child.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1908%3A808)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1670%3A1101)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A221%3A681)%0A%20%20%20%20at%20fire%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A214%3A223)%0A%20%20%20%20at%20Object.fireWith%20%5Bas%20resolveWith%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A220%3A181)%0A%20%20%20%20at%20deferred.%3Ccomputed%3E%20%5Bas%20resolve%5D%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A222%3A56)%0A%20%20%20%20at%20child.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1802%3A216)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A1670%3A1101)%0A%20%20%20%20at%20fire%20(https%3A%2F%2Fwin2.webim.ru.%2Fjs%2Fbutton.js%3A214%3A223)&callback=webimRequestCallback86225262956823310	false	Avira URL Cloud: safe	unknown
https://win2.webim.ru./v/images/default-auto-invite-operator.gif	false	Avira URL Cloud: safe	unknown
https://win2.webim.ru./l/v/poll?action=chat.start&visit-session-id=2ddb663fdf6a49579880b7972d7fa9ea&page-id=c1a084c66f27473db4b08cba4402b3db&since=1&auth-token=f77fda3cac2cb88daff66e6896693dd6&lang=en&callback=webimRequestCallback41732540428715330&current_ts=1733239149.37777	false	Avira URL Cloud: safe	unknown
https://v1.bundlecdn.com/font/SFNSText-latin.f09aa5229.woff2	false		high
https://1wbapm.life/threatmetrix/v5/fp-clientlib-v5.js	true	Avira URL Cloud: phishing	unknown
https://static.hotjar.com/c/hotjar-2606090.js?sv=6	false		high
https://h.online-metrix.net/xaZVfRk6SCTeB7R7?99711de1facaaa5f=OnvzXehuHutX6QM3qVcVyfNB-01yo3pn14TLi4bMfIIj2qtAw3bD2lT8O-GQEY053a61iKK07Ao_YaLTChudoBsMcAXI_sU58rgcOgaKG_nPd9-RqC69V65xzkyjLWrdxXeU6774Z1Tfof2IQ89uXJo3d90&jb=3134246e73613d306a3464643939646e393a6a363361376a61626436376a323b3b676b30643331	false		high
https://win2.webim.ru/v/images/file.svg	false	Avira URL Cloud: safe	unknown
https://v1.bundlecdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2	false		high
https://3fb27s7bk5ltvtf2kf36edxosyzyv4qryse6ztjzb46334d8edd8e0adam1.e.aa.online-metrix.net/avS7eyGTlLEBCF-t?fc74a419bc32cc2e=4Jcu-L8GDBIi78e2uvYMOUj2IJ0SCMCLTFPxTkrmSAZoCmtJ-l1arWHqml_CWJEd3KCWC2i7jRsENAPpHTLdFgOL1D8jZsL0xSlXA-1Qn6MH5zwHfspl3YzOn7T3mQzNN4W68rZa4e2UeaYBJkXYABUDRRxmrXcEtKC2	false	Avira URL Cloud: safe	unknown
https://script.hotjar.com/modules.86621fa4aeada5bcf025.js	false		high
https://win2.webim.ru./l/v/get-online-status?callback=webimApplyOnlineStatusResponse	false	Avira URL Cloud: safe	unknown
https://h.online-metrix.net/C6g3HeBZMhZ8wQwZ?9442f3db3cd4397d=-kPO_b0YARaW0iBVBhOIVUMca5xlbulJZN2Pb_lv52OqtI_YrAmD_lsmNtqXBT03VKRVUtDkLxY1L6-IElHO9uQLpXXFcemFwqnpUc1yxXoSQQ3uEn5rG2xKhhMtQ3-dBn777MKUaPIbqgoWDCQBWMiwQ_XHI8JLsY-XXec	false		high
https://h.online-metrix.net/MMl-2TZcFDwpB7X_?992475aff7cb641a=6rhNCZ3OqC21HWrRqYsbdtLFn0ducRmupgqwWNoXKeE45M885M_lcSdSGto7pgLNsu9lIJOx409Hhh7_Xk0s0PLcKkF76XxynJJv8Nz-7N8WMiNn2xQrr63-XxwOJZvbynbegUDNkm4ZCJOm7uv7BFUC1eq20DyZAQm6_AA	false		high
https://1wbapm.life/firebase/8.1.1/firebase-app.js	true	Avira URL Cloud: phishing	unknown
https://h.online-metrix.net/ZujEyOQuGJMJdcEN?84f70a406636d014=oaWsg6Ce14beynRp2Sekt6grDAU7IzMRnMiDIUKI0iJBvP6501hp89uYslbXM7Yn7Vqwllc1lcKRFoZanPRnwEcpVqGS72mIXe3Dfm-ZTrDUy1bbVX-GW3R36f4-i7TinCcj8OvCQmbTDyKF70g9qAVMBjJnf4q_I19OcUWk2thSSEeEPydVWCvFwzaPB9Uf17_3pBo9-4C-WV9E35ZW2z9_43o&sera_parametere=BEQLUQUFBVtWUwdeAFNRUwdSDlABAlYOBF1UCVUJWVEAAAUDUAZRWwFTUB4WQ1wNDERDR0ARV3xAUyYdUnREVlJeRVZfUQldCxAXHVZ0RFMgBBMEdxFWCA0LF0wWFVIgRwN0FgRwQlwMWQFZVQhQXFtSDlBQA1xZUwVQWQYFAFAAAwQLUFABDQFdAAtTBVdVWlEQXVxaB11YBlAOVgNVAFpRUlcLUVRZAUIOS1gAGVIBVwIKB1dVDAEGAA1SUgdRWgcCC1IFAlxXBV0MVVVRBlVVUFcGA1UeBA1ZCVcHV1FEXV8OHgVCSAxZXQFcCVlCCl8LFVEJJ1AXCwldQ1IXWVMFARVRWxcFMg0KXApHEkIBVgtHV047WwQICFoEUwpCB0ALBAI%3D&count=0&max=0	false		high
https://h.online-metrix.net/9JRz3w-Nzm0m5Lkg?1bf36593797ba825=iAYEOE1pKE5_uw7_QkChkCBb3XlHyx0NUtR9h5uNIjLVBCLIbcehNy1n5HwL7EXJrokr5lFlL6oGbmHJK4pyyR1FYKhQbXylZ7Tyw_I2_7xT1b7ebF1gK0518wGK8N_RX5ioMREgMjKwwL6Pzdz6C_IWkte6F1-y0ZatY2CAoPeg9uBZnmNCIfsPNS1ZHBrKgCzuLid0L3iHnZlZoHI&jf=36333a247369645d7a6c643f746c725769543b5533536d447b683953577959302e7161645d666376653d31353b3132313939333c267161665d747978673d7767623265616c716926716b665d6b65793f3b32353b3338313b303438353061383e36386367336c303038333836323a30633836343a6b673366303b3039303538313632303832343467623b39673a663a643a373666303833366a37613b366b6638356339333b36616d64326561376a663369346b30336134353633323b6b3b3236363f636e64603c61373233306663663b393835333e613138603535323935316131306637343a363d376131323b35333130663467646a61613f333f64323531303261633a31612671696c5f7b696535313234363830323132303136353c3a3c343130613a3430363230603235653c3839376631616063386c34653667333e653630606b62353334356532333a6d36613a306b396936323f353530323a33303060616930603936313332606367633161603f3764313239363e3363303b3032323160363067666a3466693739343131373a306533303e643434353c326d39646b247169667a3f30	false		high
https://win2.webim.ru./images/chat_logo/win2_default.png?1717000249188955	false	Avira URL Cloud: safe	unknown
https://vc.hotjar.io/sessions/2606090?s=0.25&r=0.014484907609569664	false		high
https://h.online-metrix.net/Hj5oTKb4tmpQp947?52f40d43a28335bd=9iAqhvoJflMvr73JL1Z9CiC50-sUTsMfII3j75Q0xslK-nugbS0fwmiDu30g5fSE-iD3GS-LzRWeqnlLADZaPjIrC4lisWj38uSmEnra-6qTvYlcxctYgyH67FJPH1f_fsnY2j-NkS6XtqPYlw5NotWwLRY1YpRumzcbmo_UBtvAG-mhBHHqIEzu29JAmYGb_j2l_86U5-O9khhgSLA	false		high
https://win2.webim.ru./v/fonts/Roboto-Bold.ttf	false	Avira URL Cloud: safe	unknown
https://v1.bundlecdn.com/js/chunk-vendors.fec70f6bd.js	false		high
https://win2.webim.ru./images/win2_site_logo.png?1717002226673364	false	Avira URL Cloud: safe	unknown
https://win2.webim.ru./v/fonts/Ubuntu.ttf	false	Avira URL Cloud: safe	unknown
https://1wbapm.life/core-js/3.33.3/minified.js	true	Avira URL Cloud: phishing	unknown
https://1wbapm.life/img/icons/android-chrome-192x192.png	true	Avira URL Cloud: phishing	unknown
https://win2.webim.ru./l/v/get-online-status?location=location_en&callback=webimApplyOnlineStatusResponse	false	Avira URL Cloud: safe	unknown
https://v1.bundlecdn.com/js/index.7040fa29d.js	false		high
https://win2.webim.ru./api/visitor/v1/configs/location_en?jsonp=true	false	Avira URL Cloud: safe	unknown
https://v1.bundlecdn.com/css/index.aedf85995.css	false		high
https://h.online-metrix.net/v2fjSVff2mtFl2Vw?e0dbb41e9ab0115e=0xVH2eBxIg8flU9o2YdvMTpeKkg3J5PodziACpq0dI2IfFAFRTsoCDvcGJPfi1N_By2Pp9m0h4aA4EXgtFo-C09US7LZF53Buuo3pSrCaNQiLVGYT1WIGIr6-7ZnAxy1vJWKxI7Y3qraZg98-Oi57CbmC_mZT9DnF0Am718_BHETE7CF0BtaSxHvd_lNp4c4nuiOsqy-5nC-jAFn&jb=373b24246a736f773555696c6467777b26687b6d3f576966666f7771253a30333824627360773f4168726f6f6d246a7162354360726d6567273230393337	false		high
https://1wbapm.life/firebase/8.1.1/firebase-messaging.js	true	Avira URL Cloud: phishing	unknown
https://win2.webim.ru/v/images/files.svg	false	Avira URL Cloud: safe	unknown
https://win2.webim.ru./api/visitor/v1/configs/default?jsonp=true	false	Avira URL Cloud: safe	unknown
https://1wbapm.life/fss/web-app-manifest	true	Avira URL Cloud: phishing	unknown
https://h.online-metrix.net/xaZVfRk6SCTeB7R7?99711de1facaaa5f=OnvzXehuHutX6QM3qVcVyfNB-01yo3pn14TLi4bMfIIj2qtAw3bD2lT8O-GQEY053a61iKK07Ao_YaLTChudoBsMcAXI_sU58rgcOgaKG_nPd9-RqC69V65xzkyjLWrdxXeU6774Z1Tfof2IQ89uXJo3d90&ja=333a3a352626633f2531303226723d3e30246e3f333238387a313030342e616435333a38327a3b3a3426737a713f307a302e6478723f392e333238382e31303034243130303224393a362e333238302e3132372e313a38382c3b30362e302c38246d743f323f663739663b31363b67346266323231603634626c3330376038636433633c246d6e3f322e73616c3f3a34246e6a3f687474727b273343253a462d32443975606170652c6c6964652d32442e72643d3724726a3d6538323a666663353d353939316e36676265303b393367623c613b3130313066246a6a3d3531353a353634376e323037353f336333316a63366667353d383b69613863362468716f3d576b66666f75732d323831322e6871623d4b6a726f6f652d323239333f2668716d773d57696c6c6d77712662736a753f4b6a706f6d6d246e68613d3c266c6c6f3538246c6f76703d30247c78643f4165657a6961692730464e6d755f596d7263266f697660723f363232336431613a606561303a653e63613d343230383a63643137353c30336e663c353a3a33363164366769633236646b393c61646a663532333931313934612e6470356a7c7472712731412532442d304633776a61786d2c646b6465253a4426703f70647565616c57666e63716a25354564696e736721786c7d676b665d75696e6c6d77735d6d6d646b695d786c637b677025354564696e736721786c7d676b665d63646f6a675f6161726762637c273d4564636e716521706e7d65696c5f79756163697c6b6f65253d4766616e736d217264776f696c5d716a6f636b7569746527354d66696c716d23726c756f6b6e5f7065696c72646371657027374766616c716d23706e756f69665f7464615d706c697b657227354d666364716d21726e7765696e5f666d74616e767a253d4564696e716521786e75676b6e5773746f5d7e696775677025354564696e736721786c7d676b665d6861766927354564616473672e65645f613f756762676c556d60474e253a30392e322d3032284f78676e474e253a30475b273a30302c32273230436a7a6d6d6b7565295f65604f4e2732304f4e534c27323845512d3038312c32273030284f726d6c474e253a304d53273a32454c534427323047532d3232392c38253032416a726f6d6b7d6f2955656a4b6174556d604969742d30305767624f4c43464544455d6b6c7174616e616d665f63727a617173273b402732304d5a545f606c6d6e66576f616e6f637a2733422530384758565f6b6f646f7057607766666d705f68636c6e5f64646d6974273140273230455a5c5d666e6f697457626e6d6c6625334a27323047585c5f647a636f5f66677276682533402d303047585c5f7b68636c67705f746d7a74757065576c6d6c273b422730324758545f766d7a7477726d5f6b6f6f7870677373616d6e5f60707c63273b402d3232475a565f74657a7c7772675f6b6f6570706d7171696f665d726776632d33402d3038455a565d76657874777a675f646964746d725d696c6b736f7c706f706b632d33402d3038455a565d71524742273b4025303047455b5f6764676f656e7c5d696e6665705f77616c7c2531402730304f45515764626d5f7a656664677a5d6f69706563702531422d323247475b5f7176636c6461726657666570697e617c69746d712733422d30304f475357746770767d72675d646e6f6174273b4025303047455b5f766d7a7675726d5d666c6d617c5f6e616c6d61702731402532304d4d515f766570747d7267576a636c6657646c6f63742d33402d30384f47515d76657874777a675f6a61646657666e6763765f6c616c656170253b42273a324745515d74677274657a5763727061715f6762686d617625334a27323055454a474e5761676c6d705d60756666677a5d666e6f69742d33402d303257454a454c5f616f6570706d717b65665d7667787475706d5d6171746b253b42273a325545424f4e5f636d6d7872677b716d645d76677a7475726757677461253b422d32325f4740474c57616f6d72726d73716d665774677a767772655f677c613127334a253a30554d40454c5f6b6d6d7070657b73676c5d7c657a767770655f73317c612531422d323857474a454e5f63676f707267737b656657766d78767770675f7333766b5d7370676a253b42273a325545424f4e5f6467627d675d7a676664677067705f696e6467273340253a305f45404f4e5d64657876685f76657074777a672d334027303257454245445d6470617f5f6a75646e677073253b40253232574d4245445d646f71675d616f6e746770762531422d323857474a454e5f6d7d6e74695d647a617539342e676e5d6a3f336666376c646636373c306c64613c323565363a60653067373c64303d373c36333236663432353b2e75676e763547676f656467273230416c632e2732382845676d6f6c672b2475676c723f494c474e452d32382845676d656c652d30432530305e756e636366253032332c332e30273a3228517761667c536a69666772253a32446574696b65273a32205377607867726f29273a32283278383038304138464729292d30432530305b776b6e765b6863666770253230667a6b76677221266b63663537&jb=333732246c713d4f6778696e6c69253a463726322732302055696e666f7f73273a32465427303233302e30273b402530305f696636362d31402532387a36342b253a30437872646555676049697425304e3733352e3b362d323220494a544d442732432732386c6b63672d32324567616b6f29273a32436a72676d6d25304e3333372e382c302e32253a3051696469726b2730443533372c3b34	false		high
https://win2.webim.ru/v/images/upload.png	false	Avira URL Cloud: safe	unknown
https://h.online-metrix.net/4ozyos7oo6oftgss.js?zhbtcasrfq5bb3o2=3fb27s7b&31u87gnykcnj8nzx=772c105c-342e-4843-b354-ceab19db8285	false		high
https://1wbapm.life/img/icons/favicon-32x32.png	true	Avira URL Cloud: phishing	unknown
https://v1.bundlecdn.com/js/desktop.815aece8e.js	false		high
https://h.online-metrix.net/zYRZoz58gHGov98M?de0887af60ec431b=8feWlQTtt-LOU5L0re5TCLHF4TW66Y6T4soW93iRhiLyzXm6A2aLcMwp1fATKUVLxrYzI31VMyx95vCJmc4z0j4XdXO02AeD0Ga7m3tjynM50yU9zUj7dFYqEg_WKX9ht132DByLu1MIJ60nNocyBtXO9tA&k=2	false		high
https://win2.webim.ru./webim/images/cursor.png	false	Avira URL Cloud: safe	unknown
https://win2.webim.ru/v/images/default-department-logo.png	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://stats.g.doubleclick.net/g/collect	chromecache_144.2.dr, chromecache_155.2.dr	false		high
https://github.com/carhartl/jquery-cookie	chromecache_140.2.dr, chromecache_145.2.dr	false		high
https://join.skype.com/bot/	chromecache_140.2.dr, chromecache_145.2.dr	false		high
http://jqueryui.com	chromecache_145.2.dr	false		high
https://v1.bundlecdn.com/js/mobile.755f2472a.js	chromecache_167.2.dr	false		high
https://github.com/Modernizr/Modernizr/issues/202)	chromecache_140.2.dr, chromecache_145.2.dr	false		high
http://hilios.github.io/jQuery.countdown/)	chromecache_140.2.dr, chromecache_145.2.dr	false		high
https://vk.me/public	chromecache_140.2.dr, chromecache_145.2.dr	false		high
https://1win.com/	chromecache_167.2.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com	chromecache_128.2.dr	false		high
https://pinia.vuejs.org	chromecache_124.2.dr	false		high
https://html.spec.whatwg.org/multipage/interaction.html#contenteditable	chromecache_140.2.dr, chromecache_145.2.dr	false	Avira URL Cloud: safe	unknown
https://devtools.vuejs.org/guide/installation.html.	chromecache_170.2.dr, chromecache_124.2.dr	false		high
https://pinia.vuejs.org/logo.svg	chromecache_124.2.dr	false		high
https://modernizr.com/download?-audio-contenteditable-cssgradients-websockets-hasevent-mq-setclasses	chromecache_140.2.dr, chromecache_145.2.dr	false	Avira URL Cloud: safe	unknown
https://www.gupshup.io/whatsapp/optin	chromecache_140.2.dr, chromecache_145.2.dr	false	Avira URL Cloud: safe	unknown
https://cct.google/taggy/agent.js	chromecache_144.2.dr, chromecache_146.2.dr, chromecache_133.2.dr, chromecache_155.2.dr, chromecache_113.2.dr, chromecache_128.2.dr	false		high
https://us.v1.bundlecdn.com	chromecache_167.2.dr	false	Avira URL Cloud: malware	unknown
https://www.google.com/pagead/1p-user-list/16482547739/?random	chromecache_177.2.dr, chromecache_105.2.dr	false		high
https://v1.bundlecdn.com/css/mobile.dad55baf1.css	chromecache_167.2.dr	false		high
https://github.com/js-cookie/js-cookie	chromecache_170.2.dr, chromecache_124.2.dr	false		high
https://webkit.org/blog/175/introducing-css-gradients/	chromecache_140.2.dr, chromecache_145.2.dr	false		high
https://t.me/	chromecache_140.2.dr, chromecache_145.2.dr	false		high
http://jquery.org/license	chromecache_140.2.dr, chromecache_145.2.dr	false		high
http://sizzlejs.com/	chromecache_140.2.dr, chromecache_145.2.dr	false		high
https://developer.mozilla.org/en-US/docs/Web/CSS/linear-gradient	chromecache_140.2.dr, chromecache_145.2.dr	false		high
https://wa.me/	chromecache_140.2.dr, chromecache_145.2.dr	false		high
https://v1.bundlecdn.com	chromecache_167.2.dr	false		high
https://ok.ru/messages/group/	chromecache_140.2.dr, chromecache_145.2.dr	false		high
https://googleads.g.doubleclick.net	chromecache_128.2.dr	false		high
http://api.jqueryui.com/position/	chromecache_140.2.dr, chromecache_145.2.dr	false		high
https://github.com/Yaffle/EventSource/	chromecache_170.2.dr, chromecache_124.2.dr	false		high
https://drafts.csswg.org/css-images-3/#gradients	chromecache_140.2.dr, chromecache_145.2.dr	false	Avira URL Cloud: safe	unknown
https://td.doubleclick.net	chromecache_144.2.dr, chromecache_146.2.dr, chromecache_133.2.dr, chromecache_155.2.dr, chromecache_113.2.dr, chromecache_128.2.dr	false		high
https://telegram.org/js/telegram-web-app.js	chromecache_167.2.dr	false		high
https://oauth.mail.ru/login?client_id=$	chromecache_139.2.dr, chromecache_97.2.dr	false		high
https://www.merchant-center-analytics.goog	chromecache_144.2.dr, chromecache_155.2.dr	false		high
https://chats.viber.com/	chromecache_140.2.dr, chromecache_145.2.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.217.17.66	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
108.158.75.25	unknown	United States	16509	AMAZON-02US	false
185.73.212.248	win2.webim.ru	Russian Federation	39288	NETTEPL	false
66.102.1.154	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
91.235.132.129	eu-aa.online-metrix.net	Netherlands	30286	THMUS	false
154.197.121.128	v1.bundlecdn.com	Seychelles	18013	ASLINE-AS-APASLINELIMITEDHK	false
142.250.181.68	www.google.com	United States	15169	GOOGLEUS	false
91.235.134.131	3fb27s7bk5ltvtf2kf36edxosyzyv4qryse6ztjzb46334d8edd8e0adam1.e.aa.online-metrix.net	Netherlands	30286	THMUS	false
142.250.181.66	td.doubleclick.net	United States	15169	GOOGLEUS	false
108.158.75.120	static-cdn.hotjar.com	United States	16509	AMAZON-02US	false
216.239.32.181	analytics-alv.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
186.2.162.102	1wbapm.life	Belize	262254	DDOS-GUARDCORPBZ	false
192.225.158.1	h64.online-metrix.net	United States	30286	THMUS	false
108.158.75.109	script.hotjar.com	United States	16509	AMAZON-02US	false
172.217.18.226	unknown	United States	15169	GOOGLEUS	false
91.235.132.130	h.online-metrix.net	Netherlands	30286	THMUS	false
18.66.161.34	vc-live-cf.hotjar.io	United States	3	MIT-GATEWAYSUS	false

Private

IP
192.168.2.4
127.0.0.1

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1567597
Start date and time:	2024-12-03 16:17:22 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 30s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://1wbapm.life
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal56.win@23/135@64/20
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.19.227, 172.217.17.46, 64.233.165.84, 34.104.35.123, 142.250.181.104, 2.22.50.144, 192.229.221.95, 84.201.208.105, 142.250.201.40, 172.217.19.202, 216.58.208.234, 172.217.19.234, 142.250.181.138, 142.250.181.42, 142.250.181.74, 142.250.181.106, 172.217.17.42, 172.217.17.74, 142.250.181.10, 172.217.17.35
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, www.googletagmanager.com, update.googleapis.com, clients.l.google.com
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtCreateFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://1wbapm.life

Input	Output
URL: https://1wbapm.life Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": true, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": false, "third_party_hosting": true }
URL: https://1wbapm.life
URL: JavaScript Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "Script defines a dictionary of asset URLs for desktop/mobile versions, using a CDN (bundlecdn.com). While it references external resources, the pattern is consistent with legitimate frontend asset management. The predictable file naming and versioning suggests proper deployment practices. Low risk but warrants basic domain verification." }
window['_chunksDictionary'] = {"desktop":{"js":["https://v1.bundlecdn.com/js/desktop.815aece8e.js"],"css":["https://v1.bundlecdn.com/css/desktop.079ecccda.css"]},"mobile":{"js":["https://v1.bundlecdn.com/js/mobile.755f2472a.js"],"css":["https://v1.bundlecdn.com/css/mobile.dad55baf1.css"]}};
URL: JavaScript Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "This is a legitimate Hotjar analytics script that loads their tracking code. While it performs external script loading and user tracking, it's from a trusted analytics provider (Hotjar). The script follows standard initialization patterns for analytics tools and includes a basic user identification feature. The only minor risk factors are external script loading and user tracking capabilities." }
(function(a,c,e,f,d,b){a.hj=a.hj\|\|function(){(a.hj.q=a.hj.q\|\|[]).push(arguments)};a._hjSettings={hjid:2606090,hjsv:6};d=c.getElementsByTagName("head")[0];b=c.createElement("script");b.async=1;b.src=e+a._hjSettings.hjid+f+a._hjSettings.hjsv;d.appendChild(b)})(window,document,"https://static.hotjar.com/c/hotjar-",".js?sv\x3d");window.hj=window.hj\|\|function(){(hj.q=hj.q\|\|[]).push(arguments)};var userId="undefined";window.hj("identify",userId,{"1w_lang":"undefined"});
URL: JavaScript Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "Script demonstrates DOM manipulation by appending a deferred script element. While it uses dynamic script injection (+2 points), it appears to be a legitimate lazy-loading implementation with a timeout fallback. The code is from an internal source (script#deferred) rather than external domains (-1 point). No data exfiltration or malicious patterns observed." }
(function(){function n(){document.body.append(Object.assign(document.createElement("script"),{innerHTML:document.querySelector("script#deferred").innerHTML}))}let e=!1;function t(){e\|\|(e=!0,n())}setTimeout(t,15e3),window.addEventListener("1w:platformRootMounted",t)})();
URL: JavaScript Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "This appears to be a legitimate language/internationalization module. It handles language selection, cookie reading, and URL parameter parsing. While it does access window objects and cookies, these are standard practices for language detection. No malicious patterns like eval(), external data transmission, or suspicious redirects are present. The code is well-structured and uses standard browser APIs." }
(function(){const L="1w_lang",r=a=>{const n=Object.getOwnPropertyNames(a);for(const t of n){const o=a[t];o!=null&&typeof o=="object"&&r(o)}return Object.freeze(a)},l=a=>{var n;const t=a.lang.toLowerCase(),o=((n=window.INITIAL_DATA)==null?void 0:n.appConfig.options.defaultTitle)\|\|window.appTitle;return{lang:t,label:a.label,labelAlpha2:a.labelAlpha2?a.labelAlpha2.toLowerCase():t,loadingTitle:`${o} - ${a.loadingTitle}`,isoKey:a.isoKey?a.isoKey.toLowerCase():t,flag:a.flag?a.flag.toLowerCase():t}},e={LANG_RU:l({lang:"ru",label:"",loadingTitle:""}),LANG_EN:l({lang:"en",label:"English",loadingTitle:"Loading"}),LANG_AZ:l({lang:"az",label:"Azrbaycan dili",loadingTitle:"Yklnir"}),LANG_UZ:l({lang:"uz",label:"O'zbek",loadingTitle:"Yuklash"}),LANG_UA:l({lang:"ua",label:"",loadingTitle:"",isoKey:"uk"}),LANG_TR:l({lang:"tr",label:"Trk",loadingTitle:"Ykleniyor"}),LANG_ZA:l({lang:"za",label:"Kiswahili",loadingTitle:"Unapakia",isoKey:"sw"}),LANG_IN:l({lang:"in",label:"",labelAlpha2:"hi",loadingTitle:"",isoKey:"hi"}),LANG_MD:l({lang:"md",label:"Moldovan",loadingTitle:"Se ncarc",isoKey:"mo"}),LANG_KG:l({lang:"kg",label:"",loadingTitle:"",isoKey:"ky"}),LANG_TJ:l({lang:"tj",label:"",loadingTitle:"",isoKey:"tg"}),LANG_DE:l({lang:"de",label:"Deutsch",loadingTitle:"Ldt"}),LANG_ES:l({lang:"es",label:"Espaol",loadingTitle:"Descargando"}),LANG_FR:l({lang:"fr",label:"Le franais",loadingTitle:"Chargement"}),LANG_ID:l({lang:"id",label:"Indonesian",loadingTitle:"Pemuatan"}),LANG_IT:l({lang:"it",label:"Italiano",loadingTitle:"Caricamento"}),LANG_PL:l({lang:"pl",label:"Polski",loadingTitle:"Wczytywanie"}),LANG_PT:l({lang:"pt",label:"Portugus",loadingTitle:"Carregamento",flag:"br"}),LANG_KZ:l({lang:"kz",label:"",loadingTitle:"",isoKey:"kk"}),LANG_BD:l({lang:"bd",label:"",loadingTitle:" ",isoKey:"bn"}),LANG_CN:l({lang:"cn",label:"",loadingTitle:"",isoKey:"zh"}),LANG_JP:l({lang:"jp",label:"",loadingTitle:"",isoKey:"ja"}),LANG_KO:l({lang:"ko",label:"",loadingTitle:" "}),LANG_MX:l({lang:"mx",label:"Espaol (Mxico)",loadingTitle:"Cargando",isoKey:"es-MX"}),LANG_MR:l({lang:"mr",label:"",loadingTitle:"",flag:"in"}),LANG_EL:l({lang:"el",label:"",loadingTitle:"",flag:"gr"}),LANG_TE:l({lang:"te",label:"",loadingTitle:"",flag:"in"}),LANG_TH:l({lang:"th",label:"",loadingTitle:""}),LANG_MS:l({lang:"ms",label:"Bahasa Melayu",loadingTitle:"Memuatkan"}),LANG_VI:l({lang:"vi",label:"Ting Vit",loadingTitle:"ang ti",flag:"vn"}),LANG_AR:l({lang:"ar",label:"",loadingTitle:"",flag:"eg"}),LANG_UR:l({lang:"ur",label:"",loadingTitle:" ",flag:"pk"})};e.entries=Object.entries(e).sort(([,a],[,n])=>a.lang.localeCompare(n.lang)),e.items=e.entries.map(([,a])=>a),e.itemsByLang=Object.fromEntries(e.items.map(a=>[a.lang,a])),e.itemsByIsoKey=Object.fromEntries(e.items.map(a=>[a.isoKey,a])),e.langs=e.items.map(a=>a.lang),e.langsByKey=Object.fromEntries(e.entries.map(([a,n])=>[a,n.lang])),e.langsByIsoKey=Object.fromEntries(e.items.map(a=>[a.isoKey,a.lang])),e.isoKeysByLang=Object.fromEntries(e.items.map(a=>[a.lang,a.isoKey])),e.DEFAULT=e.LANG_EN,e.getByLang=(a,n=null)=>e.itemsByLang[a.toLowerCase()]\|\|n,e.getByIsoKey=(a,n=e.DEFAULT)=>a&&e.itemsByIsoKey[a.toLowerCase()]\|\|n;const A=a=>{const n=a.map(o=>e.getByLang(o)).filter(Boolean),t=o=>{var i;const g=o.toLowerCase(),s=(i=n.find(({isoKey:c})=>g===c))!=null?i:n.find(({isoKey:c})=>g.includes(c));return s==null?void 0:s.lang};for(const o of navigator.languages){const i=t(o);if(i)return i}return t(navigator.language)},T=()=>{const a=new RegExp(`${L}=([^;]+)`);return(document.cookie.match(a)\|\|[])[1]},u=()=>{const n=new URLSearchParams(window.location.search).get("lang");return n?e.langsByIsoKey[n]:null},b=a=>{var n;const t=u();if(t)return{lang:t};const{ourLang:o,langData:i}=(n=window.INITIAL_DATA)!=null?n:{};if(a.includes(o))return{lang:o,
URL: JavaScript Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "This is a benign localization script that reads a language cookie and updates error messages on a page. It only performs DOM manipulation to set error messages in different languages based on a cookie value. No external connections, data transmission, or suspicious behaviors are present." }
(function(){const i=(a=>{const t=`; ${document.cookie}`.split(`; ${a}=`);return t.length===2?t.pop().split(";").shift():""})("1w_lang"),n=()=>{const a=document.querySelector("#unavailable-title"),e={ru:"- ",en:"Something went wrong",az:"Xta ba verdi",bd:" ",za:"Hitilafu fulani imetokea",de:"Es ist ein Fehler aufgetreten",es:"Algo sali mal",fr:"Quelque chose n'a pas fonctionn",id:"Sesuatu yang salah",in:" ",it:"Qualcosa andato storto",jp:"",kg:" ",kz:" ",md:"S-a produs o eroare",pl:"Co poszo nie tak",pt:"Algo deu errado",tj:" ",tr:"Bir eyler ters gitti",ua:" ",uz:"Nimadir xato ketdi",cn:"",ko:" ",mx:"Algo sali mal",mr:" ",te:" ",el:" ",vi:" xy ra li",ms:"Kami mengalami masalah",th:"",ar:" ",ur:" "};a.innerHTML=e[i]\|\|e.en},o=()=>{const a=document.querySelector("#unavailable-subtitle"),e={ru:"- , , . .",en:"Something went wrong, but we know how to fix it. Try again later.",az:"Xta ba verdi, lakin biz bunu nec dzltcyimizi bilirik. Daha sonra yenidn chd edin.",bd:" , ",za:"Hitilafu fulani imetokea, lakini tunajua jinsi ya kuirekebisha. Jaribu tena baadaye.",de:"Es ist ein Fehler aufgetreten, den wir jedoch zu beheben wissen. Versuchen Sie es spter erneut.",es:"Algo sali mal, pero sabemos cmo resolverlo. Intntalo nuevamente ms tarde.",fr:"Quelque chose n'a pas fonctionn, mais nous savons comment corriger le problme. Veuillez ressayer plus tard.",id:"Sesuatu yang salah, tapi kami tahu cara memperbaikinya. Silahkan coba lagi nanti.",in:" , . .",it:"Qualcosa andato storto, ma sappiamo come risolverlo. Riprova pi tardi.",jp:"",kg:" , . , .",kz:" , . .",md:"S-a produs o eroare, dar tim cum s o remediem. V rugm s ncercai din nou mai trziu.",pl:"Co poszo nie tak, ale wiemy jak to naprawi. Sprbuj ponownie pniej.",pt:"Algo deu errado, mas ns sabemos como consertar. Tente novamente mais tarde.",tj:" , . .",tr:"Bir eyler ters gitti, ama nasl dzelteceimizi biliyoruz. Daha sonra tekrar deneyin.",ua:" , , . .",uz:"Nimadir xato ketdi, lekin biz uni qanday tuzatishni bilamiz. Iltimos keyinroq qayta urinib ko'ring.",cn:"",ko:" . .",mx:"Algo sali mal, pero sabemos cmo resolverlo. Intntalo nuevamente ms tarde.",mr:" , . ",te:" , . .",el:" , . .",vi:" xy ra li, nhng chng ti bit cch khc phc. Vui lng th li sau.",ms:"Kami mengalami masalah, namun tahu cara untuk membaikinya. Cuba sebentar lagi.",th:" ",ar:" . .",ur:" "};a.innerHTML=e[i]\|\|e.en};(()=>{n(),o()})()})();
URL: JavaScript Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "Script loads Telegram's official web app SDK from telegram.org (trusted domain) and uses standard script loading practices. The code is minified but not maliciously obfuscated. It performs expected Telegram Web App initialization behaviors. Only minor risk comes from dynamic script loading pattern." }
window.vipDomain = false; (function(){window.loadScript=(i,n,t)=>{const e=document.createElement("script");document.body.append(Object.assign(e,{src:i,type:"text/javascript"},n)),t&&e.addEventListener("load",t,!1)}})(); (function(){window!=null&&window.TelegramWebviewProxy&&window.loadScript("https://telegram.org/js/telegram-web-app.js",{async:!0},()=>{window.Telegram.WebApp.expand(),window.Telegram.WebApp.enableClosingConfirmation()})})();
URL: JavaScript Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "This script contains two legitimate functions: one handling page navigation/reload behavior and another managing PWA (Progressive Web App) installation prompts. It uses standard browser APIs (performance, pageshow event, beforeinstallprompt) without any data transmission or suspicious behavior. The code follows common patterns for handling browser navigation and PWA installation, though it uses some legacy checks (+1 point for legacy practices). The functionality is transparent and serves clear, legitimate purposes." }
(function(){const n=performance.getEntriesByType("navigation")[0];if(n&&n.type==="back_forward"){window.location.reload();return}if(performance.navigation&&performance.navigation.type===performance.navigation.TYPE_BACK_FORWARD){window.location.reload();return}window.addEventListener("pageshow",e=>{e.persisted&&window.location.reload()})})(); (function(){const e=t=>{t.preventDefault(),window.deferredPrompt=t,window.removeEventListener("beforeinstallprompt",e)};window.addEventListener("beforeinstallprompt",e)})();
URL: JavaScript Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The script loads legitimate third-party services (Firebase, Google Tag Manager, and ThreatMetrix) from known domains. While it includes tracking behavior (+1) and external data transmission (+2), these are standard analytics and security implementations. The score is reduced (-1) due to the trusted nature of the services and their legitimate security/analytics purposes. The code follows standard implementation patterns for these services." }
(function(){window.loadScript("/firebase/8.1.1/firebase-app.js",{async:!0},()=>{window.loadScript("/firebase/8.1.1/firebase-messaging.js",{async:!0},()=>{window.dispatchEvent(new CustomEvent("1w:firebaseLoaded"))})})})(); (function(t,n,r,e,m){t[e]=t[e]\|\|[],t[e].push({"gtm.start":new Date().getTime(),event:"gtm.js"});var g=n.getElementsByTagName(r)[0],a=n.createElement(r),s=e!=="dataLayer"?"&l="+e:"";a.async=!0,a.src="https://www.googletagmanager.com/gtm.js?id="+m+s,g.parentNode.insertBefore(a,g)})(window,document,"script","dataLayer",window.gtmKey); window.threatMetrixProfilingDomain = 'h.online-metrix.net'; window.threatMetrixOrgId = '3fb27s7b'; (function(){window.threatMetrixSessionId=crypto.randomUUID(),window.loadScript("/threatmetrix/v5/fp-clientlib-v5.js",{async:!0},()=>{if(!(window.threatmetrix===void 0\|\|typeof window.threatmetrix.profile!="function"))try{window.threatmetrix.profile(window.threatMetrixProfilingDomain,window.threatMetrixOrgId,window.threatMetrixSessionId)}catch(t){console.error("Error starting ThreatMetrix profiling:",t)}})})();
URL: JavaScript Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "This appears to be a legitimate configuration object containing localization data, social media links, and CDN URLs. While it includes external domain references (bundlecdn.com, cloudfront.net), these are known CDN providers. The data structure is transparent and not obfuscated. The script only sets initial data without any suspicious execution patterns." }
window.INITIAL_DATA = {"domain":{"content_type":"main","license_allowed":true,"meta":{"expiration_date":"2025-03-01T11:38:47Z","registry_status":"ok","second_gateway_on":"false"}},"country":"US","countrySubdivision":"NY","cdnUrl":"https://us.v1.bundlecdn.com","locale":{"local":{},"global":{"id":1,"name":"","supportNumber":"88003017789","flag":"https://v1.bundlecdn.com/locales-flags/96KOhBcBWgesj2qjGFoahY8y-Z-VD3KGC_GSqHYHjfNDw3oCEoFd9r8Blw1g0WjHtonhQ0-eDPva9dHBdivV4xUxCoP4Fo5qOKg7.jpg","additionalPhoneSupport":"+74950888899","code":"ru","languages":[],"social":{"facebook":{"lang":{"hi":"https://www.facebook.com/India1win/","pt":"https://www.facebook.com/1winBR","fr":"https://www.facebook.com/1winfr/","uk":"https://www.facebook.com/1winukraine","az":"https://www.facebook.com/1winazr","mx":"https://www.facebook.com/1winEspanol/","ko":"https://www.facebook.com/1winkorea","uz":"https://www.facebook.com/1winuz/","en":"https://www.facebook.com/1winglobal"}},"instagram":{"lang":{"ru":"https://instagram.com/1win_live","hi":"https://www.instagram.com/1win.global","uk":"https://www.instagram.com/1win_ukraine","az":"https://instagram.com/1win_az","kk":"https://instagram.com/1win_az","uz":"https://instagram.com//1win.global","pt":"https://instagram.com/1win.global","en":"https://www.instagram.com/1win.global"}},"telegram":{"lang":{"hi":"https://t.me/+G_E_Wvcn4PswNjI6","pt":"https://t.me/+4vpuBBhuzZhkODIy","fr":"https://t.me/+NGu0aq368SY5OTMy","uk":"https://t.me/+0q-WbtHJBfRkYjFi","tr":"https://t.me/+pin3XLHmR4BmOWIy","ko":"https://t.me/+Z0WeWtSv5JBlNWMy","az":"https://t.me/+vnoCLOGmWgtiMzZi","mx":"https://t.me/+oe0UHMGILVszY2Ni","kk":"https://t.me/+7k24sCftwQ84YzQy","uz":"https://t.me/+uvhMyxNrdMI4NmEy","ru":"https://t.me/+Sr0wgaWFngQxNmMy","en":"https://t.me/+xyx99CgvObViMWIy"}},"threads":{"lang":{"hi":"https://www.threads.net/@1win_india","pt":"https://www.threads.net/@1win_br","ru":"https://www.threads.net/@1win_live","en":"https://www.threads.net/@1win.global"}},"whatsapp":{"lang":{"en":"https://www.whatsapp.com/channel/0029VaFXHRLElagxvCc7a62E"}},"twitter":{"lang":{"en":"https://twitter.com/1winPro","hi":"https://x.com/1winIndia","fr":"https://x.com/1win_fr","mx":"https://x.com/1winEspanol"}},"youtube":{"lang":{"en":"https://www.youtube.com/channel/UCMH6Uphf0CwGVvhuiHITeaQ","ru":"https://www.youtube.com/channel/UCbqqiExhQIE6kajlZmii9xA"}},"vkontakte":{"lang":{"ru":"https://vk.com/1winn"}}},"socialIcons":{"facebook":{"lang":{"hi":{"iconUrl":"https://d162hr1sanun37.cloudfront.net/socials/Facebook.82b2cd8c.svg","showTgFreeMoney":false,"showVouchersFreeMoney":false,"showInFooter":false,"showInBurger":true},"pt":{"iconUrl":"https://d162hr1sanun37.cloudfront.net/socials/Facebook.82b2cd8c.svg","showTgFreeMoney":false,"showVouchersFreeMoney":false,"showInFooter":false,"showInBurger":true},"fr":{"iconUrl":"https://d162hr1sanun37.cloudfront.net/socials/Facebook.82b2cd8c.svg","showTgFreeMoney":false,"showVouchersFreeMoney":false,"showInFooter":false,"showInBurger":true},"uk":{"iconUrl":"https://d162hr1sanun37.cloudfront.net/socials/Facebook.82b2cd8c.svg","showTgFreeMoney":false,"showVouchersFreeMoney":false,"showInFooter":false,"showInBurger":true},"az":{"iconUrl":"https://d162hr1sanun37.cloudfront.net/socials/Facebook.82b2cd8c.svg","showTgFreeMoney":false,"showVouchersFreeMoney":false,"showInFooter":false,"showInBurger":true},"mx":{"iconUrl":"https://d162hr1sanun37.cloudfront.net/socials/Facebook.82b2cd8c.svg","showTgFreeMoney":false,"showVouchersFreeMoney":false,"showInFooter":false,"showInBurger":true},"ko":{"iconUrl":"https://d162hr1sanun37.cloudfront.net/socials/Facebook.82b2cd8c.svg","showTgFreeMoney":false,"showVouchersFreeMoney":false,"showInFooter":false,"showInBurger":true},"uz":{"iconUrl":"https://d162hr1sanun37.cloudfront.net/socials/Facebook.82b2cd8c.svg","showTgFreeMoney":false,"showVouchersFreeMoney":false,"showInFooter":false,"showInBurger":true},"en":{"iconUrl":"https://d162hr1sanun37.cloudfront.net/socials/Facebook.82b2cd8c.
URL: JavaScript Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "Script shows moderate risk behaviors including DOM manipulation and external resource loading. It loads external scripts (button.js) and performs localStorage operations. While it includes legitimate chat/support functionality, the dynamic script injection and multiple domain handling warrant caution. No clear malicious intent but implements practices requiring review." }
(function(t){var l,p,u;const h="1w_last_known_country",g="en",N="__webim_stored_location_map__";let r;try{r=JSON.parse(localStorage.getItem(N))}catch(e){r=null}const{LANG_EN:I,LANG_IN:A,LANG_ES:S,LANG_MX:y,LANG_PT:f,LANG_MR:E,LANG_TE:G,LANG_ZA:v,LANG_DE:T,LANG_BD:O,LANG_ID:k,LANG_JP:D,LANG_EL:P}=t.LangEnum.langsByKey,{isoKeysByLang:W}=t.LangEnum,j=new Set([I,A,S,f,E,G,v,T,O,k,D,P,y].map(e=>W[e])),M={uk:"ua",kk:"kz",zh:"cn","es-mx":"mx",ky:"kg"},i=(t.INITIAL_DATA\|\|{}).country\|\|localStorage.getItem(h);i&&localStorage.setItem(h,i);const B=t.supportChatConfig.countrySpecificDomains[i]\|\|t.supportChatConfig.baseDomain,_=`${t.supportChatConfig.appName}.${B}`;t.webim={accountName:t.supportChatConfig.appName,domain:_};const K=e=>{const c=document.documentElement.lang\|\|g;if(e==="1win"&&j.has(c)){const a="win2";return{accountName:a,domain:`${a}.webim.ru.`}}return{accountName:e,domain:_}},s=(u=(p=(l=t.INITIAL_DATA)==null?void 0:l.appConfig)==null?void 0:p.options.chat.location)!=null?u:r;s&&typeof s=="object"&&(t.webim.location=s.default);const m=(e,c)=>new Promise(a=>{const n=setInterval(()=>{const o=e();o&&(clearInterval(n),a(c(o)))},16)}),H=()=>{let e=0;return m(()=>document.documentElement.lang\|\|e++>50&&g,n=>M[n]\|\|n)},R=e=>m(()=>t.webim&&t.webim.api&&t.webim.api.changeLang&&t.webim.api.changeLocation&&[t.webim.api.changeLocation,t.webim.api.changeLang],n=>{var o;s?n[0]((o=s[e])!=null?o:s.default):n[0]("location_"+e),n[1](e)}),q=()=>m(()=>t.webim&&t.webim.api&&t.webim.api.chat&&t.webim.api.chat.start&&t.webim.api.chat.close&&[t.webim.api.chat.start,t.webim.api.chat.close],a=>{const n=()=>{t.localStorage&&t.localStorage.removeItem("WEBIM_CHAT_POSITION"),a[0]();const o=t.document.querySelector("#webim_chat"),z=!!t.document.querySelector(".webim-notification-alert");(!o\|\|t.getComputedStyle(o).display==="none")&&!z&&setTimeout(n,16)};return Object.freeze({close:a[1],open:n})});let L,C;const x=new Promise((e,c)=>{L=e,C=c});t.webimHandlers={onInit:()=>H().then(R).then(q).then(L).catch(C),onChatShownStateChanged:({shown:e})=>{t.dispatchEvent(new CustomEvent("1w:webimChatStateChanged",{detail:{shown:e}}))}};let b=!1;t.initOrGetInstanceOfSupportChat=()=>{const{accountName:e,domain:c}=K(t.supportChatConfig.appName);if(t.webim.accountName=e,t.webim.domain=c,!b){const a=Object.assign(t.document.createElement("script"),{async:!0,src:"https://"+t.webim.domain+"/js/button.js",type:"text/javascript"});t.document.querySelector("head").append(a),b=!0}return x}})(window); (function(e){var r,c,u,a,d;function i({country:t,options:o}){var v;const l=document.createElement("a");l.href=`https://t.me/${(v=o==null?void 0:o[t])!=null?v:o==null?void 0:o.default}`,document.body.append(l),l.click(),l.remove()}e.openTgSupportChannel=i,(r=e.document.querySelector("#loader"))==null\|\|r.addEventListener("touchmove",t=>{t.preventDefault()});const n=e.document.querySelector("#loader-support"),{country:p="EN",appConfig:m={}}=(c=e.INITIAL_DATA)!=null?c:{},{mode:f="webim",tg:h,overrides:s={}}=(a=(u=m.options)==null?void 0:u.chat)!=null?a:{},g=(d=s==null?void 0:s[p])!=null?d:f;n==null\|\|n.addEventListener("click",()=>{if(e.dispatchEvent(new CustomEvent("1w:loaderSupportBtnClicked")),g==="tg"){i({country:p,options:h});return}n.classList.add("loading"),e.initOrGetInstanceOfSupportChat().then(t=>{t.open()}).finally(()=>{n.classList.remove("loading")})})})(window); (function(){const c="/img/logo/png/animated/",i=[],g=document.querySelector("#loader"),a=document.querySelector("#loader-logo-container");function l(){for(const n of i){const o=document.createElement("link");o.setAttribute("rel","prefetch"),o.setAttribute("href",c+n),document.head.append(o)}}function u(n){const o=i.length;let t=n;for(;t===n;)t=Math.floor(Math.random()*o);return t}function r(n){return n==null?null:c+i[n]}function d(n,o=[],t=[],e=[]){n.classList.add(...o),n.classList.remove(...t,...e);let s;const p=new Promise(v=>{s=v});function L(){n.removeEventListener("ontransitionend",L),n.classList.remove(..
URL: https://1wbapm.life/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Please enter your contact information and your question.", "prominent_button_name": "Start chat", "text_input_field_labels": [ "Your name (optional)", "Email (optional)", "Message" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false }

URL: https://1wbapm.life/ Model: Joe Sandbox AI	{ "brands": [ "1win" ] }
	{ "brands": [ "1win" ] }
URL: https://1wbapm.life/ Model: Joe Sandbox AI	```json{ "legit_domain": "1win.com", "classification": "unknown", "reasons": [ "The brand '1win' is not widely recognized, making it difficult to classify as 'known' or 'wellknown'.", "The URL '1wbapm.life' does not match the legitimate domain '1win.com'.", "The domain extension '.life' is unusual for a legitimate business site, which raises suspicion.", "The URL contains no direct reference to the brand '1win', which is a common tactic in phishing attempts.", "The presence of input fields for personal information on a suspicious domain increases the risk of phishing." ], "riskscore": 8}
URL: 1wbapm.life Brands: 1win Input Fields: Your name (optional), Email (optional), Message

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	128
Entropy (8bit):	4.4937822645862475
Encrypted:	false
SSDEEP:	3:C3zHMIAcwI4QWkLHEerCcwI4QWkLHGuqVAIPOJb2R4QWVuEF5:C3zHJyIBw0IIBKVAITRCTT
MD5:	F7708EFB06A417B0C0524336255B1B08
SHA1:	69A12DDCFF5B8C55EA9607644EE31D18BDE55200
SHA-256:	249FAE9823ECB1EF0C63ACE8C3B6DF86708C9F2B796701B0850C7232D51DEF9C
SHA-512:	B78CB5DF094A48BE7E8815ABDF3571455BD51590E14DE4C0A399AB199A432F8CD49977D08CE9DB6931CB2495746C29A73B61518F0B605C56126CC647AE12F364
Malicious:	false
Reputation:	low
URL:	https://win2.webim.ru./l/v/get-online-status?callback=webimApplyOnlineStatusResponse
Preview:	if (webimApplyOnlineStatusResponse) {webimApplyOnlineStatusResponse({"onlineOperators": true, "onlineStatus": "online"}, null);}

Source: https://1wbapm.life/img/logo/main/1win-normal.svg	Avira URL Cloud: Label: phishing
Source: https://us.v1.bundlecdn.com	Avira URL Cloud: Label: malware
Source: https://1wbapm.life/threatmetrix/v5/fp-clientlib-v5.js	Avira URL Cloud: Label: phishing
Source: https://1wbapm.life/firebase/8.1.1/firebase-app.js	Avira URL Cloud: Label: phishing
Source: https://1wbapm.life/img/icons/android-chrome-192x192.png	Avira URL Cloud: Label: phishing
Source: https://1wbapm.life/core-js/3.33.3/minified.js	Avira URL Cloud: Label: phishing
Source: https://1wbapm.life/firebase/8.1.1/firebase-messaging.js	Avira URL Cloud: Label: phishing
Source: https://1wbapm.life/fss/web-app-manifest	Avira URL Cloud: Label: phishing
Source: https://1wbapm.life/img/icons/favicon-32x32.png	Avira URL Cloud: Label: phishing

Source: https://1wbapm.life/	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/16482547739?random=1733239128693&cv=11&fst=1733239128693&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1280&u_h=1024&url=https%3A%2F%2F1wbapm.life%2F&hn=www.googleadservices.com&frm=0&tiba=1win%20-%20Loading&npa=0&pscdl=noapi&auid=980482835.1733239129&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Source: https://1wbapm.life/	HTTP Parser: Iframe src: https://td.doubleclick.net/td/ga/rul?tid=G-548949LWLW&gacid=1573909494.1733239129&gtm=45je4bk0v894728184z8894400803za200zb894400803&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1378635749
Source: https://1wbapm.life/	HTTP Parser: Iframe src: https://h.online-metrix.net/1QDA9hG8tljZFWBL?b16e8c742134bdd1=4Dc4Qn9lGLcQe2YzSNN4yUIjjNK4b6RsLrsfeKUpjId875fKqOi-U_itzivtWZ6YdbTu7btcIX39F2zGl5vv0wfoiVYcvqD5EqfH024A3DN3EKt0UnqAMFNFOLLJRdXnvJvy8tnqSSknbKYUjCmUihT2WFo&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logo

Source: https://1wbapm.life/	HTTP Parser: No favicon
Source: https://1wbapm.life/	HTTP Parser: No favicon
Source: https://1wbapm.life/	HTTP Parser: No favicon
Source: https://1wbapm.life/	HTTP Parser: No favicon
Source: https://1wbapm.life/	HTTP Parser: No favicon
Source: https://1wbapm.life/	HTTP Parser: No favicon

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 2.20.68.201
Source: unknown	TCP traffic detected without corresponding DNS query: 2.20.68.201
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212

Source: chromecache_140.2.dr, chromecache_145.2.dr	String found in binary or memory: break;case'fb_webim':case'fb':baseUrl='https://www.facebook.com/msg/';break;case'instagram':case'instagram_webim':baseUrl='https://www.instagram.com/' equals www.facebook.com (Facebook)
Source: chromecache_113.2.dr, chromecache_128.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var k=oB(a,c,e);V(121);if(k["gtm.elementUrl"]==="https://www.facebook.com/tr/")return V(122),!0;if(d&&f){for(var m=Bb(b,g.length),n=0;n<g.length;++n)g[n](k,m);return m.done}for(var p=0;p<g.length;++p)g[p](k,function(){});return!0},rB=function(){var a=[],b=function(c){return eb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_144.2.dr, chromecache_146.2.dr, chromecache_133.2.dr, chromecache_155.2.dr, chromecache_113.2.dr, chromecache_128.2.dr	String found in binary or memory: return b}GD.F="internal.enableAutoEventOnTimer";var Zb=wa(["data-gtm-yt-inspected-"]),ID=["www.youtube.com","www.youtube-nocookie.com"],JD,KD=!1; equals www.youtube.com (Youtube)
Source: chromecache_113.2.dr, chromecache_128.2.dr	String found in binary or memory: var VC=function(a,b,c,d,e){var f=MA("fsl",c?"nv.mwt":"mwt",0),g;g=c?MA("fsl","nv.ids",[]):MA("fsl","ids",[]);if(!g.length)return!0;var k=RA(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);V(121);if(m==="https://www.facebook.com/tr/")return V(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!xz(k,zz(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: 1wbapm.life
Source: global traffic	DNS traffic detected: DNS query: v1.bundlecdn.com
Source: global traffic	DNS traffic detected: DNS query: win2.webim.ru
Source: global traffic	DNS traffic detected: DNS query: static.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: h.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: aa.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: script.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: vc.hotjar.io
Source: global traffic	DNS traffic detected: DNS query: h64.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: eu-aa.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: 3fb27s7bk5ltvtf2kf36edxosyzyv4qryse6ztjzb46334d8edd8e0adam1.e.aa.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 3, 2024 16:18:18.569020033 CET	53	57923	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:18.689074993 CET	53	57833	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:21.442500114 CET	53	54150	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:22.604437113 CET	54366	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:22.604594946 CET	54690	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:22.742400885 CET	53	54366	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:22.849575996 CET	53	54690	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:24.362145901 CET	52646	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:24.362328053 CET	57345	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:24.689645052 CET	53	57345	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:24.689805984 CET	53	52646	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:27.145975113 CET	60346	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:27.146294117 CET	65359	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:27.285523891 CET	53	56003	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:27.289514065 CET	53	65359	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:27.289680004 CET	53	60346	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:28.061343908 CET	56326	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:28.061896086 CET	60303	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:28.199665070 CET	53	56326	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:28.200206041 CET	53	60303	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:31.402678013 CET	52190	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:31.402978897 CET	49176	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:31.540579081 CET	53	49176	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:31.540950060 CET	53	52190	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:35.102745056 CET	138	138	192.168.2.4	192.168.2.255
Dec 3, 2024 16:18:38.595529079 CET	53	64766	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:39.220757961 CET	56183	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:39.221210957 CET	64855	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:39.618907928 CET	53	56183	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:39.621062040 CET	53	64855	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:44.136717081 CET	55290	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:44.136924982 CET	55814	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:44.281686068 CET	53	55290	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:44.399085999 CET	53	55814	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:45.774163961 CET	59245	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:45.774359941 CET	65270	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:45.878918886 CET	53	50444	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:45.913033962 CET	53	59245	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:46.010216951 CET	53	65270	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:46.517184019 CET	51949	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:46.517344952 CET	57703	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:46.519630909 CET	57743	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:46.520364046 CET	56105	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:46.654964924 CET	53	51949	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:46.659190893 CET	53	56105	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:46.659203053 CET	53	57703	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:46.661365986 CET	53	57743	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:46.684084892 CET	50478	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:46.689178944 CET	58221	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:46.697228909 CET	59054	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:46.697763920 CET	58221	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:46.821851015 CET	53	50478	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:46.838743925 CET	53	59054	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:46.944230080 CET	58221	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:46.961638927 CET	58221	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:47.465400934 CET	58221	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:47.491147041 CET	58221	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:47.859793901 CET	3478	58221	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:47.859813929 CET	3478	58221	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:47.859935045 CET	3478	58221	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:47.859944105 CET	3478	58221	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:47.861469030 CET	58221	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:47.861524105 CET	3478	58221	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:47.883781910 CET	3478	58221	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:48.125945091 CET	58221	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:48.256392956 CET	3478	58221	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:48.580890894 CET	3478	58221	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:48.739671946 CET	54527	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:48.739835024 CET	58492	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:48.877321959 CET	53	54527	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:48.877372026 CET	53	58492	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.373771906 CET	51509	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.374138117 CET	56191	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.447041988 CET	58621	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.447191000 CET	54368	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.511579990 CET	53	51509	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.511707067 CET	53	56191	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.577713966 CET	51471	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.578212976 CET	61456	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.588994980 CET	53	54368	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.612911940 CET	62760	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.613652945 CET	50710	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.670275927 CET	56453	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.670453072 CET	56108	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.690438032 CET	64750	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.691669941 CET	56265	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:49.697171926 CET	53	58621	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.715714931 CET	53	51471	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.716243029 CET	53	61456	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.751311064 CET	53	62760	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.808950901 CET	53	56453	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.814225912 CET	53	56108	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.829497099 CET	53	64750	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.829613924 CET	53	56265	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.860395908 CET	53	50710	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:49.868201971 CET	53	49901	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:51.587137938 CET	53	54036	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:51.614476919 CET	59666	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:51.614638090 CET	62481	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:51.755310059 CET	53	62481	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:51.853704929 CET	53	59666	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:51.995096922 CET	57723	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:51.995270014 CET	62797	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:52.035321951 CET	51826	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:52.035465956 CET	59489	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:52.140933037 CET	53	62797	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:52.141546965 CET	53	57723	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:52.175679922 CET	53	51826	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:52.338907957 CET	53	59489	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:52.579493046 CET	49244	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:52.583096027 CET	51841	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:52.718461037 CET	53	49244	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:52.736110926 CET	53	51841	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:53.542536020 CET	60765	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:53.542678118 CET	60532	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:53.680871010 CET	53	60532	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:53.795547962 CET	53	60765	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:54.890377045 CET	61587	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:54.890551090 CET	61027	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:54.910697937 CET	55999	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:54.910876989 CET	61854	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:54.964333057 CET	57872	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:54.964477062 CET	61523	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:55.028650999 CET	53	61027	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:55.028806925 CET	53	61587	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:55.048362970 CET	53	55999	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:55.048866987 CET	53	61854	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:55.050008059 CET	58825	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:55.103125095 CET	53	57872	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:55.103137016 CET	53	61523	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:55.155534029 CET	52409	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:55.157026052 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:55.158850908 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:55.189116001 CET	53	58825	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:55.296252012 CET	53	52409	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:55.559335947 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:55.559372902 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:56.071105003 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:56.071342945 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:56.318856955 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:56.319196939 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:56.319396019 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:56.319406986 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:56.319968939 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:56.463072062 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:56.463190079 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:56.524471045 CET	58221	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:56.586169958 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:18:56.721096992 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:56.918884993 CET	3478	58221	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:56.979214907 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:18:57.089447975 CET	56077	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:57.089854002 CET	50573	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:57.315798998 CET	53	50573	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:57.320590973 CET	53	56077	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:57.398957014 CET	62289	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:57.399095058 CET	52399	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:57.475192070 CET	56699	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:57.475341082 CET	49283	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:57.532233953 CET	53	57536	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:57.536355019 CET	53	52399	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:57.539028883 CET	53	62289	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:57.613070965 CET	53	56699	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:57.613447905 CET	53	49283	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:59.301918983 CET	63543	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:59.302375078 CET	59417	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:59.305103064 CET	50059	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:59.305250883 CET	64753	53	192.168.2.4	1.1.1.1
Dec 3, 2024 16:18:59.440133095 CET	53	63543	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:59.440485001 CET	53	59417	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:59.443952084 CET	53	50059	1.1.1.1	192.168.2.4
Dec 3, 2024 16:18:59.564115047 CET	53	64753	1.1.1.1	192.168.2.4
Dec 3, 2024 16:19:06.339001894 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:19:06.600629091 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:19:06.731139898 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:19:06.992192984 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:19:16.743486881 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:19:17.011981964 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:19:17.140829086 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:19:17.403825998 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:19:18.197139025 CET	53	64402	1.1.1.1	192.168.2.4
Dec 3, 2024 16:19:20.006572008 CET	53	59362	1.1.1.1	192.168.2.4
Dec 3, 2024 16:19:27.160120964 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:19:27.426980972 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:19:27.552005053 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:19:27.819156885 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:19:37.561240911 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:19:37.833022118 CET	61028	3478	192.168.2.4	91.235.132.129
Dec 3, 2024 16:19:37.962282896 CET	3478	61028	91.235.132.129	192.168.2.4
Dec 3, 2024 16:19:38.229759932 CET	3478	61028	91.235.132.129	192.168.2.4

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Dec 3, 2024 16:18:22.849858999 CET	192.168.2.4	1.1.1.1	c1fd	(Port unreachable)	Destination Unreachable
Dec 3, 2024 16:18:44.399159908 CET	192.168.2.4	1.1.1.1	c211	(Port unreachable)	Destination Unreachable
Dec 3, 2024 16:18:46.010384083 CET	192.168.2.4	1.1.1.1	c254	(Port unreachable)	Destination Unreachable
Dec 3, 2024 16:18:49.860475063 CET	192.168.2.4	1.1.1.1	c20a	(Port unreachable)	Destination Unreachable
Dec 3, 2024 16:18:52.338974953 CET	192.168.2.4	1.1.1.1	c24f	(Port unreachable)	Destination Unreachable
Dec 3, 2024 16:18:56.918955088 CET	192.168.2.4	91.235.132.129	a063	(Port unreachable)	Destination Unreachable
Dec 3, 2024 16:18:59.564189911 CET	192.168.2.4	1.1.1.1	c228	(Port unreachable)	Destination Unreachable

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:24 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-12-03 15:18:25 UTC	479	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Server: Kestrel ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-OSID: 2 X-CID: 2 X-CCC: GB Cache-Control: public, max-age=167943 Date: Tue, 03 Dec 2024 15:18:25 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:26 UTC	654	OUT	GET / HTTP/1.1 Host: 1wbapm.life Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:26 UTC	1610	IN	HTTP/1.1 200 OK Server: ddos-guard Connection: close Set-Cookie: __ddg8_=lezL15ZPDRgvDmVu; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:26 GMT Set-Cookie: __ddg9_=8.46.123.228; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:26 GMT Set-Cookie: __ddg10_=1733239106; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:26 GMT Set-Cookie: __ddg1_=RPF8MEjuczIExyDHVLuN; Domain=.1wbapm.life; HttpOnly; Path=/; Expires=Wed, 03-Dec-2025 15:18:26 GMT Date: Tue, 03 Dec 2024 15:18:26 GMT Content-Type: text/html; charset=utf-8 Content-Length: 54270 Vary: Accept-Encoding X-Request-Id: lt4vGlg0YSGtY8OA X-App-Version: v2.136.0 x-match-domain: 1wbapm.life Vary: Origin Access-Control-Allow-Origin: * X-Frame-Options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan X-Frame-Options: ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
2024-12-03 15:18:26 UTC	14774	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 49 4e 49 54 49 41 4c 5f 44 41 54 41 20 3d 20 7b 22 64 6f 6d 61 69 6e 22 3a 7b 22 63 6f 6e 74 65 6e 74 5f 74 79 70 65 22 3a 22 6d 61 69 6e 22 2c 22 6c 69 63 65 6e 73 65 5f 61 6c 6c 6f 77 65 64 22 3a 74 72 75 65 2c 22 6d 65 74 61 22 3a 7b 22 65 78 70 69 72 61 74 69 6f 6e 5f 64 61 74 65 22 3a 22 32 30 32 35 2d 30 33 2d 30 31 54 31 31 3a 33 38 3a 34 37 5a 22 2c 22 72 65 67 69 73 74 72 79 5f 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 73 65 63 6f 6e 64 5f 67 61 74 65 77 61 79 5f 6f 6e 22 3a 22 66 61 6c 73 65 22 7d 7d 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 53 75 62 64 69 76 69 73 69 6f 6e 22 Data Ascii: <!DOCTYPE html><html><head> <script>window.INITIAL_DATA = {"domain":{"content_type":"main","license_allowed":true,"meta":{"expiration_date":"2025-03-01T11:38:47Z","registry_status":"ok","second_gateway_on":"false"}},"country":"US","countrySubdivision"
2024-12-03 15:18:27 UTC	16384	IN	Data Raw: 22 79 61 6e 64 65 78 2d 76 65 72 69 66 69 63 61 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 64 64 65 62 63 38 63 62 38 63 32 62 31 36 32 37 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 6c 6f 61 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 76 31 2e 62 75 6e 64 6c 65 63 64 6e 2e 63 6f 6d 2f 66 6f 6e 74 2f 53 46 4e 53 44 69 73 70 6c 61 79 2d 6c 61 74 69 6e 2e 35 30 61 34 65 61 66 66 33 2e 77 6f 66 66 32 22 20 61 73 3d 22 66 6f 6e 74 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 6c 6f 61 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 76 31 2e 62 75 6e 64 6c 65 63 64 6e 2e 63 6f 6d 2f 66 6f 6e 74 2f 53 46 4e 53 54 65 78 74 2d 6c 61 74 69 6e 2e 66 30 39 61 61 35 32 32 39 2e 77 6f 66 66 32 22 20 61 73 Data Ascii: "yandex-verification" content="ddebc8cb8c2b1627"><link rel="preload" href="https://v1.bundlecdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2" as="font" crossorigin=""><link rel="preload" href="https://v1.bundlecdn.com/font/SFNSText-latin.f09aa5229.woff2" as
2024-12-03 15:18:27 UTC	426	IN	Data Raw: 39 47 79 52 68 50 31 4f 58 32 6b 5a 72 66 55 2f 33 76 77 47 71 62 30 57 4a 71 34 71 55 52 47 55 42 67 78 68 6e 34 51 30 59 51 35 65 77 44 50 61 45 73 47 6a 44 46 47 56 70 74 58 61 72 61 35 6f 2b 7a 6d 31 35 33 75 2b 44 31 45 39 37 4d 6c 54 4d 38 69 48 4f 34 4f 33 4a 69 61 74 65 68 2b 74 6d 59 55 69 34 49 36 2b 2f 75 4b 76 46 39 45 75 6c 61 68 57 48 50 67 38 31 51 46 67 39 63 61 71 6d 57 74 57 4e 44 37 45 52 6b 6a 55 44 6d 64 65 57 6f 32 76 62 58 41 36 4c 62 73 6e 72 39 54 38 78 61 37 6c 5a 38 6f 44 49 30 4d 69 6a 43 73 50 41 59 6a 57 46 72 6b 6f 52 71 6d 42 74 30 57 51 6e 79 4b 79 78 6d 74 42 75 75 4c 79 77 43 31 63 78 57 32 75 56 53 71 56 55 4b 65 46 45 51 42 79 2b 70 6f 59 2f 57 79 71 55 4f 45 4c 64 2b 45 4b 6c 6f 43 69 63 42 44 54 67 65 4b 4a 52 77 6b Data Ascii: 9GyRhP1OX2kZrfU/3vwGqb0WJq4qURGUBgxhn4Q0YQ5ewDPaEsGjDFGVptXara5o+zm153u+D1E97MlTM8iHO4O3Jiateh+tmYUi4I6+/uKvF9EulahWHPg81QFg9caqmWtWND7ERkjUDmdeWo2vbXA6Lbsnr9T8xa7lZ8oDI0MijCsPAYjWFrkoRqmBt0WQnyKyxmtBuuLywC1cxW2uVSqVUKeFEQBy+poY/WyqUOELd+EKloCicBDTgeKJRwk
2024-12-03 15:18:27 UTC	16384	IN	Data Raw: 45 36 6a 7a 42 73 7a 32 4d 75 58 39 78 35 69 6b 68 77 6b 50 34 62 5a 4a 4d 63 74 43 31 58 4c 57 34 4e 79 50 73 2b 6a 63 53 4f 4a 5a 61 30 78 31 47 6c 6b 66 73 73 66 67 30 5a 56 35 69 4a 6f 4e 70 6c 4e 5a 6d 5a 6e 50 4c 4a 30 68 50 6b 6b 57 56 67 52 4c 73 41 67 4f 77 4e 4c 43 76 75 6c 4a 68 76 6a 31 6c 5a 37 5a 79 64 76 63 56 5a 57 79 53 54 36 35 69 57 5a 53 4a 34 58 61 70 4a 5a 53 30 7a 6a 79 63 48 46 73 44 43 6b 79 46 46 2b 41 49 79 46 71 65 76 36 56 47 44 61 46 74 4c 5a 73 65 54 35 6f 69 36 66 64 55 55 6c 43 71 5a 63 54 73 71 71 51 6b 57 4a 59 50 4a 69 57 6c 51 58 4c 75 36 79 55 66 6f 6b 69 30 57 73 50 6e 59 2f 46 45 62 58 64 36 72 45 70 65 6e 66 6b 5a 6a 4f 6a 4a 6e 34 72 42 50 35 46 68 64 34 38 42 50 51 38 4b 33 58 2f 47 77 65 4c 73 52 67 33 70 76 43 Data Ascii: E6jzBsz2MuX9x5ikhwkP4bZJMctC1XLW4NyPs+jcSOJZa0x1Glkfssfg0ZV5iJoNplNZmZnPLJ0hPkkWVgRLsAgOwNLCvulJhvj1lZ7ZydvcVZWyST65iWZSJ4XapJZS0zjycHFsDCkyFF+AIyFqev6VGDaFtLZseT5oi6fdUUlCqZcTsqqQkWJYPJiWlQXLu6yUfoki0WsPnY/FEbXd6rEpenfkZjOjJn4rBP5Fhd48BPQ8K3X/GweLsRg3pvC
2024-12-03 15:18:27 UTC	6302	IN	Data Raw: 65 3d 7b 72 75 3a 22 d0 a7 d1 82 d0 be 2d d1 82 d0 be 20 d0 bf d0 be d1 88 d0 bb d0 be 20 d0 bd d0 b5 20 d1 82 d0 b0 d0 ba 2c 20 d0 bd d0 be 20 d0 bc d1 8b 20 d0 b7 d0 bd d0 b0 d0 b5 d0 bc 2c 20 d0 ba d0 b0 d0 ba 20 d1 8d d1 82 d0 be 20 d0 b8 d1 81 d0 bf d1 80 d0 b0 d0 b2 d0 b8 d1 82 d1 8c 2e 20 d0 9f d0 be d0 b2 d1 82 d0 be d1 80 d0 b8 d1 82 d0 b5 20 d0 bf d0 be d0 bf d1 8b d1 82 d0 ba d1 83 20 d0 bf d0 be d0 b7 d0 b6 d0 b5 2e 22 2c 65 6e 3a 22 53 6f 6d 65 74 68 69 6e 67 20 77 65 6e 74 20 77 72 6f 6e 67 2c 20 62 75 74 20 77 65 20 6b 6e 6f 77 20 68 6f 77 20 74 6f 20 66 69 78 20 69 74 2e 20 54 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 22 2c 61 7a 3a 22 58 c9 99 74 61 20 62 61 c5 9f 20 76 65 72 64 69 2c 20 6c 61 6b 69 6e 20 62 69 7a 20 62 75 6e 75 20 6e Data Ascii: e={ru:"- , , . .",en:"Something went wrong, but we know how to fix it. Try again later.",az:"Xta ba verdi, lakin biz bunu n

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65450)
Category:	dropped
Size (bytes):	227453
Entropy (8bit):	5.378337121128915
Encrypted:	false
SSDEEP:	1536:VwmvhwvwV1UMwH+0G+ZBTr9ix6HeTX0XLDDDbGw5wyPybFkK8yDaIG+UNM3VBYG3:zhwvwVGMw9ZXixont8Fk9KRUytxYScY7
MD5:	751109D6B98AFB22EC0B6C55E1400C85
SHA1:	CA705319E2DCFC80990619E0661409A5A655476B
SHA-256:	FEB5C0EE05EF970A3CF34BAC95D465E96CCB3A3DF353B3A641D9391C168E68AD
SHA-512:	5D64B7008C6D7797D11EF1BCCA4BDACCCA3A113F41AFD22E7FD4BFF208773C11CC4881ADFECBB6BECCCB0DBF9B437FFF5917BAD8899D15134431372302913BC6
Malicious:	false
Reputation:	low
Preview:	/! For license information please see modules.86621fa4aeada5bcf025.js.LICENSE.txt /.!function(){var e={4788:function(e,t,n){"use strict";n.d(t,{s:function(){return r}});const r=Object.freeze({IDENTIFY_USER:"identify_user",AUTOTAG_RECORDING:"autotag_recording",TAG_RECORDING:"tag_recording",HEATMAP_HELO:"heatmap_helo",RECORDING_HELO:"recording_helo",REPORT_USER_ID:"report_user_id",MUTATION:"mutation",MOUSE_CLICK:"mouse_click",INPUT_CHOICE_CHANGE:"input_choice_change",KEY_PRESS:"key_press",MOUSE_MOVE:"mouse_move",RELATIVE_MOUSE_MOVE:"relative_mouse_move",CLIPBOARD:"clipboard",PAGE_VISIBILITY:"page_visibility",SCROLL_REACH:"scroll_reach",SCROLL:"scroll",SELECT_CHANGE:"select_change",VIEWPORT_RESIZE:"viewport_resize",SCRIPT_PERFORMANCE:"script_performance",REPORT_CONTENT:"report_content",INSERTED_RULE:"inserted_rule",DELETED_RULE:"deleted_rule"})},6939:function(e,t,n){"use strict";n.d(t,{f:function(){return f},W:function(){return g}});const r=Object.freeze({LIVE:"LIVE",REVIEW_WEBAPP:"REVI

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:26 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-12-03 15:18:27 UTC	534	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y= Cache-Control: public, max-age=74817 Date: Tue, 03 Dec 2024 15:18:27 GMT Content-Length: 55 Connection: close X-CID: 2
2024-12-03 15:18:27 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:27 UTC	640	OUT	GET /core-js/3.33.3/minified.js HTTP/1.1 Host: 1wbapm.life Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __ddg8_=lezL15ZPDRgvDmVu; __ddg9_=8.46.123.228; __ddg10_=1733239106; __ddg1_=RPF8MEjuczIExyDHVLuN
2024-12-03 15:18:27 UTC	1537	IN	HTTP/1.1 200 OK Server: ddos-guard Connection: close Set-Cookie: __ddg8_=8Kr8N5dfcVctTq7y; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:27 GMT Set-Cookie: __ddg9_=8.46.123.228; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:27 GMT Set-Cookie: __ddg10_=1733239107; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:27 GMT Date: Tue, 03 Dec 2024 12:57:06 GMT Content-Type: application/javascript Last-Modified: Mon, 02 Dec 2024 17:20:14 GMT ETag: W/"674dec4e-3b989" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Content-Encoding: gzip X-Frame-Options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan X-Frame-Options: ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan Age: 8481 Content-Length: 90567 DDG-Cache-Status: HIT
2024-12-03 15:18:27 UTC	14847	IN	Data Raw: 1f 8b 08 00 00 00 00 00 04 03 b4 bd e9 5a 1b 49 ba ef fb 7d 5f 05 68 f7 66 a5 4c 32 48 08 61 0b cb 5a 94 0b 57 bb ab 3c b4 ed aa ea 5e d8 5d 8f 2c 04 a8 2c 24 5a 03 36 85 39 f7 73 6e e3 5c d9 f9 fd df 37 22 33 25 84 4c af 5e bb 9f 6a 8b 9c 23 e2 9d c7 d8 7a f0 e0 7f ad 3c 58 e9 0c 47 dd 8d df c7 2b 3b 9b 3b fc a7 33 ff df ff bb 52 dd ae d4 36 aa db d5 9d 95 ef bb 83 de 78 e5 f5 74 7c f6 a9 3d ea 5e ae 24 7f f4 87 bd d1 b0 f3 69 73 34 2d eb ee 7e af d3 1d 8c bb 8d 95 b3 c9 e4 62 dc d8 da 3a ed 4d ce a6 1f 37 3b c3 f3 ad 78 ef 56 f8 c8 d6 c7 fe f0 e3 d6 a5 7f 6a eb a7 e7 4f 0f 5f be 3d d4 4b c6 c3 e9 a8 73 bf 77 70 fb d6 ff 5a 3d 99 0e 3a 93 de 70 90 4c ca d7 a5 e9 b8 bb 32 9e 8c 7a 9d 49 69 ff b2 3d 5a 19 a5 dd 74 b0 3f 6a 1e e5 77 a5 9c 2b 5f 77 93 4a 39 Data Ascii: ZI}_hfL2HaZW<^],,$Z69sn\7"3%L^j#z<XG+;;3R6xt\|=^$is4-~b:M7;xVjO_=KswpZ=:pL2zIi=Zt?jw+_wJ9
2024-12-03 15:18:27 UTC	16384	IN	Data Raw: f2 4e fa 6c b8 d1 09 cb 14 d6 70 46 71 fa ac d9 5e af 95 7f a1 b0 68 fe 91 02 f1 bb 8a 75 af f9 17 39 d6 5d 73 b7 04 fb f9 b9 93 7f 35 51 6a 38 e3 b4 ea 08 02 3b b4 e9 cc d5 0b bc 02 b6 4a 9b 27 6c cc 87 62 af 15 b8 d6 df 52 30 97 2c 06 d4 25 ee 12 50 cb 75 1a 98 8d c8 d0 9c 61 0a 34 09 b9 d4 e3 40 fe 1a 5d 50 e0 38 ba 6b 2c e0 64 fe 1a 05 9c 4e dd f3 54 58 c3 28 6e 56 6c 5c 39 a2 41 6d d6 85 24 a4 44 1a 82 bd 05 bf dc a6 3b b8 ad a5 92 0b 79 5b 47 7d d5 3c 94 f3 46 91 10 25 f3 1d 42 ac 87 e9 c1 2d 9d 95 10 30 35 6d e9 2a 18 7c 41 7b 13 7c cc fa 0c dc e9 54 6d 7b f1 90 b3 aa 89 42 1e 5f e4 62 7a 6b a9 8d ba 83 8e 28 8d 53 fe d9 bf 7c 32 b0 6a b2 cf cd 57 ad c3 e4 0b 05 65 4a 5e b3 df be 6a 3e 89 de ba 9b 43 2f fa d8 4c ce 71 c4 7c 21 18 46 3b 7d a2 26 33 Data Ascii: NlpFq^hu9]s5Qj8;J'lbR0,%Pua4@]P8k,dNTX(nVl\9Am$D;y[G}<F%B-05m*\|A{\|Tm{B_bzk(S\|2jWeJ^j>C/Lq\|!F;}&3
2024-12-03 15:18:27 UTC	16384	IN	Data Raw: 45 59 10 81 62 00 44 e0 2e 5a 2f 0d 20 ef 98 98 c7 58 8f b0 60 a6 e6 45 6d f5 18 a7 c0 16 f6 21 5b 1b 97 dd 52 a6 42 43 e3 29 21 06 78 9c 0c c7 bc d2 d7 e8 9e f6 2e ca 95 ad 30 87 03 3f 3b 57 1e 44 61 fa 64 bb 45 ef 02 66 7d b0 b5 d5 63 bc ff 2e a0 c6 02 73 33 d6 da bb 48 83 b5 67 16 01 69 a7 4a 02 6e 27 0e 18 44 dd 0a f4 85 cb d5 f6 fd 47 62 8e ce 5f 39 92 9b bb c6 71 f3 25 a3 f8 8d a1 32 ec db 34 54 86 2b 33 a1 92 b8 e1 df 00 2a 1d 1b 59 5f a1 f8 1c 16 83 01 fb 71 c7 f2 b2 7b fe a6 7c ac fe 84 a4 57 cf 42 65 4a 2d ca 06 13 d6 2b 8f 09 a0 80 14 b3 60 d5 b3 ba d5 31 f7 52 fb 42 d9 f3 b8 85 ec 7b bc b9 ca 7f 27 13 af 3f 1e 52 7c 0b 5b 9e 6c d2 11 7c 3b dc f0 40 e8 e8 8d 4b 56 09 62 a4 5a e0 e1 a1 9d 57 05 10 51 a1 2f 72 ea 44 e4 9a ba 90 10 83 36 46 00 6b Data Ascii: EYbD.Z/ X`Em![RBC)!x.0?;WDadEf}c.s3HgiJn'DGb_9q%24T+3*Y_q{\|WBeJ-+`1RB{'?R\|[l\|;@KVbZWQ/rD6Fk
2024-12-03 15:18:27 UTC	16274	IN	Data Raw: db 2c 23 5a aa 0d 84 b7 5d 15 a4 f0 09 1b e0 86 5a 8a f5 a2 ea 13 33 6d 6a 99 f4 c5 b2 41 5d 01 fc f4 0f 71 d5 06 cc d4 4e 82 eb 79 fe 16 e4 ad 34 de 96 89 4f cb 51 f8 d9 2f 7b 09 2a fb ee a0 80 8b be 64 48 48 7e 20 ef 51 25 43 4e 52 24 c9 e1 90 86 bc 8d ee 9c 82 f1 83 c0 71 eb 60 cc 2f 49 bd 70 72 7e 66 25 72 16 06 11 5e f6 74 05 27 fd 60 7b 6d 73 b3 ce 7f 55 fe 7b 50 a8 16 3c 01 84 8f cd c8 9a a5 4c 58 07 37 41 a1 d4 07 45 a9 ba 94 14 d4 01 d5 19 95 c6 b3 2a 1d 48 1a cf ea 3a da 88 65 56 aa 4b a5 54 1e 83 dc 5b 64 6e 8b 5f dd c0 89 30 8d 25 73 22 f8 c8 72 99 47 f9 92 a8 80 9b e4 c2 05 6c 64 51 77 2a 2c 8a c0 47 f2 c4 44 61 09 54 a2 9d a9 e2 12 e8 47 bb e2 35 e8 47 c3 f2 81 c1 06 dc 82 ce 6f 84 29 28 e4 e1 aa 56 3e c1 d9 7c a0 74 b0 a5 2e c5 0a 50 b4 88 Data Ascii: ,#Z]Z3mjA]qNy4OQ/{dHH~ Q%CNR$q`/Ipr~f%r^t'`{msU{P<LX7AEH:eVKT[dn_0%s"rGldQw*,GDaTG5Go)(V>\|t.P
2024-12-03 15:18:27 UTC	16384	IN	Data Raw: 9a 6f 4a 0c ac 80 5f 60 19 dd a0 dc 76 c0 97 cf c7 d3 c0 e2 4c 22 42 66 49 de d1 a8 a5 d9 ac 4c 2c bb c1 c4 b5 63 a4 53 50 2a 30 09 19 4b 86 05 b9 12 dd 34 83 67 58 2a e3 aa a8 e9 d7 f4 c8 72 76 f6 13 d3 7b 8d bc 8a 76 d7 ea fc 05 c0 c4 3d d5 ce d5 58 83 82 72 7a b3 40 a1 22 f5 84 4a 0a 2d b9 2d b1 7e 68 13 1c be 44 c5 d1 50 8b 73 95 ea a2 62 df 86 94 88 65 07 9b 81 88 f6 13 45 d5 75 b4 a8 59 a0 45 50 10 4a 4c 8d 3b ce 70 ee 26 25 9d 30 ab 6d b0 41 fc 80 fd 94 3e 83 d2 3c 81 cb 04 5b 6b 43 e4 a4 5a fb 02 6e 2a b4 ee a1 63 f9 de 36 e7 6b a9 f4 9e 78 a9 99 3c 8c 96 6f ea b9 16 54 6c ff 84 5c 47 a4 d8 45 91 29 71 27 cb 38 8b 40 3f db 74 4b d9 ad b9 b5 6d d8 9c e9 8b af 20 41 9d f2 21 75 b0 40 89 a6 fc e2 30 14 78 21 b4 88 65 3c 32 02 b9 09 b4 0b be b8 b9 e8 Data Ascii: oJ_`vL"BfIL,cSP0K4gXrv{v=Xrz@"J--~hDPsbeEuYEPJL;p&%0mA><[kCZn*c6kx<oTl\GE)q'8@?tKm A!u@0x!e<2
2024-12-03 15:18:27 UTC	10294	IN	Data Raw: 82 fb 97 32 cd df 12 b5 f6 5f c1 ec 44 02 64 1e 6c b8 d8 9c 20 1d e3 9e c6 84 06 18 f5 e5 c4 88 b3 82 cb cd 33 c0 7d b6 43 32 1e 12 24 0c 9e 76 56 07 90 c3 a3 45 fb 44 32 cb d5 50 80 71 51 bb b4 0a c0 bb 86 1d 51 b9 f5 5e a5 eb b4 75 82 4b 80 a6 90 c2 61 bc 79 f5 18 16 0f f9 46 b0 d4 5f fc dc 3e 1c b6 f8 db 6a b6 8f 5b 43 58 e3 5e a7 d7 df 95 f1 07 d0 cf 2f e0 df e3 86 df 7a a8 1e ac 02 62 05 4e da c3 39 a2 54 c4 33 b9 b8 35 4f 94 f0 05 32 fc e5 10 85 a8 d0 2f 1c 07 d3 02 6c a3 68 28 c0 c6 f3 5e 0f bd 26 29 3c f4 d2 5f c7 89 9d 73 43 73 0f ff 31 fe 10 fe 52 ba 28 fb f2 ef e3 0f 59 46 e0 de 1d e5 37 95 bf 8d 3f 7e de c1 fb dc 9f f6 c8 86 b1 6e ca c6 cd 1f f1 d5 c9 12 4d 07 f1 f4 98 81 40 2c 51 9e c7 d0 e1 72 07 e7 9b ed 2e 84 a9 4a 8d 10 5c 1c 0d d4 b1 e6 Data Ascii: 2_Ddl 3}C2$vVED2PqQQ^uKayF_>j[CX^/zbN9T35O2/lh(^&)<_sCs1R(YF7?~nM@,Qr.J\

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:28 UTC	703	OUT	GET /img/logo/main/1win-normal.svg HTTP/1.1 Host: 1wbapm.life Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __ddg8_=lezL15ZPDRgvDmVu; __ddg9_=8.46.123.228; __ddg10_=1733239106; __ddg1_=RPF8MEjuczIExyDHVLuN
2024-12-03 15:18:28 UTC	1576	IN	HTTP/1.1 200 OK Server: ddos-guard Connection: close Set-Cookie: __ddg8_=TFUlj7O9j4dWS81n; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:28 GMT Set-Cookie: __ddg9_=8.46.123.228; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:28 GMT Set-Cookie: __ddg10_=1733239108; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:28 GMT Date: Tue, 03 Dec 2024 12:32:57 GMT Content-Type: image/svg+xml Content-Length: 2480 Vary: Accept-Encoding Last-Modified: Mon, 02 Dec 2024 17:20:14 GMT ETag: "674dec4e-9b0" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Access-Control-Allow-Origin: * Accept-Ranges: bytes X-Frame-Options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan X-Frame-Options: ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan Age: 9931 DDG-Cache-Status: HIT
2024-12-03 15:18:28 UTC	2480	IN	Data Raw: 3c 73 76 67 20 77 69 64 74 68 3d 22 31 36 38 22 20 68 65 69 67 68 74 3d 22 37 31 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 36 38 20 37 31 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 31 30 37 2e 31 31 38 20 31 38 2e 32 39 39 38 43 31 31 31 2e 33 34 33 20 31 38 2e 32 39 39 38 20 31 31 34 2e 37 37 34 20 31 34 2e 38 36 38 20 31 31 34 2e 37 37 34 20 31 30 2e 36 34 33 32 43 31 31 34 2e 37 37 34 20 36 2e 34 31 38 33 35 20 31 31 31 2e 33 34 33 20 32 2e 39 38 36 35 37 20 31 30 37 2e 31 31 38 20 32 2e 39 38 36 35 37 43 31 30 32 2e 38 39 33 20 32 2e 39 38 36 35 37 20 39 39 2e 34 36 31 34 20 36 2e 34 31 38 33 35 20 Data Ascii: <svg width="168" height="71" viewBox="0 0 168 71" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M107.118 18.2998C111.343 18.2998 114.774 14.868 114.774 10.6432C114.774 6.41835 111.343 2.98657 107.118 2.98657C102.893 2.98657 99.4614 6.41835

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:28 UTC	548	OUT	GET /css/index.aedf85995.css HTTP/1.1 Host: v1.bundlecdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:28 UTC	411	IN	HTTP/1.1 200 OK Date: Tue, 03 Dec 2024 15:18:28 GMT Content-Type: text/css Content-Length: 6235 Connection: close last-modified: Wed, 30 Oct 2024 17:00:06 GMT etag: "67226616-185b" expires: Fri, 01 Dec 2034 15:18:28 GMT Cache-Control: public, max-age=315360000 access-control-allow-origin: * CF-Cache-Status: HIT Age: 471121 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8ec4878ded15c354-EWR
2024-12-03 15:18:28 UTC	958	IN	Data Raw: 2e 53 68 65 65 74 4c 61 79 6f 75 74 5f 77 72 61 70 70 65 72 5f 4d 73 44 6d 34 7b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 7a 2d 69 6e 64 65 78 3a 35 30 30 31 3b 63 6f 6e 74 61 69 6e 3a 73 69 7a 65 7d 3a 72 6f 6f 74 7b 2d 2d 63 6f 6c 6f 72 2d 6e 39 30 30 3a 20 72 67 62 28 39 2c 20 31 35 2c 20 33 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 6e 38 30 30 3a 20 72 67 62 28 32 32 2c 20 32 39 2c 20 34 36 29 3b 2d 2d 63 6f 6c 6f 72 2d 6e 37 30 30 3a 20 72 67 62 28 33 35 2c 20 34 35 2c 20 36 39 29 3b 2d 2d 63 6f 6c 6f 72 2d 6e 36 30 30 3a 20 72 67 62 28 34 38 2c 20 35 39 2c 20 38 38 29 3b 2d 2d 63 6f 6c 6f 72 2d 6e 35 30 30 3a 20 72 67 62 28 36 38 2c 20 38 30 2c 20 31 31 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 6e 34 30 30 3a 20 72 67 62 28 39 32 2c 20 31 30 34 2c 20 31 33 32 29 Data Ascii: .SheetLayout_wrapper_MsDm4{position:fixed;z-index:5001;contain:size}:root{--color-n900: rgb(9, 15, 30);--color-n800: rgb(22, 29, 46);--color-n700: rgb(35, 45, 69);--color-n600: rgb(48, 59, 88);--color-n500: rgb(68, 80, 110);--color-n400: rgb(92, 104, 132)
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 35 35 29 3b 2d 2d 63 6f 6c 6f 72 2d 62 6c 6b 39 30 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 35 29 3b 2d 2d 63 6f 6c 6f 72 2d 62 6c 6b 38 30 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 34 35 29 3b 2d 2d 63 6f 6c 6f 72 2d 62 6c 6b 37 30 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 34 29 3b 2d 2d 63 6f 6c 6f 72 2d 62 6c 6b 36 30 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 33 35 29 3b 2d 2d 63 6f 6c 6f 72 2d 62 6c 6b 35 30 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 33 29 3b 2d 2d 63 6f 6c 6f 72 2d 62 6c 6b 34 30 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 32 35 29 3b 2d 2d 63 6f 6c 6f 72 2d 62 6c 6b 33 30 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 32 29 3b Data Ascii: : rgba(0, 0, 0, .55);--color-blk90: rgba(0, 0, 0, .5);--color-blk80: rgba(0, 0, 0, .45);--color-blk70: rgba(0, 0, 0, .4);--color-blk60: rgba(0, 0, 0, .35);--color-blk50: rgba(0, 0, 0, .3);--color-blk40: rgba(0, 0, 0, .25);--color-blk30: rgba(0, 0, 0, .2);
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: 6f 72 2d 73 74 2d 73 66 2d 64 61 72 6b 2d 74 65 72 74 69 61 72 79 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 62 6c 6b 33 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 73 74 2d 73 66 2d 6c 69 67 68 74 2d 70 72 69 6d 61 72 79 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 77 39 30 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 73 74 2d 73 66 2d 6c 69 67 68 74 2d 73 65 63 6f 6e 64 61 72 79 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 77 39 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 73 74 2d 73 66 2d 6c 69 67 68 74 2d 74 65 72 74 69 61 72 79 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 77 33 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 73 74 2d 73 66 2d 62 6f 72 64 65 72 2d 73 75 72 66 61 63 65 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 77 31 35 29 3b 2d 2d 63 6f 6c 6f 72 2d 73 74 2d 73 66 2d 62 6f 72 64 65 72 2d 63 6f Data Ascii: or-st-sf-dark-tertiary: var(--color-blk30);--color-st-sf-light-primary: var(--color-w900);--color-st-sf-light-secondary: var(--color-w90);--color-st-sf-light-tertiary: var(--color-w30);--color-st-sf-border-surface: var(--color-w15);--color-st-sf-border-co
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: 74 2d 74 65 72 74 69 61 72 79 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 6e 31 30 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 74 65 78 74 2d 6c 69 6e 6b 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 62 33 30 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 67 64 2d 62 6c 75 65 3a 20 72 67 62 28 30 2c 20 31 34 39 2c 20 32 35 35 29 2c 20 72 67 62 28 38 2c 20 38 35 2c 20 31 39 36 29 3b 2d 2d 63 6f 6c 6f 72 2d 67 64 2d 67 72 65 65 6e 3a 20 72 67 62 28 34 39 2c 20 31 38 38 2c 20 31 30 35 29 2c 20 72 67 62 28 38 2c 20 31 35 38 2c 20 37 38 29 3b 2d 2d 63 6f 6c 6f 72 2d 66 6e 2d 62 61 73 65 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 62 33 30 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 66 6e 2d 62 61 73 65 2d 73 65 63 6f 6e 64 61 72 79 3a 20 72 67 62 61 28 39 2c 20 31 30 39 2c 20 32 35 35 2c 20 2e 31 29 3b Data Ascii: t-tertiary: var(--color-n100);--color-text-link: var(--color-b300);--color-gd-blue: rgb(0, 149, 255), rgb(8, 85, 196);--color-gd-green: rgb(49, 188, 105), rgb(8, 158, 78);--color-fn-base: var(--color-b300);--color-fn-base-secondary: rgba(9, 109, 255, .1);
2024-12-03 15:18:28 UTC	1170	IN	Data Raw: 73 65 63 6f 6e 64 61 72 79 3a 20 72 67 62 61 28 39 2c 20 31 30 39 2c 20 32 35 35 2c 20 2e 31 29 3b 2d 2d 63 6f 6c 6f 72 2d 66 6e 2d 73 75 63 63 65 73 73 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 67 33 30 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 66 6e 2d 73 75 63 63 65 73 73 2d 73 65 63 6f 6e 64 61 72 79 3a 20 72 67 62 61 28 31 38 2c 20 31 38 34 2c 20 38 37 2c 20 2e 31 29 3b 2d 2d 63 6f 6c 6f 72 2d 66 6e 2d 77 61 72 6e 69 6e 67 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 79 33 30 30 29 3b 2d 2d 63 6f 6c 6f 72 2d 66 6e 2d 77 61 72 6e 69 6e 67 2d 73 65 63 6f 6e 64 61 72 79 3a 20 72 67 62 61 28 32 33 33 2c 20 31 37 31 2c 20 31 35 2c 20 2e 31 29 3b 2d 2d 63 6f 6c 6f 72 2d 66 6e 2d 65 72 72 6f 72 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 6f 33 30 30 29 3b 2d 2d 63 6f 6c Data Ascii: secondary: rgba(9, 109, 255, .1);--color-fn-success: var(--color-g300);--color-fn-success-secondary: rgba(18, 184, 87, .1);--color-fn-warning: var(--color-y300);--color-fn-warning-secondary: rgba(233, 171, 15, .1);--color-fn-error: var(--color-o300);--col

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:28 UTC	573	OUT	GET /font/SFNSDisplay-latin.50a4eaff3.woff2 HTTP/1.1 Host: v1.bundlecdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://1wbapm.life sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:28 UTC	429	IN	HTTP/1.1 200 OK Date: Tue, 03 Dec 2024 15:18:28 GMT Content-Type: application/octet-stream Content-Length: 33064 Connection: close last-modified: Mon, 30 Sep 2024 13:39:41 GMT etag: "66faaa1d-8128" expires: Fri, 01 Dec 2034 15:18:28 GMT Cache-Control: public, max-age=315360000 access-control-allow-origin: * CF-Cache-Status: HIT Age: 1157799 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8ec4878dea964382-EWR
2024-12-03 15:18:28 UTC	940	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 00 81 28 00 0e 00 00 00 01 04 f8 00 00 80 ce 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1c 83 60 06 60 2a 48 00 93 7c 2f 7e 0a 81 a4 40 81 85 37 30 82 b8 22 01 36 02 24 03 89 00 0b 84 44 00 04 20 05 82 44 07 20 1b 38 f2 05 9b 32 d9 4b 6f 56 d5 3b b8 61 7a 35 51 d4 44 52 4b 4e 14 a5 a3 96 cb fe 3f 26 27 43 06 be 80 b9 e9 8b 64 4a c8 14 32 64 39 a2 48 36 d7 2e a1 8b 7a 90 50 a5 f7 a0 da 7b 2a 13 f4 81 b9 64 21 b1 21 b6 96 b3 77 20 cc 2d 97 f8 64 52 38 29 04 37 f5 1a 6e f6 88 1c 32 04 89 de 6b 12 f9 ee 86 84 4a 96 6a 43 ab 3e 90 f5 e0 7c ef 6f 71 69 bc 14 24 5d 12 5a 8b 3f ab 48 be f2 67 8e d0 d8 27 b9 3c 3c d1 54 7b 7f 66 16 24 d9 69 62 bb c0 4e 0a 44 71 0e 89 a4 ba 40 00 87 bc 3f f0 db ec 7d 40 90 96 Data Ascii: wOF2(``H\|/~@70"6$D D 82KoV;az5QDRKN?&'CdJ2d9H6.zP{d!!w -dR8)7n2kJjC>\|oqi$]Z?Hg'<<T{f$ibNDq@?}@
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: 80 73 49 ee d7 f2 ae cb b4 7d ba bb c1 d7 9f 6e 44 45 b3 3c 6f 90 61 ca 76 49 7e 5d da 77 87 41 38 cf 79 49 b6 bc d7 51 eb 3b f9 be dd d6 b7 b6 ba 1f af bf d9 86 3e 9f 29 e9 45 b2 e5 ea d6 c3 b7 de e8 b1 b3 b3 d6 3b ca 78 13 6a 7d b7 c3 7e a5 e6 ba f5 7b e1 12 a8 72 70 b4 c2 50 6d 54 ae 03 87 3a e7 d2 1d 0a 93 10 e8 3e fb ac e1 71 0b 7e 39 f3 de f7 be 13 89 61 a7 92 6f fc 7f 09 5c 2e 10 fb a7 01 39 1a 50 e6 56 52 60 5a c4 5b 78 64 e9 a8 6e b3 25 71 ae 29 86 7b cd 57 29 5f ab cb 07 c1 e1 cb f4 0f 91 f9 f6 8b 48 c6 f6 c7 c4 ce 98 2a 8c 99 37 31 d7 16 0b fb 6c b6 45 77 2c dd 8e 95 f3 c1 9b 0b c1 70 ac cd c7 c6 6e b6 5c 94 70 e5 66 21 ee ce c4 c3 b9 78 3a 9b 6d 3a 43 32 18 32 24 0a 2a 45 34 74 ca 18 bc 68 f2 e6 6f 5d 02 18 da 2e 94 05 b6 08 76 89 e4 98 28 bd Data Ascii: sI}nDE<oavI~]wA8yIQ;>)E;xj}~{rpPmT:>q~9ao\.9PVR`Z[xdn%q){W)_H71lEw,pn\pf!x:m:C22$E4tho].v(
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: c6 98 8f 19 4c 28 e1 b2 1a 85 9c ba f2 50 f0 7b 94 5e d9 54 22 ed 76 3f d9 22 c1 0d fc 91 d7 3a ba 8e ba 6f e6 77 92 cd 01 63 ba d9 e8 78 e7 3d d1 62 b2 60 62 3d bd 99 5c 73 5e cc 60 cd dc 30 9a 76 34 24 30 26 29 08 83 ad b7 f8 2f 92 0f 27 22 14 ba 0c 63 2c 32 55 11 a3 3d c7 80 f8 9e cd 1b 0b fb e6 42 c1 1c 69 62 17 de ac 21 eb 68 de a3 9e d0 90 ac 84 9a f8 67 17 4d 8b c9 25 cb 05 4f 8a 43 c6 a5 84 ce 4a 03 e4 cd 27 bd 82 d3 68 be fc 1d 25 3d 3b b5 52 4b eb ba 44 f3 9c 53 ca b1 af 1c db e4 bc e5 a9 cc 8d f8 d0 7b 85 a0 1a 9a 12 18 9b ef b9 0b 42 6c d3 98 fa a8 29 c1 ba 87 84 8b ad 31 bf a8 ff 92 8a 70 51 33 dd ca 54 87 95 9b 55 03 9e 1b f6 54 bb 1a ce 2f 4b 15 fa 8d 67 6d 4b b3 c6 4d bd 33 09 bc f6 31 18 f2 bc a3 c7 9b ca 65 bb d0 c3 99 19 d1 1c 9f c2 77 Data Ascii: L(P{^T"v?":owcx=b`b=\s^`0v4$0&)/'"c,2U=Bib!hgM%OCJ'h%=;RKDS{Bl)1pQ3TUT/KgmKM31ew
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: 0d 66 a0 22 1a 52 cc b4 a8 2c bf 68 db fb 3e d6 13 bd a3 0b a0 ae a6 88 05 b2 6a bc b2 9c 2c dc 29 5b 91 1c fb f7 c7 56 b8 37 49 20 ad 8f 3e 5e 44 84 f1 e7 cf ef af f2 a4 50 bb 2c 97 e7 2f dd 7d b4 71 b4 cf 5e 8e 8a e7 eb 8c 64 2c c1 6f 61 e6 bc 99 2e e7 d4 5a bc 51 e6 6b 34 09 8e 07 33 0a cd 37 68 c9 95 55 d4 40 49 b2 62 11 5f 84 0d e0 b2 08 26 de b9 74 21 cf fd 6f a8 e1 77 7b bc d0 26 13 1f 51 29 e6 2d 05 bc 08 92 19 f4 c4 78 e6 b4 07 e6 67 85 04 42 dc fb 76 b0 c0 51 61 c6 26 88 39 4d f0 1f f8 4d f9 67 98 75 db 24 b3 37 f0 09 02 b7 23 ed 34 50 12 aa 4e 89 cf d7 9b 2b b8 bf 63 67 5a 5c c1 99 fb f7 d3 5e e2 8f cb 06 8f 77 8e 86 ff f9 89 b6 92 79 d1 3f 74 09 e8 3c 96 43 df aa 8f 58 73 d2 f9 1c 1b eb c5 6c 29 a6 8e 57 b6 50 c0 a1 35 a2 29 7d fb d7 ec 30 bf Data Ascii: f"R,h>j,)[V7I >^DP,/}q^d,oa.ZQk437hU@Ib_&t!ow{&Q)-xgBvQa&9MMgu$7#4PN+cgZ\^wy?t<CXsl)WP5)}0
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: 91 d8 62 39 8e 69 0f 8e cd e6 b6 85 87 15 c3 be fa c2 c2 f9 ad 23 cf 30 ce 4c 25 8c 93 f8 18 6b aa ce 3f 26 ad 4d 42 5f d4 11 eb 30 fd 68 3c 8d c1 3d 04 47 7c 36 cd 2d 53 3c a6 66 5d b7 88 03 d0 5e da f6 08 bf 6b 58 d4 6e 09 06 b1 13 0c de de 66 13 8f 18 18 17 c3 2c b5 84 3f 02 f6 cc cd dd 82 b7 4b b6 64 e3 ab 0f 7b 57 a2 31 9b 07 76 d2 23 74 c3 c9 66 c6 9a d7 00 93 32 d7 77 73 ec ea f4 0f a6 2e 08 31 a8 53 9a 76 b2 71 c4 54 98 be 0b 12 46 86 13 2e 7f 13 00 38 b8 7e e7 c7 ae b5 ec 7b d2 58 10 3f a3 c8 99 bc 35 02 fd f3 23 20 be 49 f9 e4 98 77 ef f6 b5 ef 2f b6 16 cc b7 bd d3 6d d1 6e 56 ce 0f 4a d9 5f c5 78 60 22 76 ce 99 c5 cc 0d 7c b7 64 bd fa 66 76 70 59 fc 82 4d 9b a9 24 2f 3a e5 64 03 87 e7 ab ec 92 0b f3 99 4e f0 94 28 c4 d6 1e 68 e8 12 c0 20 c0 f3 Data Ascii: b9i#0L%k?&MB_0h<=G\|6-S<f]^kXnf,?Kd{W1v#tf2ws.1SvqTF.8~{X?5# Iw/mnVJ_x`"v\|dfvpYM$/:dN(h
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: d1 6c b3 a7 86 8e a7 a5 0a 47 df 59 27 0e 4e d9 c4 81 12 92 ca 12 46 15 14 4e 5e 77 5e 54 cd 35 34 bb 71 82 1d ab 77 de e9 18 7a 12 24 ef 51 b1 5f 1f 3f 47 1f b6 08 d7 61 d0 9c 19 a2 e0 94 94 02 b6 da 4e 99 6a 5b c3 b0 cb f8 74 84 92 50 56 b5 73 ec b0 05 5b 3b d0 cb 91 96 13 ca 89 cb 8e 51 dc 34 8a ae af 9c d6 69 aa 87 40 a7 ae ce ab 6f 52 f8 97 ba 45 65 2d 06 6f be df 40 fc a2 16 f0 a0 30 53 ae 52 bc 07 40 a4 11 21 23 57 5d 96 58 dd 22 be 27 ca 97 94 d9 61 b3 ec c0 d0 75 69 1c 21 02 ad 51 8e aa cc dd 9d de 25 a3 2a cb 8d c4 76 99 ac fa e4 aa 53 ce 6c ab ac 70 4c bc 21 30 b7 97 91 a4 3e a7 89 0a 43 f7 bc f8 f5 c3 7a 3f b2 0f c2 da 3b 7f 24 26 be b4 02 11 e7 b3 a7 55 50 27 a2 bb 6d fc dc b8 ea a1 1a 6a ce 19 4d 87 b8 e7 54 a5 63 d1 73 7e ec 01 58 74 27 94 Data Ascii: lGY'NFN^w^T54qwz$Q_?GaNj[tPVs[;Q4i@oREe-o@0SR@!#W]X"'aui!Q%*vSlpL!0>Cz?;$&UP'mjMTcs~Xt'
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: 70 54 ef bd d9 1f 73 24 ad af 7c 04 ba c0 ac 6e 2a 61 04 b7 28 11 a5 2d f6 5d 6c 98 ba 6a 8a 6e 18 be 2a 2a 76 8c fd e3 6d 5b b2 87 7b b5 40 7c 72 4a 0e f7 5a fe 49 ed 98 81 95 11 4f a5 0c d5 60 d7 73 46 20 ad 06 cb f5 e8 66 37 a7 2d 3f 90 92 fb ff 1a ef 65 b3 f9 8d 6c b5 9b 65 8d c4 a9 29 00 00 71 7a c9 a3 36 bd e7 b2 20 dc c3 dd 98 78 d8 60 08 77 8e 33 c0 4c 77 3d a0 78 b2 e8 8c ec 1c 3a 2d db 01 ce ea fd 7a b5 93 1d 62 d9 b1 fa 6b 76 57 30 db 52 c3 50 06 3b a1 4c da 7a 16 0e 46 8e ef 3e f5 cf 1d b2 bc 0d 6e 2b d4 eb a3 56 d5 46 0b c6 e4 a4 f2 e1 ed 2d d3 e7 9b 6e d0 c5 82 d0 2c 75 43 60 6f 5c b2 ed 07 ef 0f 55 6b 1a cf ff 7f 56 e5 8d 96 f8 29 2c 72 3b 40 4c 0a 6b 76 14 52 5c 58 de 75 5c e0 5e 19 df 7a 20 f9 46 30 a7 ea 76 72 70 30 3d cf 2d 38 5d 10 1a Data Ascii: pTs$\|na(-]ljn*vm[{@\|rJZIO`sF f7-?ele)qz6 x`w3Lw=x:-zbkvW0RP;LzF>n+VF-n,uC`o\UkV),r;@LkvR\Xu\^z F0vrp0=-8]
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: 10 4e a3 25 cf 4f 6e 5d 79 f9 ad 43 25 cd a0 fc 37 30 90 f6 20 f5 84 5c da c9 e5 d9 7f b8 7b 61 41 a9 cf 48 ff 1a 81 49 1d 7c b7 e4 c7 ff 7f 0c 2f 4a 7a 40 8e fc fa 20 fa 83 96 b4 20 69 89 58 ff 7f 67 de 52 41 d4 b7 87 d0 9f 40 0a 59 40 01 4c c0 95 0b ea 1f 5e bc a0 76 c5 11 5e b8 a8 fe 71 62 ff 92 ae 85 5f a7 e5 2d af 56 db ca ab d5 85 6e 1f d8 90 36 5a 50 7e e8 94 46 8e 5b b8 1f fd d9 1a b0 b5 19 cb 60 79 d2 7c 52 01 4d 86 e6 5b 7e f5 5d 98 2e fc 9e 02 b1 d4 dc c7 6d 6f 9f 45 ff f9 ec e0 e3 7f 21 23 87 0f 1a 5f 1c 90 49 c0 c3 03 64 52 fd ca 43 36 dc cc 87 b7 02 ee c5 c4 42 71 62 19 4c 4e 0c 89 16 15 c3 64 44 c5 42 d5 e3 40 a1 6c 6c df a7 47 43 f2 0f aa 89 5e 12 58 e3 d3 de 7d 8f 79 57 fd f8 8b 89 a2 af 80 6c d1 8e ad 08 28 cb 8c 0a d2 98 30 ad 0c 2c 49 Data Ascii: N%On]yC%70 \{aAHI\|/Jz@ iXgRA@Y@L^v^qb_-Vn6ZP~F[`y\|RM[~].moE!#_IdRC6BqbLNdDB@llGC^X}yWl(0,I
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: fd 45 db 65 66 8b 7f 99 87 fc c1 68 2d ae f9 09 70 f2 e4 d3 f6 26 6e 21 66 ac 33 fd 2c c6 92 eb 36 36 25 53 26 df 0b a3 40 3c ce 92 b7 57 fa e8 b9 2b a4 4f fe 6b 07 8c 7b 8f 24 05 01 31 19 8d b1 2b 99 26 51 fa 9d cb 72 5d 1e c8 33 f9 54 be 5b 90 f2 89 d2 52 a6 cb d9 f2 53 79 0a 67 4f 95 c4 34 9e fa ee d4 0a e1 a5 5e 47 95 24 29 69 9f 26 c7 52 0f 27 df 9a fc 58 f2 1b 29 42 fa fd 74 6f 6a 2f 83 92 fa 73 ea 7c 1a c2 da 98 ef a6 7d 98 2e 64 9d ce 22 a5 df 9c fe 69 46 12 fb e3 4c 2e 7f 23 47 97 55 ce 15 67 f7 f1 4c bc c7 af 3b 9a 76 fc 9b 35 bf 9d 2d d5 5a d4 76 11 3e a5 63 24 ba 5f d7 55 7c 8d 1e 4e af 5c af 43 ef b2 3e 48 49 fa 03 fa bf 2f 7b ca ea d6 de 5a b7 51 7e e7 ba e5 f5 99 eb af 6e 60 6e 18 db a8 ad da be f1 c5 26 cf f8 83 9b 56 f2 82 0c 76 19 fc ce Data Ascii: Eefh-p&n!f3,66%S&@<W+Ok{$1+&Qr]3T[RSygO4^G$)i&R'X)Btoj/s\|}.d"iFL.#GUgL;v5-Zv>c$_U\|N\C>HI/{ZQ~n`n&Vv
2024-12-03 15:18:28 UTC	1369	IN	Data Raw: e8 24 41 29 62 b9 08 b4 ff b3 cc 45 52 79 17 d8 d4 ca 0e 82 cd 5b 31 3c 46 2c d8 79 01 e6 90 6f 15 99 a8 52 da 1e 3b 3a 4a b7 5d 97 fe a9 f0 f8 71 5c 87 46 63 36 42 32 b5 26 93 ac 04 08 42 55 9e 21 1d 9c 9f 61 23 9c 1f 46 4c 41 9c 67 89 9b 5c 61 36 83 db 04 3c b8 95 51 b1 21 67 ea 74 e4 f0 55 80 ae ee 56 ac ad ee c8 8b 05 42 55 7b 7e 44 71 95 f2 43 fd 77 12 52 ec 78 49 d1 d1 44 f9 43 0e fe c0 7f 49 91 63 70 43 52 7b 5d f7 44 c3 f0 70 3c 7e 1a 89 61 4c 87 f6 cd 65 dc c9 db ba 04 52 c1 84 cb c5 f8 fb 12 d4 83 b0 56 01 1e 1c 92 30 3a 93 67 52 a2 52 39 05 3d 82 7c 08 f6 db eb 04 9a 07 35 49 12 02 8a 74 91 f7 9f 62 09 f2 f1 10 01 0f b6 92 79 8c 46 08 4a 63 c9 87 fa af e0 24 6c b3 b2 c2 d9 cb 63 aa f9 4e 38 4e 76 81 20 4e 90 ee 96 9c 2d 0b cd 6b 2c 95 2a 24 81 Data Ascii: $A)bERy[1<F,yoR;:J]q\Fc6B2&BU!a#FLAg\a6<Q!gtUVBU{~DqCwRxIDCIcpCR{]Dp<~aLeRV0:gRR9=\|5ItbyFJc$lcN8Nv N-k,*$

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:28 UTC	570	OUT	GET /font/SFNSText-latin.f09aa5229.woff2 HTTP/1.1 Host: v1.bundlecdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://1wbapm.life sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:29 UTC	429	IN	HTTP/1.1 200 OK Date: Tue, 03 Dec 2024 15:18:28 GMT Content-Type: application/octet-stream Content-Length: 43512 Connection: close last-modified: Mon, 23 Sep 2024 15:33:26 GMT etag: "66f18a46-a9f8" expires: Fri, 01 Dec 2034 15:18:28 GMT Cache-Control: public, max-age=315360000 access-control-allow-origin: * CF-Cache-Status: HIT Age: 5857158 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8ec4878e48478cc8-EWR
2024-12-03 15:18:29 UTC	940	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 00 a9 f8 00 0e 00 00 00 01 88 3c 00 00 a9 9d 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1c 83 60 06 60 2a 48 00 93 7c 2f 60 0a 81 a5 28 81 86 0b 30 84 be 2c 01 36 02 24 03 89 00 0b 84 44 00 04 20 05 82 38 07 20 5b 6c 75 51 30 dd e6 23 b7 0d 80 39 ef bb ad fa 51 23 03 c1 c6 11 20 10 6c 9e 85 c0 c6 01 b0 b1 3f 61 f6 ff 39 b9 31 44 e8 3f 68 a5 b5 9d 64 8a 4c 24 52 53 01 85 bc 36 5c e8 4e ca d5 c8 83 9c 8a a3 ce ec 5a 10 6e cb d8 c8 7d 91 42 a0 bd 45 39 d0 40 1a 69 77 f0 82 b1 02 61 19 93 24 c8 e5 2b 5a 93 26 4f d5 76 22 20 8a 34 f4 f8 4a 74 2a ca 42 45 d4 20 51 30 89 2c 1c cf 95 1f bc bf fb 72 73 7b 38 05 eb 90 f0 68 f0 67 fd c9 ec ef 2c 02 dc d9 51 8a cc a3 92 87 e7 ff cf be d6 3e e7 5c 24 29 3f 29 0d Data Ascii: wOF2<``H\|/`(0,6$D 8 [luQ0#9Q# l?a91D?hdL$RS6\NZn}BE9@iwa$+Z&Ov" 4JtBE Q0,rs{8hg,Q>\$)?)
2024-12-03 15:18:29 UTC	1369	IN	Data Raw: 09 98 7a f7 0f b8 40 df 13 b5 e1 7c f8 23 33 d5 48 be 6c 61 72 18 f5 d7 77 4c 8f 62 0a 87 71 41 64 35 57 22 75 36 f8 cc 92 4a ab f7 b2 97 0c 4f 63 31 a0 41 3a 05 db 9f cb 9b 46 67 46 c0 de 03 08 31 e0 c5 92 a2 ef 5d 47 13 09 b2 ff 79 b4 92 45 bb fd e1 95 d7 de 78 eb 9d f7 0e fb e0 a3 4f 52 d2 28 19 eb b2 72 f2 ee fa ad a8 a4 ac a2 aa 06 88 f0 00 0e b5 73 75 01 97 19 c3 e7 1e 2b 24 bc e9 3c 49 1f 59 a7 e8 9c 0d bb d0 d0 58 c9 2e c3 28 a2 08 25 38 85 0b a1 dc 36 2a 92 57 c5 7b b2 4b 0f 1f eb 0d 4e 3c 7c b8 9d bd e5 f0 23 ed eb a5 ad 94 9e 93 43 67 d7 cd 9f 1e 6e b0 3e 0e f3 36 31 be 42 ad 2f 3b ed dd ca 2f f8 ff c2 3d 38 ab 3a 4e c7 4d b5 5f f9 04 b8 60 f4 99 3e 2b 6b e8 1f 2a 62 ab b1 c8 fe 5c f8 97 67 c0 50 1e 2f e7 9a ff bf 08 fa 6f 31 33 04 74 19 3b 28 Data Ascii: z@\|#3HlarwLbqAd5W"u6JOc1A:FgF1]GyExOR(rsu+$<IYX.(%86W{KN<\|#Cgn>61B/;/=8:NM_`>+kb\gP/o13t;(
2024-12-03 15:18:29 UTC	1369	IN	Data Raw: 38 e2 3f 17 a9 1d 7b 73 50 46 d8 57 a5 89 31 65 59 19 eb b8 75 52 ce 96 c5 5e c7 ce a5 c8 06 09 56 6a b9 ab e2 e4 46 96 dd d5 25 6c 55 8c 4e 1d b7 3d eb d2 34 59 e4 81 42 49 5b 27 42 db 56 95 21 4a d3 64 01 60 a0 39 ef 54 0a 4a 92 4d eb 24 08 f5 59 7a 27 21 ad 26 2b b2 bc 98 10 21 df eb 32 65 0a b0 c0 24 2e 4d e5 e6 bd ec 27 f4 2c d0 ec 76 7c 6a 13 a2 af 7b 25 48 2f 4e eb 27 0a fa 0a 9c d4 89 d0 d8 c1 7e 4a a1 36 83 d9 3b f3 8a bf 9f 90 56 11 2e 25 59 d7 53 4a eb 9c 9d 58 ae 8b 32 0c b7 90 5d ca 8e e1 72 06 4a 39 53 f1 6d 94 41 69 bb 02 49 66 7b 04 11 6c d6 fe df 0d 6c a2 fa f1 5a 47 ba 8e 74 54 9e 60 00 25 2b e9 2f 21 33 a5 5c 90 2c 82 52 91 96 fd 0c cb 29 89 a4 74 24 1c a1 59 b6 ac bb 25 68 7b 16 ad 6b 3e fd 46 0a b2 8a 37 24 9c e5 9f d6 1d 41 d3 e2 15 Data Ascii: 8?{sPFW1eYuR^VjF%lUN=4YBI['BV!Jd`9TJM$Yz'!&+!2e$.M',v\|j{%H/N'~J6;V.%YSJX2]rJ9SmAiIf{llZGtT`%+/!3\,R)t$Y%h{k>F7$A
2024-12-03 15:18:29 UTC	1369	IN	Data Raw: 16 65 a7 6e 54 bf c2 cd 32 55 a2 71 1e cc 1c 75 c6 e7 df f7 3a 21 75 ed aa f9 6b df dd 88 89 a8 65 e9 17 6d da 5e a3 46 4a a9 99 a0 56 45 8e 6e 55 c7 fd 0a 6f da b6 f5 5b d5 e7 85 fb e4 bc a4 f7 89 5f b4 a3 ea ec 76 f5 c5 c6 e3 97 a7 ce a3 91 99 c4 0f d9 89 6a 51 7a ca 1f cc ee 5d b8 67 b3 3d 96 77 27 1f 2f 1f 5e 1e 6f a8 cb 46 bd 07 db 42 0c e3 fa 3a 63 e3 2d d5 91 f0 56 c9 86 07 64 38 f3 a6 fc 2d fd 85 51 12 e9 e9 3c 03 b9 56 d2 b6 8c a2 8b 2e 03 b0 27 80 fd 36 e9 9e 59 01 f6 3e d9 40 f3 56 9f ae 6d c5 3b 4f b8 eb e3 e0 98 58 92 67 24 41 f2 8c 27 e4 db 83 39 9a 96 6a 97 ed 55 8e 05 40 38 a8 28 55 01 1e a4 61 ff 29 6a dd 52 a7 db 06 88 c9 c2 ea e8 26 15 a2 40 92 4d da d2 71 e0 3c e6 5f e8 6e 42 b3 71 fd 2b d3 36 7d 3d df e5 8d dc b1 ce ff 78 33 cb b4 4e Data Ascii: enT2Uqu:!ukem^FJVEnUo[_vjQz]g=w'/^oFB:c-Vd8-Q<V.'6Y>@Vm;OXg$A'9jU@8(Ua)jR&@Mq<_nBq+6}=x3N
2024-12-03 15:18:29 UTC	1369	IN	Data Raw: 50 fb b3 03 74 0e fa e9 2a 54 7e 38 15 e7 d6 8c 36 9e 31 8e 68 09 f0 0b 69 47 9b 05 b5 fb f9 07 b7 9a 0c 3d 58 ce 14 15 6a 7c 3f 3f 09 5f 6d 8e 28 ee 41 5f 92 90 97 3f 7f 4b 47 e9 e7 e0 56 43 b1 f8 c8 79 08 77 51 21 7f 9b f1 52 fa 84 ac 42 07 3d fb b3 77 81 33 fe 22 17 f6 3e 2d c0 5d 06 19 df c8 30 f6 d8 76 0d 77 35 d7 8d 75 b1 6c 61 db e2 62 2e 18 0d a8 d6 a4 e9 14 b0 d7 cb 97 77 96 1f 0a 0c 6b 31 32 8e 68 0e 0a 0e 6b 34 1d 7a 08 0e 0b 11 94 cd 8f f7 6a 36 02 ef 69 7a c9 e4 a5 5a 8c 93 14 c8 de e5 6c 60 74 d5 97 94 b5 d4 d2 c3 81 32 38 48 39 1f 0e 00 a6 69 d7 dd bc 2b b4 db ef c5 36 2e fe 6d 1f 2f fe d8 04 f6 4f f2 40 6a 96 f0 aa fa a3 e7 79 e3 9b 73 9f 34 98 26 f6 b7 68 36 ed 29 8a 25 27 4d d1 98 15 ec 3c f1 a4 45 81 29 b9 47 d7 fc 1d 5b 2b 09 b3 2b a7 Data Ascii: Pt*T~861hiG=Xj\|??_m(A_?KGVCywQ!RB=w3">-]0vw5ulab.wk12hk4zj6izZl`t28H9i+6.m/O@jys4&h6)%'M<E)G[++
2024-12-03 15:18:29 UTC	1369	IN	Data Raw: df bf 14 6b 12 80 2c 0c 02 77 37 5b 00 89 26 cd 06 53 af c0 b3 3a e3 e0 50 7d ee 9d d5 13 b7 95 b2 39 18 60 f5 d9 eb 7e fa dd bd 1d f9 a6 7f 25 75 3c c0 e4 20 22 30 75 a7 6e 78 01 31 f0 5b 8d e7 c2 d2 c6 f4 1b b5 e6 a1 4d 95 32 1b 1f bf ad 61 9f 44 4f 63 ae fc 01 9e 06 f6 67 0e 69 ef 48 b8 0c 01 e9 55 94 3f b6 dd 1b 45 d3 6b ab 5a d4 57 74 c9 92 24 67 0b 67 7a 60 62 74 21 51 ca 61 56 b8 ec 79 4a e9 ca cf 05 45 5a 53 75 ab fa 90 66 90 b4 bf 93 b9 13 cd 27 24 2c db 0d c1 8c 23 a5 77 13 73 d8 cf 8d 40 64 c8 4d 66 8a 39 55 cb 62 96 0d cb 4b 96 d6 a7 a0 64 2a 5d c8 c1 61 9f 8e de 95 01 d7 ef 08 39 88 66 17 d4 b6 f4 d4 15 a7 56 d7 33 d9 ab c7 56 af 96 fd 33 16 aa e9 8b 8c cd df 1e 72 d2 76 85 53 6d 76 cc c7 ac 08 af 7d 45 61 6b af d7 8d 36 4d 5c 52 89 26 5f 2f Data Ascii: k,w7[&S:P}9`~%u< "0unx1[M2aDOcgiHU?EkZWt$ggz`bt!QaVyJEZSuf'$,#ws@dMf9UbKd*]a9fV3V3rvSmv}Eak6M\R&_/
2024-12-03 15:18:29 UTC	1369	IN	Data Raw: 43 0e 0d ca f1 b5 86 9a 6d 5e a8 bc 39 24 19 b8 c0 0b 42 92 77 17 b1 33 c6 50 b7 d4 2a da 37 67 7e 2b 99 4c dc 85 54 c8 0e 5c 90 54 a9 be 79 f6 5e cc 61 56 5e 1e f4 16 04 35 9f f9 bf b3 3c 89 d2 51 51 54 84 f7 a6 24 75 94 43 a2 b2 cb 8f 10 1e 2a 48 df f5 61 01 b8 a0 bb 94 0f 78 94 de 32 98 89 63 f9 f4 3c d5 c9 ff d7 1b 2f f8 4b a7 37 6e 1d 5a 37 ff 73 b4 f9 f9 68 b7 fe fb 1b dd ea ed a7 cd fa db 99 7d fe b4 b8 d0 fa f4 c8 e8 05 ba b0 58 ba 04 98 ca de b4 f8 33 67 fe c7 8b 9c b4 06 ab 5f 67 42 46 e5 2a 54 56 54 1c 62 68 c3 07 99 93 c9 b5 57 cb 75 dd d7 2a 44 ee c4 f6 f0 18 aa b3 65 18 d3 85 71 96 51 86 bc b8 25 7a e0 db 40 04 7b 47 3b c7 43 63 e1 16 5a 76 ad 47 26 0f 3b 85 d5 cf b5 64 93 63 eb 2f 3c af ac c4 a5 5b 93 92 62 bd 7d 12 a3 49 6e f1 99 20 3c 34 Data Ascii: Cm^9$Bw3P7g~+LT\Ty^aV^5<QQT$uCHax2c</K7nZ7sh}X3g_gBFTVTbhWuDeqQ%z@{G;CcZvG&;dc/<[b}In <4
2024-12-03 15:18:29 UTC	1369	IN	Data Raw: 5c d4 7c 47 6a 6a fb 80 fa 2c 50 fc ed 5e e3 bd c7 c7 d6 c4 9f fd 72 0d 80 1d f3 e0 51 df 1f 0c 02 96 f6 d4 5f a3 4f 69 f4 f4 d7 fd 9e 0a 7b 41 3e c9 db fe 3d f6 ac 64 c9 7e dd ed 29 33 b1 a5 61 03 c1 dc 90 7e fc de 56 83 bb f5 9d fa f7 ee 6e 0b 30 b8 13 3d fd e5 cb 13 45 5f 3e 17 7f b8 7c fe fc 64 e1 e7 2f b2 f9 e5 b0 a2 a5 ac aa 53 ff 5a b9 58 db 87 79 bb fc 9e 84 5d b1 ac 42 bd 59 35 8d 53 06 79 e0 e4 08 6f 37 ff 6f ab 78 c5 5b ff 3f 5c 76 f3 9a 81 d2 bb 76 da fa d0 76 57 29 b3 90 ff ed f7 92 ca 60 be 42 70 72 82 cd 9f bd 52 7d 5c 20 c0 94 4c 7e 28 0a 87 fe 1b 22 f2 0a 49 26 10 43 13 3d 3d c2 12 89 84 d0 64 b8 f5 1d 40 28 9c 3b c6 f3 ee 76 31 d7 8b 45 be 3d 10 89 6d bd c0 53 d8 0b 9f 72 1f ca fd 04 ab 9f 24 8b 07 05 61 48 95 e9 a1 9e 62 24 71 5f 3f ac Data Ascii: \\|Gjj,P^rQ_Oi{A>=d~)3a~Vn0=E_>\|d/SZXy]BY5Syo7ox[?\vvvW)`BprR}\ L~("I&C==d@(;v1E=mSr$aHb$q_?
2024-12-03 15:18:29 UTC	1369	IN	Data Raw: 02 80 4c 0e 75 03 27 b3 34 0b 80 d1 b4 13 eb 81 8d 70 1b 06 29 5b 04 88 e0 20 42 dd 39 c8 00 df d6 a1 41 8f 7d 4b c7 e4 fb 38 8c 7d 49 97 c0 b3 ac 65 1b de 5c 5a d8 16 a3 78 27 a5 13 a0 6b 71 0d 74 a5 8d f8 c7 94 c0 b3 df 87 66 bf 86 b3 95 a4 bd d0 a9 c1 e8 d0 f3 ff 0f f7 30 15 00 f6 e6 ff 30 cc 8f 41 fc 5f 5f 5c 30 26 43 4b bc 8e be a0 bd 41 fb 13 fe 94 de 42 fd 98 fa 3c fe 4d da 9f b4 78 da eb b4 22 e6 05 33 96 fe 88 65 67 e0 f8 62 f8 e8 7c 0b fc 91 fc 5b 9c 34 56 8e c0 3d ae 85 fd b4 ae 43 38 54 84 bf ff c3 06 ee d8 4d 7c 2f d1 ef 82 1e 31 1f 71 7f f1 76 09 5e 09 9b 84 a3 44 a2 64 a0 64 9b 14 bf 54 9b d4 a8 d4 ba b4 96 f4 65 99 5e d9 78 39 79 b9 db f2 47 14 fa 15 37 77 ed 28 65 2a 9b 28 bf 51 69 52 1d 52 73 50 e7 51 9f b1 6c 69 3c d2 52 d5 ba b3 f7 b4 Data Ascii: Lu'4p)[ B9A}K8}Ie\Zx'kqtf00A__\0&CKAB<Mx"3egb\|[4V=C8TM\|/1qv^DddTe^x9yG7w(e*(QiRRsPQli<R
2024-12-03 15:18:29 UTC	1369	IN	Data Raw: d9 51 e9 d8 bb ed b2 be ff 79 fa ed e1 76 5d 78 b1 97 73 1f e6 8d fd 55 07 f6 e5 1c e3 9b fd 28 f1 db d5 65 26 ba b0 78 95 c2 dc 2b 97 8d 11 82 0e f7 f5 38 23 37 bb c2 e9 2e a1 e7 73 bc 65 34 37 68 c3 c2 e6 b1 46 1d 87 c7 2c 38 fd 18 d5 07 cc 34 3a 64 d8 ed 3b 5b 75 16 f3 0a be 5e 4b 34 1e b6 b8 dd e6 fe 7e 0e f6 57 13 93 98 13 c2 e4 41 3b 04 9a 74 2d a2 a0 20 dc e3 8f a5 71 c4 c0 c8 60 f9 7e 75 6c ae e4 9c 67 3a 69 cd 5e 7d 20 33 89 e5 97 6f a6 72 a0 36 0a 2c 5e bb 14 d2 87 41 3a 9e 76 62 8f 97 47 80 c7 2a e5 15 c5 48 1c 6e 7d 3e 1f b6 1e 2f b7 5a 2e 2d 80 50 ad 47 cb 09 31 51 c4 8b 50 54 0e 03 ed d9 ac 51 e0 90 3b 75 a7 00 a2 0a a0 0d 11 43 b1 c5 26 c4 4d 2d 40 cc 44 14 0c cd ac bc 88 44 c4 87 0c 6f b9 9c 80 4f 0b c4 0d 84 f1 2c a9 de f3 fd 8a bb 30 b7 Data Ascii: Qyv]xsU(e&x+8#7.se47hF,84:d;[u^K4~WA;t- q`~ulg:i^} 3or6,^A:vbG*Hn}>/Z.-PG1QPTQ;uC&M-@DDoO,0

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:29 UTC	550	OUT	GET /css/desktop.079ecccda.css HTTP/1.1 Host: v1.bundlecdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:30 UTC	412	IN	HTTP/1.1 200 OK Date: Tue, 03 Dec 2024 15:18:30 GMT Content-Type: text/css Content-Length: 66350 Connection: close last-modified: Mon, 02 Dec 2024 13:52:28 GMT etag: "674dbb9c-1032e" expires: Fri, 01 Dec 2034 15:18:30 GMT Cache-Control: public, max-age=315360000 access-control-allow-origin: * CF-Cache-Status: HIT Age: 90765 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8ec48795bf484345-EWR
2024-12-03 15:18:30 UTC	957	IN	Data Raw: 2e 74 72 61 6e 73 6c 61 74 69 6f 6e 5b 64 61 74 61 2d 76 2d 35 66 61 31 38 65 64 34 5d 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 30 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 63 61 6c 63 28 35 36 2e 32 35 25 20 2b 20 33 70 78 29 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 31 30 70 78 3b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 74 72 61 6e 73 6c 61 74 69 6f 6e 20 2e 74 72 61 6e 73 6c 61 74 69 6f 6e 2d 6e 6f 2d 61 75 74 68 5b 64 61 74 61 2d 76 2d 35 66 61 31 38 65 64 34 5d 2c 2e 74 72 61 6e 73 6c 61 74 69 6f 6e 20 2e 74 72 61 6e 73 6c 61 74 69 6f 6e 2d 69 66 72 61 6d 65 5b 64 61 74 61 2d 76 2d 35 66 61 31 38 65 64 34 5d 2c 2e 74 72 61 6e 73 6c Data Ascii: .translation[data-v-5fa18ed4]{position:relative;width:100%;height:0;padding-bottom:calc(56.25% + 3px);overflow:hidden;border-radius:10px;z-index:2}.translation .translation-no-auth[data-v-5fa18ed4],.translation .translation-iframe[data-v-5fa18ed4],.transl
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 77 65 62 6b 69 74 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 2d 6d 6f 7a 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 77 69 64 74 68 3a 35 30 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 31 3b 70 61 64 64 69 6e 67 3a 30 20 37 70 78 20 37 70 78 20 30 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 72 65 73 69 7a 65 3a 68 6f 72 69 7a 6f 6e 74 61 6c 7d 2e 74 72 61 6e 73 6c 61 74 69 6f 6e 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 74 72 61 6e 73 6c 61 74 69 6f 6e 2d 63 6f 6e 74 61 69 6e 65 72 2d 69 66 72 61 6d 65 5b 64 61 74 61 2d 76 2d 63 36 33 64 62 38 66 36 5d Data Ascii: webkit-user-select:none;-moz-user-select:none;user-select:none;position:fixed;width:500px;background-color:transparent;z-index:1001;padding:0 7px 7px 0;overflow:hidden;resize:horizontal}.translation-container .translation-container-iframe[data-v-c63db8f6]
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 74 75 72 6e 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6a 69 67 67 6c 65 31 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 65 61 73 65 2d 69 6e 7d 35 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 2e 35 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 65 61 73 65 2d 6f 75 74 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6a 69 67 67 6c 65 32 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 64 65 67 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 65 61 73 65 2d 69 6e 7d 35 30 25 7b 74 72 61 6e 73 66 Data Ascii: sform:rotate(1turn)}}@keyframes jiggle1{0%{transform:rotate(-1deg);animation-timing-function:ease-in}50%{transform:rotate(1.5deg);animation-timing-function:ease-out}}@keyframes jiggle2{0%{transform:rotate(1deg);animation-timing-function:ease-in}50%{transf
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 2d 6d 6f 7a 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 3b 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 3b 77 69 64 74 68 3a 31 30 30 25 3b 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 67 72 61 79 73 63 61 6c 65 3b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 3b 2d 77 65 62 6b 69 74 2d 74 61 70 2d 68 69 67 68 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 69 6d 67 2c 65 6d 62 65 64 2c 69 66 72 61 6d 65 2c 6f 62 6a 65 63 74 2c 61 75 64 69 6f 2c 76 69 64 65 6f 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 69 66 72 61 6d 65 2c 68 72 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 74 61 62 6c 65 7b 62 6f 72 64 65 72 2d Data Ascii: -moz-text-size-adjust:100%;text-size-adjust:100%;width:100%;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;-webkit-tap-highlight-color:transparent}img,embed,iframe,object,audio,video{max-width:100%}iframe,hr{border:none}table{border-
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 29 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 70 61 64 64 69 6e 67 3a 33 70 78 20 31 35 70 78 20 30 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 31 39 33 35 70 78 29 7b 2e 42 65 74 73 4c 61 79 6f 75 74 5f 6d 61 69 6e 5f 75 49 52 4e 74 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 7d 7d 2e 42 65 74 73 4c 61 79 6f 75 74 5f 6d 61 69 6e 5f 75 49 52 4e 74 3e 2a 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 31 32 70 78 7d 2e 42 65 74 73 4c 61 79 6f 75 74 5f 61 73 69 64 65 5f 43 78 48 75 71 7b 77 69 64 74 68 3a 32 37 30 70 78 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a Data Ascii: );display:flex;height:100%;padding:3px 15px 0}@media only screen and (max-width:1935px){.BetsLayout_main_uIRNt{padding-left:15px;padding-right:15px}}.BetsLayout_main_uIRNt>*{padding-top:12px}.BetsLayout_aside_CxHuq{width:270px;display:flex;flex-direction:
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 65 61 64 65 72 2d 62 75 74 74 6f 6e 5b 64 61 74 61 2d 76 2d 30 32 33 31 38 36 36 34 5d 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 5a 28 31 70 78 29 7d 2e 64 72 6f 70 64 6f 77 6e 5b 64 61 74 61 2d 76 2d 34 64 63 32 36 32 34 34 5d 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 64 72 6f 70 64 6f 77 6e 5b 64 69 73 61 62 6c 65 64 5d 5b 64 61 74 61 2d 76 2d 34 64 63 32 36 32 34 34 5d 2c 2e 64 72 6f 70 64 6f 77 6e 2e 64 69 73 61 62 6c 65 64 5b 64 61 74 61 2d 76 2d 34 64 63 32 36 32 34 34 5d 7b 63 75 72 73 6f 72 3a 6e 6f 74 2d 61 6c 6c 6f 77 65 64 3b 6f 70 61 63 69 74 79 3a 2e 35 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f 6e 65 7d 2e 64 72 6f 70 64 6f 77 6e 2e 6e 6f 2d 74 72 61 6e 73 70 61 72 65 6e 63 79 5b 64 61 74 61 2d Data Ascii: eader-button[data-v-02318664]{transform:translateZ(1px)}.dropdown[data-v-4dc26244]{position:relative}.dropdown[disabled][data-v-4dc26244],.dropdown.disabled[data-v-4dc26244]{cursor:not-allowed;opacity:.5;pointer-events:none}.dropdown.no-transparency[data-
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 70 78 3b 70 61 64 64 69 6e 67 3a 2e 35 72 65 6d 20 30 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 2e 31 73 7d 2e 64 72 6f 70 64 6f 77 6e 2d 63 6f 6e 74 65 6e 74 2e 74 68 65 6d 65 2d 64 65 66 61 75 6c 74 5b 64 61 74 61 2d 76 2d 34 64 63 32 36 32 34 34 5d 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 39 70 78 20 31 35 70 78 20 23 30 30 30 30 30 30 31 61 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 64 72 6f 70 64 6f 77 6e 2d 63 6f 6e 74 65 6e 74 2e 74 68 65 6d 65 2d 64 61 72 6b 5b 64 61 74 61 2d 76 2d 34 64 63 32 36 32 34 34 5d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 31 65 32 38 33 66 20 30 25 2c 23 31 34 31 62 32 65 20 31 30 30 25 29 3b 62 6f 78 Data Ascii: px;padding:.5rem 0;transition:all .1s}.dropdown-content.theme-default[data-v-4dc26244]{box-shadow:0 9px 15px #0000001a;background-color:#fff}.dropdown-content.theme-dark[data-v-4dc26244]{background-image:linear-gradient(135deg,#1e283f 0%,#141b2e 100%);box
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 39 34 61 36 63 64 31 37 7d 2e 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 2e 6e 6f 77 72 61 70 5b 64 61 74 61 2d 76 2d 37 34 64 63 31 37 62 61 5d 7b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 2e 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 2e 63 65 6e 74 65 72 65 64 5b 64 61 74 61 2d 76 2d 37 34 64 63 31 37 62 61 5d 7b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 7d 2e 48 65 61 64 65 72 55 73 65 72 41 76 61 74 61 72 5f 72 6f 6f 74 5f 65 37 35 57 4f 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 68 65 69 67 68 74 3a 32 Data Ascii: ground-color:#94a6cd17}.dropdown-item.nowrap[data-v-74dc17ba]{white-space:nowrap}.dropdown-item.centered[data-v-74dc17ba]{justify-content:center}.HeaderUserAvatar_root_e75WO{align-items:center;border-radius:50%;display:flex;justify-content:center;height:2
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 78 2c 23 30 30 30 20 30 29 3b 6d 61 73 6b 2d 69 6d 61 67 65 3a 72 61 64 69 61 6c 2d 67 72 61 64 69 65 6e 74 28 63 69 72 63 6c 65 20 61 74 20 63 61 6c 63 28 31 30 30 25 20 2d 20 33 70 78 29 20 33 70 78 2c 74 72 61 6e 73 70 61 72 65 6e 74 20 36 70 78 2c 23 30 30 30 20 30 29 7d 2e 75 73 65 72 2d 6d 65 6e 75 5f 5f 74 6f 67 67 6c 65 5b 64 61 74 61 2d 76 2d 36 34 37 35 33 65 63 34 5d 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 70 78 3b 77 69 64 74 68 3a 31 30 70 78 7d 2e 75 73 65 72 2d 6d 65 6e 75 5f 5f 69 74 65 6d 5b 64 61 74 61 2d 76 2d 36 34 37 35 33 65 63 34 5d 7b 74 65 78 74 2d 74 72 61 6e 73 66 Data Ascii: x,#000 0);mask-image:radial-gradient(circle at calc(100% - 3px) 3px,transparent 6px,#000 0)}.user-menu__toggle[data-v-64753ec4]{display:flex;align-items:center;justify-content:center;margin-left:5px;width:10px}.user-menu__item[data-v-64753ec4]{text-transf
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 31 34 30 25 29 20 72 6f 74 61 74 65 28 2d 34 35 64 65 67 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 31 34 30 25 29 20 72 6f 74 61 74 65 28 2d 34 35 64 65 67 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 48 65 61 64 65 72 55 73 65 72 4d 65 6e 75 5f 66 6c 61 72 65 2d 33 5f 41 53 63 73 55 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 2d 32 31 35 25 29 20 72 6f 74 61 74 65 28 2d 34 35 64 65 67 29 7d 32 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 32 34 30 25 29 20 72 6f 74 61 74 65 28 2d 34 35 64 65 67 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 32 34 30 25 29 20 72 6f 74 61 74 65 28 2d 34 35 64 65 67 Data Ascii: nsform:translate(140%) rotate(-45deg)}to{transform:translate(140%) rotate(-45deg)}}@keyframes HeaderUserMenu_flare-3_AScsU{0%{transform:translate(-215%) rotate(-45deg)}20%{transform:translate(240%) rotate(-45deg)}to{transform:translate(240%) rotate(-45deg

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:29 UTC	534	OUT	GET /js/desktop.815aece8e.js HTTP/1.1 Host: v1.bundlecdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:30 UTC	441	IN	HTTP/1.1 200 OK Date: Tue, 03 Dec 2024 15:18:30 GMT Content-Type: application/javascript; charset=utf-8 Content-Length: 121131 Connection: close last-modified: Tue, 03 Dec 2024 12:55:30 GMT etag: "674effc2-1d92b" expires: Fri, 01 Dec 2034 15:18:30 GMT Cache-Control: public, max-age=315360000 access-control-allow-origin: * CF-Cache-Status: HIT Age: 7845 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8ec48795c89643b9-EWR
2024-12-03 15:18:30 UTC	928	IN	Data Raw: 28 73 65 6c 66 5b 22 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 31 77 69 6e 5f 66 72 6f 6e 74 65 6e 64 5f 6d 61 69 6e 22 5d 3d 73 65 6c 66 5b 22 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 31 77 69 6e 5f 66 72 6f 6e 74 65 6e 64 5f 6d 61 69 6e 22 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 39 39 33 38 30 2c 37 32 39 38 2c 32 33 35 34 33 5d 2c 7b 39 30 38 31 37 3a 28 65 2c 74 2c 61 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 61 2e 64 28 74 2c 7b 5a 3a 28 29 3d 3e 53 7d 29 3b 76 61 72 20 6e 3d 61 28 36 36 32 35 32 29 2c 6f 3d 61 28 33 35 37 37 29 2c 69 3d 61 28 32 32 36 32 29 2c 73 3d 61 28 38 30 38 39 34 29 2c 72 3d 61 28 39 36 31 34 32 29 2c 6c 3d 61 28 35 30 34 31 38 29 2c 63 3d 61 28 35 39 31 36 36 29 2c 64 3d 61 28 31 32 30 35 35 29 2c 75 3d 61 28 33 38 34 Data Ascii: (self["webpackChunk_1win_frontend_main"]=self["webpackChunk_1win_frontend_main"]\|\|[]).push([[99380,7298,23543],{90817:(e,t,a)=>{"use strict";a.d(t,{Z:()=>S});var n=a(66252),o=a(3577),i=a(2262),s=a(80894),r=a(96142),l=a(50418),c=a(59166),d=a(12055),u=a(384
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 2e 6c 61 6e 67 3d 3d 3d 69 2e 76 61 6c 75 65 3f 74 2e 24 73 74 79 6c 65 2e 69 74 65 6d 41 63 74 69 76 65 3a 74 2e 24 73 74 79 6c 65 2e 69 74 65 6d 29 7d 2c 5b 28 30 2c 6e 2e 5f 29 28 22 62 75 74 74 6f 6e 22 2c 7b 74 79 70 65 3a 22 62 75 74 74 6f 6e 22 2c 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 74 2e 24 73 74 79 6c 65 2e 69 74 65 6d 42 75 74 74 6f 6e 29 2c 6f 6e 43 6c 69 63 6b 3a 74 3d 3e 72 28 65 2e 6c 61 6e 67 29 7d 2c 5b 28 30 2c 6e 2e 57 6d 29 28 6c 2e 5a 2c 7b 63 6f 64 65 3a 65 2e 66 6c 61 67 2c 73 69 7a 65 3a 32 30 2c 72 6f 75 6e 64 65 64 3a 22 22 7d 2c 6e 75 6c 6c 2c 38 2c 5b 22 63 6f 64 65 22 5d 29 2c 28 30 2c 6e 2e 5f 29 28 22 73 70 61 6e 22 2c 7b 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 74 2e 24 73 74 79 6c 65 2e 69 74 65 6d 49 6e 6e 65 Data Ascii: .lang===i.value?t.$style.itemActive:t.$style.item)},[(0,n._)("button",{type:"button",class:(0,o.C_)(t.$style.itemButton),onClick:t=>r(e.lang)},[(0,n.Wm)(l.Z,{code:e.flag,size:20,rounded:""},null,8,["code"]),(0,n._)("span",{class:(0,o.C_)(t.$style.itemInne
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 74 75 72 6e 28 65 2c 73 29 3d 3e 28 28 30 2c 6e 2e 77 67 29 28 29 2c 28 30 2c 6e 2e 69 44 29 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 28 30 2c 69 2e 53 55 29 28 74 29 2e 67 65 74 74 65 72 73 2e 69 73 4d 6f 62 69 6c 65 3f 65 2e 24 73 74 79 6c 65 2e 72 6f 6f 74 4d 6f 62 69 6c 65 3a 65 2e 24 73 74 79 6c 65 2e 72 6f 6f 74 29 7d 2c 5b 28 30 2c 69 2e 53 55 29 28 74 29 2e 67 65 74 74 65 72 73 2e 69 73 4d 6f 62 69 6c 65 3f 28 28 30 2c 6e 2e 77 67 29 28 29 2c 28 30 2c 6e 2e 69 44 29 28 22 64 69 76 22 2c 7b 6b 65 79 3a 30 2c 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 65 2e 24 73 74 79 6c 65 2e 74 69 74 6c 65 29 7d 2c 28 30 2c 6f 2e 7a 77 29 28 28 30 2c 69 2e 53 55 29 28 74 29 2e 67 65 74 74 65 72 73 2e 6c 61 6e 67 43 6f 6d 6d 6f 6e 2e Data Ascii: turn(e,s)=>((0,n.wg)(),(0,n.iD)("div",{class:(0,o.C_)((0,i.SU)(t).getters.isMobile?e.$style.rootMobile:e.$style.root)},[(0,i.SU)(t).getters.isMobile?((0,n.wg)(),(0,n.iD)("div",{key:0,class:(0,o.C_)(e.$style.title)},(0,o.zw)((0,i.SU)(t).getters.langCommon.
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 29 29 2c 6f 6e 4d 6f 75 73 65 6c 65 61 76 65 3a 74 5b 32 5d 7c 7c 28 74 5b 32 5d 3d 28 2e 2e 2e 65 29 3d 3e 64 2e 6f 6e 4d 6f 75 73 65 4c 65 61 76 65 26 26 64 2e 6f 6e 4d 6f 75 73 65 4c 65 61 76 65 28 2e 2e 2e 65 29 29 7d 2c 5b 28 30 2c 6e 2e 5f 29 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 3a 22 64 72 6f 70 64 6f 77 6e 2d 74 72 69 67 67 65 72 22 2c 6f 6e 43 6c 69 63 6b 3a 74 5b 30 5d 7c 7c 28 74 5b 30 5d 3d 28 2e 2e 2e 65 29 3d 3e 64 2e 74 6f 67 67 6c 65 26 26 64 2e 74 6f 67 67 6c 65 28 2e 2e 2e 65 29 29 7d 2c 5b 28 30 2c 6e 2e 57 49 29 28 65 2e 24 73 6c 6f 74 73 2c 22 74 72 69 67 67 65 72 22 2c 7b 69 73 41 63 74 69 76 65 3a 65 2e 69 73 41 63 74 69 76 65 7d 2c 76 6f 69 64 20 30 2c 21 30 29 5d 29 2c 28 30 2c 6e 2e 57 6d 29 28 69 2e 75 54 2c 7b 6e 61 6d 65 3a Data Ascii: )),onMouseleave:t[2]\|\|(t[2]=(...e)=>d.onMouseLeave&&d.onMouseLeave(...e))},[(0,n._)("div",{class:"dropdown-trigger",onClick:t[0]\|\|(t[0]=(...e)=>d.toggle&&d.toggle(...e))},[(0,n.WI)(e.$slots,"trigger",{isActive:e.isActive},void 0,!0)]),(0,n.Wm)(i.uT,{name:
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 76 61 6c 69 64 61 74 6f 72 3a 65 3d 3e 5b 22 23 66 66 66 22 2c 22 23 66 37 66 38 66 39 22 5d 2e 69 6e 63 6c 75 64 65 73 28 65 29 7d 7d 2c 65 6d 69 74 73 3a 5b 22 63 6c 6f 73 65 22 2c 22 68 65 69 67 68 74 44 72 6f 70 64 6f 77 6e 22 2c 22 6f 70 65 6e 22 5d 2c 64 61 74 61 3a 28 29 3d 3e 28 7b 69 73 41 63 74 69 76 65 3a 21 31 7d 29 2c 63 6f 6d 70 75 74 65 64 3a 7b 63 6c 61 73 73 4f 62 6a 65 63 74 28 29 7b 72 65 74 75 72 6e 7b 5b 60 61 6c 69 67 6e 2d 24 7b 74 68 69 73 2e 61 6c 69 67 6e 7d 60 5d 3a 74 68 69 73 2e 61 6c 69 67 6e 2c 64 69 73 61 62 6c 65 64 3a 74 68 69 73 2e 64 69 73 61 62 6c 65 64 2c 22 6e 6f 2d 74 72 61 6e 73 70 61 72 65 6e 63 79 22 3a 74 68 69 73 2e 6e 6f 54 72 61 6e 73 70 61 72 65 6e 63 79 2c 61 63 74 69 76 65 3a 74 68 69 73 2e 69 73 41 63 74 Data Ascii: validator:e=>["#fff","#f7f8f9"].includes(e)}},emits:["close","heightDropdown","open"],data:()=>({isActive:!1}),computed:{classObject(){return{[`align-${this.align}`]:this.align,disabled:this.disabled,"no-transparency":this.noTransparency,active:this.isAct
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 65 69 67 68 74 29 7d 7d 7d 3b 76 61 72 20 75 3d 61 28 34 38 31 31 38 29 3b 63 6f 6e 73 74 20 70 3d 28 30 2c 75 2e 5a 29 28 64 2c 5b 5b 22 72 65 6e 64 65 72 22 2c 6c 5d 2c 5b 22 5f 5f 73 63 6f 70 65 49 64 22 2c 22 64 61 74 61 2d 76 2d 34 64 63 32 36 32 34 34 22 5d 5d 29 2c 6d 3d 70 7d 2c 39 30 30 32 38 3a 28 65 2c 74 2c 61 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 61 2e 64 28 74 2c 7b 5a 3a 28 29 3d 3e 68 7d 29 3b 76 61 72 20 6e 3d 61 28 36 36 32 35 32 29 3b 66 75 6e 63 74 69 6f 6e 20 6f 28 65 2c 74 2c 61 2c 6f 2c 69 2c 73 29 7b 72 65 74 75 72 6e 28 30 2c 6e 2e 77 67 29 28 29 2c 28 30 2c 6e 2e 6a 34 29 28 28 30 2c 6e 2e 4c 4c 29 28 73 2e 72 6f 75 74 65 4f 62 6a 65 63 74 2e 69 73 29 2c 28 30 2c 6e 2e 64 47 29 28 73 2e 72 6f 75 74 65 4f 62 6a 65 63 Data Ascii: eight)}}};var u=a(48118);const p=(0,u.Z)(d,[["render",l],["__scopeId","data-v-4dc26244"]]),m=p},90028:(e,t,a)=>{"use strict";a.d(t,{Z:()=>h});var n=a(66252);function o(e,t,a,o,i,s){return(0,n.wg)(),(0,n.j4)((0,n.LL)(s.routeObject.is),(0,n.dG)(s.routeObjec
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 32 33 38 3a 28 65 2c 74 2c 61 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 61 2e 64 28 74 2c 7b 5a 3a 28 29 3d 3e 63 7d 29 3b 76 61 72 20 6e 3d 61 28 36 36 32 35 32 29 3b 66 75 6e 63 74 69 6f 6e 20 6f 28 65 2c 74 2c 61 2c 6f 2c 69 2c 73 29 7b 63 6f 6e 73 74 20 72 3d 28 30 2c 6e 2e 75 70 29 28 22 56 49 63 6f 6e 22 29 3b 72 65 74 75 72 6e 28 30 2c 6e 2e 77 67 29 28 29 2c 28 30 2c 6e 2e 69 44 29 28 22 62 75 74 74 6f 6e 22 2c 28 30 2c 6e 2e 64 47 29 28 7b 63 6c 61 73 73 3a 22 62 65 74 73 2d 6e 61 76 69 67 61 74 69 6f 6e 2d 6d 69 64 64 6c 65 2d 62 75 74 74 6f 6e 2d 73 6c 69 64 65 22 2c 74 79 70 65 3a 22 62 75 74 74 6f 6e 22 7d 2c 65 2e 24 61 74 74 72 73 29 2c 5b 28 30 2c 6e 2e 57 6d 29 28 72 2c 7b 69 63 6f 6e 3a 22 6c 65 66 74 22 3d 3d 3d 61 2e 64 69 72 Data Ascii: 238:(e,t,a)=>{"use strict";a.d(t,{Z:()=>c});var n=a(66252);function o(e,t,a,o,i,s){const r=(0,n.up)("VIcon");return(0,n.wg)(),(0,n.iD)("button",(0,n.dG)({class:"bets-navigation-middle-button-slide",type:"button"},e.$attrs),[(0,n.Wm)(r,{icon:"left"===a.dir
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 30 2c 6f 2e 43 5f 29 28 5b 61 2e 24 73 74 79 6c 65 2e 72 6f 6f 74 2c 61 2e 24 73 74 79 6c 65 5b 60 72 6f 6f 74 44 69 72 65 63 74 69 6f 6e 24 7b 28 30 2c 69 2e 53 55 29 28 74 29 2e 63 61 70 69 74 61 6c 69 7a 65 28 65 2e 64 69 72 65 63 74 69 6f 6e 29 7d 60 5d 5d 29 7d 2c 5b 28 30 2c 6e 2e 57 6d 29 28 6c 2e 5a 2c 7b 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 61 2e 24 73 74 79 6c 65 2e 64 65 63 6f 72 29 2c 69 63 6f 6e 3a 22 74 6f 6f 6c 74 69 70 2d 61 72 72 6f 77 2d 32 22 7d 2c 6e 75 6c 6c 2c 38 2c 5b 22 63 6c 61 73 73 22 5d 29 2c 28 30 2c 6e 2e 5f 29 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 61 2e 24 73 74 79 6c 65 2e 77 72 61 70 70 65 72 29 7d 2c 5b 28 30 2c 6e 2e 57 6d 29 28 75 2e 5a 2c 7b 22 70 6c 61 63 65 2d 6f 70 65 6e 69 6e Data Ascii: 0,o.C_)([a.$style.root,a.$style[`rootDirection${(0,i.SU)(t).capitalize(e.direction)}`]])},[(0,n.Wm)(l.Z,{class:(0,o.C_)(a.$style.decor),icon:"tooltip-arrow-2"},null,8,["class"]),(0,n._)("div",{class:(0,o.C_)(a.$style.wrapper)},[(0,n.Wm)(u.Z,{"place-openin
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 5b 75 2e 76 61 6c 75 65 3f 74 2e 24 73 74 79 6c 65 2e 62 75 74 74 6f 6e 41 63 74 69 76 65 3a 74 2e 24 73 74 79 6c 65 2e 62 75 74 74 6f 6e 2c 65 2e 69 73 46 6f 6f 74 65 72 54 68 65 6d 65 26 26 74 2e 24 73 74 79 6c 65 2e 62 75 74 74 6f 6e 46 6f 6f 74 65 72 54 68 65 6d 65 5d 29 2c 74 79 70 65 3a 22 62 75 74 74 6f 6e 22 2c 6f 6e 43 6c 69 63 6b 3a 67 7d 2c 5b 28 30 2c 6e 2e 5f 29 28 22 73 70 61 6e 22 2c 7b 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 74 2e 24 73 74 79 6c 65 2e 62 75 74 74 6f 6e 54 69 74 6c 65 29 7d 2c 28 30 2c 6f 2e 7a 77 29 28 70 2e 76 61 6c 75 65 2e 6c 61 62 65 6c 41 6c 70 68 61 32 29 2c 33 29 2c 65 2e 69 73 46 6f 6f 74 65 72 54 68 65 6d 65 3f 28 30 2c 6e 2e 6b 71 29 28 22 22 2c 21 30 29 3a 28 28 30 2c Data Ascii: ass:(0,o.C_)([u.value?t.$style.buttonActive:t.$style.button,e.isFooterTheme&&t.$style.buttonFooterTheme]),type:"button",onClick:g},[(0,n._)("span",{class:(0,o.C_)(t.$style.buttonTitle)},(0,o.zw)(p.value.labelAlpha2),3),e.isFooterTheme?(0,n.kq)("",!0):((0,
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 63 6b 28 2e 2e 2e 65 29 29 7d 2c 5b 28 30 2c 6e 2e 5f 29 28 22 64 69 76 22 2c 69 2c 5b 28 30 2c 6e 2e 5f 29 28 22 64 69 76 22 2c 73 2c 28 30 2c 6f 2e 7a 77 29 28 64 2e 6f 73 29 2c 31 29 2c 28 30 2c 6e 2e 5f 29 28 22 64 69 76 22 2c 72 2c 28 30 2c 6f 2e 7a 77 29 28 65 2e 24 73 74 6f 72 65 2e 67 65 74 74 65 72 73 2e 6c 61 6e 67 2e 62 75 74 74 6f 6e 2e 70 77 61 29 2c 31 29 5d 29 2c 28 30 2c 6e 2e 57 6d 29 28 75 2c 7b 63 6c 61 73 73 3a 22 70 77 61 2d 69 63 6f 6e 22 2c 69 63 6f 6e 3a 64 2e 69 63 6f 6e 7d 2c 6e 75 6c 6c 2c 38 2c 5b 22 69 63 6f 6e 22 5d 29 5d 29 5d 2c 32 29 7d 76 61 72 20 63 3d 61 28 35 39 31 36 36 29 2c 64 3d 61 28 31 35 39 38 33 29 3b 63 6f 6e 73 74 20 75 3d 7b 6e 61 6d 65 3a 22 50 77 61 42 75 74 74 6f 6e 22 2c 63 6f 6d 70 6f 6e 65 6e 74 73 3a Data Ascii: ck(...e))},[(0,n._)("div",i,[(0,n._)("div",s,(0,o.zw)(d.os),1),(0,n._)("div",r,(0,o.zw)(e.$store.getters.lang.button.pwa),1)]),(0,n.Wm)(u,{class:"pwa-icon",icon:d.icon},null,8,["icon"])])],2)}var c=a(59166),d=a(15983);const u={name:"PwaButton",components:

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:29 UTC	540	OUT	GET /js/chunk-vendors.fec70f6bd.js HTTP/1.1 Host: v1.bundlecdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:30 UTC	442	IN	HTTP/1.1 200 OK Date: Tue, 03 Dec 2024 15:18:30 GMT Content-Type: application/javascript; charset=utf-8 Content-Length: 253156 Connection: close last-modified: Sat, 30 Nov 2024 21:58:26 GMT etag: "674b8a82-3dce4" expires: Fri, 01 Dec 2034 15:18:30 GMT Cache-Control: public, max-age=315360000 access-control-allow-origin: * CF-Cache-Status: HIT Age: 19901 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8ec487961b705e7a-EWR
2024-12-03 15:18:30 UTC	927	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 73 65 6c 66 5b 22 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 31 77 69 6e 5f 66 72 6f 6e 74 65 6e 64 5f 6d 61 69 6e 22 5d 3d 73 65 6c 66 5b 22 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 31 77 69 6e 5f 66 72 6f 6e 74 65 6e 64 5f 6d 61 69 6e 22 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 39 34 39 39 38 5d 2c 7b 34 38 31 31 38 3a 28 65 2c 74 29 3d 3e 7b 74 2e 5a 3d 28 65 2c 74 29 3d 3e 7b 63 6f 6e 73 74 20 6e 3d 65 2e 5f 5f 76 63 63 4f 70 74 73 7c 7c 65 3b 66 6f 72 28 63 6f 6e 73 74 5b 72 2c 69 5d 6f 66 20 74 29 6e 5b 72 5d 3d 69 3b 72 65 74 75 72 6e 20 6e 7d 7d 2c 34 35 36 38 39 3a 28 65 2c 74 2c 6e 29 3d 3e 7b 66 75 6e 63 74 69 6f 6e 20 72 28 29 7b 72 65 74 75 72 6e 20 69 28 29 2e 5f 5f 56 55 45 5f 44 45 56 54 4f 4f 4c 53 5f Data Ascii: "use strict";(self["webpackChunk_1win_frontend_main"]=self["webpackChunk_1win_frontend_main"]\|\|[]).push([[94998],{48118:(e,t)=>{t.Z=(e,t)=>{const n=e.__vccOpts\|\|e;for(const[r,i]of t)n[r]=i;return n}},45689:(e,t,n)=>{function r(){return i().__VUE_DEVTOOLS_
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 69 6e 20 65 2e 73 65 74 74 69 6e 67 73 29 7b 63 6f 6e 73 74 20 74 3d 65 2e 73 65 74 74 69 6e 67 73 5b 73 5d 3b 6e 5b 73 5d 3d 74 2e 64 65 66 61 75 6c 74 56 61 6c 75 65 7d 63 6f 6e 73 74 20 72 3d 60 5f 5f 76 75 65 2d 64 65 76 74 6f 6f 6c 73 2d 70 6c 75 67 69 6e 2d 73 65 74 74 69 6e 67 73 5f 5f 24 7b 65 2e 69 64 7d 60 3b 6c 65 74 20 69 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 7d 2c 6e 29 3b 74 72 79 7b 63 6f 6e 73 74 20 65 3d 6c 6f 63 61 6c 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 72 29 2c 74 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 65 29 3b 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 69 2c 74 29 7d 63 61 74 63 68 28 6f 29 7b 7d 74 68 69 73 2e 66 61 6c 6c 62 61 63 6b 73 3d 7b 67 65 74 53 65 74 74 69 6e 67 73 28 29 7b 72 65 74 75 72 6e 20 69 7d 2c 73 Data Ascii: in e.settings){const t=e.settings[s];n[s]=t.defaultValue}const r=`__vue-devtools-plugin-settings__${e.id}`;let i=Object.assign({},n);try{const e=localStorage.getItem(r),t=JSON.parse(e);Object.assign(i,t)}catch(o){}this.fallbacks={getSettings(){return i},s
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 2c 42 6a 3a 28 29 3d 3e 73 2c 45 42 3a 28 29 3d 3e 75 2c 46 6c 3a 28 29 3d 3e 4d 65 2c 49 55 3a 28 29 3d 3e 41 65 2c 4a 64 3a 28 29 3d 3e 62 2c 4f 54 3a 28 29 3d 3e 77 65 2c 50 47 3a 28 29 3d 3e 6b 65 2c 53 55 3a 28 29 3d 3e 55 65 2c 54 6e 3a 28 29 3d 3e 42 65 2c 55 6d 3a 28 29 3d 3e 5f 65 2c 56 68 3a 28 29 3d 3e 47 65 2c 57 4c 3a 28 29 3d 3e 56 65 2c 58 24 3a 28 29 3d 3e 52 2c 58 33 3a 28 29 3d 3e 45 65 2c 58 49 3a 28 29 3d 3e 4e 65 2c 58 6c 3a 28 29 3d 3e 43 65 2c 59 53 3a 28 29 3d 3e 24 65 2c 5a 4d 3a 28 29 3d 3e 57 65 2c 64 71 3a 28 29 3d 3e 6a 65 2c 69 48 3a 28 29 3d 3e 46 65 2c 6a 3a 28 29 3d 3e 54 2c 6c 6b 3a 28 29 3d 3e 5f 2c 6e 5a 3a 28 29 3d 3e 6c 2c 71 6a 3a 28 29 3d 3e 62 65 2c 71 71 3a 28 29 3d 3e 68 2c 79 54 3a 28 29 3d 3e 4f 65 7d 29 3b 76 Data Ascii: ,Bj:()=>s,EB:()=>u,Fl:()=>Me,IU:()=>Ae,Jd:()=>b,OT:()=>we,PG:()=>ke,SU:()=>Ue,Tn:()=>Be,Um:()=>_e,Vh:()=>Ge,WL:()=>Ve,X$:()=>R,X3:()=>Ee,XI:()=>Ne,Xl:()=>Ce,YS:()=>$e,ZM:()=>We,dq:()=>je,iH:()=>Fe,j:()=>T,lk:()=>_,nZ:()=>l,qj:()=>be,qq:()=>h,yT:()=>Oe});v
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 6e 67 73 3d 30 2c 74 68 69 73 2e 5f 73 68 6f 75 6c 64 53 63 68 65 64 75 6c 65 3d 21 31 2c 74 68 69 73 2e 5f 64 65 70 73 4c 65 6e 67 74 68 3d 30 2c 63 28 74 68 69 73 2c 72 29 7d 67 65 74 20 64 69 72 74 79 28 29 7b 69 66 28 32 3d 3d 3d 74 68 69 73 2e 5f 64 69 72 74 79 4c 65 76 65 6c 7c 7c 33 3d 3d 3d 74 68 69 73 2e 5f 64 69 72 74 79 4c 65 76 65 6c 29 7b 74 68 69 73 2e 5f 64 69 72 74 79 4c 65 76 65 6c 3d 31 2c 62 28 29 3b 66 6f 72 28 6c 65 74 20 65 3d 30 3b 65 3c 74 68 69 73 2e 5f 64 65 70 73 4c 65 6e 67 74 68 3b 65 2b 2b 29 7b 63 6f 6e 73 74 20 74 3d 74 68 69 73 2e 64 65 70 73 5b 65 5d 3b 69 66 28 74 2e 63 6f 6d 70 75 74 65 64 26 26 28 64 28 74 2e 63 6f 6d 70 75 74 65 64 29 2c 74 68 69 73 2e 5f 64 69 72 74 79 4c 65 76 65 6c 3e 3d 34 29 29 62 72 65 61 6b 7d Data Ascii: ngs=0,this._shouldSchedule=!1,this._depsLength=0,c(this,r)}get dirty(){if(2===this._dirtyLevel\|\|3===this._dirtyLevel){this._dirtyLevel=1,b();for(let e=0;e<this._depsLength;e++){const t=this.deps[e];if(t.computed&&(d(t.computed),this._dirtyLevel>=4))break}
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 26 26 28 72 2e 5f 73 68 6f 75 6c 64 53 63 68 65 64 75 6c 65 7c 7c 28 72 2e 5f 73 68 6f 75 6c 64 53 63 68 65 64 75 6c 65 3d 30 3d 3d 3d 72 2e 5f 64 69 72 74 79 4c 65 76 65 6c 29 2c 72 2e 5f 64 69 72 74 79 4c 65 76 65 6c 3d 74 29 2c 72 2e 5f 73 68 6f 75 6c 64 53 63 68 65 64 75 6c 65 26 26 28 6e 75 6c 6c 21 3d 6e 3f 6e 3a 6e 3d 65 2e 67 65 74 28 72 29 3d 3d 3d 72 2e 5f 74 72 61 63 6b 49 64 29 26 26 28 72 2e 74 72 69 67 67 65 72 28 29 2c 72 2e 5f 72 75 6e 6e 69 6e 67 73 26 26 21 72 2e 61 6c 6c 6f 77 52 65 63 75 72 73 65 7c 7c 32 3d 3d 3d 72 2e 5f 64 69 72 74 79 4c 65 76 65 6c 7c 7c 28 72 2e 5f 73 68 6f 75 6c 64 53 63 68 65 64 75 6c 65 3d 21 31 2c 72 2e 73 63 68 65 64 75 6c 65 72 26 26 6b 2e 70 75 73 68 28 72 2e 73 63 68 65 64 75 6c 65 72 29 29 29 7d 24 28 29 Data Ascii: &&(r._shouldSchedule\|\|(r._shouldSchedule=0===r._dirtyLevel),r._dirtyLevel=t),r._shouldSchedule&&(null!=n?n:n=e.get(r)===r._trackId)&&(r.trigger(),r._runnings&&!r.allowRecurse\|\|2===r._dirtyLevel\|\|(r._shouldSchedule=!1,r.scheduler&&k.push(r.scheduler)))}$()
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 28 2e 2e 2e 65 29 7b 63 6f 6e 73 74 20 6e 3d 41 65 28 74 68 69 73 29 3b 66 6f 72 28 6c 65 74 20 74 3d 30 2c 69 3d 74 68 69 73 2e 6c 65 6e 67 74 68 3b 74 3c 69 3b 74 2b 2b 29 54 28 6e 2c 22 67 65 74 22 2c 74 2b 22 22 29 3b 63 6f 6e 73 74 20 72 3d 6e 5b 74 5d 28 2e 2e 2e 65 29 3b 72 65 74 75 72 6e 2d 31 3d 3d 3d 72 7c 7c 21 31 3d 3d 3d 72 3f 6e 5b 74 5d 28 2e 2e 2e 65 2e 6d 61 70 28 41 65 29 29 3a 72 7d 7d 29 29 2c 5b 22 70 75 73 68 22 2c 22 70 6f 70 22 2c 22 73 68 69 66 74 22 2c 22 75 6e 73 68 69 66 74 22 2c 22 73 70 6c 69 63 65 22 5d 2e 66 6f 72 45 61 63 68 28 28 74 3d 3e 7b 65 5b 74 5d 3d 66 75 6e 63 74 69 6f 6e 28 2e 2e 2e 65 29 7b 62 28 29 2c 77 28 29 3b 63 6f 6e 73 74 20 6e 3d 41 65 28 74 68 69 73 29 5b 74 5d 2e 61 70 70 6c 79 28 74 68 69 73 2c 65 29 Data Ascii: (...e){const n=Ae(this);for(let t=0,i=this.length;t<i;t++)T(n,"get",t+"");const r=n[t](...e);return-1===r\|\|!1===r?n[t](...e.map(Ae)):r}})),["push","pop","shift","unshift","splice"].forEach((t=>{e[t]=function(...e){b(),w();const n=Ae(this)[t].apply(this,e)
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 74 29 3b 72 65 74 75 72 6e 20 6f 26 26 6e 26 26 52 28 65 2c 22 64 65 6c 65 74 65 22 2c 74 2c 76 6f 69 64 20 30 2c 69 29 2c 6f 7d 68 61 73 28 65 2c 74 29 7b 63 6f 6e 73 74 20 6e 3d 52 65 66 6c 65 63 74 2e 68 61 73 28 65 2c 74 29 3b 72 65 74 75 72 6e 28 30 2c 72 2e 79 6b 29 28 74 29 26 26 50 2e 68 61 73 28 74 29 7c 7c 54 28 65 2c 22 68 61 73 22 2c 74 29 2c 6e 7d 6f 77 6e 4b 65 79 73 28 65 29 7b 72 65 74 75 72 6e 20 54 28 65 2c 22 69 74 65 72 61 74 65 22 2c 28 30 2c 72 2e 6b 4a 29 28 65 29 3f 22 6c 65 6e 67 74 68 22 3a 41 29 2c 52 65 66 6c 65 63 74 2e 6f 77 6e 4b 65 79 73 28 65 29 7d 7d 63 6c 61 73 73 20 44 20 65 78 74 65 6e 64 73 20 4e 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 65 3d 21 31 29 7b 73 75 70 65 72 28 21 30 2c 65 29 7d 73 65 74 28 65 2c 74 29 7b 72 Data Ascii: t);return o&&n&&R(e,"delete",t,void 0,i),o}has(e,t){const n=Reflect.has(e,t);return(0,r.yk)(t)&&P.has(t)\|\|T(e,"has",t),n}ownKeys(e){return T(e,"iterate",(0,r.kJ)(e)?"length":A),Reflect.ownKeys(e)}}class D extends N{constructor(e=!1){super(!0,e)}set(e,t){r
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 28 29 3b 72 65 74 75 72 6e 20 74 26 26 52 28 65 2c 22 63 6c 65 61 72 22 2c 76 6f 69 64 20 30 2c 76 6f 69 64 20 30 2c 6e 29 2c 72 7d 66 75 6e 63 74 69 6f 6e 20 65 65 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6e 2c 72 29 7b 63 6f 6e 73 74 20 69 3d 74 68 69 73 2c 6f 3d 69 5b 22 5f 5f 76 5f 72 61 77 22 5d 2c 73 3d 41 65 28 6f 29 2c 61 3d 74 3f 71 3a 65 3f 52 65 3a 54 65 3b 72 65 74 75 72 6e 21 65 26 26 54 28 73 2c 22 69 74 65 72 61 74 65 22 2c 41 29 2c 6f 2e 66 6f 72 45 61 63 68 28 28 28 65 2c 74 29 3d 3e 6e 2e 63 61 6c 6c 28 72 2c 61 28 65 29 2c 61 28 74 29 2c 69 29 29 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 74 65 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 2e 2e 2e 69 29 7b 63 6f 6e 73 74 20 6f 3d 74 68 69 73 Data Ascii: ();return t&&R(e,"clear",void 0,void 0,n),r}function ee(e,t){return function(n,r){const i=this,o=i["__v_raw"],s=Ae(o),a=t?q:e?Re:Te;return!e&&T(s,"iterate",A),o.forEach(((e,t)=>n.call(r,a(e),a(t),i)))}}function te(e,t,n){return function(...i){const o=this
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 29 29 2c 5b 65 2c 6e 2c 74 2c 72 5d 7d 63 6f 6e 73 74 5b 69 65 2c 6f 65 2c 73 65 2c 61 65 5d 3d 72 65 28 29 3b 66 75 6e 63 74 69 6f 6e 20 63 65 28 65 2c 74 29 7b 63 6f 6e 73 74 20 6e 3d 74 3f 65 3f 61 65 3a 73 65 3a 65 3f 6f 65 3a 69 65 3b 72 65 74 75 72 6e 28 74 2c 69 2c 6f 29 3d 3e 22 5f 5f 76 5f 69 73 52 65 61 63 74 69 76 65 22 3d 3d 3d 69 3f 21 65 3a 22 5f 5f 76 5f 69 73 52 65 61 64 6f 6e 6c 79 22 3d 3d 3d 69 3f 65 3a 22 5f 5f 76 5f 72 61 77 22 3d 3d 3d 69 3f 74 3a 52 65 66 6c 65 63 74 2e 67 65 74 28 28 30 2c 72 2e 52 49 29 28 6e 2c 69 29 26 26 69 20 69 6e 20 74 3f 6e 3a 74 2c 69 2c 6f 29 7d 63 6f 6e 73 74 20 6c 65 3d 7b 67 65 74 3a 63 65 28 21 31 2c 21 31 29 7d 2c 75 65 3d 7b 67 65 74 3a 63 65 28 21 31 2c 21 30 29 7d 2c 68 65 3d 7b 67 65 74 3a 63 65 Data Ascii: )),[e,n,t,r]}const[ie,oe,se,ae]=re();function ce(e,t){const n=t?e?ae:se:e?oe:ie;return(t,i,o)=>"__v_isReactive"===i?!e:"__v_isReadonly"===i?e:"__v_raw"===i?t:Reflect.get((0,r.RI)(n,i)&&i in t?n:t,i,o)}const le={get:ce(!1,!1)},ue={get:ce(!1,!0)},he={get:ce
2024-12-03 15:18:30 UTC	1369	IN	Data Raw: 67 65 74 74 65 72 3d 65 2c 74 68 69 73 2e 5f 73 65 74 74 65 72 3d 74 2c 74 68 69 73 2e 64 65 70 3d 76 6f 69 64 20 30 2c 74 68 69 73 2e 5f 5f 76 5f 69 73 52 65 66 3d 21 30 2c 74 68 69 73 5b 22 5f 5f 76 5f 69 73 52 65 61 64 6f 6e 6c 79 22 5d 3d 21 31 2c 74 68 69 73 2e 65 66 66 65 63 74 3d 6e 65 77 20 68 28 28 28 29 3d 3e 65 28 74 68 69 73 2e 5f 76 61 6c 75 65 29 29 2c 28 28 29 3d 3e 4c 65 28 74 68 69 73 2c 32 3d 3d 3d 74 68 69 73 2e 65 66 66 65 63 74 2e 5f 64 69 72 74 79 4c 65 76 65 6c 3f 32 3a 33 29 29 29 2c 74 68 69 73 2e 65 66 66 65 63 74 2e 63 6f 6d 70 75 74 65 64 3d 74 68 69 73 2c 74 68 69 73 2e 65 66 66 65 63 74 2e 61 63 74 69 76 65 3d 74 68 69 73 2e 5f 63 61 63 68 65 61 62 6c 65 3d 21 72 2c 74 68 69 73 5b 22 5f 5f 76 5f 69 73 52 65 61 64 6f 6e 6c 79 Data Ascii: getter=e,this._setter=t,this.dep=void 0,this.__v_isRef=!0,this["__v_isReadonly"]=!1,this.effect=new h((()=>e(this._value)),(()=>Le(this,2===this.effect._dirtyLevel?2:3))),this.effect.computed=this,this.effect.active=this._cacheable=!r,this["__v_isReadonly

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:30 UTC	539	OUT	GET /js/chunk-common.58138f620.js HTTP/1.1 Host: v1.bundlecdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:31 UTC	442	IN	HTTP/1.1 200 OK Date: Tue, 03 Dec 2024 15:18:30 GMT Content-Type: application/javascript; charset=utf-8 Content-Length: 417387 Connection: close last-modified: Mon, 02 Dec 2024 15:04:18 GMT etag: "674dcc72-65e6b" expires: Fri, 01 Dec 2034 15:18:30 GMT Cache-Control: public, max-age=315360000 access-control-allow-origin: * CF-Cache-Status: HIT Age: 86867 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8ec4879b8fd0c40c-EWR
2024-12-03 15:18:31 UTC	927	IN	Data Raw: 28 73 65 6c 66 5b 22 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 31 77 69 6e 5f 66 72 6f 6e 74 65 6e 64 5f 6d 61 69 6e 22 5d 3d 73 65 6c 66 5b 22 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 31 77 69 6e 5f 66 72 6f 6e 74 65 6e 64 5f 6d 61 69 6e 22 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 31 33 30 36 34 5d 2c 7b 38 31 37 31 31 3a 28 65 2c 74 2c 6e 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 72 2c 69 3b 6e 2e 64 28 74 2c 7b 41 41 3a 28 29 3d 3e 5f 2c 4b 43 3a 28 29 3d 3e 68 2c 4b 7a 3a 28 29 3d 3e 64 2c 4e 45 3a 28 29 3d 3e 69 2c 4f 4a 3a 28 29 3d 3e 67 2c 4f 77 3a 28 29 3d 3e 75 2c 51 54 3a 28 29 3d 3e 6f 2c 55 31 3a 28 29 3d 3e 6d 2c 58 52 3a 28 29 3d 3e 61 2c 59 37 3a 28 29 3d 3e 6c 2c 68 42 3a 28 29 3d 3e 79 2c 6a 4b 3a 28 29 3d 3e 45 2c 6f 57 Data Ascii: (self["webpackChunk_1win_frontend_main"]=self["webpackChunk_1win_frontend_main"]\|\|[]).push([[13064],{81711:(e,t,n)=>{"use strict";var r,i;n.d(t,{AA:()=>_,KC:()=>h,Kz:()=>d,NE:()=>i,OJ:()=>g,Ow:()=>u,QT:()=>o,U1:()=>m,XR:()=>a,Y7:()=>l,hB:()=>y,jK:()=>E,oW
2024-12-03 15:18:31 UTC	1369	IN	Data Raw: 22 5d 3d 22 51 41 52 22 2c 65 5b 22 50 4b 52 22 5d 3d 22 50 4b 52 22 2c 65 5b 22 4f 4d 52 22 5d 3d 22 4f 4d 52 22 2c 65 5b 22 4b 57 44 22 5d 3d 22 4b 57 44 22 2c 65 5b 22 4a 4f 44 22 5d 3d 22 4a 4f 44 22 2c 65 5b 22 41 45 44 22 5d 3d 22 41 45 44 22 2c 65 5b 22 43 41 44 22 5d 3d 22 43 41 44 22 2c 65 5b 22 42 59 4e 22 5d 3d 22 42 59 4e 22 2c 65 5b 22 41 4d 44 22 5d 3d 22 41 4d 44 22 2c 65 5b 22 43 55 50 22 5d 3d 22 43 55 50 22 2c 65 5b 22 43 5a 4b 22 5d 3d 22 43 5a 4b 22 2c 65 5b 22 44 5a 44 22 5d 3d 22 44 5a 44 22 2c 65 5b 22 47 45 4c 22 5d 3d 22 47 45 4c 22 2c 65 5b 22 4b 47 53 22 5d 3d 22 4b 47 53 22 2c 65 5b 22 4d 44 4c 22 5d 3d 22 4d 44 4c 22 2c 65 5b 22 4e 47 4e 22 5d 3d 22 4e 47 4e 22 2c 65 5b 22 4e 50 52 22 5d 3d 22 4e 50 52 22 2c 65 5b 22 53 45 4b Data Ascii: "]="QAR",e["PKR"]="PKR",e["OMR"]="OMR",e["KWD"]="KWD",e["JOD"]="JOD",e["AED"]="AED",e["CAD"]="CAD",e["BYN"]="BYN",e["AMD"]="AMD",e["CUP"]="CUP",e["CZK"]="CZK",e["DZD"]="DZD",e["GEL"]="GEL",e["KGS"]="KGS",e["MDL"]="MDL",e["NGN"]="NGN",e["NPR"]="NPR",e["SEK
2024-12-03 15:18:31 UTC	1369	IN	Data Raw: 2c 72 5b 69 2e 49 51 44 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 49 51 44 22 7d 2c 72 5b 69 2e 56 4e 44 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 e2 82 ab 22 7d 2c 72 5b 69 2e 54 48 42 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 e0 b8 bf 22 7d 2c 72 5b 69 2e 4c 4b 52 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 52 73 22 7d 2c 72 5b 69 2e 4b 52 57 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 e2 82 a9 22 7d 2c 72 5b 69 2e 53 47 44 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 53 24 22 7d 2c 72 5b 69 2e 51 41 52 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 51 52 22 7d 2c 72 5b 69 2e 50 4b 52 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 52 73 22 7d 2c 72 5b 69 2e 4f 4d 52 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 4f 4d 52 22 7d 2c 72 5b 69 2e 4b 57 44 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 4b 44 22 7d 2c 72 5b 69 2e 4a 4f 44 5d 3d 7b 73 79 6d 62 6f 6c 3a 22 4a Data Ascii: ,r[i.IQD]={symbol:"IQD"},r[i.VND]={symbol:""},r[i.THB]={symbol:""},r[i.LKR]={symbol:"Rs"},r[i.KRW]={symbol:""},r[i.SGD]={symbol:"S$"},r[i.QAR]={symbol:"QR"},r[i.PKR]={symbol:"Rs"},r[i.OMR]={symbol:"OMR"},r[i.KWD]={symbol:"KD"},r[i.JOD]={symbol:"J
2024-12-03 15:18:31 UTC	1369	IN	Data Raw: 49 51 44 2c 69 2e 56 4e 44 2c 69 2e 54 48 42 2c 69 2e 4c 4b 52 2c 69 2e 4b 52 57 2c 69 2e 53 47 44 2c 69 2e 51 41 52 2c 69 2e 50 4b 52 2c 69 2e 4f 4d 52 2c 69 2e 4b 57 44 2c 69 2e 4a 4f 44 2c 69 2e 41 45 44 2c 69 2e 43 41 44 2c 69 2e 42 59 4e 2c 69 2e 41 4d 44 2c 69 2e 43 55 50 2c 69 2e 43 5a 4b 2c 69 2e 44 5a 44 2c 69 2e 47 45 4c 2c 69 2e 4b 47 53 2c 69 2e 4d 44 4c 2c 69 2e 4e 47 4e 2c 69 2e 4e 50 52 2c 69 2e 53 45 4b 2c 69 2e 53 4f 53 2c 69 2e 5a 41 52 29 2c 6d 3d 69 2e 42 54 43 2c 79 3d 69 2e 45 54 48 2c 62 3d 69 2e 4c 54 43 2c 5f 3d 69 2e 55 53 44 54 2c 45 3d 69 2e 54 52 58 3b 69 2e 45 47 50 2c 69 2e 4d 4d 4b 2c 69 2e 4a 50 59 2c 69 2e 54 4f 4e 2c 69 2e 55 59 55 2c 69 2e 50 59 47 2c 69 2e 42 4f 42 2c 69 2e 47 54 51 2c 69 2e 49 4c 53 2c 69 2e 4d 41 44 Data Ascii: IQD,i.VND,i.THB,i.LKR,i.KRW,i.SGD,i.QAR,i.PKR,i.OMR,i.KWD,i.JOD,i.AED,i.CAD,i.BYN,i.AMD,i.CUP,i.CZK,i.DZD,i.GEL,i.KGS,i.MDL,i.NGN,i.NPR,i.SEK,i.SOS,i.ZAR),m=i.BTC,y=i.ETH,b=i.LTC,_=i.USDT,E=i.TRX;i.EGP,i.MMK,i.JPY,i.TON,i.UYU,i.PYG,i.BOB,i.GTQ,i.ILS,i.MAD
2024-12-03 15:18:31 UTC	1369	IN	Data Raw: 3d 30 3b 69 3c 70 2e 6c 65 6e 67 74 68 3b 69 2b 2b 29 75 3d 61 5b 2b 2b 72 5d 2c 73 3d 70 5b 69 5d 2c 74 79 70 65 6f 66 20 73 3d 3d 3d 64 26 26 73 2e 6c 65 6e 67 74 68 3e 30 3f 32 3d 3d 3d 73 2e 6c 65 6e 67 74 68 3f 74 79 70 65 6f 66 20 73 5b 31 5d 3d 3d 63 3f 74 68 69 73 5b 73 5b 30 5d 5d 3d 73 5b 31 5d 2e 63 61 6c 6c 28 74 68 69 73 2c 75 29 3a 74 68 69 73 5b 73 5b 30 5d 5d 3d 73 5b 31 5d 3a 33 3d 3d 3d 73 2e 6c 65 6e 67 74 68 3f 74 79 70 65 6f 66 20 73 5b 31 5d 21 3d 3d 63 7c 7c 73 5b 31 5d 2e 65 78 65 63 26 26 73 5b 31 5d 2e 74 65 73 74 3f 74 68 69 73 5b 73 5b 30 5d 5d 3d 75 3f 75 2e 72 65 70 6c 61 63 65 28 73 5b 31 5d 2c 73 5b 32 5d 29 3a 6f 3a 74 68 69 73 5b 73 5b 30 5d 5d 3d 75 3f 73 5b 31 5d 2e 63 61 6c 6c 28 74 68 69 73 2c 75 2c 73 5b 32 5d 29 3a Data Ascii: =0;i<p.length;i++)u=a[++r],s=p[i],typeof s===d&&s.length>0?2===s.length?typeof s[1]==c?this[s[0]]=s[1].call(this,u):this[s[0]]=s[1]:3===s.length?typeof s[1]!==c\|\|s[1].exec&&s[1].test?this[s[0]]=u?u.replace(s[1],s[2]):o:this[s[0]]=u?s[1].call(this,u,s[2]):
2024-12-03 15:18:31 UTC	1369	IN	Data Raw: 6f 6e 7c 76 69 76 61 6c 64 69 7c 69 72 69 64 69 75 6d 7c 70 68 61 6e 74 6f 6d 6a 73 7c 62 6f 77 73 65 72 7c 71 75 61 72 6b 7c 71 75 70 7a 69 6c 6c 61 7c 66 61 6c 6b 6f 6e 7c 72 65 6b 6f 6e 71 7c 70 75 66 66 69 6e 7c 62 72 61 76 65 7c 77 68 61 6c 65 7c 71 71 62 72 6f 77 73 65 72 6c 69 74 65 7c 71 71 7c 64 75 63 6b 64 75 63 6b 67 6f 29 5c 2f 28 5b 2d 5c 77 5c 2e 5d 2b 29 2f 69 2c 2f 28 77 65 69 62 6f 29 5f 5f 28 5b 5c 64 5c 2e 5d 2b 29 2f 69 5d 2c 5b 76 2c 79 5d 2c 5b 2f 28 3f 3a 5c 62 75 63 3f 20 3f 62 72 6f 77 73 65 72 7c 28 3f 3a 6a 75 63 2e 2b 29 75 63 77 65 62 29 5b 5c 2f 20 5d 3f 28 5b 5c 77 5c 2e 5d 2b 29 2f 69 5d 2c 5b 79 2c 5b 76 2c 22 55 43 22 2b 50 5d 5d 2c 5b 2f 6d 69 63 72 6f 6d 2e 2b 5c 62 71 62 63 6f 72 65 5c 2f 28 5b 5c 77 5c 2e 5d 2b 29 2f Data Ascii: on\|vivaldi\|iridium\|phantomjs\|bowser\|quark\|qupzilla\|falkon\|rekonq\|puffin\|brave\|whale\|qqbrowserlite\|qq\|duckduckgo)\/([-\w\.]+)/i,/(weibo)__([\d\.]+)/i],[v,y],[/(?:\buc? ?browser\|(?:juc.+)ucweb)[\/ ]?([\w\.]+)/i],[y,[v,"UC"+P]],[/microm.+\bqbcore\/([\w\.]+)/
2024-12-03 15:18:31 UTC	1369	IN	Data Raw: 5c 2f 28 5b 5c 77 5c 2e 5d 2b 29 5c 2f 69 61 62 2f 69 2c 2f 28 63 68 72 6f 6d 69 75 6d 7c 69 6e 73 74 61 67 72 61 6d 29 5b 5c 2f 20 5d 28 5b 2d 5c 77 5c 2e 5d 2b 29 2f 69 5d 2c 5b 76 2c 79 5d 2c 5b 2f 5c 62 67 73 61 5c 2f 28 5b 5c 77 5c 2e 5d 2b 29 20 2e 2a 73 61 66 61 72 69 5c 2f 2f 69 5d 2c 5b 79 2c 5b 76 2c 22 47 53 41 22 5d 5d 2c 5b 2f 68 65 61 64 6c 65 73 73 63 68 72 6f 6d 65 28 3f 3a 5c 2f 28 5b 5c 77 5c 2e 5d 2b 29 7c 20 29 2f 69 5d 2c 5b 79 2c 5b 76 2c 52 2b 22 20 48 65 61 64 6c 65 73 73 22 5d 5d 2c 5b 2f 20 77 76 5c 29 2e 2b 28 63 68 72 6f 6d 65 29 5c 2f 28 5b 5c 77 5c 2e 5d 2b 29 2f 69 5d 2c 5b 5b 76 2c 52 2b 22 20 57 65 62 56 69 65 77 22 5d 2c 79 5d 2c 5b 2f 64 72 6f 69 64 2e 2b 20 76 65 72 73 69 6f 6e 5c 2f 28 5b 5c 77 5c 2e 5d 2b 29 5c 62 2e Data Ascii: \/([\w\.]+)\/iab/i,/(chromium\|instagram)[\/ ]([-\w\.]+)/i],[v,y],[/\bgsa\/([\w\.]+) .*safari\//i],[y,[v,"GSA"]],[/headlesschrome(?:\/([\w\.]+)\| )/i],[y,[v,R+" Headless"]],[/ wv\).+(chrome)\/([\w\.]+)/i],[[v,R+" WebView"],y],[/droid.+ version\/([\w\.]+)\b.
2024-12-03 15:18:31 UTC	1369	IN	Data Raw: 5d 2c 5b 2f 5c 62 28 61 61 72 63 68 36 34 7c 61 72 6d 28 76 3f 38 65 3f 6c 3f 7c 5f 3f 36 34 29 29 5c 62 2f 69 5d 2c 5b 5b 62 2c 22 61 72 6d 36 34 22 5d 5d 2c 5b 2f 5c 62 28 61 72 6d 28 3f 3a 76 5b 36 37 5d 29 3f 68 74 3f 6e 3f 5b 66 6c 5d 70 3f 29 5c 62 2f 69 5d 2c 5b 5b 62 2c 22 61 72 6d 68 66 22 5d 5d 2c 5b 2f 77 69 6e 64 6f 77 73 20 28 63 65 7c 6d 6f 62 69 6c 65 29 3b 20 70 70 63 3b 2f 69 5d 2c 5b 5b 62 2c 22 61 72 6d 22 5d 5d 2c 5b 2f 28 28 3f 3a 70 70 63 7c 70 6f 77 65 72 70 63 29 28 3f 3a 36 34 29 3f 29 28 3f 3a 20 6d 61 63 7c 3b 7c 5c 29 29 2f 69 5d 2c 5b 5b 62 2c 2f 6f 77 65 72 2f 2c 61 2c 4a 5d 5d 2c 5b 2f 28 73 75 6e 34 5c 77 29 5b 3b 5c 29 5d 2f 69 5d 2c 5b 5b 62 2c 22 73 70 61 72 63 22 5d 5d 2c 5b 2f 28 28 3f 3a 61 76 72 33 32 7c 69 61 36 34 Data Ascii: ],[/\b(aarch64\|arm(v?8e?l?\|_?64))\b/i],[[b,"arm64"]],[/\b(arm(?:v[67])?ht?n?[fl]p?)\b/i],[[b,"armhf"]],[/windows (ce\|mobile); ppc;/i],[[b,"arm"]],[/((?:ppc\|powerpc)(?:64)?)(?: mac\|;\|\))/i],[[b,/ower/,a,J]],[/(sun4\w)[;\)]/i],[[b,"sparc"]],[/((?:avr32\|ia64
2024-12-03 15:18:31 UTC	1369	IN	Data Raw: 5d 2c 5b 5b 66 2c 2f 5f 2f 67 2c 22 20 22 5d 2c 5b 6d 2c 48 5d 2c 5b 67 2c 77 5d 5d 2c 5b 2f 3b 20 28 5c 77 2b 29 20 62 75 69 2e 2b 20 6f 70 70 6f 2f 69 2c 2f 5c 62 28 63 70 68 5b 31 32 5d 5c 64 7b 33 7d 7c 70 28 3f 3a 61 66 7c 63 5b 61 6c 5d 7c 64 5c 77 7c 65 5b 61 72 5d 29 5b 6d 74 5d 5c 64 30 7c 78 39 30 30 37 7c 61 31 30 31 6f 70 29 5c 62 2f 69 5d 2c 5b 66 2c 5b 6d 2c 22 4f 50 50 4f 22 5d 2c 5b 67 2c 45 5d 5d 2c 5b 2f 76 69 76 6f 20 28 5c 77 2b 29 28 3f 3a 20 62 75 69 7c 5c 29 29 2f 69 2c 2f 5c 62 28 76 5b 31 32 5d 5c 64 7b 33 7d 5c 77 3f 5b 61 74 5d 29 28 3f 3a 20 62 75 69 7c 3b 29 2f 69 5d 2c 5b 66 2c 5b 6d 2c 22 56 69 76 6f 22 5d 2c 5b 67 2c 45 5d 5d 2c 5b 2f 5c 62 28 72 6d 78 5b 31 32 5d 5c 64 7b 33 7d 29 28 3f 3a 20 62 75 69 7c 3b 7c 5c 29 29 2f Data Ascii: ],[[f,/_/g," "],[m,H],[g,w]],[/; (\w+) bui.+ oppo/i,/\b(cph[12]\d{3}\|p(?:af\|c[al]\|d\w\|e[ar])[mt]\d0\|x9007\|a101op)\b/i],[f,[m,"OPPO"],[g,E]],[/vivo (\w+)(?: bui\|\))/i,/\b(v[12]\d{3}\w?[at])(?: bui\|;)/i],[f,[m,"Vivo"],[g,E]],[/\b(rmx[12]\d{3})(?: bui\|;\|\))/
2024-12-03 15:18:31 UTC	1369	IN	Data Raw: 6c 65 78 61 29 77 65 62 6d 2f 69 2c 2f 28 6b 66 5b 61 2d 7a 5d 7b 32 7d 77 69 29 28 20 62 75 69 7c 5c 29 29 2f 69 2c 2f 28 6b 66 5b 61 2d 7a 5d 2b 29 28 20 62 75 69 7c 5c 29 29 2e 2b 73 69 6c 6b 5c 2f 2f 69 5d 2c 5b 66 2c 5b 6d 2c 41 5d 2c 5b 67 2c 77 5d 5d 2c 5b 2f 28 28 3f 3a 73 64 7c 6b 66 29 5b 30 33 34 39 68 69 6a 6f 72 73 74 75 77 5d 2b 29 28 20 62 75 69 7c 5c 29 29 2e 2b 73 69 6c 6b 5c 2f 2f 69 5d 2c 5b 5b 66 2c 2f 28 2e 2b 29 2f 67 2c 22 46 69 72 65 20 50 68 6f 6e 65 20 24 31 22 5d 2c 5b 6d 2c 41 5d 2c 5b 67 2c 45 5d 5d 2c 5b 2f 28 70 6c 61 79 62 6f 6f 6b 29 3b 5b 2d 5c 77 5c 29 2c 3b 20 5d 2b 28 72 69 6d 29 2f 69 5d 2c 5b 66 2c 6d 2c 5b 67 2c 77 5d 5d 2c 5b 2f 5c 62 28 28 3f 3a 62 62 5b 61 2d 66 5d 7c 73 74 5b 68 76 5d 29 31 30 30 2d 5c 64 29 2f Data Ascii: lexa)webm/i,/(kf[a-z]{2}wi)( bui\|\))/i,/(kf[a-z]+)( bui\|\)).+silk\//i],[f,[m,A],[g,w]],[/((?:sd\|kf)[0349hijorstuw]+)( bui\|\)).+silk\//i],[[f,/(.+)/g,"Fire Phone $1"],[m,A],[g,E]],[/(playbook);[-\w\),; ]+(rim)/i],[f,m,[g,w]],[/\b((?:bb[a-f]\|st[hv])100-\d)/

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://1wbapm.life

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Windows Analysis Report
https://1wbapm.life

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:32 UTC	532	OUT	GET /js/index.7040fa29d.js HTTP/1.1 Host: v1.bundlecdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:32 UTC	441	IN	HTTP/1.1 200 OK Date: Tue, 03 Dec 2024 15:18:32 GMT Content-Type: application/javascript; charset=utf-8 Content-Length: 401946 Connection: close last-modified: Tue, 03 Dec 2024 14:49:59 GMT etag: "674f1a97-6221a" expires: Fri, 01 Dec 2034 15:18:32 GMT Cache-Control: public, max-age=315360000 access-control-allow-origin: * CF-Cache-Status: HIT Age: 1256 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8ec487a44ed77ce4-EWR
2024-12-03 15:18:32 UTC	928	IN	Data Raw: 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 5f 5f 77 65 62 70 61 63 6b 5f 6d 6f 64 75 6c 65 73 5f 5f 3d 7b 33 34 34 30 35 3a 28 65 2c 74 2c 72 29 3d 3e 7b 72 2e 64 28 74 2c 7b 24 36 3a 28 29 3d 3e 44 74 2c 41 3a 28 29 3d 3e 6a 72 2c 43 54 3a 28 29 3d 3e 6b 74 2c 43 7a 3a 28 29 3d 3e 53 61 2c 48 44 3a 28 29 3d 3e 76 61 2c 49 4d 3a 28 29 3d 3e 62 61 2c 4b 6e 3a 28 29 3d 3e 71 72 2c 4e 74 3a 28 29 3d 3e 4f 61 2c 52 78 3a 28 29 3d 3e 52 72 2c 52 79 3a 28 29 3d 3e 57 72 2c 57 69 3a 28 29 3d 3e 46 74 2c 57 6c 3a 28 29 3d 3e 4e 74 2c 58 67 3a 28 29 3d 3e 56 74 2c 59 4f 3a 28 29 3d 3e 78 61 2c 59 6a 3a 28 29 3d 3e 42 74 2c 5a 5f 3a 28 29 3d 3e 24 61 2c 5f 4c 3a 28 29 3d 3e 4d 72 2c 62 63 3a 28 29 3d 3e 43 61 2c 64 37 3a 28 29 3d 3e 44 72 Data Ascii: (()=>{"use strict";var __webpack_modules__={34405:(e,t,r)=>{r.d(t,{$6:()=>Dt,A:()=>jr,CT:()=>kt,Cz:()=>Sa,HD:()=>va,IM:()=>ba,Kn:()=>qr,Nt:()=>Oa,Rx:()=>Rr,Ry:()=>Wr,Wi:()=>Ft,Wl:()=>Nt,Xg:()=>Vt,YO:()=>xa,Yj:()=>Bt,Z_:()=>$a,_L:()=>Mr,bc:()=>Ca,d7:()=>Dr
2024-12-03 15:18:32 UTC	1369	IN	Data Raw: 79 49 73 45 6e 75 6d 65 72 61 62 6c 65 2c 6c 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 2c 75 3d 6c 26 26 21 63 2e 63 61 6c 6c 28 7b 31 3a 32 7d 2c 31 29 2c 66 3d 75 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 6c 28 74 68 69 73 2c 65 29 3b 72 65 74 75 72 6e 21 21 74 26 26 74 2e 65 6e 75 6d 65 72 61 62 6c 65 7d 3a 63 2c 70 3d 7b 66 7d 2c 6d 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 28 31 26 65 29 2c 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 28 32 26 65 29 2c 77 72 69 74 61 62 6c 65 3a 21 28 34 26 65 29 2c 76 61 6c 75 65 3a 74 7d 7d 2c 62 3d 7b 7d 2e 74 6f 53 74 72 69 6e 67 2c 76 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 Data Ascii: yIsEnumerable,l=Object.getOwnPropertyDescriptor,u=l&&!c.call({1:2},1),f=u?function(e){var t=l(this,e);return!!t&&t.enumerable}:c,p={f},m=function(e,t){return{enumerable:!(1&e),configurable:!(2&e),writable:!(4&e),value:t}},b={}.toString,v=function(e){retur
2024-12-03 15:18:32 UTC	1369	IN	Data Raw: 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 2c 6b 3d 73 3f 52 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 69 66 28 54 28 65 29 2c 74 3d 4f 28 74 2c 21 30 29 2c 54 28 72 29 2c 41 29 74 72 79 7b 72 65 74 75 72 6e 20 52 28 65 2c 74 2c 72 29 7d 63 61 74 63 68 28 61 29 7b 7d 69 66 28 22 67 65 74 22 69 6e 20 72 7c 7c 22 73 65 74 22 69 6e 20 72 29 74 68 72 6f 77 20 54 79 70 65 45 72 72 6f 72 28 22 41 63 63 65 73 73 6f 72 73 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 22 29 3b 72 65 74 75 72 6e 22 76 61 6c 75 65 22 69 6e 20 72 26 26 28 65 5b 74 5d 3d 72 2e 76 61 6c 75 65 29 2c 65 7d 2c 4d 3d 7b 66 3a 6b 7d 2c 4c 3d 73 3f 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 72 65 74 75 72 6e 20 4d 2e 66 28 65 2c 74 2c 6d 28 31 2c 72 29 29 7d 3a Data Ascii: Object.defineProperty,k=s?R:function(e,t,r){if(T(e),t=O(t,!0),T(r),A)try{return R(e,t,r)}catch(a){}if("get"in r\|\|"set"in r)throw TypeError("Accessors not supported");return"value"in r&&(e[t]=r.value),e},M={f:k},L=s?function(e,t,r){return M.f(e,t,m(1,r))}:
2024-12-03 15:18:32 UTC	1369	IN	Data Raw: 74 2e 66 61 63 61 64 65 3d 65 2c 4c 28 65 2c 73 65 2c 74 29 2c 74 7d 2c 56 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 78 28 65 2c 73 65 29 3f 65 5b 73 65 5d 3a 7b 7d 7d 2c 4b 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 78 28 65 2c 73 65 29 7d 7d 76 61 72 20 63 65 3d 7b 73 65 74 3a 47 2c 67 65 74 3a 56 2c 68 61 73 3a 4b 2c 65 6e 66 6f 72 63 65 3a 72 65 2c 67 65 74 74 65 72 46 6f 72 3a 61 65 7d 2c 6c 65 3d 6e 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 63 65 2e 67 65 74 2c 72 3d 63 65 2e 65 6e 66 6f 72 63 65 2c 61 3d 53 74 72 69 6e 67 28 53 74 72 69 6e 67 29 2e 73 70 6c 69 74 28 22 53 74 72 69 6e 67 22 29 3b 28 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 6f 29 7b 76 61 72 20 64 Data Ascii: t.facade=e,L(e,se,t),t},V=function(e){return x(e,se)?e[se]:{}},K=function(e){return x(e,se)}}var ce={set:G,get:V,has:K,enforce:re,getterFor:ae},le=n((function(e){var t=ce.get,r=ce.enforce,a=String(String).split("String");(e.exports=function(e,t,n,o){var d
2024-12-03 15:18:32 UTC	1369	IN	Data Raw: 78 65 28 6f 2c 72 29 7c 7c 6f 2e 70 75 73 68 28 72 29 29 3b 72 65 74 75 72 6e 20 6f 7d 2c 53 65 3d 5b 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 2c 22 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 22 2c 22 69 73 50 72 6f 74 6f 74 79 70 65 4f 66 22 2c 22 70 72 6f 70 65 72 74 79 49 73 45 6e 75 6d 65 72 61 62 6c 65 22 2c 22 74 6f 4c 6f 63 61 6c 65 53 74 72 69 6e 67 22 2c 22 74 6f 53 74 72 69 6e 67 22 2c 22 76 61 6c 75 65 4f 66 22 5d 2c 45 65 3d 53 65 2e 63 6f 6e 63 61 74 28 22 6c 65 6e 67 74 68 22 2c 22 70 72 6f 74 6f 74 79 70 65 22 29 2c 41 65 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 4e 61 6d 65 73 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 50 65 28 65 2c 45 65 29 7d 2c 49 65 3d 7b 66 3a 41 65 7d 2c 43 65 3d 4f 62 6a 65 Data Ascii: xe(o,r)\|\|o.push(r));return o},Se=["constructor","hasOwnProperty","isPrototypeOf","propertyIsEnumerable","toLocaleString","toString","valueOf"],Ee=Se.concat("length","prototype"),Ae=Object.getOwnPropertyNames\|\|function(e){return Pe(e,Ee)},Ie={f:Ae},Ce=Obje
2024-12-03 15:18:32 UTC	1369	IN	Data Raw: 2c 6e 29 7b 72 65 74 75 72 6e 20 65 2e 63 61 6c 6c 28 74 2c 72 2c 61 2c 6e 29 7d 7d 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 61 70 70 6c 79 28 74 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 2c 48 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 28 67 28 65 29 29 7d 2c 71 65 3d 41 72 72 61 79 2e 69 73 41 72 72 61 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 41 72 72 61 79 22 3d 3d 76 28 65 29 7d 2c 57 65 3d 21 21 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 26 26 21 64 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 21 53 74 72 69 6e 67 28 53 79 6d 62 6f 6c 28 29 29 7d 29 29 2c 5a 65 3d 57 65 26 26 21 53 79 6d 62 6f 6c 2e Data Ascii: ,n){return e.call(t,r,a,n)}}return function(){return e.apply(t,arguments)}},He=function(e){return Object(g(e))},qe=Array.isArray\|\|function(e){return"Array"==v(e)},We=!!Object.getOwnPropertySymbols&&!d((function(){return!String(Symbol())})),Ze=We&&!Symbol.
2024-12-03 15:18:32 UTC	1369	IN	Data Raw: 3d 7b 7d 29 3b 76 61 72 20 72 3d 5b 5d 5b 65 5d 2c 61 3d 21 21 78 28 74 2c 22 41 43 43 45 53 53 4f 52 53 22 29 26 26 74 2e 41 43 43 45 53 53 4f 52 53 2c 6e 3d 78 28 74 2c 30 29 3f 74 5b 30 5d 3a 64 74 2c 6f 3d 78 28 74 2c 31 29 3f 74 5b 31 5d 3a 76 6f 69 64 20 30 3b 72 65 74 75 72 6e 20 69 74 5b 65 5d 3d 21 21 72 26 26 21 64 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 61 26 26 21 73 29 72 65 74 75 72 6e 21 30 3b 76 61 72 20 65 3d 7b 6c 65 6e 67 74 68 3a 2d 31 7d 3b 61 3f 6f 74 28 65 2c 31 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 64 74 7d 29 3a 65 5b 31 5d 3d 31 2c 72 2e 63 61 6c 6c 28 65 2c 6e 2c 6f 29 7d 29 29 7d 2c 63 74 3d 61 74 2e 65 76 65 72 79 2c 6c 74 3d 6e 74 28 22 65 76 65 72 79 22 29 2c 75 74 3d 73 74 28 22 65 76 65 72 79 Data Ascii: ={});var r=[][e],a=!!x(t,"ACCESSORS")&&t.ACCESSORS,n=x(t,0)?t[0]:dt,o=x(t,1)?t[1]:void 0;return it[e]=!!r&&!d((function(){if(a&&!s)return!0;var e={length:-1};a?ot(e,1,{enumerable:!0,get:dt}):e[1]=1,r.call(e,n,o)}))},ct=at.every,lt=nt("every"),ut=st("every
2024-12-03 15:18:32 UTC	1369	IN	Data Raw: 69 6f 6c 61 74 69 6f 6e 22 29 7d 66 75 6e 63 74 69 6f 6e 20 4e 74 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 54 74 28 65 29 7b 72 65 74 75 72 6e 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 5d 22 3d 3d 3d 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 52 74 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 4e 74 28 65 29 7c 7c 43 74 28 21 31 29 2c 54 74 28 74 29 26 26 74 2e 65 76 65 72 79 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 6b 74 28 65 29 7b 72 65 74 75 72 6e 20 49 74 28 52 74 2c 65 29 7d 47 65 28 7b 74 61 72 67 65 74 3a 22 41 72 72 61 79 22 2c 70 72 6f 74 6f 3a 21 30 2c 66 6f 72 63 65 64 3a 41 74 7d 2c 7b 63 6f 6e 63 61 74 3a 66 75 6e 63 74 69 6f 6e 28 65 Data Ascii: iolation")}function Nt(e){return"function"===typeof e}function Tt(e){return"[object Array]"===toString.call(e)}function Rt(e,t){return Nt(e)\|\|Ct(!1),Tt(t)&&t.every(e)}function kt(e){return It(Rt,e)}Ge({target:"Array",proto:!0,forced:At},{concat:function(e
2024-12-03 15:18:32 UTC	1369	IN	Data Raw: 74 28 61 29 2c 74 3f 65 2e 63 61 6c 6c 28 72 2c 61 29 3a 72 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 61 2c 72 7d 7d 28 29 3a 76 6f 69 64 20 30 29 2c 57 74 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 76 61 72 20 61 2c 6e 3b 72 65 74 75 72 6e 20 71 74 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 61 3d 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 29 26 26 61 21 3d 3d 72 26 26 5f 28 6e 3d 61 2e 70 72 6f 74 6f 74 79 70 65 29 26 26 6e 21 3d 3d 72 2e 70 72 6f 74 6f 74 79 70 65 26 26 71 74 28 65 2c 6e 29 2c 65 7d 2c 5a 74 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 50 65 28 65 2c 53 65 29 7d 2c 7a 74 3d 73 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 3a 66 75 6e 63 74 69 Data Ascii: t(a),t?e.call(r,a):r.__proto__=a,r}}():void 0),Wt=function(e,t,r){var a,n;return qt&&"function"==typeof(a=t.constructor)&&a!==r&&_(n=a.prototype)&&n!==r.prototype&&qt(e,n),e},Zt=Object.keys\|\|function(e){return Pe(e,Se)},zt=s?Object.defineProperties:functi
2024-12-03 15:18:32 UTC	1369	IN	Data Raw: 29 7d 2c 6d 72 3d 49 65 2e 66 2c 62 72 3d 4e 2e 66 2c 76 72 3d 4d 2e 66 2c 24 72 3d 70 72 2e 74 72 69 6d 2c 68 72 3d 22 4e 75 6d 62 65 72 22 2c 67 72 3d 69 5b 68 72 5d 2c 79 72 3d 67 72 2e 70 72 6f 74 6f 74 79 70 65 2c 5f 72 3d 76 28 64 72 28 79 72 29 29 3d 3d 68 72 2c 4f 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 72 2c 61 2c 6e 2c 6f 2c 69 2c 64 2c 73 2c 63 3d 4f 28 65 2c 21 31 29 3b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 63 26 26 63 2e 6c 65 6e 67 74 68 3e 32 29 69 66 28 63 3d 24 72 28 63 29 2c 74 3d 63 2e 63 68 61 72 43 6f 64 65 41 74 28 30 29 2c 34 33 3d 3d 3d 74 7c 7c 34 35 3d 3d 3d 74 29 7b 69 66 28 72 3d 63 2e 63 68 61 72 43 6f 64 65 41 74 28 32 29 2c 38 38 3d 3d 3d 72 7c 7c 31 32 30 3d 3d 3d 72 29 72 65 74 75 Data Ascii: )},mr=Ie.f,br=N.f,vr=M.f,$r=pr.trim,hr="Number",gr=i[hr],yr=gr.prototype,_r=v(dr(yr))==hr,Or=function(e){var t,r,a,n,o,i,d,s,c=O(e,!1);if("string"==typeof c&&c.length>2)if(c=$r(c),t=c.charCodeAt(0),43===t\|\|45===t){if(r=c.charCodeAt(2),88===r\|\|120===r)retu

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:32 UTC	363	OUT	GET /js/desktop.815aece8e.js HTTP/1.1 Host: v1.bundlecdn.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:33 UTC	441	IN	HTTP/1.1 200 OK Date: Tue, 03 Dec 2024 15:18:33 GMT Content-Type: application/javascript; charset=utf-8 Content-Length: 121131 Connection: close last-modified: Tue, 03 Dec 2024 12:55:30 GMT etag: "674effc2-1d92b" expires: Fri, 01 Dec 2034 15:18:33 GMT Cache-Control: public, max-age=315360000 access-control-allow-origin: * CF-Cache-Status: HIT Age: 7848 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8ec487a948948c17-EWR
2024-12-03 15:18:33 UTC	928	IN	Data Raw: 28 73 65 6c 66 5b 22 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 31 77 69 6e 5f 66 72 6f 6e 74 65 6e 64 5f 6d 61 69 6e 22 5d 3d 73 65 6c 66 5b 22 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 31 77 69 6e 5f 66 72 6f 6e 74 65 6e 64 5f 6d 61 69 6e 22 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 39 39 33 38 30 2c 37 32 39 38 2c 32 33 35 34 33 5d 2c 7b 39 30 38 31 37 3a 28 65 2c 74 2c 61 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 61 2e 64 28 74 2c 7b 5a 3a 28 29 3d 3e 53 7d 29 3b 76 61 72 20 6e 3d 61 28 36 36 32 35 32 29 2c 6f 3d 61 28 33 35 37 37 29 2c 69 3d 61 28 32 32 36 32 29 2c 73 3d 61 28 38 30 38 39 34 29 2c 72 3d 61 28 39 36 31 34 32 29 2c 6c 3d 61 28 35 30 34 31 38 29 2c 63 3d 61 28 35 39 31 36 36 29 2c 64 3d 61 28 31 32 30 35 35 29 2c 75 3d 61 28 33 38 34 Data Ascii: (self["webpackChunk_1win_frontend_main"]=self["webpackChunk_1win_frontend_main"]\|\|[]).push([[99380,7298,23543],{90817:(e,t,a)=>{"use strict";a.d(t,{Z:()=>S});var n=a(66252),o=a(3577),i=a(2262),s=a(80894),r=a(96142),l=a(50418),c=a(59166),d=a(12055),u=a(384
2024-12-03 15:18:33 UTC	1369	IN	Data Raw: 2e 6c 61 6e 67 3d 3d 3d 69 2e 76 61 6c 75 65 3f 74 2e 24 73 74 79 6c 65 2e 69 74 65 6d 41 63 74 69 76 65 3a 74 2e 24 73 74 79 6c 65 2e 69 74 65 6d 29 7d 2c 5b 28 30 2c 6e 2e 5f 29 28 22 62 75 74 74 6f 6e 22 2c 7b 74 79 70 65 3a 22 62 75 74 74 6f 6e 22 2c 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 74 2e 24 73 74 79 6c 65 2e 69 74 65 6d 42 75 74 74 6f 6e 29 2c 6f 6e 43 6c 69 63 6b 3a 74 3d 3e 72 28 65 2e 6c 61 6e 67 29 7d 2c 5b 28 30 2c 6e 2e 57 6d 29 28 6c 2e 5a 2c 7b 63 6f 64 65 3a 65 2e 66 6c 61 67 2c 73 69 7a 65 3a 32 30 2c 72 6f 75 6e 64 65 64 3a 22 22 7d 2c 6e 75 6c 6c 2c 38 2c 5b 22 63 6f 64 65 22 5d 29 2c 28 30 2c 6e 2e 5f 29 28 22 73 70 61 6e 22 2c 7b 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 74 2e 24 73 74 79 6c 65 2e 69 74 65 6d 49 6e 6e 65 Data Ascii: .lang===i.value?t.$style.itemActive:t.$style.item)},[(0,n._)("button",{type:"button",class:(0,o.C_)(t.$style.itemButton),onClick:t=>r(e.lang)},[(0,n.Wm)(l.Z,{code:e.flag,size:20,rounded:""},null,8,["code"]),(0,n._)("span",{class:(0,o.C_)(t.$style.itemInne
2024-12-03 15:18:33 UTC	1369	IN	Data Raw: 74 75 72 6e 28 65 2c 73 29 3d 3e 28 28 30 2c 6e 2e 77 67 29 28 29 2c 28 30 2c 6e 2e 69 44 29 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 28 30 2c 69 2e 53 55 29 28 74 29 2e 67 65 74 74 65 72 73 2e 69 73 4d 6f 62 69 6c 65 3f 65 2e 24 73 74 79 6c 65 2e 72 6f 6f 74 4d 6f 62 69 6c 65 3a 65 2e 24 73 74 79 6c 65 2e 72 6f 6f 74 29 7d 2c 5b 28 30 2c 69 2e 53 55 29 28 74 29 2e 67 65 74 74 65 72 73 2e 69 73 4d 6f 62 69 6c 65 3f 28 28 30 2c 6e 2e 77 67 29 28 29 2c 28 30 2c 6e 2e 69 44 29 28 22 64 69 76 22 2c 7b 6b 65 79 3a 30 2c 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 65 2e 24 73 74 79 6c 65 2e 74 69 74 6c 65 29 7d 2c 28 30 2c 6f 2e 7a 77 29 28 28 30 2c 69 2e 53 55 29 28 74 29 2e 67 65 74 74 65 72 73 2e 6c 61 6e 67 43 6f 6d 6d 6f 6e 2e Data Ascii: turn(e,s)=>((0,n.wg)(),(0,n.iD)("div",{class:(0,o.C_)((0,i.SU)(t).getters.isMobile?e.$style.rootMobile:e.$style.root)},[(0,i.SU)(t).getters.isMobile?((0,n.wg)(),(0,n.iD)("div",{key:0,class:(0,o.C_)(e.$style.title)},(0,o.zw)((0,i.SU)(t).getters.langCommon.
2024-12-03 15:18:33 UTC	1369	IN	Data Raw: 29 29 2c 6f 6e 4d 6f 75 73 65 6c 65 61 76 65 3a 74 5b 32 5d 7c 7c 28 74 5b 32 5d 3d 28 2e 2e 2e 65 29 3d 3e 64 2e 6f 6e 4d 6f 75 73 65 4c 65 61 76 65 26 26 64 2e 6f 6e 4d 6f 75 73 65 4c 65 61 76 65 28 2e 2e 2e 65 29 29 7d 2c 5b 28 30 2c 6e 2e 5f 29 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 3a 22 64 72 6f 70 64 6f 77 6e 2d 74 72 69 67 67 65 72 22 2c 6f 6e 43 6c 69 63 6b 3a 74 5b 30 5d 7c 7c 28 74 5b 30 5d 3d 28 2e 2e 2e 65 29 3d 3e 64 2e 74 6f 67 67 6c 65 26 26 64 2e 74 6f 67 67 6c 65 28 2e 2e 2e 65 29 29 7d 2c 5b 28 30 2c 6e 2e 57 49 29 28 65 2e 24 73 6c 6f 74 73 2c 22 74 72 69 67 67 65 72 22 2c 7b 69 73 41 63 74 69 76 65 3a 65 2e 69 73 41 63 74 69 76 65 7d 2c 76 6f 69 64 20 30 2c 21 30 29 5d 29 2c 28 30 2c 6e 2e 57 6d 29 28 69 2e 75 54 2c 7b 6e 61 6d 65 3a Data Ascii: )),onMouseleave:t[2]\|\|(t[2]=(...e)=>d.onMouseLeave&&d.onMouseLeave(...e))},[(0,n._)("div",{class:"dropdown-trigger",onClick:t[0]\|\|(t[0]=(...e)=>d.toggle&&d.toggle(...e))},[(0,n.WI)(e.$slots,"trigger",{isActive:e.isActive},void 0,!0)]),(0,n.Wm)(i.uT,{name:
2024-12-03 15:18:33 UTC	1369	IN	Data Raw: 76 61 6c 69 64 61 74 6f 72 3a 65 3d 3e 5b 22 23 66 66 66 22 2c 22 23 66 37 66 38 66 39 22 5d 2e 69 6e 63 6c 75 64 65 73 28 65 29 7d 7d 2c 65 6d 69 74 73 3a 5b 22 63 6c 6f 73 65 22 2c 22 68 65 69 67 68 74 44 72 6f 70 64 6f 77 6e 22 2c 22 6f 70 65 6e 22 5d 2c 64 61 74 61 3a 28 29 3d 3e 28 7b 69 73 41 63 74 69 76 65 3a 21 31 7d 29 2c 63 6f 6d 70 75 74 65 64 3a 7b 63 6c 61 73 73 4f 62 6a 65 63 74 28 29 7b 72 65 74 75 72 6e 7b 5b 60 61 6c 69 67 6e 2d 24 7b 74 68 69 73 2e 61 6c 69 67 6e 7d 60 5d 3a 74 68 69 73 2e 61 6c 69 67 6e 2c 64 69 73 61 62 6c 65 64 3a 74 68 69 73 2e 64 69 73 61 62 6c 65 64 2c 22 6e 6f 2d 74 72 61 6e 73 70 61 72 65 6e 63 79 22 3a 74 68 69 73 2e 6e 6f 54 72 61 6e 73 70 61 72 65 6e 63 79 2c 61 63 74 69 76 65 3a 74 68 69 73 2e 69 73 41 63 74 Data Ascii: validator:e=>["#fff","#f7f8f9"].includes(e)}},emits:["close","heightDropdown","open"],data:()=>({isActive:!1}),computed:{classObject(){return{[`align-${this.align}`]:this.align,disabled:this.disabled,"no-transparency":this.noTransparency,active:this.isAct
2024-12-03 15:18:33 UTC	1369	IN	Data Raw: 65 69 67 68 74 29 7d 7d 7d 3b 76 61 72 20 75 3d 61 28 34 38 31 31 38 29 3b 63 6f 6e 73 74 20 70 3d 28 30 2c 75 2e 5a 29 28 64 2c 5b 5b 22 72 65 6e 64 65 72 22 2c 6c 5d 2c 5b 22 5f 5f 73 63 6f 70 65 49 64 22 2c 22 64 61 74 61 2d 76 2d 34 64 63 32 36 32 34 34 22 5d 5d 29 2c 6d 3d 70 7d 2c 39 30 30 32 38 3a 28 65 2c 74 2c 61 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 61 2e 64 28 74 2c 7b 5a 3a 28 29 3d 3e 68 7d 29 3b 76 61 72 20 6e 3d 61 28 36 36 32 35 32 29 3b 66 75 6e 63 74 69 6f 6e 20 6f 28 65 2c 74 2c 61 2c 6f 2c 69 2c 73 29 7b 72 65 74 75 72 6e 28 30 2c 6e 2e 77 67 29 28 29 2c 28 30 2c 6e 2e 6a 34 29 28 28 30 2c 6e 2e 4c 4c 29 28 73 2e 72 6f 75 74 65 4f 62 6a 65 63 74 2e 69 73 29 2c 28 30 2c 6e 2e 64 47 29 28 73 2e 72 6f 75 74 65 4f 62 6a 65 63 Data Ascii: eight)}}};var u=a(48118);const p=(0,u.Z)(d,[["render",l],["__scopeId","data-v-4dc26244"]]),m=p},90028:(e,t,a)=>{"use strict";a.d(t,{Z:()=>h});var n=a(66252);function o(e,t,a,o,i,s){return(0,n.wg)(),(0,n.j4)((0,n.LL)(s.routeObject.is),(0,n.dG)(s.routeObjec
2024-12-03 15:18:33 UTC	1369	IN	Data Raw: 32 33 38 3a 28 65 2c 74 2c 61 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 61 2e 64 28 74 2c 7b 5a 3a 28 29 3d 3e 63 7d 29 3b 76 61 72 20 6e 3d 61 28 36 36 32 35 32 29 3b 66 75 6e 63 74 69 6f 6e 20 6f 28 65 2c 74 2c 61 2c 6f 2c 69 2c 73 29 7b 63 6f 6e 73 74 20 72 3d 28 30 2c 6e 2e 75 70 29 28 22 56 49 63 6f 6e 22 29 3b 72 65 74 75 72 6e 28 30 2c 6e 2e 77 67 29 28 29 2c 28 30 2c 6e 2e 69 44 29 28 22 62 75 74 74 6f 6e 22 2c 28 30 2c 6e 2e 64 47 29 28 7b 63 6c 61 73 73 3a 22 62 65 74 73 2d 6e 61 76 69 67 61 74 69 6f 6e 2d 6d 69 64 64 6c 65 2d 62 75 74 74 6f 6e 2d 73 6c 69 64 65 22 2c 74 79 70 65 3a 22 62 75 74 74 6f 6e 22 7d 2c 65 2e 24 61 74 74 72 73 29 2c 5b 28 30 2c 6e 2e 57 6d 29 28 72 2c 7b 69 63 6f 6e 3a 22 6c 65 66 74 22 3d 3d 3d 61 2e 64 69 72 Data Ascii: 238:(e,t,a)=>{"use strict";a.d(t,{Z:()=>c});var n=a(66252);function o(e,t,a,o,i,s){const r=(0,n.up)("VIcon");return(0,n.wg)(),(0,n.iD)("button",(0,n.dG)({class:"bets-navigation-middle-button-slide",type:"button"},e.$attrs),[(0,n.Wm)(r,{icon:"left"===a.dir
2024-12-03 15:18:33 UTC	1369	IN	Data Raw: 30 2c 6f 2e 43 5f 29 28 5b 61 2e 24 73 74 79 6c 65 2e 72 6f 6f 74 2c 61 2e 24 73 74 79 6c 65 5b 60 72 6f 6f 74 44 69 72 65 63 74 69 6f 6e 24 7b 28 30 2c 69 2e 53 55 29 28 74 29 2e 63 61 70 69 74 61 6c 69 7a 65 28 65 2e 64 69 72 65 63 74 69 6f 6e 29 7d 60 5d 5d 29 7d 2c 5b 28 30 2c 6e 2e 57 6d 29 28 6c 2e 5a 2c 7b 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 61 2e 24 73 74 79 6c 65 2e 64 65 63 6f 72 29 2c 69 63 6f 6e 3a 22 74 6f 6f 6c 74 69 70 2d 61 72 72 6f 77 2d 32 22 7d 2c 6e 75 6c 6c 2c 38 2c 5b 22 63 6c 61 73 73 22 5d 29 2c 28 30 2c 6e 2e 5f 29 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 61 2e 24 73 74 79 6c 65 2e 77 72 61 70 70 65 72 29 7d 2c 5b 28 30 2c 6e 2e 57 6d 29 28 75 2e 5a 2c 7b 22 70 6c 61 63 65 2d 6f 70 65 6e 69 6e Data Ascii: 0,o.C_)([a.$style.root,a.$style[`rootDirection${(0,i.SU)(t).capitalize(e.direction)}`]])},[(0,n.Wm)(l.Z,{class:(0,o.C_)(a.$style.decor),icon:"tooltip-arrow-2"},null,8,["class"]),(0,n._)("div",{class:(0,o.C_)(a.$style.wrapper)},[(0,n.Wm)(u.Z,{"place-openin
2024-12-03 15:18:33 UTC	1369	IN	Data Raw: 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 5b 75 2e 76 61 6c 75 65 3f 74 2e 24 73 74 79 6c 65 2e 62 75 74 74 6f 6e 41 63 74 69 76 65 3a 74 2e 24 73 74 79 6c 65 2e 62 75 74 74 6f 6e 2c 65 2e 69 73 46 6f 6f 74 65 72 54 68 65 6d 65 26 26 74 2e 24 73 74 79 6c 65 2e 62 75 74 74 6f 6e 46 6f 6f 74 65 72 54 68 65 6d 65 5d 29 2c 74 79 70 65 3a 22 62 75 74 74 6f 6e 22 2c 6f 6e 43 6c 69 63 6b 3a 67 7d 2c 5b 28 30 2c 6e 2e 5f 29 28 22 73 70 61 6e 22 2c 7b 63 6c 61 73 73 3a 28 30 2c 6f 2e 43 5f 29 28 74 2e 24 73 74 79 6c 65 2e 62 75 74 74 6f 6e 54 69 74 6c 65 29 7d 2c 28 30 2c 6f 2e 7a 77 29 28 70 2e 76 61 6c 75 65 2e 6c 61 62 65 6c 41 6c 70 68 61 32 29 2c 33 29 2c 65 2e 69 73 46 6f 6f 74 65 72 54 68 65 6d 65 3f 28 30 2c 6e 2e 6b 71 29 28 22 22 2c 21 30 29 3a 28 28 30 2c Data Ascii: ass:(0,o.C_)([u.value?t.$style.buttonActive:t.$style.button,e.isFooterTheme&&t.$style.buttonFooterTheme]),type:"button",onClick:g},[(0,n._)("span",{class:(0,o.C_)(t.$style.buttonTitle)},(0,o.zw)(p.value.labelAlpha2),3),e.isFooterTheme?(0,n.kq)("",!0):((0,
2024-12-03 15:18:33 UTC	1369	IN	Data Raw: 63 6b 28 2e 2e 2e 65 29 29 7d 2c 5b 28 30 2c 6e 2e 5f 29 28 22 64 69 76 22 2c 69 2c 5b 28 30 2c 6e 2e 5f 29 28 22 64 69 76 22 2c 73 2c 28 30 2c 6f 2e 7a 77 29 28 64 2e 6f 73 29 2c 31 29 2c 28 30 2c 6e 2e 5f 29 28 22 64 69 76 22 2c 72 2c 28 30 2c 6f 2e 7a 77 29 28 65 2e 24 73 74 6f 72 65 2e 67 65 74 74 65 72 73 2e 6c 61 6e 67 2e 62 75 74 74 6f 6e 2e 70 77 61 29 2c 31 29 5d 29 2c 28 30 2c 6e 2e 57 6d 29 28 75 2c 7b 63 6c 61 73 73 3a 22 70 77 61 2d 69 63 6f 6e 22 2c 69 63 6f 6e 3a 64 2e 69 63 6f 6e 7d 2c 6e 75 6c 6c 2c 38 2c 5b 22 69 63 6f 6e 22 5d 29 5d 29 5d 2c 32 29 7d 76 61 72 20 63 3d 61 28 35 39 31 36 36 29 2c 64 3d 61 28 31 35 39 38 33 29 3b 63 6f 6e 73 74 20 75 3d 7b 6e 61 6d 65 3a 22 50 77 61 42 75 74 74 6f 6e 22 2c 63 6f 6d 70 6f 6e 65 6e 74 73 3a Data Ascii: ck(...e))},[(0,n._)("div",i,[(0,n._)("div",s,(0,o.zw)(d.os),1),(0,n._)("div",r,(0,o.zw)(e.$store.getters.lang.button.pwa),1)]),(0,n.Wm)(u,{class:"pwa-icon",icon:d.icon},null,8,["icon"])])],2)}var c=a(59166),d=a(15983);const u={name:"PwaButton",components:

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:32 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=1w3AwSA3zH2HbXw&MD=bMKZO+gO HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-12-03 15:18:33 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: 51b88e6a-fd33-49ff-b25e-cf6df4296078 MS-RequestId: d6bb3a13-6fcd-4ede-8575-fe1054b56275 MS-CV: mtJQgJ9dtU2lcOJH.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Tue, 03 Dec 2024 15:18:32 GMT Connection: close Content-Length: 24490
2024-12-03 15:18:33 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-12-03 15:18:33 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:35 UTC	361	OUT	GET /js/index.7040fa29d.js HTTP/1.1 Host: v1.bundlecdn.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:35 UTC	441	IN	HTTP/1.1 200 OK Date: Tue, 03 Dec 2024 15:18:35 GMT Content-Type: application/javascript; charset=utf-8 Content-Length: 401946 Connection: close last-modified: Tue, 03 Dec 2024 14:49:59 GMT etag: "674f1a97-6221a" expires: Fri, 01 Dec 2034 15:18:35 GMT Cache-Control: public, max-age=315360000 access-control-allow-origin: * CF-Cache-Status: HIT Age: 1259 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8ec487b6883b7ced-EWR
2024-12-03 15:18:35 UTC	928	IN	Data Raw: 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 5f 5f 77 65 62 70 61 63 6b 5f 6d 6f 64 75 6c 65 73 5f 5f 3d 7b 33 34 34 30 35 3a 28 65 2c 74 2c 72 29 3d 3e 7b 72 2e 64 28 74 2c 7b 24 36 3a 28 29 3d 3e 44 74 2c 41 3a 28 29 3d 3e 6a 72 2c 43 54 3a 28 29 3d 3e 6b 74 2c 43 7a 3a 28 29 3d 3e 53 61 2c 48 44 3a 28 29 3d 3e 76 61 2c 49 4d 3a 28 29 3d 3e 62 61 2c 4b 6e 3a 28 29 3d 3e 71 72 2c 4e 74 3a 28 29 3d 3e 4f 61 2c 52 78 3a 28 29 3d 3e 52 72 2c 52 79 3a 28 29 3d 3e 57 72 2c 57 69 3a 28 29 3d 3e 46 74 2c 57 6c 3a 28 29 3d 3e 4e 74 2c 58 67 3a 28 29 3d 3e 56 74 2c 59 4f 3a 28 29 3d 3e 78 61 2c 59 6a 3a 28 29 3d 3e 42 74 2c 5a 5f 3a 28 29 3d 3e 24 61 2c 5f 4c 3a 28 29 3d 3e 4d 72 2c 62 63 3a 28 29 3d 3e 43 61 2c 64 37 3a 28 29 3d 3e 44 72 Data Ascii: (()=>{"use strict";var __webpack_modules__={34405:(e,t,r)=>{r.d(t,{$6:()=>Dt,A:()=>jr,CT:()=>kt,Cz:()=>Sa,HD:()=>va,IM:()=>ba,Kn:()=>qr,Nt:()=>Oa,Rx:()=>Rr,Ry:()=>Wr,Wi:()=>Ft,Wl:()=>Nt,Xg:()=>Vt,YO:()=>xa,Yj:()=>Bt,Z_:()=>$a,_L:()=>Mr,bc:()=>Ca,d7:()=>Dr
2024-12-03 15:18:35 UTC	1369	IN	Data Raw: 79 49 73 45 6e 75 6d 65 72 61 62 6c 65 2c 6c 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 2c 75 3d 6c 26 26 21 63 2e 63 61 6c 6c 28 7b 31 3a 32 7d 2c 31 29 2c 66 3d 75 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 6c 28 74 68 69 73 2c 65 29 3b 72 65 74 75 72 6e 21 21 74 26 26 74 2e 65 6e 75 6d 65 72 61 62 6c 65 7d 3a 63 2c 70 3d 7b 66 7d 2c 6d 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 28 31 26 65 29 2c 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 28 32 26 65 29 2c 77 72 69 74 61 62 6c 65 3a 21 28 34 26 65 29 2c 76 61 6c 75 65 3a 74 7d 7d 2c 62 3d 7b 7d 2e 74 6f 53 74 72 69 6e 67 2c 76 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 Data Ascii: yIsEnumerable,l=Object.getOwnPropertyDescriptor,u=l&&!c.call({1:2},1),f=u?function(e){var t=l(this,e);return!!t&&t.enumerable}:c,p={f},m=function(e,t){return{enumerable:!(1&e),configurable:!(2&e),writable:!(4&e),value:t}},b={}.toString,v=function(e){retur
2024-12-03 15:18:35 UTC	1369	IN	Data Raw: 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 2c 6b 3d 73 3f 52 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 69 66 28 54 28 65 29 2c 74 3d 4f 28 74 2c 21 30 29 2c 54 28 72 29 2c 41 29 74 72 79 7b 72 65 74 75 72 6e 20 52 28 65 2c 74 2c 72 29 7d 63 61 74 63 68 28 61 29 7b 7d 69 66 28 22 67 65 74 22 69 6e 20 72 7c 7c 22 73 65 74 22 69 6e 20 72 29 74 68 72 6f 77 20 54 79 70 65 45 72 72 6f 72 28 22 41 63 63 65 73 73 6f 72 73 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 22 29 3b 72 65 74 75 72 6e 22 76 61 6c 75 65 22 69 6e 20 72 26 26 28 65 5b 74 5d 3d 72 2e 76 61 6c 75 65 29 2c 65 7d 2c 4d 3d 7b 66 3a 6b 7d 2c 4c 3d 73 3f 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 72 65 74 75 72 6e 20 4d 2e 66 28 65 2c 74 2c 6d 28 31 2c 72 29 29 7d 3a Data Ascii: Object.defineProperty,k=s?R:function(e,t,r){if(T(e),t=O(t,!0),T(r),A)try{return R(e,t,r)}catch(a){}if("get"in r\|\|"set"in r)throw TypeError("Accessors not supported");return"value"in r&&(e[t]=r.value),e},M={f:k},L=s?function(e,t,r){return M.f(e,t,m(1,r))}:
2024-12-03 15:18:35 UTC	1369	IN	Data Raw: 74 2e 66 61 63 61 64 65 3d 65 2c 4c 28 65 2c 73 65 2c 74 29 2c 74 7d 2c 56 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 78 28 65 2c 73 65 29 3f 65 5b 73 65 5d 3a 7b 7d 7d 2c 4b 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 78 28 65 2c 73 65 29 7d 7d 76 61 72 20 63 65 3d 7b 73 65 74 3a 47 2c 67 65 74 3a 56 2c 68 61 73 3a 4b 2c 65 6e 66 6f 72 63 65 3a 72 65 2c 67 65 74 74 65 72 46 6f 72 3a 61 65 7d 2c 6c 65 3d 6e 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 63 65 2e 67 65 74 2c 72 3d 63 65 2e 65 6e 66 6f 72 63 65 2c 61 3d 53 74 72 69 6e 67 28 53 74 72 69 6e 67 29 2e 73 70 6c 69 74 28 22 53 74 72 69 6e 67 22 29 3b 28 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 6f 29 7b 76 61 72 20 64 Data Ascii: t.facade=e,L(e,se,t),t},V=function(e){return x(e,se)?e[se]:{}},K=function(e){return x(e,se)}}var ce={set:G,get:V,has:K,enforce:re,getterFor:ae},le=n((function(e){var t=ce.get,r=ce.enforce,a=String(String).split("String");(e.exports=function(e,t,n,o){var d
2024-12-03 15:18:35 UTC	1369	IN	Data Raw: 78 65 28 6f 2c 72 29 7c 7c 6f 2e 70 75 73 68 28 72 29 29 3b 72 65 74 75 72 6e 20 6f 7d 2c 53 65 3d 5b 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 2c 22 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 22 2c 22 69 73 50 72 6f 74 6f 74 79 70 65 4f 66 22 2c 22 70 72 6f 70 65 72 74 79 49 73 45 6e 75 6d 65 72 61 62 6c 65 22 2c 22 74 6f 4c 6f 63 61 6c 65 53 74 72 69 6e 67 22 2c 22 74 6f 53 74 72 69 6e 67 22 2c 22 76 61 6c 75 65 4f 66 22 5d 2c 45 65 3d 53 65 2e 63 6f 6e 63 61 74 28 22 6c 65 6e 67 74 68 22 2c 22 70 72 6f 74 6f 74 79 70 65 22 29 2c 41 65 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 4e 61 6d 65 73 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 50 65 28 65 2c 45 65 29 7d 2c 49 65 3d 7b 66 3a 41 65 7d 2c 43 65 3d 4f 62 6a 65 Data Ascii: xe(o,r)\|\|o.push(r));return o},Se=["constructor","hasOwnProperty","isPrototypeOf","propertyIsEnumerable","toLocaleString","toString","valueOf"],Ee=Se.concat("length","prototype"),Ae=Object.getOwnPropertyNames\|\|function(e){return Pe(e,Ee)},Ie={f:Ae},Ce=Obje
2024-12-03 15:18:35 UTC	1369	IN	Data Raw: 2c 6e 29 7b 72 65 74 75 72 6e 20 65 2e 63 61 6c 6c 28 74 2c 72 2c 61 2c 6e 29 7d 7d 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 61 70 70 6c 79 28 74 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 2c 48 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 28 67 28 65 29 29 7d 2c 71 65 3d 41 72 72 61 79 2e 69 73 41 72 72 61 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 41 72 72 61 79 22 3d 3d 76 28 65 29 7d 2c 57 65 3d 21 21 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 26 26 21 64 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 21 53 74 72 69 6e 67 28 53 79 6d 62 6f 6c 28 29 29 7d 29 29 2c 5a 65 3d 57 65 26 26 21 53 79 6d 62 6f 6c 2e Data Ascii: ,n){return e.call(t,r,a,n)}}return function(){return e.apply(t,arguments)}},He=function(e){return Object(g(e))},qe=Array.isArray\|\|function(e){return"Array"==v(e)},We=!!Object.getOwnPropertySymbols&&!d((function(){return!String(Symbol())})),Ze=We&&!Symbol.
2024-12-03 15:18:35 UTC	1369	IN	Data Raw: 3d 7b 7d 29 3b 76 61 72 20 72 3d 5b 5d 5b 65 5d 2c 61 3d 21 21 78 28 74 2c 22 41 43 43 45 53 53 4f 52 53 22 29 26 26 74 2e 41 43 43 45 53 53 4f 52 53 2c 6e 3d 78 28 74 2c 30 29 3f 74 5b 30 5d 3a 64 74 2c 6f 3d 78 28 74 2c 31 29 3f 74 5b 31 5d 3a 76 6f 69 64 20 30 3b 72 65 74 75 72 6e 20 69 74 5b 65 5d 3d 21 21 72 26 26 21 64 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 61 26 26 21 73 29 72 65 74 75 72 6e 21 30 3b 76 61 72 20 65 3d 7b 6c 65 6e 67 74 68 3a 2d 31 7d 3b 61 3f 6f 74 28 65 2c 31 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 64 74 7d 29 3a 65 5b 31 5d 3d 31 2c 72 2e 63 61 6c 6c 28 65 2c 6e 2c 6f 29 7d 29 29 7d 2c 63 74 3d 61 74 2e 65 76 65 72 79 2c 6c 74 3d 6e 74 28 22 65 76 65 72 79 22 29 2c 75 74 3d 73 74 28 22 65 76 65 72 79 Data Ascii: ={});var r=[][e],a=!!x(t,"ACCESSORS")&&t.ACCESSORS,n=x(t,0)?t[0]:dt,o=x(t,1)?t[1]:void 0;return it[e]=!!r&&!d((function(){if(a&&!s)return!0;var e={length:-1};a?ot(e,1,{enumerable:!0,get:dt}):e[1]=1,r.call(e,n,o)}))},ct=at.every,lt=nt("every"),ut=st("every
2024-12-03 15:18:35 UTC	1369	IN	Data Raw: 69 6f 6c 61 74 69 6f 6e 22 29 7d 66 75 6e 63 74 69 6f 6e 20 4e 74 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 54 74 28 65 29 7b 72 65 74 75 72 6e 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 5d 22 3d 3d 3d 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 52 74 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 4e 74 28 65 29 7c 7c 43 74 28 21 31 29 2c 54 74 28 74 29 26 26 74 2e 65 76 65 72 79 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 6b 74 28 65 29 7b 72 65 74 75 72 6e 20 49 74 28 52 74 2c 65 29 7d 47 65 28 7b 74 61 72 67 65 74 3a 22 41 72 72 61 79 22 2c 70 72 6f 74 6f 3a 21 30 2c 66 6f 72 63 65 64 3a 41 74 7d 2c 7b 63 6f 6e 63 61 74 3a 66 75 6e 63 74 69 6f 6e 28 65 Data Ascii: iolation")}function Nt(e){return"function"===typeof e}function Tt(e){return"[object Array]"===toString.call(e)}function Rt(e,t){return Nt(e)\|\|Ct(!1),Tt(t)&&t.every(e)}function kt(e){return It(Rt,e)}Ge({target:"Array",proto:!0,forced:At},{concat:function(e
2024-12-03 15:18:35 UTC	1369	IN	Data Raw: 74 28 61 29 2c 74 3f 65 2e 63 61 6c 6c 28 72 2c 61 29 3a 72 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 61 2c 72 7d 7d 28 29 3a 76 6f 69 64 20 30 29 2c 57 74 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 76 61 72 20 61 2c 6e 3b 72 65 74 75 72 6e 20 71 74 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 61 3d 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 29 26 26 61 21 3d 3d 72 26 26 5f 28 6e 3d 61 2e 70 72 6f 74 6f 74 79 70 65 29 26 26 6e 21 3d 3d 72 2e 70 72 6f 74 6f 74 79 70 65 26 26 71 74 28 65 2c 6e 29 2c 65 7d 2c 5a 74 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 50 65 28 65 2c 53 65 29 7d 2c 7a 74 3d 73 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 3a 66 75 6e 63 74 69 Data Ascii: t(a),t?e.call(r,a):r.__proto__=a,r}}():void 0),Wt=function(e,t,r){var a,n;return qt&&"function"==typeof(a=t.constructor)&&a!==r&&_(n=a.prototype)&&n!==r.prototype&&qt(e,n),e},Zt=Object.keys\|\|function(e){return Pe(e,Se)},zt=s?Object.defineProperties:functi
2024-12-03 15:18:35 UTC	1369	IN	Data Raw: 29 7d 2c 6d 72 3d 49 65 2e 66 2c 62 72 3d 4e 2e 66 2c 76 72 3d 4d 2e 66 2c 24 72 3d 70 72 2e 74 72 69 6d 2c 68 72 3d 22 4e 75 6d 62 65 72 22 2c 67 72 3d 69 5b 68 72 5d 2c 79 72 3d 67 72 2e 70 72 6f 74 6f 74 79 70 65 2c 5f 72 3d 76 28 64 72 28 79 72 29 29 3d 3d 68 72 2c 4f 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 72 2c 61 2c 6e 2c 6f 2c 69 2c 64 2c 73 2c 63 3d 4f 28 65 2c 21 31 29 3b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 63 26 26 63 2e 6c 65 6e 67 74 68 3e 32 29 69 66 28 63 3d 24 72 28 63 29 2c 74 3d 63 2e 63 68 61 72 43 6f 64 65 41 74 28 30 29 2c 34 33 3d 3d 3d 74 7c 7c 34 35 3d 3d 3d 74 29 7b 69 66 28 72 3d 63 2e 63 68 61 72 43 6f 64 65 41 74 28 32 29 2c 38 38 3d 3d 3d 72 7c 7c 31 32 30 3d 3d 3d 72 29 72 65 74 75 Data Ascii: )},mr=Ie.f,br=N.f,vr=M.f,$r=pr.trim,hr="Number",gr=i[hr],yr=gr.prototype,_r=v(dr(yr))==hr,Or=function(e){var t,r,a,n,o,i,d,s,c=O(e,!1);if("string"==typeof c&&c.length>2)if(c=$r(c),t=c.charCodeAt(0),43===t\|\|45===t){if(r=c.charCodeAt(2),88===r\|\|120===r)retu

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:35 UTC	701	OUT	GET /img/icons/favicon-32x32.png HTTP/1.1 Host: 1wbapm.life Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __ddg9_=8.46.123.228; __ddg1_=RPF8MEjuczIExyDHVLuN; __ddg10_=1733239110; __ddg8_=LpaeoTDIFWboQzVs
2024-12-03 15:18:35 UTC	1517	IN	HTTP/1.1 200 OK Server: ddos-guard Connection: close Set-Cookie: __ddg8_=foDiPPF1WjyBmEIo; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:35 GMT Set-Cookie: __ddg9_=8.46.123.228; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:35 GMT Set-Cookie: __ddg10_=1733239115; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:35 GMT Date: Tue, 03 Dec 2024 12:28:03 GMT Content-Type: image/png Content-Length: 536 Last-Modified: Mon, 02 Dec 2024 17:20:14 GMT ETag: "674dec4e-218" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes X-Frame-Options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan X-Frame-Options: ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan Age: 10232 DDG-Cache-Status: HIT
2024-12-03 15:18:35 UTC	536	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 03 00 00 00 44 a4 8a c6 00 00 00 93 50 4c 54 45 00 00 00 09 0f 1f 08 10 20 09 0f 1f 07 16 1d 09 0f 1f 09 0f 1f 09 0f 1f 09 0f 1f 09 10 1f 08 0f 1f 0a 10 1f 0a 0f 20 09 0f 1f 09 0f 1f 09 0f 1e 0b 0d 21 09 0f 1f 09 0e 1f 09 10 1f 09 0f 1f 0a 0f 1f 09 0e 20 09 0f 1e 0a 0f 20 09 0f 1f 09 0f 1f 09 0f 1f 09 0f 1f 09 10 1f 09 0f 1f 08 0e 20 10 10 20 0d 11 1e 09 0f 20 0a 0f 1f 09 10 1f 09 0f 1f 00 00 27 09 0f 1f 09 0f 20 09 10 20 09 10 21 09 0f 21 0b 0f 21 0c 0f 1f 08 10 21 09 0d 1f 09 0f 1f c0 a0 dc 34 00 00 00 30 74 52 4e 53 00 cb 1f f4 0b f9 fb c6 98 80 5d 4c 30 de cf aa 16 ee e7 c3 bd 9d 90 e3 b9 b2 ad a3 8a 72 64 28 10 0e d9 d3 92 7b 06 fd 78 6f 6d 56 46 42 3e 39 f9 ec 7e 61 00 00 01 Data Ascii: PNGIHDR DPLTE ! ' !!!!40tRNS]L0rd({xomVFB>9~a

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:35 UTC	633	OUT	GET /fss/web-app-manifest HTTP/1.1 Host: 1wbapm.life Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __ddg9_=8.46.123.228; __ddg1_=RPF8MEjuczIExyDHVLuN; __ddg10_=1733239110; __ddg8_=LpaeoTDIFWboQzVs
2024-12-03 15:18:35 UTC	1536	IN	HTTP/1.1 200 OK Server: ddos-guard Connection: close Set-Cookie: __ddg8_=nvycYp9oexTEziE7; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:35 GMT Set-Cookie: __ddg9_=8.46.123.228; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:35 GMT Set-Cookie: __ddg10_=1733239115; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:35 GMT Date: Tue, 03 Dec 2024 15:18:35 GMT Content-Type: application/json; charset=utf-8 Content-Length: 441 Vary: Accept-Encoding X-Request-Id: vXSrkrkNzK1lXmqn X-App-Version: v2.136.0 x-match-domain: 1wbapm.life Vary: Origin Access-Control-Allow-Origin: * etag: "1b9-J8MmddSddPs85l0uyELJdmAJbk4" X-Frame-Options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan X-Frame-Options: ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
2024-12-03 15:18:35 UTC	441	IN	Data Raw: 7b 22 6e 61 6d 65 22 3a 22 31 77 69 6e 22 2c 22 73 68 6f 72 74 5f 6e 61 6d 65 22 3a 22 31 77 69 6e 22 2c 22 74 68 65 6d 65 5f 63 6f 6c 6f 72 22 3a 22 23 30 39 30 66 31 65 22 2c 22 69 63 6f 6e 73 22 3a 5b 7b 22 73 72 63 22 3a 22 2f 69 6d 67 2f 69 63 6f 6e 73 2f 61 6e 64 72 6f 69 64 2d 63 68 72 6f 6d 65 2d 31 39 32 78 31 39 32 2e 70 6e 67 22 2c 22 73 69 7a 65 73 22 3a 22 31 39 32 78 31 39 32 22 2c 22 74 79 70 65 22 3a 22 69 6d 61 67 65 2f 70 6e 67 22 7d 2c 7b 22 73 72 63 22 3a 22 2f 69 6d 67 2f 69 63 6f 6e 73 2f 61 6e 64 72 6f 69 64 2d 63 68 72 6f 6d 65 2d 35 31 32 78 35 31 32 2e 70 6e 67 22 2c 22 73 69 7a 65 73 22 3a 22 35 31 32 78 35 31 32 22 2c 22 74 79 70 65 22 3a 22 69 6d 61 67 65 2f 70 6e 67 22 7d 5d 2c 22 73 74 61 72 74 5f 75 72 6c 22 3a 22 2f 22 2c Data Ascii: {"name":"1win","short_name":"1win","theme_color":"#090f1e","icons":[{"src":"/img/icons/android-chrome-192x192.png","sizes":"192x192","type":"image/png"},{"src":"/img/icons/android-chrome-512x512.png","sizes":"512x512","type":"image/png"}],"start_url":"/",

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:35 UTC	469	OUT	GET /img/icons/favicon-32x32.png HTTP/1.1 Host: 1wbapm.life Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __ddg9_=8.46.123.228; __ddg1_=RPF8MEjuczIExyDHVLuN; __ddg8_=foDiPPF1WjyBmEIo; __ddg10_=1733239115
2024-12-03 15:18:36 UTC	1517	IN	HTTP/1.1 200 OK Server: ddos-guard Connection: close Set-Cookie: __ddg8_=2tVtuqacHf8cdXTH; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:35 GMT Set-Cookie: __ddg9_=8.46.123.228; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:35 GMT Set-Cookie: __ddg10_=1733239115; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:35 GMT Date: Tue, 03 Dec 2024 12:28:03 GMT Content-Type: image/png Content-Length: 536 Last-Modified: Mon, 02 Dec 2024 17:20:14 GMT ETag: "674dec4e-218" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes X-Frame-Options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan X-Frame-Options: ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan Age: 10232 DDG-Cache-Status: HIT
2024-12-03 15:18:36 UTC	536	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 03 00 00 00 44 a4 8a c6 00 00 00 93 50 4c 54 45 00 00 00 09 0f 1f 08 10 20 09 0f 1f 07 16 1d 09 0f 1f 09 0f 1f 09 0f 1f 09 0f 1f 09 10 1f 08 0f 1f 0a 10 1f 0a 0f 20 09 0f 1f 09 0f 1f 09 0f 1e 0b 0d 21 09 0f 1f 09 0e 1f 09 10 1f 09 0f 1f 0a 0f 1f 09 0e 20 09 0f 1e 0a 0f 20 09 0f 1f 09 0f 1f 09 0f 1f 09 0f 1f 09 10 1f 09 0f 1f 08 0e 20 10 10 20 0d 11 1e 09 0f 20 0a 0f 1f 09 10 1f 09 0f 1f 00 00 27 09 0f 1f 09 0f 20 09 10 20 09 10 21 09 0f 21 0b 0f 21 0c 0f 1f 08 10 21 09 0d 1f 09 0f 1f c0 a0 dc 34 00 00 00 30 74 52 4e 53 00 cb 1f f4 0b f9 fb c6 98 80 5d 4c 30 de cf aa 16 ee e7 c3 bd 9d 90 e3 b9 b2 ad a3 8a 72 64 28 10 0e d9 d3 92 7b 06 fd 78 6f 6d 56 46 42 3e 39 f9 ec 7e 61 00 00 01 Data Ascii: PNGIHDR DPLTE ! ' !!!!40tRNS]L0rd({xomVFB>9~a

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:37 UTC	710	OUT	GET /img/icons/android-chrome-192x192.png HTTP/1.1 Host: 1wbapm.life Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __ddg9_=8.46.123.228; __ddg1_=RPF8MEjuczIExyDHVLuN; __ddg10_=1733239115; __ddg8_=nvycYp9oexTEziE7
2024-12-03 15:18:37 UTC	1519	IN	HTTP/1.1 200 OK Server: ddos-guard Connection: close Set-Cookie: __ddg8_=O5OknHuMVk7WkYXo; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:37 GMT Set-Cookie: __ddg9_=8.46.123.228; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:37 GMT Set-Cookie: __ddg10_=1733239117; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:37 GMT Date: Tue, 03 Dec 2024 12:28:23 GMT Content-Type: image/png Content-Length: 9576 Last-Modified: Mon, 02 Dec 2024 17:20:14 GMT ETag: "674dec4e-2568" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes X-Frame-Options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan X-Frame-Options: ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan Age: 10214 DDG-Cache-Status: HIT
2024-12-03 15:18:37 UTC	9576	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c0 00 00 00 c0 08 03 00 00 00 65 02 9c 35 00 00 03 00 50 4c 54 45 00 00 00 0f 72 da 24 2c 3c 1e 24 33 07 71 dc 20 29 3a 06 69 d5 21 2a 3c 1b 21 2e 04 7b e7 07 73 df 19 21 2f 1e 25 34 07 70 d9 05 68 d5 02 7f eb 24 2c 3c 1a 20 2e 22 29 3a 18 1c 28 06 66 d4 07 6e d3 24 2c 3e 28 39 52 20 26 35 04 72 dd 06 65 d3 06 67 d4 03 7b e6 05 72 df 11 5a a2 29 35 4b 03 7f eb 2b 3a 53 2a 38 50 10 59 a2 03 78 e4 06 66 d3 05 6e da 04 75 e1 1b 20 2c 05 71 dc 10 59 a3 02 7f eb 1a 56 94 03 80 ec 10 5a a2 f3 f4 f5 f2 f6 f9 05 64 d1 18 1d 28 05 65 d3 24 2a 39 05 66 d1 18 1e 2a 1a 1f 2b 20 26 34 22 28 36 15 1c 2a 26 2e 3f 1c 21 2d 26 2c 3c 1d 22 30 1f 24 32 05 67 d4 15 1e 2c 02 7e e9 02 7c e7 28 2f 42 15 1f 2f 05 65 ce 05 Data Ascii: PNGIHDRe5PLTEr$,<$3q ):i!<!.{s!/%4ph$,< ."):(fn$,>(9R &5reg{rZ)5K+:S8PYxfnu ,qYVZd(e$9f+ &4"(6*&.?!-&,<"0$2g,~\|(/B/e

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:39 UTC	478	OUT	GET /img/icons/android-chrome-192x192.png HTTP/1.1 Host: 1wbapm.life Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __ddg9_=8.46.123.228; __ddg1_=RPF8MEjuczIExyDHVLuN; __ddg8_=O5OknHuMVk7WkYXo; __ddg10_=1733239117
2024-12-03 15:18:39 UTC	1519	IN	HTTP/1.1 200 OK Server: ddos-guard Connection: close Set-Cookie: __ddg8_=jx0T2VmU770hnx1o; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:39 GMT Set-Cookie: __ddg9_=8.46.123.228; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:39 GMT Set-Cookie: __ddg10_=1733239119; Domain=.1wbapm.life; Path=/; Expires=Tue, 03-Dec-2024 15:38:39 GMT Date: Tue, 03 Dec 2024 12:28:23 GMT Content-Type: image/png Content-Length: 9576 Last-Modified: Mon, 02 Dec 2024 17:20:14 GMT ETag: "674dec4e-2568" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes X-Frame-Options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan X-Frame-Options: ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan Age: 10216 DDG-Cache-Status: HIT
2024-12-03 15:18:39 UTC	9576	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c0 00 00 00 c0 08 03 00 00 00 65 02 9c 35 00 00 03 00 50 4c 54 45 00 00 00 0f 72 da 24 2c 3c 1e 24 33 07 71 dc 20 29 3a 06 69 d5 21 2a 3c 1b 21 2e 04 7b e7 07 73 df 19 21 2f 1e 25 34 07 70 d9 05 68 d5 02 7f eb 24 2c 3c 1a 20 2e 22 29 3a 18 1c 28 06 66 d4 07 6e d3 24 2c 3e 28 39 52 20 26 35 04 72 dd 06 65 d3 06 67 d4 03 7b e6 05 72 df 11 5a a2 29 35 4b 03 7f eb 2b 3a 53 2a 38 50 10 59 a2 03 78 e4 06 66 d3 05 6e da 04 75 e1 1b 20 2c 05 71 dc 10 59 a3 02 7f eb 1a 56 94 03 80 ec 10 5a a2 f3 f4 f5 f2 f6 f9 05 64 d1 18 1d 28 05 65 d3 24 2a 39 05 66 d1 18 1e 2a 1a 1f 2b 20 26 34 22 28 36 15 1c 2a 26 2e 3f 1c 21 2d 26 2c 3c 1d 22 30 1f 24 32 05 67 d4 15 1e 2c 02 7e e9 02 7c e7 28 2f 42 15 1f 2f 05 65 ce 05 Data Ascii: PNGIHDRe5PLTEr$,<$3q ):i!<!.{s!/%4ph$,< ."):(fn$,>(9R &5reg{rZ)5K+:S8PYxfnu ,qYVZd(e$9f+ &4"(6*&.?!-&,<"0$2g,~\|(/B/e

Timestamp	Bytes transferred	Direction	Data
2024-12-03 15:18:41 UTC	521	OUT	GET /js/button.js HTTP/1.1 Host: win2.webim.ru. Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://1wbapm.life/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-03 15:18:42 UTC	267	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 03 Dec 2024 15:18:42 GMT Content-Type: application/x-javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Last-Modified: Tue, 29 Oct 2024 12:56:20 GMT Cache-Control: no-cache
2024-12-03 15:18:42 UTC	16117	IN	Data Raw: 38 30 30 30 0d 0a 77 65 62 69 6d 3d 77 65 62 69 6d 7c 7c 7b 7d 3b 77 65 62 69 6d 2e 76 65 72 73 69 6f 6e 3d 27 31 30 2e 36 2e 36 33 27 3b 28 66 75 6e 63 74 69 6f 6e 28 77 69 6e 64 6f 77 2c 75 6e 64 65 66 69 6e 65 64 29 7b 76 61 72 20 6f 6c 64 4d 6f 64 65 72 6e 69 7a 72 3d 77 69 6e 64 6f 77 2e 4d 6f 64 65 72 6e 69 7a 72 3b 76 61 72 20 6f 6c 64 4f 3d 77 69 6e 64 6f 77 2e 6f 3b 76 61 72 20 6f 6c 64 4d 6f 6d 65 6e 74 3d 77 69 6e 64 6f 77 2e 6d 6f 6d 65 6e 74 3b 76 61 72 20 64 65 66 69 6e 65 3d 6e 75 6c 6c 3b 0a 2f 2a 21 0a 20 2a 20 6a 51 75 65 72 79 20 4a 61 76 61 53 63 72 69 70 74 20 4c 69 62 72 61 72 79 20 76 31 2e 31 32 2e 34 0a 20 2a 20 68 74 74 70 3a 2f 2f 6a 71 75 65 72 79 2e 63 6f 6d 2f 0a 20 2a 0a 20 2a 20 49 6e 63 6c 75 64 65 73 20 53 69 7a 7a 6c 65 Data Ascii: 8000webim=webim\|\|{};webim.version='10.6.63';(function(window,undefined){var oldModernizr=window.Modernizr;var oldO=window.o;var oldMoment=window.moment;var define=null;/! jQuery JavaScript Library v1.12.4 * http://jquery.com/ * * Includes Sizzle
2024-12-03 15:18:42 UTC	16384	IN	Data Raw: 41 2e 70 75 73 68 28 22 5c 5c 5b 22 2b 77 68 69 74 65 73 70 61 63 65 2b 22 2a 28 3f 3a 76 61 6c 75 65 7c 22 2b 62 6f 6f 6c 65 61 6e 73 2b 22 29 22 29 3b 7d 0a 69 66 28 21 64 69 76 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5b 69 64 7e 3d 22 2b 65 78 70 61 6e 64 6f 2b 22 2d 5d 22 29 2e 6c 65 6e 67 74 68 29 7b 72 62 75 67 67 79 51 53 41 2e 70 75 73 68 28 22 7e 3d 22 29 3b 7d 0a 69 66 28 21 64 69 76 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 63 68 65 63 6b 65 64 22 29 2e 6c 65 6e 67 74 68 29 7b 72 62 75 67 67 79 51 53 41 2e 70 75 73 68 28 22 3a 63 68 65 63 6b 65 64 22 29 3b 7d 0a 69 66 28 21 64 69 76 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 61 23 22 2b 65 78 70 61 6e 64 6f 2b 22 2b 2a 22 29 2e 6c 65 6e 67 74 68 Data Ascii: A.push("\\["+whitespace+"(?:value\|"+booleans+")");}if(!div.querySelectorAll("[id~="+expando+"-]").length){rbuggyQSA.push("~=");}if(!div.querySelectorAll(":checked").length){rbuggyQSA.push(":checked");}if(!div.querySelectorAll("a#"+expando+"+").length
2024-12-03 15:18:42 UTC	16384	IN	Data Raw: 3d 6d 61 74 63 68 65 72 4f 75 74 5b 69 5d 29 29 7b 74 65 6d 70 2e 70 75 73 68 28 28 6d 61 74 63 68 65 72 49 6e 5b 69 5d 3d 65 6c 65 6d 29 29 3b 7d 7d 0a 70 6f 73 74 46 69 6e 64 65 72 28 6e 75 6c 6c 2c 28 6d 61 74 63 68 65 72 4f 75 74 3d 5b 5d 29 2c 74 65 6d 70 2c 78 6d 6c 29 3b 7d 0a 69 3d 6d 61 74 63 68 65 72 4f 75 74 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 7b 69 66 28 28 65 6c 65 6d 3d 6d 61 74 63 68 65 72 4f 75 74 5b 69 5d 29 26 26 28 74 65 6d 70 3d 70 6f 73 74 46 69 6e 64 65 72 3f 69 6e 64 65 78 4f 66 28 73 65 65 64 2c 65 6c 65 6d 29 3a 70 72 65 4d 61 70 5b 69 5d 29 3e 2d 31 29 7b 73 65 65 64 5b 74 65 6d 70 5d 3d 21 28 72 65 73 75 6c 74 73 5b 74 65 6d 70 5d 3d 65 6c 65 6d 29 3b 7d 7d 7d 7d 65 6c 73 65 7b 6d 61 74 63 68 65 72 4f 75 74 3d Data Ascii: =matcherOut[i])){temp.push((matcherIn[i]=elem));}}postFinder(null,(matcherOut=[]),temp,xml);}i=matcherOut.length;while(i--){if((elem=matcherOut[i])&&(temp=postFinder?indexOf(seed,elem):preMap[i])>-1){seed[temp]=!(results[temp]=elem);}}}}else{matcherOut=
2024-12-03 15:18:42 UTC	16384	IN	Data Raw: 28 21 72 65 6d 61 69 6e 69 6e 67 29 7b 64 65 66 65 72 72 65 64 2e 72 65 73 6f 6c 76 65 57 69 74 68 28 72 65 73 6f 6c 76 65 43 6f 6e 74 65 78 74 73 2c 72 65 73 6f 6c 76 65 56 61 6c 75 65 73 29 3b 7d 0a 72 65 74 75 72 6e 20 64 65 66 65 72 72 65 64 2e 70 72 6f 6d 69 73 65 28 29 3b 7d 7d 29 3b 76 61 72 20 72 65 61 64 79 4c 69 73 74 3b 6a 51 75 65 72 79 2e 66 6e 2e 72 65 61 64 79 3d 66 75 6e 63 74 69 6f 6e 28 66 6e 29 7b 6a 51 75 65 72 79 2e 72 65 61 64 79 2e 70 72 6f 6d 69 73 65 28 29 2e 64 6f 6e 65 28 66 6e 29 3b 72 65 74 75 72 6e 20 74 68 69 73 3b 7d 3b 6a 51 75 65 72 79 2e 65 78 74 65 6e 64 28 7b 69 73 52 65 61 64 79 3a 66 61 6c 73 65 2c 72 65 61 64 79 57 61 69 74 3a 31 2c 68 6f 6c 64 52 65 61 64 79 3a 66 75 6e 63 74 69 6f 6e 28 68 6f 6c 64 29 7b 69 66 28 Data Ascii: (!remaining){deferred.resolveWith(resolveContexts,resolveValues);}return deferred.promise();}});var readyList;jQuery.fn.ready=function(fn){jQuery.ready.promise().done(fn);return this;};jQuery.extend({isReady:false,readyWait:1,holdReady:function(hold){if(
2024-12-03 15:18:42 UTC	16384	IN	Data Raw: 74 6f 72 3b 73 65 6c 65 63 74 6f 72 3d 75 6e 64 65 66 69 6e 65 64 3b 7d 0a 66 6f 72 28 74 79 70 65 20 69 6e 20 74 79 70 65 73 29 7b 6f 6e 28 65 6c 65 6d 2c 74 79 70 65 2c 73 65 6c 65 63 74 6f 72 2c 64 61 74 61 2c 74 79 70 65 73 5b 74 79 70 65 5d 2c 6f 6e 65 29 3b 7d 0a 72 65 74 75 72 6e 20 65 6c 65 6d 3b 7d 0a 69 66 28 64 61 74 61 3d 3d 6e 75 6c 6c 26 26 66 6e 3d 3d 6e 75 6c 6c 29 7b 66 6e 3d 73 65 6c 65 63 74 6f 72 3b 64 61 74 61 3d 73 65 6c 65 63 74 6f 72 3d 75 6e 64 65 66 69 6e 65 64 3b 7d 65 6c 73 65 20 69 66 28 66 6e 3d 3d 6e 75 6c 6c 29 7b 69 66 28 74 79 70 65 6f 66 20 73 65 6c 65 63 74 6f 72 3d 3d 3d 22 73 74 72 69 6e 67 22 29 7b 66 6e 3d 64 61 74 61 3b 64 61 74 61 3d 75 6e 64 65 66 69 6e 65 64 3b 7d 65 6c 73 65 7b 66 6e 3d 64 61 74 61 3b 64 61 74 Data Ascii: tor;selector=undefined;}for(type in types){on(elem,type,selector,data,types[type],one);}return elem;}if(data==null&&fn==null){fn=selector;data=selector=undefined;}else if(fn==null){if(typeof selector==="string"){fn=data;data=undefined;}else{fn=data;dat
2024-12-03 15:18:42 UTC	16384	IN	Data Raw: 61 67 4e 61 6d 65 28 22 74 62 6f 64 79 22 29 5b 30 5d 7c 7c 65 6c 65 6d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 6c 65 6d 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 74 62 6f 64 79 22 29 29 3a 65 6c 65 6d 3b 7d 0a 66 75 6e 63 74 69 6f 6e 20 64 69 73 61 62 6c 65 53 63 72 69 70 74 28 65 6c 65 6d 29 7b 65 6c 65 6d 2e 74 79 70 65 3d 28 6a 51 75 65 72 79 2e 66 69 6e 64 2e 61 74 74 72 28 65 6c 65 6d 2c 22 74 79 70 65 22 29 21 3d 3d 6e 75 6c 6c 29 2b 22 2f 22 2b 65 6c 65 6d 2e 74 79 70 65 3b 72 65 74 75 72 6e 20 65 6c 65 6d 3b 7d 0a 66 75 6e 63 74 69 6f 6e 20 72 65 73 74 6f 72 65 53 63 72 69 70 74 28 65 6c 65 6d 29 7b 76 61 72 20 6d 61 74 63 68 3d 72 73 63 72 69 70 74 54 79 70 65 4d 61 73 6b 65 64 2e 65 78 65 63 28 Data Ascii: agName("tbody")[0]\|\|elem.appendChild(elem.ownerDocument.createElement("tbody")):elem;}function disableScript(elem){elem.type=(jQuery.find.attr(elem,"type")!==null)+"/"+elem.type;return elem;}function restoreScript(elem){var match=rscriptTypeMasked.exec(
2024-12-03 15:18:42 UTC	16384	IN	Data Raw: 29 29 7b 72 65 74 75 72 6e 20 76 61 6c 3b 7d 0a 76 61 6c 75 65 49 73 42 6f 72 64 65 72 42 6f 78 3d 69 73 42 6f 72 64 65 72 42 6f 78 26 26 28 73 75 70 70 6f 72 74 2e 62 6f 78 53 69 7a 69 6e 67 52 65 6c 69 61 62 6c 65 28 29 7c 7c 76 61 6c 3d 3d 3d 65 6c 65 6d 2e 73 74 79 6c 65 5b 6e 61 6d 65 5d 29 3b 76 61 6c 3d 70 61 72 73 65 46 6c 6f 61 74 28 76 61 6c 29 7c 7c 30 3b 7d 0a 72 65 74 75 72 6e 28 76 61 6c 2b 0a 61 75 67 6d 65 6e 74 57 69 64 74 68 4f 72 48 65 69 67 68 74 28 65 6c 65 6d 2c 6e 61 6d 65 2c 65 78 74 72 61 7c 7c 28 69 73 42 6f 72 64 65 72 42 6f 78 3f 22 62 6f 72 64 65 72 22 3a 22 63 6f 6e 74 65 6e 74 22 29 2c 76 61 6c 75 65 49 73 42 6f 72 64 65 72 42 6f 78 2c 73 74 79 6c 65 73 29 29 2b 22 70 78 22 3b 7d 0a 6a 51 75 65 72 79 2e 65 78 74 65 6e 64 28 Data Ascii: )){return val;}valueIsBorderBox=isBorderBox&&(support.boxSizingReliable()\|\|val===elem.style[name]);val=parseFloat(val)\|\|0;}return(val+augmentWidthOrHeight(elem,name,extra\|\|(isBorderBox?"border":"content"),valueIsBorderBox,styles))+"px";}jQuery.extend(
2024-12-03 15:18:42 UTC	16384	IN	Data Raw: 28 21 74 69 6d 65 72 73 2e 6c 65 6e 67 74 68 29 7b 6a 51 75 65 72 79 2e 66 78 2e 73 74 6f 70 28 29 3b 7d 0a 66 78 4e 6f 77 3d 75 6e 64 65 66 69 6e 65 64 3b 7d 3b 6a 51 75 65 72 79 2e 66 78 2e 74 69 6d 65 72 3d 66 75 6e 63 74 69 6f 6e 28 74 69 6d 65 72 29 7b 6a 51 75 65 72 79 2e 74 69 6d 65 72 73 2e 70 75 73 68 28 74 69 6d 65 72 29 3b 69 66 28 74 69 6d 65 72 28 29 29 7b 6a 51 75 65 72 79 2e 66 78 2e 73 74 61 72 74 28 29 3b 7d 65 6c 73 65 7b 6a 51 75 65 72 79 2e 74 69 6d 65 72 73 2e 70 6f 70 28 29 3b 7d 7d 3b 6a 51 75 65 72 79 2e 66 78 2e 69 6e 74 65 72 76 61 6c 3d 31 33 3b 6a 51 75 65 72 79 2e 66 78 2e 73 74 61 72 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 74 69 6d 65 72 49 64 29 7b 74 69 6d 65 72 49 64 3d 77 69 6e 64 6f 77 2e 73 65 74 49 6e 74 65 Data Ascii: (!timers.length){jQuery.fx.stop();}fxNow=undefined;};jQuery.fx.timer=function(timer){jQuery.timers.push(timer);if(timer()){jQuery.fx.start();}else{jQuery.timers.pop();}};jQuery.fx.interval=13;jQuery.fx.start=function(){if(!timerId){timerId=window.setInte
2024-12-03 15:18:42 UTC	16384	IN	Data Raw: 6c 64 73 5b 63 75 72 72 65 6e 74 5d 5d 3d 72 65 73 70 6f 6e 73 65 3b 7d 0a 69 66 28 21 70 72 65 76 26 26 69 73 53 75 63 63 65 73 73 26 26 73 2e 64 61 74 61 46 69 6c 74 65 72 29 7b 72 65 73 70 6f 6e 73 65 3d 73 2e 64 61 74 61 46 69 6c 74 65 72 28 72 65 73 70 6f 6e 73 65 2c 73 2e 64 61 74 61 54 79 70 65 29 3b 7d 0a 70 72 65 76 3d 63 75 72 72 65 6e 74 3b 63 75 72 72 65 6e 74 3d 64 61 74 61 54 79 70 65 73 2e 73 68 69 66 74 28 29 3b 69 66 28 63 75 72 72 65 6e 74 29 7b 69 66 28 63 75 72 72 65 6e 74 3d 3d 3d 22 2a 22 29 7b 63 75 72 72 65 6e 74 3d 70 72 65 76 3b 7d 65 6c 73 65 20 69 66 28 70 72 65 76 21 3d 3d 22 2a 22 26 26 70 72 65 76 21 3d 3d 63 75 72 72 65 6e 74 29 7b 63 6f 6e 76 3d 63 6f 6e 76 65 72 74 65 72 73 5b 70 72 65 76 2b 22 20 22 2b 63 75 72 72 65 6e Data Ascii: lds[current]]=response;}if(!prev&&isSuccess&&s.dataFilter){response=s.dataFilter(response,s.dataType);}prev=current;current=dataTypes.shift();if(current){if(current===""){current=prev;}else if(prev!==""&&prev!==current){conv=converters[prev+" "+curren
2024-12-03 15:18:42 UTC	16384	IN	Data Raw: 6c 62 61 63 6b 29 7b 69 66 28 74 79 70 65 6f 66 20 75 72 6c 21 3d 3d 22 73 74 72 69 6e 67 22 26 26 5f 6c 6f 61 64 29 7b 72 65 74 75 72 6e 20 5f 6c 6f 61 64 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0a 76 61 72 20 73 65 6c 65 63 74 6f 72 2c 74 79 70 65 2c 72 65 73 70 6f 6e 73 65 2c 73 65 6c 66 3d 74 68 69 73 2c 6f 66 66 3d 75 72 6c 2e 69 6e 64 65 78 4f 66 28 22 20 22 29 3b 69 66 28 6f 66 66 3e 2d 31 29 7b 73 65 6c 65 63 74 6f 72 3d 6a 51 75 65 72 79 2e 74 72 69 6d 28 75 72 6c 2e 73 6c 69 63 65 28 6f 66 66 2c 75 72 6c 2e 6c 65 6e 67 74 68 29 29 3b 75 72 6c 3d 75 72 6c 2e 73 6c 69 63 65 28 30 2c 6f 66 66 29 3b 7d 0a 69 66 28 6a 51 75 65 72 79 2e 69 73 46 75 6e 63 74 69 6f 6e 28 70 61 72 61 6d 73 29 29 7b 63 61 6c 6c 62 61 63 6b Data Ascii: lback){if(typeof url!=="string"&&_load){return _load.apply(this,arguments);}var selector,type,response,self=this,off=url.indexOf(" ");if(off>-1){selector=jQuery.trim(url.slice(off,url.length));url=url.slice(0,off);}if(jQuery.isFunction(params)){callback